last executing test programs: 2.140809855s ago: executing program 1 (id=3760): r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) r1 = dup(r0) ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000080)={0x4, 0x0, 0x0, 0x7, 0x4, "75429effa66f00"}) (async) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="15000000100000000700"/20, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0x17, &(0x7f0000000c80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf0900000000000055090100000000009500000000000000180100002020001000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000bf91000000000000b7020000000000008500000005000000b70000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) sendfile(r2, r2, 0x0, 0x8) r4 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)=@generic={&(0x7f0000000040)='./file0\x00'}, 0x18) ioctl$TUNSETFILTEREBPF(r1, 0x800454e1, &(0x7f0000000180)=r4) (async) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={r3, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000400)="5aee41dea43e9eee28e622e563a3", 0x0, 0x3000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 2.065900043s ago: executing program 2 (id=3766): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000600)={0x2, &(0x7f0000000080)=[{0x20, 0x0, 0x0, 0x1}, {0x16, 0x4, 0x6, 0xd9d0}]}) r2 = socket$kcm(0x10, 0x2, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x11, 0x80a, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) r6 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) shutdown(r6, 0x1) sendmsg$nl_route(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r5}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_USE_CARRIER={0x5}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20004040}, 0x0) sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000800)={0x0, 0x0, 0x0, 0xffffffb6, 0xffffffff}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x1, 0x0, 0x1, 0x7fffffff}]}) r7 = dup(r1) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r7, 0x89f3, &(0x7f0000000240)={'ip6tnl0\x00', &(0x7f00000001c0)={'ip6tnl0\x00', 0x0, 0x29, 0x4, 0x20, 0x7, 0x2a, @rand_addr=' \x01\x00', @empty, 0x8, 0x7800, 0x3, 0xcd}}) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x13, 0x28, &(0x7f0000000640)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r7}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r7}}, @call={0x85, 0x0, 0x0, 0xbc}, @ldst={0x3, 0x0, 0x3, 0xa, 0x5, 0xfffffffffffffffc, 0x1}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xa}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r7}}, @map_idx_val={0x18, 0x1, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0xb}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0xd, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f0000000180)='syzkaller\x00', 0x6, 0x0, 0x0, 0x40f00, 0x40, '\x00', r8, @fallback=0x35, r7, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000280)={0x1, 0x1, 0x200, 0x2988}, 0x10, 0x0, r7, 0x0, &(0x7f00000002c0)=[r7, r7, r7, r7, r7], 0x0, 0x10, 0x1, @void, @value}, 0x94) r9 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) ioctl$KVM_CAP_DISABLE_QUIRKS(r7, 0x4068aea3, &(0x7f00000003c0)={0x74, 0x0, 0xeeb287d3c6e2a73d}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) 1.771044058s ago: executing program 2 (id=3769): socket$nl_route(0x10, 0x3, 0x0) (async) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x5, 0x6576, 0x9}) mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r1, 0x100000000) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) (async) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = socket$inet6_sctp(0xa, 0x1, 0x84) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x40, 0x0, 0x0, 0x7ffc1ffb}]}) socket$inet(0x2, 0x80001, 0x84) (async) r6 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_MAXSEG(r5, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={r7, 0xc}, 0x8) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$TFD_IOC_SET_TICKS(r6, 0x40085400, &(0x7f0000000140)=0x8) (async) ioctl$TFD_IOC_SET_TICKS(r6, 0x40085400, &(0x7f0000000140)=0x8) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000080)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gre={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_IKEY={0x8, 0x4, 0x1}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x44040}, 0x0) 1.269873585s ago: executing program 1 (id=3772): socket(0x554039f9a323c162, 0x1, 0xffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) (async) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000000)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0x33, 0x0, './cgroup/../file0\x00'}}) (async) r3 = syz_io_uring_setup(0x24ff, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f00000003c0)=0x0) (async) ptrace$ARCH_SET_GS(0x1e, 0x0, 0x0, 0x1001) (async) r5 = socket$l2tp6(0xa, 0x2, 0x73) setsockopt$sock_int(r5, 0x1, 0x23, &(0x7f0000000040)=0x80047c7, 0x4) bind$l2tp6(r5, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x20) syz_emit_ethernet(0x8e, &(0x7f0000000300)=ANY=[@ANYBLOB="aaaaaaaaaaaa1acd1f78800d86dd608a37f200587300fe8000000000000000000000000000bbfe8000000000000000000000000000aa00000000", @ANYRES8], 0x0) (async, rerun: 64) recvfrom(0xffffffffffffffff, 0x0, 0x0, 0x40012141, 0x0, 0x3) (rerun: 64) syz_io_uring_submit(0x0, r4, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x10, 0x0, r5, 0x0, 0x0, 0x0, 0x40010001, 0x0, {0x3}}) (async) io_uring_enter(r3, 0x5c26, 0x0, 0x0, 0x0, 0x0) (async) close_range(r0, r1, 0x0) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = dup(r7) ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2) (async) r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000040000000000000000850000000e000000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000400)='io_uring_cqe_overflow\x00', r9}, 0x10) (async) r10 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x6113, 0x80, 0x0, 0x309, 0x0, r8}, &(0x7f00000005c0), &(0x7f0000000600)) io_uring_enter(r10, 0x2d3e, 0x0, 0x0, 0x0, 0x0) (async) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) (async, rerun: 32) r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (rerun: 32) rmdir(&(0x7f0000000700)='./cgroup/../file0\x00') (async) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000c40)={@cgroup=r11, 0x31, 0x0, 0x5f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) (async) r12 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/../file0\x00', &(0x7f0000000340)={0x600541, 0x9, 0x15}, 0x18) write$P9_RWALK(r8, &(0x7f00000004c0)=ANY=[@ANYBLOB="160000006f010001008000000000537b60e33f0dee33d9be79d0fe98894b2de20e5f29143dc5ae031a61ca43f404fb8072152a4b9ed973104252774915611e31ca4a2ba64451531a7cd6109f09ab6e56d2e44da5deaaf6499a226a653da48ffdefafa0c1e0c6dc391cdcd9f90725acaf2e9ef904c09efd25bdb01d3070da210b011cf41e17cdb07edd1babe42ad8719350e81a513d2409a558db4a352b61c0c853c89f921a3c16794a302ff83c874283bf035d2f7a7d89941634de23ee4035cda195fe4795b59df7"], 0x16) (async) faccessat(r12, &(0x7f0000000180)='./cgroup/../file0\x00', 0x80) 1.265693124s ago: executing program 2 (id=3773): bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_SWAP(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000600)={0x3c, 0x6, 0x6, 0x801, 0x0, 0x0, {0x2, 0x0, 0x9}, [@IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x0) 1.264836531s ago: executing program 1 (id=3774): r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0) sendmsg$NFT_MSG_GETOBJ(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)={0x20, 0x13, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x20}}, 0x0) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000040)={0x4, @raw_data="9b2a3be6fc1fb0e1062105ec6654204d1e88389d00b83c5c1ac2e0a3ab5922c9a9ce8dc9c6b76592f6a35202f0d861da8bf8b0f8ace02ee6a18c8f8530bf2a33cc57f5b8d547f596b819cf58138e886b3df446d3566ee8a9a6277bcfc1309cff4e44f94385e89a1707e7c89b5725558be3b4337d6be63991fd717e5ed15243f4c9fc9bd04577c5f1e91d3262850ac871e68a66b68673bec6fa68cd55adeb5f43bc8343ba128e5bae6c77a910871df58a499096de66b01d8cc4aca0313b7eb8f72cdc38dbe81f3171"}) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000180)={0x5, @vbi={0x10, 0x1, 0x4, 0x38414261, [0x9, 0xfffffffe], [0x800, 0xffffffff], 0x1}}) openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000140), 0x410000, 0x0) 1.198959573s ago: executing program 0 (id=3777): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newlink={0x40, 0x10, 0x400, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x62, 0x4000}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_OKEY={0x8, 0x5, 0x2}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x40}, 0x1, 0xd, 0x0, 0x480c5}, 0x0) 1.194993612s ago: executing program 2 (id=3778): socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="2000000072003303000000000000000007000000", @ANYRES32=0x0, @ANYBLOB="08000002000000"], 0x20}}, 0x40000) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000280)=ANY=[@ANYRESDEC=0x0], 0x0) write$binfmt_script(r3, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000000000000000000000000000bb", @ANYRES32=0x41424344], 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94) ioctl$VHOST_VDPA_GET_VRING_GROUP(r3, 0xc008af7b, &(0x7f0000000140)={0x0, 0xc3}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000240)=[@text64={0x40, &(0x7f0000000380)="0f1be5670f0f7308a0b9510200000f32b9380900000f32c481f5eeb800500000440f20c0440f22c066450f38805500430f35c4417913ad4a00000066ba610066ed", 0x41}], 0x1, 0x21, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x800c3, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000002540)=""/216, 0xd8}}], 0x1, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10) ioctl$KVM_RUN(r4, 0xae80, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) fcntl$lock(r0, 0x6, &(0x7f0000002000)={0x1, 0x0, 0x0, 0x1}) syz_emit_ethernet(0x4e, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd60a24b9f00182b00fe8000000000000000000000000000bbfe8000000000000000000000000000aa000000000018907804ec48857e5260f23200000000000000"], 0x0) fcntl$lock(r0, 0x26, &(0x7f0000000080)) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="5800000010000300"/20, @ANYRES32, @ANYBLOB="00000000000000001c0012800b00010067656e65766500000c00028005000d00e5"], 0x58}, 0x1, 0x2}, 0x0) syz_emit_ethernet(0xca, &(0x7f00000008c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0xbc, 0x0, 0x0, 0x0, 0x11, 0x0, @dev, @local, {[@timestamp={0x44, 0xc, 0x8, 0x0, 0x0, [0x0, 0x0]}]}}, {0x0, 0x0, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "6fdfa0d2001efbb3e29a4ac275ca11b984ff5def6ed2e4ea9bc0eabdd34c732b", "df23520b57e4c98679c7795a27c7bf3e7d776b600ba8d82d6ba417e219edd86fb708441efcf75fe803412dae374281c2", "5df814aa2e34e4f8a759805b993e2d69a8f476de686861a9850edbe3", {"2cfee9b9d5b0b2b171b51f9174963b0c", "e40ca7e0a7b4bbc4bc9720c876a57954"}}}}}}}, 0x0) fcntl$lock(r0, 0x7, &(0x7f0000000040)) socket(0x1d, 0x3, 0x1) 1.194533588s ago: executing program 1 (id=3779): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000d40000000000000000000000000a20000000000a03000000000000000000010000000900010073797a3000000000bc000000080a01000000000000000000010000000900010073797a300000000009000200"], 0x4b0}, 0x1, 0x0, 0x0, 0x44}, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$SO_TIMESTAMP(r1, 0x1, 0x40, &(0x7f00000003c0)=0x9, 0x4) getsockopt$SO_TIMESTAMP(r1, 0x1, 0x23, 0x0, &(0x7f0000000280)) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)={0x30, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_GATE_ANNOUNCEMENTS={0x5, 0x11, 0x1}, @NL80211_MESHCONF_HWMP_RANN_INTERVAL={0x6, 0x10, 0xe}]}]}, 0x30}}, 0x0) r5 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) recvmmsg(r6, &(0x7f0000001640)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000003bc0)=""/4104, 0x1008}], 0x1}}], 0x40000000000020f, 0x40008100, 0x0) sendmsg$ETHTOOL_MSG_TSINFO_GET(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000600a2f706a288d10219ddd0a215964fda288ef50c10d22696ed8cf5135996285471ebd8263d5c883439a4fca4c5d796efa295d98d4493db1df0b03783464905c1df5bc95c000000000d159e2cb6346e9a6de336b9bbcd26b2f08da80ef488aac17ff8ed0e726c98bc176f770549e4b9874c4ab4e8fd3906b8f5c5656f11a21aba994dc91a3b4cae211d34a3b5ccc9e090874f70164a58557499", @ANYRES16=r5, @ANYBLOB="a78700000000000000000b000000"], 0x14}}, 0x0) r7 = syz_open_dev$rtc(&(0x7f0000000080), 0x0, 0x400) r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r8, &(0x7f0000000080)=ANY=[], 0x118) r9 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_MAX_BURST(r9, 0x84, 0xc, &(0x7f0000000480)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) r11 = socket(0x2, 0x80805, 0x0) sendmmsg$inet(r11, &(0x7f00000003c0)=[{{&(0x7f0000000000)={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000180)="e1", 0x1}], 0x1}}], 0x1, 0x24040000) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r11, 0x84, 0x17, &(0x7f0000000200)=@sack_info={r10}, 0xc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r8, 0x0) ioctl$VIDIOC_ENUM_FREQ_BANDS(r8, 0xc0405665, &(0x7f0000000300)={0x4, 0x1, 0x4, 0x20, 0xb9, 0x4, 0x4}) ioctl$RTC_WKALM_RD(r7, 0x80287010, &(0x7f0000000140)) syz_emit_ethernet(0x56, &(0x7f0000000040)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@canfd={0xd, {{0x3, 0x0, 0x1}, 0x3f, 0x0, 0x0, 0x0, "3dfeb23d9b8fc3abb8a9ca1178e2c2140253df58e292b8f0d1d9d154ff880fbc395667ebbb97076cb99a1d28ca83602042358360c55cea84165f3ce435854f39"}}}}, 0x0) r12 = socket$nl_generic(0x10, 0x3, 0x10) r13 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r12, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000080)=ANY=[@ANYBLOB="18000000", @ANYRES16=r13, @ANYBLOB="030704707900000000000100040004000180"], 0x18}}, 0x0) sendmsg$ETHTOOL_MSG_COALESCE_SET(r6, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x3c, r13, 0x100, 0x70bd29, 0x25dfdbfe, {}, [@ETHTOOL_A_COALESCE_TX_MAX_FRAMES_HIGH={0x8, 0x16, 0x5}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_LOW={0x8, 0x11, 0x1}, @ETHTOOL_A_COALESCE_TX_USECS_LOW={0x8, 0x10, 0x6}, @ETHTOOL_A_COALESCE_RX_MAX_FRAMES_HIGH={0x8, 0x14, 0xf94b}, @ETHTOOL_A_COALESCE_USE_ADAPTIVE_TX={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x4008000) 1.191702768s ago: executing program 0 (id=3780): sendmsg$TCPDIAG_GETSOCK(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4081}, 0xc, &(0x7f0000000180)={&(0x7f0000000040)={0x140, 0x12, 0x10, 0x70bd25, 0x25dfdbfc, {0x22, 0x3, 0x6, 0x1, {0x4e20, 0x4e21, [0x4, 0x33, 0x6, 0x80000000], [0x0, 0x100, 0xffffffff, 0x10000], 0x0, [0xb000000, 0x19ce]}, 0x4, 0x8}, [@INET_DIAG_REQ_BYTECODE={0xf3, 0x1, "70e189e103374ac58949289222b27602efc1bbb929e614188164caef12e466347c058af3c2d57ff09f92a433e4b7c2e2214138d5cfef9ab9ff1c43d898284ebf1b566accd57baad2f7a9697ba56e5700c0d6d3534bfc1c42a34c29c3710392004ab6d1b3cd268242d6038d99a52f3806d63450f19b392de86aedd7f691bfd0b706ca2f0460a4a0abcc827306f56b9ba95389fdc3831737c74bf328c64f74cdd70c4a2da41179a7cf6e241188537039c7d0f25da94c7b621a1b9130937898e05b2cca018207d7549f51e2f78c6aed834751572bfd35b427e2b1aeb287104d2e08fe2f5fd538711d0d091b9db51a661a"}]}, 0x140}, 0x1, 0x0, 0x0, 0x48885}, 0x40000010) r0 = socket$igmp(0x2, 0x3, 0x2) ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wg2\x00', 0x0}) setsockopt$MRT_DEL_VIF(r0, 0x0, 0xcb, &(0x7f0000000240)={0xffffffffffffffff, 0x4, 0x4, 0x1, @vifc_lcl_ifindex=r1, @empty}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$gtp(&(0x7f00000002c0), 0xffffffffffffffff) r4 = ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0) sendmsg$GTP_CMD_DELPDP(r2, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x34, r3, 0x32, 0x70bd27, 0x25dfdbfc, {}, [@GTPA_PEER_ADDRESS={0x8, 0x4, @multicast2}, @GTPA_NET_NS_FD={0x8, 0x7, r4}, @GTPA_FAMILY={0x5, 0xd, 0x10}, @GTPA_LINK={0x8, 0x1, r1}]}, 0x34}, 0x1, 0x0, 0x0, 0x800}, 0x0) io_uring_register$IORING_REGISTER_FILES_UPDATE2(0xffffffffffffffff, 0xe, &(0x7f0000000940)={0x3, 0x0, &(0x7f0000000880)=[{&(0x7f00000003c0)}, {&(0x7f0000000400)=""/170, 0xaa}, {&(0x7f00000004c0)=""/224, 0xe0}, {&(0x7f00000005c0)=""/246, 0xf6}, {&(0x7f00000006c0)=""/31, 0x1f}, {&(0x7f0000000700)=""/123, 0x7b}, {&(0x7f0000000780)=""/253, 0xfd}], &(0x7f0000000900)=[0x7fffffffffffffff, 0x8, 0x5, 0x8000000000000000], 0x7}, 0x20) r5 = syz_genetlink_get_family_id$wireguard(&(0x7f00000009c0), r2) sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000001f40)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000001f00)={&(0x7f0000000a00)={0x14cc, r5, 0x800, 0x70bd28, 0x25dfdbff, {}, [@WGDEVICE_A_PEERS={0x147c, 0x8, 0x0, 0x1, [{0x2c, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e22, @multicast2}}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e23, @local}}]}, {0x2b4, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x9}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "55ca844b960564f3f46f0fe25dbb920ee6660ef93a88c4bdfa23e2be0a476ff0"}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e24, @loopback}}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x9b4}, @WGPEER_A_FLAGS={0x8, 0x3, 0x6}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e24, @remote}}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e23, 0x100, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x7}}, @WGPEER_A_ALLOWEDIPS={0x208, 0x9, 0x0, 0x1, [{0x40, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5}}]}, {0xe8, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010100}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5}}]}, {0xdc, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x1}}]}]}]}, {0x4c, 0x0, 0x0, 0x1, [@WGPEER_A_PRESHARED_KEY={0x24, 0x2, "1d8007c4a8a5ab83e40df1da1778792f0bebdb368ba3cb9e26a15ef6ad8f70e4"}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g}]}, {0x4}, {0x154, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e24, @broadcast}}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g}, @WGPEER_A_FLAGS={0x8, 0x3, 0x1}, @WGPEER_A_ALLOWEDIPS={0x110, 0x9, 0x0, 0x1, [{0x10c, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x5, 0x3, 0x1}}]}]}]}, {0x3f8, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e21, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x7f2e}}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e21, 0x7, @local, 0x7}}, @WGPEER_A_ALLOWEDIPS={0x2d8, 0x9, 0x0, 0x1, [{0x118, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}, {0x5, 0x3, 0x2}}]}, {0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x17}}, {0x5, 0x3, 0x1}}]}, {0x4c, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x6}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5, 0x3, 0x2}}]}, {0x148, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x31}}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010100}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x1f}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x15}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5}}]}]}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x9}, @WGPEER_A_ALLOWEDIPS={0x90, 0x9, 0x0, 0x1, [{0x70, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x1b}}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x1}}]}, {0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5}}]}]}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e23, 0x7fffffff, @remote, 0xfba}}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}]}, {0x180, 0x0, 0x0, 0x1, [@WGPEER_A_PRESHARED_KEY={0x24, 0x2, "1cefc805ae8b11295020459a9c5033fa9a64b1456fb55d81625556ce2d6cf3e1"}, @WGPEER_A_PUBLIC_KEY={0x24}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "5fea53def084b7a95d4dd1a0700f3ac22e906cea85fec08193ac58e9689a8513"}, @WGPEER_A_ALLOWEDIPS={0xd8, 0x9, 0x0, 0x1, [{0x4c, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5}}]}, {0x88, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @local}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @remote}}, {0x5, 0x3, 0x1}}]}]}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e24, @multicast2}}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}]}, {0x3a4, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e20, 0x1ec2, @dev={0xfe, 0x80, '\x00', 0xb}}}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e21, @loopback}}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e24, @multicast1}}, @WGPEER_A_FLAGS={0x8, 0x3, 0x1}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_ALLOWEDIPS={0x32c, 0x9, 0x0, 0x1, [{0xa0, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @private=0x80000000}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00'}, {0x5}}]}, {0x88, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x1}}]}, {0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x5}}, {0x5}}]}, {0x58, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010100}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x1}}]}, {0x58, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @local}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, {0x5}}]}, {0x88, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010101}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private0}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5, 0x3, 0x2}}]}, {0xa0, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010100}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5}}]}]}]}, {0x6d8, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e23, @rand_addr=0x64010102}}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_FLAGS={0x8, 0x3, 0x1}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g}, @WGPEER_A_ALLOWEDIPS={0x280, 0x9, 0x0, 0x1, [{0x7c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010102}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5}}]}, {0x94, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x10}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x16}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010102}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x2}}]}, {0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010101}, {0x5, 0x3, 0x2}}]}, {0x64, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00'}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5}}]}, {0xac, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @private=0xa010100}}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x2b}}, {0x5, 0x3, 0x2}}]}, {0x40, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5}}]}]}, @WGPEER_A_ALLOWEDIPS={0x404, 0x9, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @local}, {0x5}}]}, {0x88, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, {0x5}}]}, {0x64, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @local}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x3}}]}, {0x130, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @remote}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0xc}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x27}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x3}}]}, {0x88, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010100}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @loopback}}, {0x5, 0x3, 0x3}}]}, {0x10c, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00'}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5}}]}, {0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x3}}]}]}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x2}]}]}, @WGDEVICE_A_FLAGS={0x8}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x4b}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e23}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @b}]}, 0x14cc}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) r6 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_wireguard(r6, 0x8933, &(0x7f0000001f80)={'wg2\x00'}) sendmsg$ETHTOOL_MSG_FEATURES_SET(r2, &(0x7f0000002080)={&(0x7f0000001fc0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000002040)={&(0x7f0000002000)={0x34, 0x0, 0x300, 0x70bd2b, 0x25dfdbfd, {}, [@ETHTOOL_A_FEATURES_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macsec0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x4004004}, 0x800) r7 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f00000020c0), 0x2100, 0x0) sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r7, &(0x7f00000021c0)={&(0x7f0000002100)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000002180)={&(0x7f0000002140)={0x38, 0x140d, 0x400, 0x70bd28, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x4}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x80}, 0x44000) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002240), r2) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000002280)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_UPDATE_OWE_INFO(r7, &(0x7f0000002340)={&(0x7f0000002200)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000002300)={&(0x7f00000022c0)={0x2c, r8, 0x8, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x3d}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x2b}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40c0010}, 0x20000000) ioctl$KVM_NMI(r7, 0xae9a) openat$uinput(0xffffffffffffff9c, &(0x7f0000002380), 0x800, 0x0) openat$cgroup_procs(r7, &(0x7f00000023c0)='cgroup.threads\x00', 0x2, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r7, 0x6, 0x14, &(0x7f0000002400)=0x2, 0x4) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002840)={r7, 0xe0, &(0x7f0000002740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000002580)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x9, &(0x7f00000025c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000002600)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xf3, &(0x7f0000002640)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x40, 0x10, &(0x7f0000002680), &(0x7f00000026c0), 0x8, 0xb1, 0x8, 0x8, &(0x7f0000002700)}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000028c0)={0x1b, 0x5, &(0x7f0000002440)=@raw=[@jmp={0x5, 0x1, 0x3, 0x2, 0x3, 0x8, 0x1}, @ldst={0x0, 0x1, 0x4, 0x6, 0x1, 0x30, 0xffffffffffffffff}, @map_val={0x18, 0x4, 0x2, 0x0, r7, 0x0, 0x0, 0x0, 0x9}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}], &(0x7f0000002480)='GPL\x00', 0x9, 0x26, &(0x7f00000024c0)=""/38, 0x40f00, 0x2c, '\x00', r1, @fallback=0x8, r7, 0x8, &(0x7f0000002500)={0x1, 0x1}, 0x8, 0x10, &(0x7f0000002540)={0x4, 0x5, 0x6, 0x4}, 0x10, r10, r7, 0x0, &(0x7f0000002880)=[r7], 0x0, 0x10, 0x4, @void, @value}, 0x94) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) socket$igmp(0x2, 0x3, 0x2) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000002a40)) 1.111410681s ago: executing program 0 (id=3782): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_tcp_int(r0, 0x6, 0x17, &(0x7f0000000000)=0x81, 0x4) 1.111115178s ago: executing program 0 (id=3783): socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000180)="2f03", 0x2}], 0x1, 0x0, 0x0, 0x800}, 0x20004011) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r3}, 0x10) recvmsg$unix(r0, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x10002) 900.515453ms ago: executing program 3 (id=3788): mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) mount(&(0x7f0000000080)=@sg0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='hfs\x00', 0x88443, 0x0) mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) (async) mount(&(0x7f0000000080)=@sg0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='hfs\x00', 0x88443, 0x0) (async) 900.309339ms ago: executing program 2 (id=3789): r0 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r0, 0x0, 0x0) 899.038266ms ago: executing program 3 (id=3790): mkdir(&(0x7f0000000180)='./file0\x00', 0x0) sigaltstack(&(0x7f0000000000)={&(0x7f0000000080)=""/4096, 0x0, 0x1000}, 0x0) sigaltstack(0x0, &(0x7f0000001a00)={0x0}) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='debugfs\x00', 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) getdents(r0, 0x0, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x601002, 0x0) lseek(r0, 0x38, 0x1) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) (async) sigaltstack(&(0x7f0000000000)={&(0x7f0000000080)=""/4096, 0x0, 0x1000}, 0x0) (async) sigaltstack(0x0, &(0x7f0000001a00)={0x0}) (async) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='debugfs\x00', 0x0, 0x0) (async) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) (async) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) (async) getdents(r0, 0x0, 0x0) (async) openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x601002, 0x0) (async) lseek(r0, 0x38, 0x1) (async) 898.581973ms ago: executing program 2 (id=3791): r0 = socket$netlink(0x10, 0x3, 0x0) syz_open_dev$sndctrl(0x0, 0x3ff, 0x50200) r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x28de, 0x1102, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x9, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x8}}}}}]}}]}}, 0x0) syz_usb_control_io(r1, 0x0, 0x0) syz_usb_control_io(r1, &(0x7f0000000040)={0x2c, &(0x7f0000000200)=ANY=[@ANYBLOB="200b4000000028b1"], 0x0, 0x0, 0x0, 0x0}, 0x0) syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x2) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'erspan0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=@bridge_setlink={0x30, 0x13, 0x2, 0x70bd2d, 0x25dfdbfe, {0x7, 0x0, 0x0, r2, 0x2, 0x8000}, [@IFLA_GROUP={0x8, 0x1b, 0x3}, @IFLA_NET_NS_FD={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x8080}, 0x4000000) listen(0xffffffffffffffff, 0x101) setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 895.33096ms ago: executing program 3 (id=3792): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$inet(0x2b, 0x801, 0x0) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @dev}, 0x10) setsockopt$inet_tcp_TLS_TX(r3, 0x6, 0x1, &(0x7f0000004940)=@gcm_128={{0x304}, "8ef87ce6e549b436", "6806a5a0849cdcc1075f1192fe294130", "ebeb8148", "8f591078b42aa8a4"}, 0x28) setsockopt$inet_tcp_int(r3, 0x6, 0x3, &(0x7f0000000000)=0x1, 0x4) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0) sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x24000810}, 0x4) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000080)={'syztnl0\x00', &(0x7f0000000100)={'tunl0\x00', 0x0, 0x7f00, 0x1, 0x8001, 0x5, {{0x1d, 0x4, 0x0, 0x2, 0x74, 0x64, 0x0, 0x7, 0x4, 0x0, @private=0x6, @empty, {[@timestamp={0x44, 0x10, 0x7b, 0x0, 0x1, [0x1, 0x40, 0x80000000]}, @noop, @ra={0x94, 0x4}, @ssrr={0x89, 0xb, 0xce, [@initdev={0xac, 0x1e, 0x0, 0x0}, @loopback]}, @timestamp_addr={0x44, 0x1c, 0xb0, 0x1, 0x0, [{@broadcast, 0x1}, {@loopback, 0x8d7b}, {@multicast2, 0xff}]}, @rr={0x7, 0x23, 0xd0, [@remote, @remote, @local, @private=0xa010102, @remote, @multicast1, @dev={0xac, 0x14, 0x14, 0x28}, @empty]}, @noop]}}}}}) sendmsg$nl_route_sched(r2, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=@gettfilter={0x6c, 0x2e, 0x300, 0x70bd29, 0x25dfdbff, {0x0, 0x0, 0x0, r5, {0x7, 0xfff3}, {0x8, 0xfff2}, {0xc, 0xffff}}, [{0x8, 0xb, 0x2}, {0x8, 0xb, 0x401}, {0x8, 0xb, 0x3}, {0x8, 0xb, 0x1}, {0x8}, {0x8, 0xb, 0x3}, {0x8, 0xb, 0xa23}, {0x8, 0xb, 0x1558}, {0x8, 0xb, 0x5}]}, 0x6c}, 0x1, 0x0, 0x0, 0x11}, 0x81) 680.226508ms ago: executing program 3 (id=3793): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) (async, rerun: 32) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (rerun: 32) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0) (async) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_emit_ethernet(0x86, &(0x7f0000000100)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0xf8, 0x11, 0x0, @empty, @multicast1}, {0x0, 0x4e20, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x0, "82d18160f7d8dda36479a6b179161b4bbff2d0508977b3928ebd2dee05607d17", "0194bd7b1b0303c5ba7f602606a285b3", {"30da2d58da817f8a5f77a23de36a2164", "3b33cfa231a427159c7b9f0eceb155f0"}}}}}}}, 0x0) (async) readv(r0, &(0x7f0000000080)=[{&(0x7f0000000440)=""/185, 0x94}], 0x1) (async) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_SWAP(r4, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0x20, 0x6, 0x6, 0x301, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x24004080}, 0x40000) 520.861079ms ago: executing program 3 (id=3794): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$vsock_stream(0x28, 0x1, 0x0) clock_gettime(0x0, &(0x7f0000000680)={0x0, 0x0}) sync_file_range(r2, 0x0, 0x1, 0xd) (async) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT_OLD(r2, 0x28, 0x6, &(0x7f00000006c0)={r3, r4/1000+10000}, 0x10) (async) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$devlink(&(0x7f00000008c0), r5) sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r5, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000900)={0x3c, r6, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x2}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8041}, 0x4008000) (async) sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f00000001c0)={&(0x7f0000000080), 0xc, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="1b000000", @ANYRES16=r6, @ANYBLOB="000429bd7000fedbdf254c000000080003000000000008000300000000000e00a90066697273746e616d65000000"], 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x8041) msgget$private(0x0, 0x80) clock_settime(0x3, &(0x7f0000000000)) (async) sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="008d0000", @ANYRES16=r1, @ANYBLOB="01000000000000000000250000000e0001006e65746465769b0500000000000002006e657464657673696d30000008008b00", @ANYRES32=0x0, @ANYBLOB="0e0001006e657464657673696d0000000f0002006e657464657673696d30000008008a00", @ANYRES32, @ANYBLOB="a26555f7d5f3fc5e06e1c507cb9f514877d272910b285c33c4d05b59f3edc75e448da8e586209e28d264af96a3b2d08b9e2173169eb0179b65ea84f5aa4d914d7f8cb521bc147790ee41e9e384c4bc0b6ce0737cc702849a57a2fde4d40f03e7d12d31d7e6cebe870da819eb769766cbd2f10beb97f34a83605379bc1c2db9185cbaefc46b25949a8a260dbd48d0eabbc835834f33947f8ff8586590ffae0ce603842cea3e60028058f16506040414cfbefe30ba8373aee7739d606e49378ca8f49f3c9a23808f5057d9f8414d3e0995dad99fd7565f87c7dc58360afff8c17e3956020d900141"], 0x64}, 0x1, 0x0, 0x0, 0x4000}, 0x0) 470.153966ms ago: executing program 3 (id=3795): r0 = socket$inet_sctp(0x2, 0x1, 0x84) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000040)={0x803, 0x3, 0x0, 0x3}, 0x8) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, 0x8) r1 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000001100)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000001080)=0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={r2, 0x8001}, 0x8) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000080)={0x7, 0x31d, 0x6, 0x0, 0x8, 0x3, 0xd16, 0x7, r2}, &(0x7f0000000180)=0x20) sendto$inet(r0, &(0x7f0000000140)="ab", 0x1a000, 0x0, &(0x7f0000000100)={0x2, 0x4e22, @local}, 0x10) 280.75217ms ago: executing program 1 (id=3796): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400"], 0x48) r0 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x4011) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=@newtfilter={0x5c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0x9}, {}, {0x3, 0xe}}, [@filter_kind_options=@f_flower={{0xb}, {0x2c, 0x2, [@TCA_FLOWER_KEY_CT_MARK={0x8, 0x5f, 0x827}, @TCA_FLOWER_KEY_ENC_IPV4_DST={0x8, 0x1d, @private=0xa010101}, @TCA_FLOWER_KEY_ENC_UDP_DST_PORT={0x6}, @TCA_FLOWER_KEY_ICMPV6_CODE_MASK={0x5}, @TCA_FLOWER_KEY_ENC_IP_TOS={0x5, 0x50, 0xe}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x15}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 280.127573ms ago: executing program 1 (id=3797): r0 = socket(0x11, 0x800000003, 0x0) r1 = socket(0x2000000015, 0x80005, 0x0) syslog(0x2, &(0x7f0000000780)=""/34, 0x22) sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) write$bt_hci(r2, &(0x7f00000005c0)=ANY=[@ANYBLOB="0e000100020075"], 0x8) r3 = accept4$phonet_pipe(r0, &(0x7f0000000080), &(0x7f0000000100)=0x10, 0x80800) recvfrom$phonet(r3, &(0x7f00000008c0)=""/4096, 0x1000, 0x0, &(0x7f0000000140)={0x23, 0x4, 0x1, 0x7}, 0x10) recvfrom$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x0, @private2}, 0x20000000) r4 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) r5 = add_key$user(&(0x7f0000000340), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000ac0)="df24ead320b4dae0859dec60eb0dcc2dc884fd6c88cfeb62ae4c2f2c8581d69df21eb01bc69da23bd552fb9b3456c16da38c11e08c3c29dda7a9a5a5d8a838d233b2b0456e3f234c4631071ea196a961cbd82f7162017b5c3e0851cbfb4290a0be7c129e787de71ab075f86581f2ed4b795935cd738f55f97707b07a902f1739a9d197fbedd3aefd0fbcfce7a2a6a7c93cdeecc7e484b2ee736a9cb30ab98920bede4f7a77cc6e9f6e929f0ef50fcd36a8816d54413bbb063d3c884116ee47cb3686c47b5ad7ea283de66c39c7a91c8f1c0d034cc660063223f43f26456918bbf91c0747490400000000000000d5da23d0147468893499e314206201800000b9238850496ace4e9865bec8daad6df4a5113fe2b94c188df94eceb80f1ce9576f1355d98f91607381bd7d161ce2b7af7afbbd2ceeacee8d36065e9af63f4c9989686b47aa1e3bb41f776bc7d8ac8c625752b8f0b164a08a7c33bc7de925d7ac0aee97d209920c57daac46c7a815b6615f0872b0cea4748b0f7847a396105dbfe5daac4bf000"/401, 0x191, r4) r6 = add_key$user(&(0x7f00000004c0), &(0x7f0000000080)={'syz', 0x0}, &(0x7f0000000200)="cc", 0x1, 0xffffffffffffffff) r7 = add_key$user(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x2}, &(0x7f0000000500)="da1103b23d6e9ec7b0960f8a45520fdee8bbafd038af5357cc2bf5969a77a332ef6c7c1a675389b16063696dee3af27a8f971dbce5b93d02d840ee08d2d124e67fa17642c4d99d45aa878237a1663a31f7ef396e4b22348c06000000ac87d8f9f5d19ceb0609e3b019c0a4814a268de5def201eb268f1dfb204aa37d70e75db23f9449afe074d5c17bd43d8450cefcb35bdabe30f169ea854c0d09bad3caab3dadbbcc04d1f6e2403c2ca21f837f62901da7a98ab45d458273ad1b8e46d5b95f20a7fe6f22a6a6bee5edd88147fba2164e2860f100104d923664f113e5ff8e258bda92eb9ea08b80e4f858457c81d574359e96b6c45d6a313e209a153878fcaabdfd4416a6313c5c35", 0x109, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000400)={r6, r5, r7}, 0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)={'wp384\x00'}}) r8 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r8, 0xc0045516, &(0x7f0000000080)) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)) socket$netlink(0x10, 0x3, 0x0) r9 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSTI(r9, 0x5412, &(0x7f0000000200)=0xdc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r10 = socket$qrtr(0x2a, 0x2, 0x0) ioctl$sock_qrtr_SIOCGIFADDR(r10, 0x8915, &(0x7f0000001740)={'xfrm0\x00'}) r11 = socket$netlink(0x10, 0x3, 0xf) bind$netlink(r11, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r11, 0x1, 0x8, &(0x7f0000000080), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r11, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4) r12 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r12, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000300)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0) 180.904083ms ago: executing program 0 (id=3798): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2}) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r2}, 0x10) socket$alg(0x26, 0x5, 0x0) openat$snapshot(0xffffff9c, &(0x7f0000000080), 0x40040, 0x0) (async) openat$snapshot(0xffffff9c, &(0x7f0000000080), 0x40040, 0x0) r3 = userfaultfd(0x1) ioctl$UFFDIO_API(r3, 0xc018aa3f, 0x0) r4 = syz_open_dev$sndmidi(0x0, 0x2, 0x141101) dup(r4) (async) r5 = dup(r4) write$6lowpan_enable(r5, 0x0, 0x0) (async) write$6lowpan_enable(r5, 0x0, 0x0) open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9801) r6 = syz_open_procfs(0x0, &(0x7f0000000380)='mounts\x00') read$FUSE(r6, &(0x7f0000000780)={0x2020}, 0x2020) (async) read$FUSE(r6, &(0x7f0000000780)={0x2020}, 0x2020) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_REMOVE={0x7, 0x5}) (async) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_REMOVE={0x7, 0x5}) r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$sock_ifreq(r7, 0x8910, &(0x7f0000000000)={'vlan0\x00', @ifru_ivalue=0x8}) ioctl$sock_netdev_private(r7, 0x8914, &(0x7f0000000000)) syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00') (async) r8 = syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00') pread64(r8, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a) (async) pread64(r8, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a) add_key$keyring(0x0, &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0x0) mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0) openat$sequencer2(0xffffff9c, &(0x7f00000001c0), 0x0, 0x0) (async) r9 = openat$sequencer2(0xffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r9, 0x40085112, &(0x7f0000000040)=@l={0x92, 0x0, 0xd0, 0x18, 0x0, 0x0, 0x8000}) (async) ioctl$SNDCTL_SEQ_OUTOFBAND(r9, 0x40085112, &(0x7f0000000040)=@l={0x92, 0x0, 0xd0, 0x18, 0x0, 0x0, 0x8000}) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r10}, 0x10) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r10}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r11, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast}) 0s ago: executing program 0 (id=3799): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r1) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x5}]}) r2 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) bind$packet(r2, &(0x7f00000003c0)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @multicast}, 0x14) r4 = open(&(0x7f0000000500)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x80001, 0x0) fcntl$notify(r0, 0x402, 0x39) r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0) ioctl$SNDCTL_DSP_SPEED(r5, 0xc0045002, &(0x7f0000000180)) write$dsp(r5, &(0x7f00000001c0)="5cba91a4", 0x4) write$dsp(r4, &(0x7f0000000640)="cdcaf8dda2851aea5967f421309120269fe1874024cdfd60d6df15e4953389a1c9162d98c40eba42290dac9a26366e5de4a3385ad6a42c2eef68fa343dc272ff7f0000000000000cb65903fb04dff7aff55d9d38a9432131f7029e0a461a0face15e5f94f65744afb721ae58782606cf463521b22f7ce5cfac3c6ecffe8508dbb7e24d43e72690ac8befa56353a4e821f8a044a49c7fd13c4891b4731b977264d91a2f71cfa38d1bb568edbc8c2c7106f81d9c6d0b21a4a86ece40e13cb21cc5000898e5271b6b16da86f9712c429e8f71f7f535cd0583b63b9da040f10a9d183e0244371ee9cf79515ae89a8486e485bbb30a6c8bf628cc5e6b286eeebf414ff3bbde944de443da0ce3c8b108974ab57d14a5e47a2f43831a67ec0abf37a802b97ac95307fc9e84ceabc5fda3801a927a5ed888", 0x134) write$dsp(0xffffffffffffffff, &(0x7f0000000400)="1359a7b637341adbff62ec6add15460c68230ae4fccad9e341733441f2490fdcf59ca2e80075438bfa33359731791967c61a51691f2e3d3d44601d5154e3516d956d4641ec72460000010000000000000000000000000000000000000000000070e98d7d044b2bab5489201d9aa8431e5bc9a0745a20948c57bbeb7369ffe5bc59cbd32f9d340adcd93c3bd37170b151416238865c61e84141209c9440dd61395c0edabfdb6e38", 0xa7) ioctl$SNDCTL_DSP_SYNC(r5, 0x5001, 0x0) syz_open_dev$hidraw(0x0, 0x0, 0x0) syz_open_dev$hidraw(&(0x7f0000002300), 0x0, 0x0) fcntl$setsig(r4, 0xa, 0x21) mknod$loop(&(0x7f00000002c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2, 0x1) bind$packet(r2, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14) bpf$MAP_CREATE(0x0, 0x0, 0x0) ptrace(0x10, r1) close(r0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) r6 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) r7 = fsopen(&(0x7f0000000100)='cgroup\x00', 0x0) fsconfig$FSCONFIG_SET_FD(r7, 0x5, &(0x7f00000000c0)='freezer', 0x0, r7) ioctl$KVM_RUN(r6, 0xae80, 0x0) r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f00000004c0)=ANY=[@ANYBLOB="140000004e72a21f000000040000000000000000"], 0x14}], 0x1}, 0x0) kernel console output (not intermixed with test programs): request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 126.259197][T10734] rdma_op ffff88804cf221f0 conn xmit_rdma 0000000000000000 [ 126.291721][T10738] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2092'. [ 126.327591][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 126.330023][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 126.337483][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 126.467525][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 126.557556][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 127.018430][ T39] kauditd_printk_skb: 95 callbacks suppressed [ 127.018442][ T39] audit: type=1326 audit(1733800120.623:4753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10778 comm="syz.1.2108" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65c497ff19 code=0x7ffc0000 [ 127.026557][ T39] audit: type=1326 audit(1733800120.623:4754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10778 comm="syz.1.2108" exe="/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7f65c497ff19 code=0x7ffc0000 [ 127.033792][ T39] audit: type=1326 audit(1733800120.623:4755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10778 comm="syz.1.2108" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65c497ff19 code=0x7ffc0000 [ 127.041772][ T39] audit: type=1326 audit(1733800120.623:4756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10778 comm="syz.1.2108" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65c497ff19 code=0x7ffc0000 [ 127.156952][ T39] audit: type=1326 audit(1733800120.743:4757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10786 comm="syz.3.2112" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2522d7ff19 code=0x7ffc0000 [ 127.163855][ T39] audit: type=1326 audit(1733800120.743:4758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10786 comm="syz.3.2112" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2522d7ff19 code=0x7ffc0000 [ 127.171521][ T39] audit: type=1326 audit(1733800120.763:4759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10786 comm="syz.3.2112" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2522d7ff19 code=0x7ffc0000 [ 127.180496][ T39] audit: type=1326 audit(1733800120.763:4760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10786 comm="syz.3.2112" exe="/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f2522d7ff19 code=0x7ffc0000 [ 127.190007][ T39] audit: type=1326 audit(1733800120.773:4761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10786 comm="syz.3.2112" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2522d7ff19 code=0x7ffc0000 [ 127.197985][ T39] audit: type=1326 audit(1733800120.773:4762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10786 comm="syz.3.2112" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2522d7ff19 code=0x7ffc0000 [ 127.364743][T10808] netlink: 'syz.1.2122': attribute type 10 has an invalid length. [ 127.715510][T10825] : (slave syz_tun): Releasing backup interface [ 127.721204][T10825] team0: Port device batadv0 removed [ 127.732383][T10825] team0: Port device vlan0 removed [ 127.844387][T10839] serio: Serial port ptm0 [ 127.871531][T10843] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2138'. [ 127.965508][T10858] netlink: 'syz.3.2142': attribute type 10 has an invalid length. [ 128.012877][T10865] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2146'. [ 128.112526][T10880] usb usb9: usbfs: process 10880 (syz.1.2152) did not claim interface 0 before use [ 128.209904][T10891] netlink: 'syz.1.2157': attribute type 10 has an invalid length. [ 128.213582][T10891] : (slave syz_tun): Enslaving as an active interface with an up link [ 128.247549][T10895] tipc: Enabled bearer , priority 7 [ 128.250640][T10895] ªªªªªª: renamed from syzkaller0 [ 128.253066][T10895] tipc: Disabling bearer [ 128.424593][T10913] netlink: 'syz.2.2168': attribute type 10 has an invalid length. [ 128.520583][T10922] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2172'. [ 128.620751][T10107] bond0: (slave syz_tun): Releasing backup interface [ 128.658734][ T5940] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 128.664093][ T5940] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 128.670431][ T5940] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 128.673386][ T5940] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 128.676710][ T5940] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 128.680105][ T5940] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 128.703157][T10927] lo speed is unknown, defaulting to 1000 [ 128.780946][T10935] netlink: 9286 bytes leftover after parsing attributes in process `syz.1.2177'. [ 128.796164][T10927] chnl_net:caif_netlink_parms(): no params data found [ 128.949079][T10927] bridge0: port 1(bridge_slave_0) entered blocking state [ 128.951980][T10927] bridge0: port 1(bridge_slave_0) entered disabled state [ 128.954771][T10927] bridge_slave_0: entered allmulticast mode [ 128.960286][T10927] bridge_slave_0: entered promiscuous mode [ 128.964773][T10927] bridge0: port 2(bridge_slave_1) entered blocking state [ 128.968292][T10927] bridge0: port 2(bridge_slave_1) entered disabled state [ 128.971646][T10927] bridge_slave_1: entered allmulticast mode [ 128.975157][T10927] bridge_slave_1: entered promiscuous mode [ 129.017396][T10927] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 129.023867][T10927] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 129.072937][T10927] team0: Port device team_slave_0 added [ 129.080173][T10927] team0: Port device team_slave_1 added [ 129.294687][T10927] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 129.296605][T10927] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 129.305341][T10927] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 129.309509][T10927] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 129.311466][T10927] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 129.319308][T10927] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 129.358785][T10927] hsr_slave_0: entered promiscuous mode [ 129.361262][T10927] hsr_slave_1: entered promiscuous mode [ 129.363529][T10927] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 129.365581][T10927] Cannot create hsr debugfs directory [ 129.461490][T10927] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.545196][T10927] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.609488][T10927] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.675302][T10927] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.822158][T10927] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 129.850543][T10927] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 129.861322][T10927] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 129.873419][T10927] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 129.920026][T10927] 8021q: adding VLAN 0 to HW filter on device bond0 [ 129.941776][T10927] 8021q: adding VLAN 0 to HW filter on device team0 [ 129.951777][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 129.954687][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 129.961398][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 129.963740][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 130.074544][T10927] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 130.096457][T10927] veth0_vlan: entered promiscuous mode [ 130.101505][T10927] veth1_vlan: entered promiscuous mode [ 130.117227][T10927] veth0_macvtap: entered promiscuous mode [ 130.121293][T10927] veth1_macvtap: entered promiscuous mode [ 130.131168][T10927] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 130.136698][T10927] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 130.141645][T10927] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 130.144719][T10927] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 130.147359][T10927] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 130.149817][T10927] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 130.195329][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 130.201942][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 130.213981][ T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 130.216178][ T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 130.262663][T10982] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2173'. [ 130.471614][ T5940] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 130.477525][ T5940] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 130.480117][ T5940] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 130.482819][ T5940] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 130.485341][ T5940] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 130.487751][ T5940] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 130.586354][T10994] lo speed is unknown, defaulting to 1000 [ 130.698099][T10994] chnl_net:caif_netlink_parms(): no params data found [ 130.718239][T11014] hsr_slave_0: left promiscuous mode [ 130.724011][T11014] hsr_slave_1: left promiscuous mode [ 130.730873][ T65] Bluetooth: hci2: command tx timeout [ 130.778176][T10994] bridge0: port 1(bridge_slave_0) entered blocking state [ 130.781009][T10994] bridge0: port 1(bridge_slave_0) entered disabled state [ 130.782932][T10994] bridge_slave_0: entered allmulticast mode [ 130.785067][T10994] bridge_slave_0: entered promiscuous mode [ 130.790780][T10994] bridge0: port 2(bridge_slave_1) entered blocking state [ 130.792808][T10994] bridge0: port 2(bridge_slave_1) entered disabled state [ 130.794777][T10994] bridge_slave_1: entered allmulticast mode [ 130.796972][T10994] bridge_slave_1: entered promiscuous mode [ 130.826495][T10994] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 130.831371][T10994] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 130.849418][T11033] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2212'. [ 130.862330][T10994] team0: Port device team_slave_0 added [ 130.866231][T10994] team0: Port device team_slave_1 added [ 130.895010][T10994] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 130.907204][T10994] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 130.914051][T10994] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 130.936415][T10994] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 130.938410][T10994] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 130.945406][T10994] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 130.995905][T10994] hsr_slave_0: entered promiscuous mode [ 130.998617][T10994] hsr_slave_1: entered promiscuous mode [ 131.000619][T10994] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 131.003592][T10994] Cannot create hsr debugfs directory [ 131.005207][T11044] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2215'. [ 131.087473][T10994] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.152943][T10994] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.220342][T10994] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.322281][T10994] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.449398][T11067] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2225'. [ 131.462086][T10994] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 131.478019][T10994] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 131.482346][T10994] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 131.486072][T10994] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 131.493608][T11069] netlink: 'syz.1.2226': attribute type 10 has an invalid length. [ 131.524741][T10994] 8021q: adding VLAN 0 to HW filter on device bond0 [ 131.534689][T10994] 8021q: adding VLAN 0 to HW filter on device team0 [ 131.539697][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 131.542365][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 131.548871][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 131.550751][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 131.594842][T11077] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2229'. [ 131.653643][T10994] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 131.671287][T10994] veth0_vlan: entered promiscuous mode [ 131.674995][T10994] veth1_vlan: entered promiscuous mode [ 131.689900][T10994] veth0_macvtap: entered promiscuous mode [ 131.693111][T10994] veth1_macvtap: entered promiscuous mode [ 131.702503][T10994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 131.705159][T10994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.708838][T10994] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 131.713669][T10994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 131.717851][T10994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.722747][T10994] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 131.728642][T10994] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.732125][T10994] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.734421][T10994] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.736894][T10994] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.788213][ T1232] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 131.790330][ T1232] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 131.805266][ T1232] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 131.807336][ T1232] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 131.862278][T11104] netlink: 'syz.3.2194': attribute type 1 has an invalid length. [ 131.864488][T11104] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2194'. [ 132.200763][T11140] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2254'. [ 132.241332][T11142] team0: Device ipvlan2 failed to register rx_handler [ 132.558788][ T65] Bluetooth: hci1: command tx timeout [ 132.561915][ T39] kauditd_printk_skb: 185 callbacks suppressed [ 132.561925][ T39] audit: type=1326 audit(1733800126.154:4948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11162 comm="syz.1.2264" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65c497ff19 code=0x7ffc0000 [ 132.572012][ T39] audit: type=1326 audit(1733800126.154:4949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11162 comm="syz.1.2264" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65c497ff19 code=0x7ffc0000 [ 132.578374][ T39] audit: type=1326 audit(1733800126.164:4950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11162 comm="syz.1.2264" exe="/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7f65c497ff19 code=0x7ffc0000 [ 132.584396][ T39] audit: type=1326 audit(1733800126.164:4951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11162 comm="syz.1.2264" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65c497ff19 code=0x7ffc0000 [ 132.599197][ T39] audit: type=1326 audit(1733800126.164:4952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11162 comm="syz.1.2264" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65c497ff19 code=0x7ffc0000 [ 132.697693][T11175] pim6reg1: entered promiscuous mode [ 132.699189][T11175] pim6reg1: entered allmulticast mode [ 132.797058][ T65] Bluetooth: hci2: command tx timeout [ 132.800943][T11193] bpf_get_probe_write_proto: 26 callbacks suppressed [ 132.800956][T11193] syz.2.2277[11193] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 132.803101][T11193] syz.2.2277[11193] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 132.816696][T11193] syz.2.2277[11193] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 132.829896][T11193] netlink: 108 bytes leftover after parsing attributes in process `syz.2.2277'. [ 132.836149][T11193] netlink: 108 bytes leftover after parsing attributes in process `syz.2.2277'. [ 132.839019][T11193] netlink: 108 bytes leftover after parsing attributes in process `syz.2.2277'. [ 132.868246][T11203] 9pnet_fd: Insufficient options for proto=fd [ 132.872879][ T39] audit: type=1400 audit(1733800126.464:4953): avc: denied { mount } for pid=11204 comm="syz.1.2283" name="/" dev="configfs" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 132.880283][ T39] audit: type=1400 audit(1733800126.464:4954): avc: denied { search } for pid=11204 comm="syz.1.2283" name="/" dev="configfs" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 132.886221][ T39] audit: type=1400 audit(1733800126.464:4955): avc: denied { read } for pid=11204 comm="syz.1.2283" name="/" dev="configfs" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 132.905775][ T39] audit: type=1400 audit(1733800126.464:4956): avc: denied { open } for pid=11204 comm="syz.1.2283" path="/" dev="configfs" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 132.943767][T11210] dccp_close: ABORT with 2 bytes unread [ 132.983450][ T39] audit: type=1326 audit(1733800126.574:4957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11222 comm="syz.0.2292" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc69497ff19 code=0x7ffc0000 [ 133.012567][T11225] SELinux: Context system_u:object_r:hald_log_t:s0 is not valid (left unmapped). [ 133.100953][T11235] capability: warning: `syz.2.2297' uses 32-bit capabilities (legacy support in use) [ 133.127039][T11230] netlink: 'syz.0.2295': attribute type 21 has an invalid length. [ 133.129191][T11230] netlink: 'syz.0.2295': attribute type 6 has an invalid length. [ 133.132003][T11230] netlink: 'syz.0.2295': attribute type 21 has an invalid length. [ 133.134210][T11230] netlink: 'syz.0.2295': attribute type 6 has an invalid length. [ 133.216592][ T5823] usb 8-1: new full-speed USB device number 11 using dummy_hcd [ 133.371530][ T5823] usb 8-1: unable to get BOS descriptor set [ 133.375268][ T5823] usb 8-1: not running at top speed; connect to a high speed hub [ 133.379908][ T5823] usb 8-1: config 1 interface 0 altsetting 12 endpoint 0x2 has an invalid bInterval 0, changing to 10 [ 133.382852][ T5823] usb 8-1: config 1 interface 0 altsetting 12 endpoint 0x2 has invalid maxpacket 512, setting to 64 [ 133.385812][ T5823] usb 8-1: config 1 interface 0 has no altsetting 0 [ 133.390826][ T5823] usb 8-1: New USB device found, idVendor=0dfc, idProduct=0003, bcdDevice= 0.40 [ 133.393735][ T5823] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 133.396168][ T5823] usb 8-1: Product: syz [ 133.397857][ T5823] usb 8-1: Manufacturer: syz [ 133.399564][ T5823] usb 8-1: SerialNumber: syz [ 133.404601][T11220] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 133.489646][T11279] syz.1.2317[11279] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 133.489729][T11279] syz.1.2317[11279] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 133.494016][T11279] syz.1.2317[11279] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 133.522902][T11281] syz.2.2318[11281] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 133.528981][T11281] syz.2.2318[11281] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 133.532270][T11281] syz.2.2318[11281] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 133.646263][ T5823] usbhid 8-1:1.0: can't add hid device: -71 [ 133.652845][ T5823] usbhid 8-1:1.0: probe with driver usbhid failed with error -71 [ 133.656074][ T5823] usb 8-1: USB disconnect, device number 11 [ 134.287806][T11325] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 134.460133][T11342] hub 9-0:1.0: USB hub found [ 134.461534][T11342] hub 9-0:1.0: 1 port detected [ 134.557826][T11287] syz.1.2321: vmalloc error: size 536875008, failed to allocated page array size 1048584, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1 [ 134.563457][T11287] CPU: 2 UID: 0 PID: 11287 Comm: syz.1.2321 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0 [ 134.566274][T11287] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 134.569039][T11287] Call Trace: [ 134.569914][T11287] [ 134.570690][T11287] dump_stack_lvl+0x16c/0x1f0 [ 134.571931][T11287] warn_alloc+0x24d/0x3a0 [ 134.573065][T11287] ? __pfx_warn_alloc+0x10/0x10 [ 134.574383][T11287] ? __get_vm_area_node+0x1b0/0x2f0 [ 134.575738][T11287] ? __get_vm_area_node+0x1dc/0x2f0 [ 134.577094][T11287] __vmalloc_node_range_noprof+0x1105/0x1530 [ 134.578672][T11287] ? hash_ipport_create+0x845/0x1a00 [ 134.580076][T11287] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 134.581750][T11287] ? rcu_is_watching+0x12/0xc0 [ 134.583056][T11287] ? trace_kmalloc+0x2d/0xd0 [ 134.584358][T11287] ? __kmalloc_node_noprof.cold+0x5a/0x5f [ 134.585891][T11287] ? hash_ipport_create+0x845/0x1a00 [ 134.587266][T11287] __kvmalloc_node_noprof+0x14f/0x1a0 [ 134.588682][T11287] ? hash_ipport_create+0x845/0x1a00 [ 134.590056][T11287] hash_ipport_create+0x845/0x1a00 [ 134.591393][T11287] ? __pfx_hash_ipport_create+0x10/0x10 [ 134.592848][T11287] ? __pfx_hash_ipport_create+0x10/0x10 [ 134.594288][T11287] ? ip_set_create+0x7cb/0x14d0 [ 134.595568][T11287] ? ip_set_create+0x6c8/0x14d0 [ 134.596846][T11287] ip_set_create+0x7cb/0x14d0 [ 134.598083][T11287] ? __pfx_ip_set_create+0x10/0x10 [ 134.599447][T11287] nfnetlink_rcv_msg+0x9c3/0x11e0 [ 134.600784][T11287] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 134.602210][T11287] ? __pfx___lock_acquire+0x10/0x10 [ 134.603578][T11287] ? lock_acquire+0x2f/0xb0 [ 134.604821][T11287] ? avc_has_perm_noaudit+0x61/0x3a0 [ 134.606210][T11287] netlink_rcv_skb+0x16b/0x440 [ 134.607667][T11287] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 134.609111][T11287] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 134.610626][T11287] ? bpf_lsm_capable+0x9/0x10 [ 134.611961][T11287] ? security_capable+0x7e/0x260 [ 134.613310][T11287] ? ns_capable+0xd7/0x110 [ 134.614566][T11287] nfnetlink_rcv+0x1b4/0x430 [ 134.615566][T11353] netlink: 'syz.2.2346': attribute type 2 has an invalid length. [ 134.615824][T11287] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 134.619292][T11287] ? netlink_deliver_tap+0x1ae/0xd30 [ 134.620694][T11287] netlink_unicast+0x53c/0x7f0 [ 134.621954][T11287] ? __pfx_netlink_unicast+0x10/0x10 [ 134.623329][T11287] netlink_sendmsg+0x8b8/0xd70 [ 134.624644][T11287] ? __pfx_netlink_sendmsg+0x10/0x10 [ 134.626021][T11287] ____sys_sendmsg+0xaaf/0xc90 [ 134.627271][T11287] ? copy_msghdr_from_user+0x10b/0x160 [ 134.628703][T11287] ? __pfx_____sys_sendmsg+0x10/0x10 [ 134.630074][T11287] ___sys_sendmsg+0x135/0x1e0 [ 134.631302][T11287] ? __pfx____sys_sendmsg+0x10/0x10 [ 134.632678][T11287] ? __pfx_lock_release+0x10/0x10 [ 134.634146][T11287] ? trace_lock_acquire+0x14e/0x1f0 [ 134.635515][T11287] ? __fget_files+0x206/0x3a0 [ 134.636860][T11287] __sys_sendmsg+0x16e/0x220 [ 134.638084][T11287] ? __pfx___sys_sendmsg+0x10/0x10 [ 134.639438][T11287] ? __x64_sys_futex+0x1e1/0x4c0 [ 134.640733][T11287] do_syscall_64+0xcd/0x250 [ 134.641918][T11287] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 134.643437][T11287] RIP: 0033:0x7f65c497ff19 [ 134.644641][T11287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 134.649774][T11287] RSP: 002b:00007f65c5784058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 134.652032][T11287] RAX: ffffffffffffffda RBX: 00007f65c4b45fa0 RCX: 00007f65c497ff19 [ 134.654138][T11287] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000003 [ 134.656188][T11287] RBP: 00007f65c49f3cc8 R08: 0000000000000000 R09: 0000000000000000 [ 134.656471][ T65] Bluetooth: hci1: command tx timeout [ 134.658324][T11287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 134.658341][T11287] R13: 0000000000000000 R14: 00007f65c4b45fa0 R15: 00007ffe10e271a8 [ 134.658356][T11287] [ 134.658953][T11287] Mem-Info: [ 134.665688][T11287] active_anon:5822 inactive_anon:292 isolated_anon:0 [ 134.665688][T11287] active_file:22490 inactive_file:20741 isolated_file:0 [ 134.665688][T11287] unevictable:1768 dirty:12 writeback:0 [ 134.665688][T11287] slab_reclaimable:7721 slab_unreclaimable:76435 [ 134.665688][T11287] mapped:23928 shmem:2460 pagetables:759 [ 134.665688][T11287] sec_pagetables:303 bounce:0 [ 134.665688][T11287] kernel_misc_reclaimable:0 [ 134.665688][T11287] free:452848 free_pcp:14938 free_cma:0 [ 134.677256][T11287] Node 0 active_anon:23288kB inactive_anon:1168kB active_file:89960kB inactive_file:82888kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:95712kB dirty:48kB writeback:0kB shmem:6304kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12336kB pagetables:3036kB sec_pagetables:1212kB all_unreclaimable? no [ 134.685536][T11287] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 134.693243][T11287] Node 0 DMA free:14864kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:408kB local_pcp:0kB free_cma:0kB [ 134.700493][T11287] lowmem_reserve[]: 0 1212 0 0 0 [ 134.701926][T11287] Node 0 DMA32 free:257024kB boost:0kB min:27608kB low:34508kB high:41408kB reserved_highatomic:0KB active_anon:23288kB inactive_anon:1168kB active_file:89960kB inactive_file:82888kB unevictable:3536kB writepending:48kB present:2080628kB managed:1269912kB mlocked:0kB bounce:0kB free_pcp:11356kB local_pcp:2608kB free_cma:0kB [ 134.709791][T11287] lowmem_reserve[]: 0 0 0 0 0 [ 134.711046][T11287] Node 1 Normal free:1539504kB boost:0kB min:39632kB low:49540kB high:59448kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:3536kB writepending:0kB present:2097152kB managed:1781924kB mlocked:0kB bounce:0kB free_pcp:48416kB local_pcp:22172kB free_cma:0kB [ 134.718906][T11287] lowmem_reserve[]: 0 0 0 0 0 [ 134.720180][T11287] Node 0 DMA: 5*4kB (U) 6*8kB (U) 3*16kB (U) 3*32kB (U) 3*64kB (U) 5*128kB (U) 4*256kB (U) 5*512kB (U) 4*1024kB (U) 3*2048kB (U) 0*4096kB = 14868kB [ 134.724127][T11287] Node 0 DMA32: 12*4kB (UME) 144*8kB (UME) 145*16kB (UME) 148*32kB (UME) 107*64kB (ME) 24*128kB (UME) 11*256kB (UM) 25*512kB (UM) 64*1024kB (UM) 49*2048kB (UM) 14*4096kB (UM) = 257024kB [ 134.728996][T11287] Node 1 Normal: 195*4kB (U) 112*8kB (UME) 56*16kB (UE) 31*32kB (UME) 16*64kB (UE) 26*128kB (UME) 19*256kB (U) 18*512kB (UME) 10*1024kB (U) 10*2048kB (UM) 363*4096kB (UM) = 1539564kB [ 134.733710][T11287] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 134.736478][T11287] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 134.738914][T11287] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 134.741396][T11287] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 134.743766][T11287] 45730 total pagecache pages [ 134.745019][T11287] 39 pages in swap cache [ 134.746053][T11287] Free swap = 124056kB [ 134.747235][T11287] Total swap = 124996kB [ 134.748322][T11287] 1048443 pages RAM [ 134.749296][T11287] 0 pages HighMem/MovableOnly [ 134.750512][T11287] 281644 pages reserved [ 134.751589][T11287] 0 pages cma reserved [ 134.810966][T11359] atomic_op ffff888055f83998 conn xmit_atomic 0000000000000000 [ 134.867093][T11287] syz.1.2321 (11287) used greatest stack depth: 18896 bytes left [ 134.876284][ T65] Bluetooth: hci2: command tx timeout [ 134.948907][T11372] SELinux: policydb table sizes (0,0) do not match mine (6,7) [ 134.951138][T11372] SELinux: failed to load policy [ 135.251438][T11394] veth0_to_team: entered promiscuous mode [ 135.253028][T11394] veth0_to_team: entered allmulticast mode [ 135.373947][T11399] netlink: 'syz.0.2366': attribute type 13 has an invalid length. [ 135.379333][T11399] __nla_validate_parse: 3 callbacks suppressed [ 135.379344][T11399] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2366'. [ 135.384930][T11399] syz_tun: refused to change device tx_queue_len [ 135.391210][T11399] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 136.002494][T11425] SELinux: failed to load policy [ 136.326116][T11093] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 136.498512][T11093] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 136.502479][T11093] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 136.505866][T11093] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice= 0.00 [ 136.510447][T11093] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 136.517408][T11093] usb 7-1: config 0 descriptor?? [ 136.644156][T11472] netlink: 'syz.0.2396': attribute type 8 has an invalid length. [ 136.716808][ T65] Bluetooth: hci1: command tx timeout [ 136.803553][T11492] IPv6: Can't replace route, no match found [ 136.882671][T11502] pim6reg: entered allmulticast mode [ 136.888212][T11502] pim6reg: left allmulticast mode [ 136.956336][ T65] Bluetooth: hci2: command tx timeout [ 137.922739][ T39] kauditd_printk_skb: 206 callbacks suppressed [ 137.922752][ T39] audit: type=1400 audit(1733800131.515:5164): avc: denied { create } for pid=11553 comm="syz.0.2429" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 137.930006][ T39] audit: type=1400 audit(1733800131.515:5165): avc: denied { bind } for pid=11553 comm="syz.0.2429" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 137.935406][ T39] audit: type=1400 audit(1733800131.515:5166): avc: denied { name_bind } for pid=11553 comm="syz.0.2429" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1 [ 137.940968][ T39] audit: type=1400 audit(1733800131.515:5167): avc: denied { node_bind } for pid=11553 comm="syz.0.2429" saddr=fe80::bb src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1 [ 138.085624][ T39] audit: type=1400 audit(1733800131.675:5168): avc: denied { create } for pid=11568 comm="syz.1.2434" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 138.094445][ T39] audit: type=1400 audit(1733800131.695:5169): avc: denied { bind } for pid=11568 comm="syz.1.2434" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 138.108412][ T39] audit: type=1400 audit(1733800131.705:5170): avc: denied { create } for pid=11570 comm="syz.0.2435" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 138.109599][T11571] netlink: 'syz.0.2435': attribute type 21 has an invalid length. [ 138.114628][ T39] audit: type=1400 audit(1733800131.705:5171): avc: denied { write } for pid=11570 comm="syz.0.2435" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 138.114667][ T39] audit: type=1400 audit(1733800131.705:5172): avc: denied { nlmsg_write } for pid=11570 comm="syz.0.2435" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 138.467878][ T39] audit: type=1400 audit(1733800132.065:5173): avc: denied { write } for pid=11596 comm="syz.3.2445" name="001" dev="devtmpfs" ino=748 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 138.631456][T11614] syz.0.2453[11614] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 138.631504][T11614] syz.0.2453[11614] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 138.634736][T11614] syz.0.2453[11614] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 138.704934][T11622] netlink: 108 bytes leftover after parsing attributes in process `syz.0.2457'. [ 138.711352][T11622] netlink: 108 bytes leftover after parsing attributes in process `syz.0.2457'. [ 138.713784][T11622] netlink: 84 bytes leftover after parsing attributes in process `syz.0.2457'. [ 138.746924][T11626] netlink: 16178 bytes leftover after parsing attributes in process `syz.0.2459'. [ 138.805759][ T65] Bluetooth: hci1: command tx timeout [ 139.094702][T11093] usbhid 7-1:0.0: can't add hid device: -71 [ 139.097360][T11093] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 139.100895][T11093] usb 7-1: USB disconnect, device number 7 [ 139.390938][T11665] lo speed is unknown, defaulting to 1000 [ 139.663256][T11676] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2480'. [ 139.882331][T11689] syz.3.2485[11689] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 139.882385][T11689] syz.3.2485[11689] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 139.885633][T11689] syz.3.2485[11689] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 139.913619][T10154] bond0: (slave syz_tun): Releasing backup interface [ 139.921127][ T5940] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 139.926725][ T5940] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 139.930035][ T5940] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 139.932573][ T5940] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 139.936545][ T5940] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 139.938651][ T5940] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 139.966505][T11690] lo speed is unknown, defaulting to 1000 [ 140.054845][T11690] chnl_net:caif_netlink_parms(): no params data found [ 140.102494][T11703] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2489'. [ 140.148007][T11690] bridge0: port 1(bridge_slave_0) entered blocking state [ 140.150427][T11690] bridge0: port 1(bridge_slave_0) entered disabled state [ 140.153050][T11690] bridge_slave_0: entered allmulticast mode [ 140.156320][T11690] bridge_slave_0: entered promiscuous mode [ 140.161154][T11690] bridge0: port 2(bridge_slave_1) entered blocking state [ 140.163047][T11690] bridge0: port 2(bridge_slave_1) entered disabled state [ 140.164966][T11690] bridge_slave_1: entered allmulticast mode [ 140.167503][T11690] bridge_slave_1: entered promiscuous mode [ 140.198504][T11690] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 140.202694][T11690] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 140.216546][T11720] siw: device registration error -23 [ 140.249702][T11690] team0: Port device team_slave_0 added [ 140.254251][T11690] team0: Port device team_slave_1 added [ 140.259221][T11724] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 140.263211][T11724] TCP: tcp_parse_options: Illegal window scaling value 16 > 14 received [ 140.286083][T11690] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 140.287997][T11690] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 140.290800][T11728] program syz.2.2499 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 140.294626][T11690] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 140.301757][T11690] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 140.303553][T11690] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 140.310966][T11690] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 140.361293][T11690] hsr_slave_0: entered promiscuous mode [ 140.364243][T11690] hsr_slave_1: entered promiscuous mode [ 140.370192][T11690] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 140.373128][T11690] Cannot create hsr debugfs directory [ 140.399141][T11739] syz.1.2503[11739] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 140.399215][T11739] syz.1.2503[11739] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 140.403377][T11739] syz.1.2503[11739] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 140.519671][T11690] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 140.620253][T11690] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 140.654559][T11741] usb 1-1: USB disconnect, device number 3 [ 140.703872][T11690] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 140.770756][T11690] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 140.922942][T11690] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 140.927683][T11690] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 140.938105][T11690] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 140.993029][T11690] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 141.045504][T11690] 8021q: adding VLAN 0 to HW filter on device bond0 [ 141.056565][T11690] 8021q: adding VLAN 0 to HW filter on device team0 [ 141.066620][ T69] bridge0: port 1(bridge_slave_0) entered blocking state [ 141.069412][ T69] bridge0: port 1(bridge_slave_0) entered forwarding state [ 141.073607][ T69] bridge0: port 2(bridge_slave_1) entered blocking state [ 141.076336][ T69] bridge0: port 2(bridge_slave_1) entered forwarding state [ 141.161500][T11690] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 141.188326][T11690] veth0_vlan: entered promiscuous mode [ 141.192325][T11690] veth1_vlan: entered promiscuous mode [ 141.202967][T11789] netlink: 'syz.2.2523': attribute type 10 has an invalid length. [ 141.208517][T11789] geneve0: entered promiscuous mode [ 141.213081][T11789] bond0: (slave geneve0): Enslaving as an active interface with an up link [ 141.217641][T11690] veth0_macvtap: entered promiscuous mode [ 141.227147][T11690] veth1_macvtap: entered promiscuous mode [ 141.334467][T11690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 141.338328][T11690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.341823][T11690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 141.345560][T11690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.349704][T11690] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 141.354319][T11690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 141.359150][T11690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.362479][T11690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 141.367442][T11690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.373498][T11690] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 141.380636][T11690] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.385619][T11690] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.387979][T11690] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.390283][T11690] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.442109][ T74] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 141.444197][ T74] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 141.463048][ T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 141.465158][ T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 141.608987][T11839] support for cryptoloop has been removed. Use dm-crypt instead. [ 141.650344][T11849] random: crng reseeded on system resumption [ 141.995532][ T5940] Bluetooth: hci3: command tx timeout [ 142.065585][T11889] netlink: 'syz.1.2564': attribute type 3 has an invalid length. [ 142.453569][T11904] netlink: 'syz.3.2571': attribute type 3 has an invalid length. [ 142.547133][T11910] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2574'. [ 142.766633][T11879] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 142.768413][T11879] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 142.770142][T11879] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 142.773405][T11879] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 142.777195][T11879] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 142.778857][T11879] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 142.781545][T11879] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 142.785022][T11879] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 142.787191][T11879] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 142.791188][T11879] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 142.824143][ T5928] : (slave syz_tun): Releasing backup interface [ 142.858676][ T65] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 142.870242][ T65] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 142.876410][ T65] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 142.889013][ T65] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 142.898053][ T65] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 142.900373][ T65] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 142.922657][T11931] syz.3.2582[11931] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 142.923225][T11894] lo speed is unknown, defaulting to 1000 [ 142.962390][ T39] kauditd_printk_skb: 363 callbacks suppressed [ 142.962403][ T39] audit: type=1400 audit(1733800136.555:5537): avc: denied { unlink } for pid=10927 comm="syz-executor" name="file0" dev="tmpfs" ino=502 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 143.055206][ T39] audit: type=1400 audit(1733800136.645:5538): avc: denied { module_request } for pid=11894 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 143.076948][T11945] netem: unknown loss type 0 [ 143.078607][T11945] netem: change failed [ 143.080514][T11894] chnl_net:caif_netlink_parms(): no params data found [ 143.109662][ T39] audit: type=1400 audit(1733800136.705:5539): avc: denied { create } for pid=11948 comm="syz.2.2589" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 143.114975][ T39] audit: type=1400 audit(1733800136.705:5540): avc: denied { ioctl } for pid=11948 comm="syz.2.2589" path="socket:[30630]" dev="sockfs" ino=30630 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 143.207526][T11894] bridge0: port 1(bridge_slave_0) entered blocking state [ 143.209568][T11894] bridge0: port 1(bridge_slave_0) entered disabled state [ 143.211529][T11894] bridge_slave_0: entered allmulticast mode [ 143.219951][T11894] bridge_slave_0: entered promiscuous mode [ 143.222541][T11894] bridge0: port 2(bridge_slave_1) entered blocking state [ 143.224549][T11894] bridge0: port 2(bridge_slave_1) entered disabled state [ 143.226667][T11894] bridge_slave_1: entered allmulticast mode [ 143.228775][T11894] bridge_slave_1: entered promiscuous mode [ 143.253587][T11894] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 143.258148][T11894] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 143.262337][ T39] audit: type=1400 audit(1733800136.855:5541): avc: denied { write } for pid=11929 comm="syz.3.2582" name="001" dev="devtmpfs" ino=742 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 143.275009][ T39] audit: type=1400 audit(1733800136.875:5542): avc: denied { write } for pid=11966 comm="syz.2.2594" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 143.302967][T11894] team0: Port device team_slave_0 added [ 143.307571][T11894] team0: Port device team_slave_1 added [ 143.340792][T11894] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 143.342841][T11894] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 143.351211][T11894] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 143.355535][T11894] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 143.357734][T11894] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 143.364545][T11894] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 143.391094][T11894] hsr_slave_0: entered promiscuous mode [ 143.393265][T11894] hsr_slave_1: entered promiscuous mode [ 143.399444][T11894] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 143.401438][T11894] Cannot create hsr debugfs directory [ 143.461594][ T39] audit: type=1400 audit(1733800137.055:5543): avc: denied { ioctl } for pid=11975 comm="syz.0.2598" path="/dev/virtual_nci" dev="devtmpfs" ino=709 ioctlcmd=0x0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 143.510757][T11894] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.520507][T11983] netlink: 'syz.0.2600': attribute type 3 has an invalid length. [ 143.530507][T11981] hub 1-0:1.0: USB hub found [ 143.532223][T11981] hub 1-0:1.0: 6 ports detected [ 143.572970][T11894] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.628747][T11894] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.693625][T11894] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.705515][ T5973] usb 1-1: new high-speed USB device number 4 using ehci-pci [ 143.717209][ T39] audit: type=1400 audit(1733800137.315:5544): avc: denied { connect } for pid=11989 comm="syz.2.2603" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 143.722969][ T39] audit: type=1400 audit(1733800137.315:5545): avc: denied { create } for pid=11989 comm="syz.2.2603" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 143.729118][ T39] audit: type=1400 audit(1733800137.315:5546): avc: denied { bind } for pid=11989 comm="syz.2.2603" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 143.883057][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.886226][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.888644][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.891033][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.893557][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.896243][ T5973] usb 1-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 143.899252][ T5973] usb 1-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 143.901916][ T5973] usb 1-1: Product: QEMU USB Tablet [ 143.903640][ T5973] usb 1-1: Manufacturer: QEMU [ 143.905398][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.908007][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.910578][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.913196][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.916652][ T5973] usb 1-1: SerialNumber: 28754-0000:00:1d.7-1 [ 143.921345][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.923182][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.925655][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.928136][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.929988][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.931834][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.933836][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.937579][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.939523][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.941544][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.943218][T11894] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 143.943996][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.950058][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.952238][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.954212][T11894] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 143.954365][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.958122][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.959941][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.961568][T11894] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 143.969520][ T5973] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb1/1-1/1-1:1.0/0003:0627:0001.0006/input/input6 [ 143.970071][T11894] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 143.974252][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.980201][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.982866][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.985903][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.986937][T11894] bridge0: port 2(bridge_slave_1) entered blocking state [ 143.988451][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.990518][T11894] bridge0: port 2(bridge_slave_1) entered forwarding state [ 143.992961][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 143.996169][T11894] bridge0: port 1(bridge_slave_0) entered blocking state [ 143.998965][ T9] hid-generic 0000:FFFFFFFF:0000.0005: unknown main item tag 0x0 [ 144.001184][T11894] bridge0: port 1(bridge_slave_0) entered forwarding state [ 144.007074][ T9] hid-generic 0000:FFFFFFFF:0000.0005: hidraw0: HID vffffff.fe Device [sy] on syz0 [ 144.014596][ T1144] bridge0: port 1(bridge_slave_0) entered disabled state [ 144.025244][ T1144] bridge0: port 2(bridge_slave_1) entered disabled state [ 144.046963][ T5973] hid-generic 0003:0627:0001.0006: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 144.084539][T11894] 8021q: adding VLAN 0 to HW filter on device bond0 [ 144.100964][T11894] 8021q: adding VLAN 0 to HW filter on device team0 [ 144.105710][ T74] bridge0: port 1(bridge_slave_0) entered blocking state [ 144.107823][ T74] bridge0: port 1(bridge_slave_0) entered forwarding state [ 144.122186][ T74] bridge0: port 2(bridge_slave_1) entered blocking state [ 144.124147][ T74] bridge0: port 2(bridge_slave_1) entered forwarding state [ 144.244508][T11894] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 144.271586][T11894] veth0_vlan: entered promiscuous mode [ 144.277319][T11894] veth1_vlan: entered promiscuous mode [ 144.293756][T11894] veth0_macvtap: entered promiscuous mode [ 144.299579][T11894] veth1_macvtap: entered promiscuous mode [ 144.308602][T12038] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=12038 comm=syz.0.2622 [ 144.308878][T11894] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 144.320994][T11894] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 144.323786][T11894] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 144.327829][T11894] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 144.331215][T11894] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 144.334117][T11894] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 144.339001][T11894] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 144.352680][T11894] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 144.358154][T11894] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 144.360885][T11894] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 144.364437][T11894] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 144.368098][T11894] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 144.370787][T11894] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 144.373924][T11894] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 144.378681][T11894] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.381003][T11894] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.383257][T11894] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.385982][T11894] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.418176][ T1232] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 144.420249][ T1232] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 144.438761][ T1232] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 144.442873][ T1232] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 144.504578][T12057] rdma_rxe: rxe_newlink: failed to add lo [ 144.604906][T12066] block device autoloading is deprecated and will be removed. [ 144.605569][T10994] block device autoloading is deprecated and will be removed. [ 144.730712][T12078] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2638'. [ 144.797588][ T5940] Bluetooth: hci3: command 0x040f tx timeout [ 144.805132][ T5940] Bluetooth: hci1: command 0x0c1a tx timeout [ 144.806912][ T5940] Bluetooth: hci2: command 0x0c1a tx timeout [ 144.955066][ T65] Bluetooth: hci0: command tx timeout [ 145.024101][T12114] tmpfs: Bad value for 'mpol' [ 145.444718][T12140] bpf_get_probe_write_proto: 2 callbacks suppressed [ 145.444732][T12140] syz.2.2662[12140] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 145.446654][T12140] syz.2.2662[12140] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 145.449669][T12140] syz.2.2662[12140] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 145.709794][T12153] usb 1-1: USB disconnect, device number 4 [ 145.796472][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 145.819077][ T5973] kernel write not supported for file /vcsu (pid: 5973 comm: kworker/0:3) [ 146.070404][T12164] x_tables: ip6_tables: socket match: used from hooks OUTPUT, but only valid from PREROUTING/INPUT [ 146.679799][T12223] netlink: 'syz.3.2698': attribute type 1 has an invalid length. [ 146.874866][ T65] Bluetooth: hci2: command 0x0c1a tx timeout [ 146.876281][ T5940] Bluetooth: hci1: command 0x0c1a tx timeout [ 146.876475][ T5934] Bluetooth: hci3: command 0x040f tx timeout [ 147.035371][ T5940] Bluetooth: hci0: command tx timeout [ 147.251490][T12277] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2723'. [ 147.667304][T12328] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2743'. [ 147.710687][T12333] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2746'. [ 148.398074][T12367] netlink: 'syz.0.2757': attribute type 21 has an invalid length. [ 148.655443][ T39] kauditd_printk_skb: 200 callbacks suppressed [ 148.655465][ T39] audit: type=1400 audit(1733800142.246:5747): avc: denied { getopt } for pid=12374 comm="syz.0.2761" lport=40933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 148.864279][ T39] audit: type=1400 audit(1733800142.456:5748): avc: denied { write } for pid=12390 comm="syz.2.2767" path="socket:[33280]" dev="sockfs" ino=33280 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 148.946140][T12400] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2773'. [ 148.950286][T12400] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 148.953027][T12400] IPv6: NLM_F_CREATE should be set when creating new route [ 148.955877][T12400] IPv6: NLM_F_CREATE should be set when creating new route [ 148.958113][ T5940] Bluetooth: hci2: command 0x0c1a tx timeout [ 148.958409][T12400] IPv6: NLM_F_CREATE should be set when creating new route [ 148.958440][ T5934] Bluetooth: hci1: command 0x0c1a tx timeout [ 148.965101][ T65] Bluetooth: hci3: command 0x040f tx timeout [ 148.974854][ T39] audit: type=1400 audit(1733800142.566:5749): avc: denied { watch watch_reads } for pid=12399 comm="syz.1.2772" path="/21/file0" dev="tmpfs" ino=126 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 148.995518][ T39] audit: type=1400 audit(1733800142.596:5750): avc: denied { setopt } for pid=12404 comm="syz.3.2775" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 149.117726][ T5934] Bluetooth: hci0: command tx timeout [ 149.149731][ T39] audit: type=1400 audit(1733800142.746:5751): avc: denied { setopt } for pid=12422 comm="syz.3.2783" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 149.253965][ T39] audit: type=1400 audit(1733800142.846:5752): avc: denied { prog_load } for pid=12430 comm="syz.3.2788" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 149.263898][ T39] audit: type=1400 audit(1733800142.846:5753): avc: denied { bpf } for pid=12430 comm="syz.3.2788" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 149.270898][ T39] audit: type=1400 audit(1733800142.846:5754): avc: denied { perfmon } for pid=12430 comm="syz.3.2788" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 149.277709][ T39] audit: type=1400 audit(1733800142.856:5755): avc: denied { prog_run } for pid=12430 comm="syz.3.2788" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 149.283776][ T39] audit: type=1400 audit(1733800142.866:5756): avc: denied { append } for pid=5329 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 149.637186][T12463] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2804'. [ 149.680393][T12468] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in; [ 149.680393][T12468] program syz.2.2807 not setting count and/or reply_len properly [ 149.947286][T12494] tmpfs: Unknown parameter 'nr' [ 149.978513][T12497] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2822'. [ 150.059399][T12508] sch_tbf: peakrate 64 is lower than or equals to rate 127 ! [ 150.317888][T12544] rdma_op ffff888032f2e9f0 conn xmit_rdma 0000000000000000 [ 150.501235][T12572] lo speed is unknown, defaulting to 1000 [ 150.528529][T12572] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 150.536627][ T5993] kernel write not supported for file /191/attr/keycreate (pid: 5993 comm: kworker/0:6) [ 151.034373][ T5934] Bluetooth: hci3: command 0x040f tx timeout [ 151.204343][ T5934] Bluetooth: hci0: command tx timeout [ 151.561836][T12643] program syz.3.2887 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 151.759495][T12656] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in; [ 151.759495][T12656] program syz.3.2893 not setting count and/or reply_len properly [ 151.997350][T12669] SELinux: Context Ü is not valid (left unmapped). [ 152.263884][T12687] batadv1: entered promiscuous mode [ 152.266483][T12687] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 152.429473][T12701] syz.2.2915[12701] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 152.429528][T12701] syz.2.2915[12701] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 152.432599][T12701] syz.2.2915[12701] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 152.451878][T12701] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2915'. [ 152.893721][ T69] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 152.961805][ T69] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 153.050845][ T69] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 153.108318][ T65] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 153.112341][ T65] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 153.119753][ T65] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 153.124800][ T65] Bluetooth: hci3: command 0x040f tx timeout [ 153.137761][ T65] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 153.140658][ T65] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 153.141946][ T69] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 153.143269][ T65] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 153.166947][T12735] lo speed is unknown, defaulting to 1000 [ 153.254386][T12735] chnl_net:caif_netlink_parms(): no params data found [ 153.290796][ T69] bridge_slave_1: left allmulticast mode [ 153.292860][ T69] bridge_slave_1: left promiscuous mode [ 153.296252][ T69] bridge0: port 2(bridge_slave_1) entered disabled state [ 153.300632][ T69] bridge_slave_0: left allmulticast mode [ 153.302141][ T69] bridge_slave_0: left promiscuous mode [ 153.303687][ T69] bridge0: port 1(bridge_slave_0) entered disabled state [ 153.529181][ T69] bond0 (unregistering): (slave geneve0): Releasing backup interface [ 153.764150][ T69] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 153.770874][ T69] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 153.776696][ T69] bond0 (unregistering): Released all slaves [ 153.828966][ T39] kauditd_printk_skb: 379 callbacks suppressed [ 153.828977][ T39] audit: type=1400 audit(1733800147.427:6136): avc: denied { search } for pid=5647 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 153.836298][ T39] audit: type=1400 audit(1733800147.427:6137): avc: denied { read } for pid=5647 comm="dhcpcd" name="n113" dev="tmpfs" ino=6869 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 153.841761][ T39] audit: type=1400 audit(1733800147.427:6138): avc: denied { open } for pid=5647 comm="dhcpcd" path="/run/udev/data/n113" dev="tmpfs" ino=6869 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 153.848759][ T39] audit: type=1400 audit(1733800147.427:6139): avc: denied { getattr } for pid=5647 comm="dhcpcd" path="/run/udev/data/n113" dev="tmpfs" ino=6869 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 153.903744][T12735] bridge0: port 1(bridge_slave_0) entered blocking state [ 153.905619][T12735] bridge0: port 1(bridge_slave_0) entered disabled state [ 153.907595][T12735] bridge_slave_0: entered allmulticast mode [ 153.909691][T12735] bridge_slave_0: entered promiscuous mode [ 153.912490][T12735] bridge0: port 2(bridge_slave_1) entered blocking state [ 153.916087][T12735] bridge0: port 2(bridge_slave_1) entered disabled state [ 153.918215][T12735] bridge_slave_1: entered allmulticast mode [ 153.920318][T12735] bridge_slave_1: entered promiscuous mode [ 153.920336][ T39] audit: type=1400 audit(1733800147.517:6140): avc: denied { sys_module } for pid=12753 comm="syz.1.2934" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 153.956812][ T39] audit: type=1400 audit(1733800147.557:6141): avc: denied { read } for pid=12757 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=1768 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 153.968780][ T39] audit: type=1400 audit(1733800147.557:6142): avc: denied { open } for pid=12757 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1768 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 153.982496][ T39] audit: type=1400 audit(1733800147.557:6143): avc: denied { getattr } for pid=12757 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1768 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 153.991015][ T39] audit: type=1400 audit(1733800147.567:6144): avc: denied { write } for pid=12755 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1767 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 153.998016][ T39] audit: type=1400 audit(1733800147.567:6145): avc: denied { add_name } for pid=12755 comm="dhcpcd-run-hook" name="resolv.conf.eth2.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 154.053740][T12735] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 154.065160][T12735] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 154.099163][T12735] team0: Port device team_slave_0 added [ 154.104807][T12735] team0: Port device team_slave_1 added [ 154.143657][T12735] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 154.145713][T12735] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 154.152770][T12735] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 154.175088][T12735] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 154.177235][T12735] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 154.186770][T12735] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 154.269384][T12735] hsr_slave_0: entered promiscuous mode [ 154.284656][T12735] hsr_slave_1: entered promiscuous mode [ 154.286792][T12735] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 154.288864][T12735] Cannot create hsr debugfs directory [ 154.327656][ T69] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 154.330489][ T69] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 154.343465][ T69] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 154.348241][ T69] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 154.362888][T12733] syz.0.2927: vmalloc error: size 2101248, failed to allocated page array size 4104, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1 [ 154.367788][T12733] CPU: 1 UID: 0 PID: 12733 Comm: syz.0.2927 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0 [ 154.370558][T12733] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 154.373504][T12733] Call Trace: [ 154.374477][T12733] [ 154.375322][T12733] dump_stack_lvl+0x16c/0x1f0 [ 154.376643][T12733] warn_alloc+0x24d/0x3a0 [ 154.377798][T12733] ? __pfx_warn_alloc+0x10/0x10 [ 154.379240][T12733] ? __get_vm_area_node+0x1b0/0x2f0 [ 154.380649][T12733] ? __get_vm_area_node+0x1dc/0x2f0 [ 154.382143][T12733] __vmalloc_node_range_noprof+0x1105/0x1530 [ 154.383988][T12733] ? hash_netiface_create+0x3ea/0x1250 [ 154.385584][T12733] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 154.387367][T12733] ? __get_vm_area_node+0x1b0/0x2f0 [ 154.388848][T12733] ? __get_vm_area_node+0x1dc/0x2f0 [ 154.390225][T12733] __vmalloc_node_range_noprof+0xd85/0x1530 [ 154.391787][T12733] ? hash_netiface_create+0x3ea/0x1250 [ 154.393182][T12733] ? hash_netiface_create+0x3ea/0x1250 [ 154.394550][T12733] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 154.396174][T12733] ? rcu_is_watching+0x12/0xc0 [ 154.397414][T12733] ? trace_kmalloc+0x2d/0xd0 [ 154.398645][T12733] ? __kmalloc_node_noprof.cold+0x5a/0x5f [ 154.400198][T12733] ? hash_netiface_create+0x3ea/0x1250 [ 154.401716][T12733] __kvmalloc_node_noprof+0x14f/0x1a0 [ 154.403264][T12733] ? hash_netiface_create+0x3ea/0x1250 [ 154.404732][T12733] hash_netiface_create+0x3ea/0x1250 [ 154.406385][T12733] ? __nla_parse+0xb/0x60 [ 154.407697][T12733] ? __pfx_hash_netiface_create+0x10/0x10 [ 154.409232][T12733] ip_set_create+0x7cb/0x14d0 [ 154.410459][T12733] ? __pfx_ip_set_create+0x10/0x10 [ 154.411807][T12733] nfnetlink_rcv_msg+0x9c3/0x11e0 [ 154.413103][T12733] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 154.414525][T12733] ? __pfx___lock_acquire+0x10/0x10 [ 154.415286][ T69] veth1_macvtap: left promiscuous mode [ 154.415909][T12733] ? lock_acquire+0x2f/0xb0 [ 154.415925][T12733] ? avc_has_perm_noaudit+0x61/0x3a0 [ 154.418519][ T69] veth0_macvtap: left promiscuous mode [ 154.419533][T12733] netlink_rcv_skb+0x16b/0x440 [ 154.421727][ T69] veth1_vlan: left promiscuous mode [ 154.423200][T12733] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 154.425531][ T69] veth0_vlan: left promiscuous mode [ 154.426454][T12733] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 154.430784][T12733] ? bpf_lsm_capable+0x9/0x10 [ 154.432064][T12733] ? security_capable+0x7e/0x260 [ 154.433398][T12733] ? ns_capable+0xd7/0x110 [ 154.434627][T12733] nfnetlink_rcv+0x1b4/0x430 [ 154.435873][T12733] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 154.437217][T12733] ? netlink_deliver_tap+0x1ae/0xd30 [ 154.438637][T12733] netlink_unicast+0x53c/0x7f0 [ 154.439955][T12733] ? __pfx_netlink_unicast+0x10/0x10 [ 154.441390][T12733] netlink_sendmsg+0x8b8/0xd70 [ 154.442731][T12733] ? __pfx_netlink_sendmsg+0x10/0x10 [ 154.444211][T12733] ____sys_sendmsg+0xaaf/0xc90 [ 154.445605][T12733] ? copy_msghdr_from_user+0x10b/0x160 [ 154.447206][T12733] ? __pfx_____sys_sendmsg+0x10/0x10 [ 154.448773][T12733] ___sys_sendmsg+0x135/0x1e0 [ 154.450097][T12733] ? __pfx____sys_sendmsg+0x10/0x10 [ 154.451477][T12733] ? __pfx_lock_release+0x10/0x10 [ 154.452804][T12733] ? trace_lock_acquire+0x14e/0x1f0 [ 154.454125][T12733] ? __fget_files+0x206/0x3a0 [ 154.455330][T12733] __sys_sendmsg+0x16e/0x220 [ 154.456563][T12733] ? __pfx___sys_sendmsg+0x10/0x10 [ 154.457907][T12733] ? __x64_sys_futex+0x1e1/0x4c0 [ 154.459214][T12733] do_syscall_64+0xcd/0x250 [ 154.460430][T12733] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.461969][T12733] RIP: 0033:0x7f7fe0b7ff19 [ 154.463131][T12733] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 154.468097][T12733] RSP: 002b:00007f7fe18e7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 154.470205][T12733] RAX: ffffffffffffffda RBX: 00007f7fe0d46160 RCX: 00007f7fe0b7ff19 [ 154.472293][T12733] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 154.474314][T12733] RBP: 00007f7fe0bf3cc8 R08: 0000000000000000 R09: 0000000000000000 [ 154.476425][T12733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 154.478521][T12733] R13: 0000000000000000 R14: 00007f7fe0d46160 R15: 00007ffeb54d6448 [ 154.480568][T12733] [ 154.482611][T12733] Mem-Info: [ 154.483491][T12733] active_anon:316 inactive_anon:5753 isolated_anon:0 [ 154.483491][T12733] active_file:2419 inactive_file:38881 isolated_file:0 [ 154.483491][T12733] unevictable:1768 dirty:9 writeback:0 [ 154.483491][T12733] slab_reclaimable:7610 slab_unreclaimable:85308 [ 154.483491][T12733] mapped:24008 shmem:2425 pagetables:738 [ 154.483491][T12733] sec_pagetables:304 bounce:0 [ 154.483491][T12733] kernel_misc_reclaimable:0 [ 154.483491][T12733] free:428083 free_pcp:13121 free_cma:0 [ 154.495369][T12733] Node 0 active_anon:1260kB inactive_anon:23012kB active_file:9676kB inactive_file:155448kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:93636kB dirty:36kB writeback:0kB shmem:6164kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12784kB pagetables:2936kB sec_pagetables:1216kB all_unreclaimable? no [ 154.504049][T12733] Node 1 active_anon:4kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:2396kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:16kB sec_pagetables:0kB all_unreclaimable? no [ 154.511735][T12733] Node 0 DMA free:8068kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:252kB local_pcp:96kB free_cma:0kB [ 154.518749][T12733] lowmem_reserve[]: 0 1212 0 0 0 [ 154.520127][T12733] Node 0 DMA32 free:170028kB boost:0kB min:27608kB low:34508kB high:41408kB reserved_highatomic:0KB active_anon:1260kB inactive_anon:23012kB active_file:9676kB inactive_file:155448kB unevictable:3536kB writepending:36kB present:2080628kB managed:1269912kB mlocked:0kB bounce:0kB free_pcp:8812kB local_pcp:5948kB free_cma:0kB [ 154.527952][T12733] lowmem_reserve[]: 0 0 0 0 0 [ 154.529227][T12733] Node 1 Normal free:1534236kB boost:0kB min:39632kB low:49540kB high:59448kB reserved_highatomic:0KB active_anon:4kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:3536kB writepending:0kB present:2097152kB managed:1781924kB mlocked:0kB bounce:0kB free_pcp:43708kB local_pcp:6516kB free_cma:0kB [ 154.536685][T12733] lowmem_reserve[]: 0 0 0 0 0 [ 154.537960][T12733] Node 0 DMA: 2*4kB (U) 2*8kB (U) 2*16kB (U) 3*32kB (U) 4*64kB (U) 2*128kB (U) 1*256kB (U) 2*512kB (U) 2*1024kB (U) 2*2048kB (U) 0*4096kB = 8088kB [ 154.542226][T12733] Node 0 DMA32: 159*4kB (UM) 429*8kB (UME) 320*16kB (ME) 215*32kB (UME) 140*64kB (UME) 23*128kB (UME) 14*256kB (M) 8*512kB (M) 17*1024kB (UM) 49*2048kB (UM) 4*4096kB (U) = 169796kB [ 154.547336][T12733] Node 1 Normal: 13*4kB (U) 61*8kB (UME) 54*16kB (UME) 190*32kB (UME) 81*64kB (UME) 52*128kB (UME) 30*256kB (U) 28*512kB (UME) 18*1024kB (U) 24*2048kB (UM) 348*4096kB (UM) = 1534332kB [ 154.552110][T12733] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 154.554565][T12733] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 154.556979][T12733] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 154.559451][T12733] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 154.561929][T12733] 43761 total pagecache pages [ 154.563350][T12733] 35 pages in swap cache [ 154.564615][T12733] Free swap = 120008kB [ 154.565737][T12733] Total swap = 124996kB [ 154.566863][T12733] 1048443 pages RAM [ 154.568013][T12733] 0 pages HighMem/MovableOnly [ 154.569327][T12733] 281644 pages reserved [ 154.570491][T12733] 0 pages cma reserved [ 155.194054][ T5934] Bluetooth: hci2: command tx timeout [ 155.593456][ T69] team0 (unregistering): Port device team_slave_1 removed [ 155.745310][ T69] team0 (unregistering): Port device team_slave_0 removed [ 156.476259][T12822] lo speed is unknown, defaulting to 1000 [ 156.705739][T12855] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2970'. [ 156.816184][ T6406] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x4 [ 156.818935][ T6406] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x2 [ 156.821180][ T6406] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0 [ 156.824674][ T6406] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0 [ 156.827375][ T6406] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0 [ 156.829911][ T6406] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0 [ 156.832042][ T6406] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0 [ 156.834654][ T6406] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0 [ 156.837197][ T6406] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0 [ 156.839268][ T6406] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0 [ 156.841450][ T6406] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0 [ 156.843635][ T6406] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0 [ 156.845657][ T6406] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0 [ 156.847806][ T6406] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0 [ 156.849798][ T6406] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0 [ 156.851701][ T6406] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0 [ 156.856453][ T6406] hid-generic 0000:3000000:0000.0007: hidraw0: HID v0.00 Device [sy] on syz0 [ 157.056489][T12880] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2977'. [ 157.232544][T12735] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 157.268186][T12735] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 157.271695][T12735] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 157.274190][ T5934] Bluetooth: hci2: command tx timeout [ 157.291405][T12735] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 157.323875][T12735] 8021q: adding VLAN 0 to HW filter on device bond0 [ 157.337321][T12735] 8021q: adding VLAN 0 to HW filter on device team0 [ 157.342162][ T74] bridge0: port 1(bridge_slave_0) entered blocking state [ 157.344708][ T74] bridge0: port 1(bridge_slave_0) entered forwarding state [ 157.351285][ T99] bridge0: port 2(bridge_slave_1) entered blocking state [ 157.353901][ T99] bridge0: port 2(bridge_slave_1) entered forwarding state [ 157.445142][T12735] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 157.475609][T12735] veth0_vlan: entered promiscuous mode [ 157.479549][T12735] veth1_vlan: entered promiscuous mode [ 157.492099][T12735] veth0_macvtap: entered promiscuous mode [ 157.495492][T12735] veth1_macvtap: entered promiscuous mode [ 157.501502][T12735] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 157.504985][T12735] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.507468][T12735] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 157.510691][T12735] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.513234][T12735] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 157.520062][T12735] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.523162][T12735] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 157.528618][T12735] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 157.531458][T12735] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.534683][T12735] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 157.537241][T12735] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.539748][T12735] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 157.542342][T12735] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.545811][T12735] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 157.549948][T12735] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.552135][T12735] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.554533][T12735] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.556717][T12735] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.611178][ T69] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 157.616859][ T69] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 157.630606][ T1232] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 157.632608][ T1232] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 157.635150][T12932] SELinux: failed to load policy [ 157.772932][T12951] syz.0.2998[12951] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 157.772978][T12951] syz.0.2998[12951] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 157.776252][T12951] syz.0.2998[12951] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 157.855011][T12956] Falling back ldisc for ttyS3. [ 158.584989][T13008] random: crng reseeded on system resumption [ 158.892360][ T39] kauditd_printk_skb: 430 callbacks suppressed [ 158.892375][ T39] audit: type=1400 audit(1868017880.490:6576): avc: denied { create } for pid=13029 comm="syz.2.3036" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 158.900202][ T39] audit: type=1326 audit(1868017880.490:6577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13027 comm="syz.0.3034" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fe0b7ff19 code=0x7ffc0000 [ 158.913142][ T39] audit: type=1326 audit(1868017880.490:6578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13027 comm="syz.0.3034" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fe0b7ff19 code=0x7ffc0000 [ 158.920922][ T39] audit: type=1326 audit(1868017880.490:6579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13027 comm="syz.0.3034" exe="/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f7fe0b7ff19 code=0x7ffc0000 [ 158.931574][ T39] audit: type=1326 audit(1868017880.490:6580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13027 comm="syz.0.3034" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fe0b7ff19 code=0x7ffc0000 [ 158.939198][ T39] audit: type=1326 audit(1868017880.490:6581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13027 comm="syz.0.3034" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fe0b7ff19 code=0x7ffc0000 [ 158.954312][ T39] audit: type=1400 audit(1868017880.500:6582): avc: denied { getopt } for pid=13029 comm="syz.2.3036" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 158.987962][T13042] netlink: 76 bytes leftover after parsing attributes in process `syz.0.3041'. [ 159.014901][ T39] audit: type=1400 audit(1868017880.620:6583): avc: denied { bind } for pid=13043 comm="syz.2.3042" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 159.059843][ T39] audit: type=1400 audit(1868017880.660:6584): avc: denied { read } for pid=13047 comm="syz.0.3044" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 159.065063][T13050] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3045'. [ 159.353721][ T5934] Bluetooth: hci2: command tx timeout [ 159.439808][T13083] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3061'. [ 159.452295][ T39] audit: type=1400 audit(1868017881.050:6585): avc: denied { override_creds } for pid=13082 comm="syz.2.3061" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 159.486661][T13089] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3064'. [ 159.899917][T13148] syz.3.3093[13148] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 159.899972][T13148] syz.3.3093[13148] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 159.903373][T13148] syz.3.3093[13148] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 159.938047][T13154] team_slave_0: entered promiscuous mode [ 159.943579][T13154] team_slave_1: entered promiscuous mode [ 159.946688][T13154] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 159.962887][T13154] 8021q: adding VLAN 0 to HW filter on device macvlan3 [ 160.584718][T13213] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3124'. [ 160.589327][T13213] 9pnet_fd: Insufficient options for proto=fd [ 160.640186][T13213] infiniband syz1: set down [ 160.641619][T13213] infiniband syz1: added syzkaller0 [ 160.657883][T13213] RDS/IB: syz1: added [ 160.659129][T13213] smc: adding ib device syz1 with port count 1 [ 160.661295][T13213] smc: ib device syz1 port 1 has pnetid [ 160.759420][T13217] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3125'. [ 160.838265][T13225] netem: unknown loss type 0 [ 160.839814][T13225] netem: change failed [ 160.905694][T13233] pim6reg1: entered promiscuous mode [ 160.907114][T13233] pim6reg1: entered allmulticast mode [ 160.996053][ T45] smc: removing ib device syz1 [ 161.317365][T13255] atomic_op ffff88804fc55198 conn xmit_atomic 0000000000000000 [ 161.434312][ T5934] Bluetooth: hci2: command tx timeout [ 161.564969][T13276] SELinux: Context system_u:object_r:policy_config_t:s0 is not valid (left unmapped). [ 161.601126][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.604719][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.607449][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.610295][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.613102][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.616425][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.618625][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.621242][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.622092][T13282] pim6reg1: entered promiscuous mode [ 161.624574][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.625780][T13282] pim6reg1: entered allmulticast mode [ 161.629022][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.633420][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.637039][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.639142][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.641020][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.642979][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.645415][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.647522][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.650493][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.653484][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.655943][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.658141][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.660210][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.662247][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.664439][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.666456][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.668516][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.670630][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.672759][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.675295][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.677373][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.679377][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.681395][ T5993] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 161.686054][ T5993] hid-generic 0000:0000:0000.0008: hidraw0: HID v0.00 Device [sy] on syz0 [ 162.173500][T13337] Invalid ELF header magic: != ELF [ 162.228859][T13349] syz.2.3188[13349] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 162.228912][T13349] syz.2.3188[13349] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 162.232168][T13349] syz.2.3188[13349] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 162.237348][T13349] netlink: 'syz.2.3188': attribute type 1 has an invalid length. [ 162.244794][T13349] netlink: 83992 bytes leftover after parsing attributes in process `syz.2.3188'. [ 162.552252][T13388] SELinux: syz.0.3206 (13388) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 162.629911][T13396] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3210'. [ 162.801893][T13410] ip6t_rpfilter: unknown options [ 163.077621][T13432] siw: device registration error -23 [ 163.144622][T13444] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3235'. [ 163.211363][T13452] Invalid ELF header magic: != ELF [ 163.235474][T13454] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=4 sclass=netlink_route_socket pid=13454 comm=syz.3.3239 [ 163.435247][T13465] hsr_slave_0 (unregistering): left promiscuous mode [ 163.696264][T13492] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 163.700194][T13492] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 163.703844][T13492] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 163.706852][T13492] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 163.709971][T13492] vxlan0: entered promiscuous mode [ 163.711817][T13492] vxlan0: entered allmulticast mode [ 163.717575][T13492] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 163.720071][T13492] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 163.722385][T13492] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 163.724736][T13492] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 164.172857][ T39] kauditd_printk_skb: 169 callbacks suppressed [ 164.172875][ T39] audit: type=1400 audit(1868017885.770:6755): avc: denied { mount } for pid=13504 comm="syz.0.3260" name="/" dev="configfs" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 164.183680][ T39] audit: type=1400 audit(1868017885.770:6756): avc: denied { search } for pid=13504 comm="syz.0.3260" name="/" dev="configfs" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 164.191972][ T39] audit: type=1400 audit(1868017885.790:6757): avc: denied { unmount } for pid=11690 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 164.258733][T13510] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=13510 comm=syz.1.3262 [ 164.391378][T13519] pim6reg: entered allmulticast mode [ 164.396937][T13519] tmpfs: Bad value for 'mpol' [ 164.397971][ T39] audit: type=1400 audit(1868017886.000:6758): avc: denied { watch } for pid=13520 comm="syz.3.3267" path="/268/file0" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1 [ 164.398692][T13519] pim6reg: left allmulticast mode [ 164.567441][ T39] audit: type=1400 audit(1868017886.170:6759): avc: denied { create } for pid=13536 comm="syz.0.3273" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 164.575737][ T39] audit: type=1400 audit(1868017886.180:6760): avc: denied { write } for pid=13536 comm="syz.0.3273" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 164.591403][ T39] audit: type=1400 audit(1868017886.190:6761): avc: denied { read } for pid=13540 comm="syz.1.3274" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 164.818143][T13570] xt_socket: unknown flags 0x4 [ 164.875172][T13576] netlink: 96 bytes leftover after parsing attributes in process `syz.0.3289'. [ 164.923310][T13583] ALSA: seq fatal error: cannot create timer (-22) [ 165.633003][T13601] pim6reg: entered allmulticast mode [ 165.642357][ T39] audit: type=1400 audit(1868017887.240:6762): avc: denied { getopt } for pid=13600 comm="syz.2.3299" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 165.654871][T13600] pim6reg: left allmulticast mode [ 165.723153][T13602] lo speed is unknown, defaulting to 1000 [ 165.896830][ T39] audit: type=1326 audit(1868017887.500:6763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13611 comm="syz.2.3303" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca1597ff19 code=0x7ffc0000 [ 165.905639][ T39] audit: type=1326 audit(1868017887.500:6764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13611 comm="syz.2.3303" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca1597ff19 code=0x7ffc0000 [ 166.380447][T13637] block device autoloading is deprecated and will be removed. [ 166.380519][T11894] block device autoloading is deprecated and will be removed. [ 167.034506][T13656] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3323'. [ 168.436511][T13715] IPv6: Can't replace route, no match found [ 168.609873][T13737] netlink: 108 bytes leftover after parsing attributes in process `syz.3.3363'. [ 168.612298][T13737] netlink: 108 bytes leftover after parsing attributes in process `syz.3.3363'. [ 168.614939][T13737] netlink: 108 bytes leftover after parsing attributes in process `syz.3.3363'. [ 168.634710][T13737] netlink: 108 bytes leftover after parsing attributes in process `syz.3.3363'. [ 168.637349][T13737] netlink: 108 bytes leftover after parsing attributes in process `syz.3.3363'. [ 168.639826][T13737] netlink: 108 bytes leftover after parsing attributes in process `syz.3.3363'. [ 168.674666][T13751] netlink: 'syz.0.3367': attribute type 1 has an invalid length. [ 168.675895][T13737] netlink: 108 bytes leftover after parsing attributes in process `syz.3.3363'. [ 168.679180][T13737] netlink: 108 bytes leftover after parsing attributes in process `syz.3.3363'. [ 168.681723][T13737] netlink: 108 bytes leftover after parsing attributes in process `syz.3.3363'. [ 168.833478][T13771] lo speed is unknown, defaulting to 1000 [ 169.000362][T13796] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3387'. [ 169.060131][T13801] xt_hashlimit: max too large, truncated to 1048576 [ 169.229694][ T39] kauditd_printk_skb: 93 callbacks suppressed [ 169.229706][ T39] audit: type=1400 audit(1868017890.830:6858): avc: denied { create } for pid=13813 comm="syz.1.3396" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 169.230403][T13814] x_tables: duplicate underflow at hook 1 [ 169.231480][ T39] audit: type=1400 audit(1868017890.830:6859): avc: denied { ioctl } for pid=13813 comm="syz.1.3396" path="socket:[40090]" dev="sockfs" ino=40090 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 169.246726][T13814] relay: one or more items not logged [item size (56) > sub-buffer size (10)] [ 169.289330][ T39] audit: type=1326 audit(1868017890.890:6860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13813 comm="syz.1.3396" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01adb7ff19 code=0x7ffc0000 [ 169.295905][ T39] audit: type=1326 audit(1868017890.890:6861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13813 comm="syz.1.3396" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01adb7ff19 code=0x7ffc0000 [ 169.303898][ T39] audit: type=1326 audit(1868017890.890:6862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13813 comm="syz.1.3396" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f01adb7e880 code=0x7ffc0000 [ 169.310843][ T39] audit: type=1326 audit(1868017890.890:6863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13813 comm="syz.1.3396" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01adb7ff19 code=0x7ffc0000 [ 169.317090][ T39] audit: type=1326 audit(1868017890.890:6864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13813 comm="syz.1.3396" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01adb7ff19 code=0x7ffc0000 [ 169.323413][ T39] audit: type=1326 audit(1868017890.900:6865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13813 comm="syz.1.3396" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f01adb7ff19 code=0x7ffc0000 [ 169.329808][ T39] audit: type=1326 audit(1868017890.900:6866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13813 comm="syz.1.3396" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01adb7ff19 code=0x7ffc0000 [ 169.336110][ T39] audit: type=1326 audit(1868017890.900:6867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13813 comm="syz.1.3396" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01adb7ff19 code=0x7ffc0000 [ 170.592487][T13893] lo speed is unknown, defaulting to 1000 [ 170.826428][T13905] random: crng reseeded on system resumption [ 171.754395][T13974] netlink: 'syz.3.3454': attribute type 13 has an invalid length. [ 171.758088][T13974] macsec0: entered promiscuous mode [ 171.761376][T13974] veth1_macvtap: left promiscuous mode [ 171.774026][T13974] macsec0 (unregistering): left promiscuous mode [ 173.635669][T14073] pim6reg1: entered promiscuous mode [ 173.637262][T14073] pim6reg1: entered allmulticast mode [ 173.664943][T14075] netlink: 'syz.2.3502': attribute type 3 has an invalid length. [ 173.668553][T14075] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 174.072739][T14115] lo speed is unknown, defaulting to 1000 [ 174.234219][ T39] kauditd_printk_skb: 93 callbacks suppressed [ 174.234229][ T39] audit: type=1326 audit(1868017895.840:6961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14120 comm="syz.3.3520" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f543377ff19 code=0x7ffc0000 [ 174.254321][ T39] audit: type=1326 audit(1868017895.840:6962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14120 comm="syz.3.3520" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f543377ff19 code=0x7ffc0000 [ 174.279021][ T39] audit: type=1326 audit(1868017895.840:6963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14120 comm="syz.3.3520" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f543377ff19 code=0x7ffc0000 [ 174.303662][ T39] audit: type=1326 audit(1868017895.850:6964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14120 comm="syz.3.3520" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f543377ff19 code=0x7ffc0000 [ 174.309641][ T39] audit: type=1326 audit(1868017895.850:6965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14120 comm="syz.3.3520" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f543377ff19 code=0x7ffc0000 [ 174.315904][ T39] audit: type=1326 audit(1868017895.850:6966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14120 comm="syz.3.3520" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f543377ff19 code=0x7ffc0000 [ 174.322011][ T39] audit: type=1326 audit(1868017895.860:6967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14120 comm="syz.3.3520" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f543377ff19 code=0x7ffc0000 [ 174.328338][ T39] audit: type=1326 audit(1868017895.870:6968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14120 comm="syz.3.3520" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f543377ff19 code=0x7ffc0000 [ 174.334464][ T39] audit: type=1326 audit(1868017895.870:6969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14120 comm="syz.3.3520" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f543377ff19 code=0x7ffc0000 [ 174.340933][ T39] audit: type=1326 audit(1868017895.870:6970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14120 comm="syz.3.3520" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f543377ff19 code=0x7ffc0000 [ 174.376650][T14131] bridge_slave_0: left allmulticast mode [ 174.378818][T14131] bridge_slave_0: left promiscuous mode [ 174.381918][T14131] bridge0: port 1(bridge_slave_0) entered disabled state [ 174.387692][T14131] bridge_slave_1: left allmulticast mode [ 174.389732][T14131] bridge_slave_1: left promiscuous mode [ 174.391551][T14131] bridge0: port 2(bridge_slave_1) entered disabled state [ 174.399888][T14131] bond0: (slave bond_slave_0): Releasing backup interface [ 174.407091][T14131] bond0: (slave bond_slave_1): Releasing backup interface [ 174.425382][T14131] team0: Port device team_slave_0 removed [ 174.431192][T14131] team0: Port device team_slave_1 removed [ 174.433492][T14131] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 174.436508][T14131] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 174.439603][T14131] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 174.442165][T14131] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 174.550042][T14142] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 174.739656][T14160] pim6reg: entered allmulticast mode [ 174.752215][T14160] tmpfs: Bad value for 'mpol' [ 174.754874][T14160] pim6reg: left allmulticast mode [ 174.872578][T14167] IPv6: Can't replace route, no match found [ 175.029430][T14180] pim6reg: entered allmulticast mode [ 175.038717][T14180] tmpfs: Bad value for 'mpol' [ 175.040336][T14180] pim6reg: left allmulticast mode [ 175.297890][T14211] lo speed is unknown, defaulting to 1000 [ 175.953006][T14231] __nla_validate_parse: 2 callbacks suppressed [ 175.953019][T14231] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3570'. [ 176.067654][T14237] team0: Device ipvlan2 failed to register rx_handler [ 176.422520][T14276] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3590'. [ 176.558595][T14280] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 176.560505][T14280] IPv6: NLM_F_CREATE should be set when creating new route [ 177.108883][T14293] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3597'. [ 177.485605][ T5934] Bluetooth: hci3: unexpected event for opcode 0x1005 [ 177.488784][ T5934] Bluetooth: hci3: unexpected event for opcode 0x1005 [ 177.535741][ T11] Bluetooth: hci4: Frame reassembly failed (-84) [ 179.593725][ T5934] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 179.593831][ T65] Bluetooth: hci4: command 0x1003 tx timeout [ 179.652487][ T39] kauditd_printk_skb: 93 callbacks suppressed [ 179.652503][ T39] audit: type=1400 audit(1868017901.250:7064): avc: denied { write } for pid=14372 comm="syz.3.3623" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 179.658646][T14374] binder: 14372:14374 ioctl 8983 200000c0 returned -22 [ 179.662079][ T39] audit: type=1400 audit(1868017901.260:7065): avc: denied { ioctl } for pid=14372 comm="syz.3.3623" path="/dev/binderfs/binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 179.662106][ T39] audit: type=1400 audit(1868017901.260:7066): avc: denied { set_context_mgr } for pid=14372 comm="syz.3.3623" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 179.662124][ T39] audit: type=1400 audit(1868017901.260:7067): avc: denied { map } for pid=14372 comm="syz.3.3623" path="/dev/binderfs/binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 179.662144][ T39] audit: type=1400 audit(1868017901.260:7068): avc: denied { call } for pid=14372 comm="syz.3.3623" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 179.695005][ T39] audit: type=1400 audit(1868017901.260:7069): avc: denied { transfer } for pid=14372 comm="syz.3.3623" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 180.157218][T14390] block nbd1: not configured, cannot reconfigure [ 180.173680][ T39] audit: type=1400 audit(1868017901.770:7070): avc: denied { write } for pid=14389 comm="syz.1.3629" name="/" dev="9p" ino=38535243 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 180.177274][T14390] overlay: ./file0 is not a directory [ 180.180846][ T39] audit: type=1400 audit(1868017901.770:7071): avc: denied { add_name } for pid=14389 comm="syz.1.3629" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 180.189152][ T39] audit: type=1400 audit(1868017901.780:7072): avc: denied { create } for pid=14389 comm="syz.1.3629" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 180.194527][ T39] audit: type=1400 audit(1868017901.780:7073): avc: denied { associate } for pid=14389 comm="syz.1.3629" name="bus" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 180.205077][T14390] overlay: ./file0 is not a directory [ 180.276443][T14398] xt_hashlimit: size too large, truncated to 1048576 [ 180.331263][T14405] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3634'. [ 180.382116][T14407] SELinux: syz.1.3636 (14407) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 180.971935][T14419] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3640'. [ 181.169169][T14435] netlink: 128 bytes leftover after parsing attributes in process `syz.1.3645'. [ 181.219877][T14440] openvswitch: netlink: IP tunnel dst address not specified [ 181.230411][T14442] sp0: Synchronizing with TNC [ 181.804855][T14466] binder: 14465:14466 ioctl c0306201 20000580 returned -14 [ 181.843796][T14473] netlink: 'syz.3.3660': attribute type 32 has an invalid length. [ 181.847020][T14473] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3660'. [ 181.853915][T14473] (unnamed net_device) (uninitialized): option coupled_control: invalid value (47) [ 181.880279][T14475] (syz.0.3662,14475,3):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options [ 181.883675][T14475] (syz.0.3662,14475,3):ocfs2_fill_super:1178 ERROR: status = -22 [ 181.916622][T14477] random: crng reseeded on system resumption [ 182.282131][T14505] xt_hashlimit: size too large, truncated to 1048576 [ 182.340617][T14515] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 182.389598][T14513] ======================================================= [ 182.389598][T14513] WARNING: The mand mount option has been deprecated and [ 182.389598][T14513] and is ignored by this kernel. Remove the mand [ 182.389598][T14513] option from the mount to silence this warning. [ 182.389598][T14513] ======================================================= [ 182.404957][T14524] netlink: 'syz.3.3676': attribute type 1 has an invalid length. [ 182.555038][T14534] delete_channel: no stack [ 182.776967][T14556] netlink: 'syz.1.3685': attribute type 10 has an invalid length. [ 182.785010][T14556] team0: Port device netdevsim0 added [ 182.982157][T14568] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 183.050322][T14570] netlink: 92 bytes leftover after parsing attributes in process `syz.1.3689'. [ 183.062021][T14570] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 183.069322][T14570] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 183.073174][T14570] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 183.082892][T14570] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 183.164281][T14575] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 183.291763][T14580] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3692'. [ 183.295318][T14580] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3692'. [ 183.298924][T14580] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3692'. [ 183.583153][T14597] netlink: 'syz.1.3697': attribute type 49 has an invalid length. [ 183.665808][T14601] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3698'. [ 183.713838][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 183.889403][T14608] trusted_key: encrypted_key: keyword 'update' not allowed when called from .instantiate method [ 183.896000][T14608] 9pnet_fd: Insufficient options for proto=fd [ 184.028611][T14635] xt_hashlimit: size too large, truncated to 1048576 [ 184.141722][T14640] warning: `syz.1.3710' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 184.464161][T11093] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 184.633711][T11093] usb 6-1: Using ep0 maxpacket: 8 [ 184.641400][T11093] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 184.645261][T11093] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 184.648390][T11093] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 184.652000][T11093] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 184.661672][T11093] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 184.665272][T11093] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 184.676305][T11093] hub 6-1:1.0: bad descriptor, ignoring hub [ 184.677998][T11093] hub 6-1:1.0: probe with driver hub failed with error -5 [ 184.680247][T11093] cdc_wdm 6-1:1.0: skipping garbage [ 184.681691][T11093] cdc_wdm 6-1:1.0: skipping garbage [ 184.691797][T11093] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 184.693922][T11093] cdc_wdm 6-1:1.0: Unknown control protocol [ 185.344214][T11093] usb 6-1: USB disconnect, device number 19 [ 185.344805][T14645] cdc_wdm 6-1:1.0: Error autopm - -16 [ 185.493733][T11093] usb 6-1: new low-speed USB device number 20 using dummy_hcd [ 185.653626][T11093] usb 6-1: Invalid ep0 maxpacket: 64 [ 185.793697][T11093] usb 6-1: new low-speed USB device number 21 using dummy_hcd [ 185.963633][T11093] usb 6-1: Invalid ep0 maxpacket: 64 [ 185.970052][T11093] usb usb6-port1: attempt power cycle [ 186.305716][T14678] tmpfs: Unknown parameter '' [ 186.314004][T11093] usb 6-1: new low-speed USB device number 22 using dummy_hcd [ 186.334949][T11093] usb 6-1: Invalid ep0 maxpacket: 64 [ 186.485899][T11093] usb 6-1: new low-speed USB device number 23 using dummy_hcd [ 186.517478][T14689] sctp: [Deprecated]: syz.3.3727 (pid 14689) Use of int in maxseg socket option. [ 186.517478][T14689] Use struct sctp_assoc_value instead [ 186.524006][T11093] usb 6-1: Invalid ep0 maxpacket: 64 [ 186.526300][T11093] usb usb6-port1: unable to enumerate USB device [ 186.550856][T14691] pim6reg1: entered promiscuous mode [ 186.552304][T14691] pim6reg1: entered allmulticast mode [ 186.558128][ T39] kauditd_printk_skb: 121 callbacks suppressed [ 186.558146][ T39] audit: type=1400 audit(1868017908.160:7195): avc: denied { listen } for pid=14690 comm="syz.0.3728" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 186.614855][T14700] tipc: Started in network mode [ 186.617019][T14700] tipc: Node identity 4, cluster identity 4711 [ 186.619263][T14700] tipc: Node number set to 4 [ 186.667287][T14704] netlink: 'syz.0.3733': attribute type 3 has an invalid length. [ 186.670071][T14704] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3733'. [ 186.799972][ T39] audit: type=1400 audit(1868017908.400:7196): avc: denied { getopt } for pid=14708 comm="syz.2.3735" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 186.800987][T14709] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3735'. [ 186.807253][T14709] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3735'. [ 187.027963][ T39] audit: type=1400 audit(1868017908.630:7197): avc: denied { read } for pid=14720 comm="syz.2.3740" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 187.519944][T14738] trusted_key: syz.3.3744 sent an empty control message without MSG_MORE. [ 187.614941][T14743] @: renamed from vlan0 (while UP) [ 187.619247][ T39] audit: type=1400 audit(1868017909.220:7198): avc: denied { map } for pid=14742 comm="syz.1.3746" path="/proc/602/net/vlan/vlan0" dev="proc" ino=4026534630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 187.853751][ T72] usb 6-1: new high-speed USB device number 24 using dummy_hcd [ 187.931697][ T39] audit: type=1400 audit(1868017909.530:7199): avc: denied { wake_alarm } for pid=14746 comm="syz.2.3748" capability=35 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 187.976664][T14750] netlink: 'syz.2.3750': attribute type 10 has an invalid length. [ 187.986693][T14750] team0: Device hsr_slave_0 failed to register rx_handler [ 188.005832][ T72] usb 6-1: Using ep0 maxpacket: 16 [ 188.011153][ T72] usb 6-1: config 1 interface 0 altsetting 10 endpoint 0x2 has an invalid bInterval 204, changing to 11 [ 188.014152][ T72] usb 6-1: config 1 interface 0 has no altsetting 0 [ 188.017575][ T72] usb 6-1: New USB device found, idVendor=0079, idProduct=0006, bcdDevice= 0.40 [ 188.020243][ T72] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 188.022260][ T72] usb 6-1: Product: syz [ 188.023388][ T72] usb 6-1: Manufacturer: syz [ 188.024893][ T72] usb 6-1: SerialNumber: syz [ 188.028529][T14750] netlink: 'syz.2.3750': attribute type 10 has an invalid length. [ 188.080494][T14754] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3749'. [ 188.163867][T14750] team0: Device hsr_slave_0 failed to register rx_handler [ 188.214404][T14757] syzkaller0: entered promiscuous mode [ 188.215906][T14757] syzkaller0: entered allmulticast mode [ 188.225146][T14757] syzkaller0: create flow: hash 854932146 index 1 [ 188.289030][T14757] syzkaller0: delete flow: hash 854932146 index 1 [ 188.442868][ T72] usbhid 6-1:1.0: can't add hid device: -71 [ 188.445230][ T72] usbhid 6-1:1.0: probe with driver usbhid failed with error -71 [ 188.448663][ T72] usb 6-1: USB disconnect, device number 24 [ 189.132655][ T39] audit: type=1400 audit(1868017910.730:7200): avc: denied { setopt } for pid=14770 comm="syz.0.3755" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 189.137841][ T39] audit: type=1400 audit(1868017910.730:7201): avc: denied { write } for pid=14770 comm="syz.0.3755" path="socket:[45184]" dev="sockfs" ino=45184 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 190.246718][T14771] netlink: 'syz.0.3755': attribute type 11 has an invalid length. [ 190.387568][T14792] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3762'. [ 190.390055][T14792] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3762'. [ 190.466292][T14800] netlink: 'syz.2.3766': attribute type 10 has an invalid length. [ 190.468584][ T39] audit: type=1400 audit(1868017912.070:7202): avc: denied { create } for pid=14799 comm="syz.2.3766" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 190.481575][ T39] audit: type=1400 audit(1868017912.070:7203): avc: denied { shutdown } for pid=14799 comm="syz.2.3766" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 190.491828][T14800] bond0: (slave netdevsim0): no link monitoring support [ 190.497530][T14800] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 190.720052][ T39] audit: type=1400 audit(1868017912.320:7204): avc: denied { map } for pid=14812 comm="syz.2.3769" path="/dev/dri/card0" dev="devtmpfs" ino=635 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 190.787254][T14818] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3770'. [ 190.861943][T14823] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 190.864697][T14823] overlayfs: failed to set xattr on upper [ 190.866543][T14823] overlayfs: ...falling back to redirect_dir=nofollow. [ 190.868850][T14823] overlayfs: ...falling back to index=off. [ 190.870841][T14823] overlayfs: ...falling back to uuid=null. [ 190.888541][T14823] input: syz0 as /devices/virtual/input/input7 [ 190.935334][T14824] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3771'. [ 190.937720][T14824] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3771'. [ 190.940494][T14824] netlink: 'syz.3.3771': attribute type 12 has an invalid length. [ 191.203805][T14826] netdevsim netdevsim1: Firmware load for './cgroup/../file0' refused, path contains '..' component [ 191.253687][T14831] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3774'. [ 191.342146][T14846] bridge1: entered promiscuous mode [ 191.592088][ T39] kauditd_printk_skb: 13 callbacks suppressed [ 191.592100][ T39] audit: type=1400 audit(1868017913.190:7218): avc: denied { mount } for pid=14873 comm="syz.3.3790" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1 [ 191.612094][ T39] audit: type=1400 audit(1868017913.210:7219): avc: denied { unmount } for pid=10994 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1 [ 191.833721][ T1464] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 191.967954][ T39] audit: type=1400 audit(1868017913.570:7220): avc: denied { setopt } for pid=14890 comm="syz.3.3794" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 191.984279][ T1464] usb 7-1: Using ep0 maxpacket: 16 [ 191.993947][ T1464] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 191.997715][ T1464] usb 7-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00 [ 192.000805][ T1464] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 192.012922][ T1464] usb 7-1: config 0 descriptor?? [ 192.287319][ T39] audit: type=1400 audit(1868017913.890:7221): avc: denied { read } for pid=14900 comm="syz.0.3798" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 192.304045][T14903] Bluetooth: MGMT ver 1.23 [ 192.307532][ T39] audit: type=1400 audit(1868017913.910:7222): avc: denied { accept } for pid=14898 comm="syz.1.3797" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 192.313960][ T39] audit: type=1400 audit(1868017913.920:7223): avc: denied { read } for pid=14898 comm="syz.1.3797" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 192.342623][T14901] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 192.346058][T14901] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 192.348971][T14901] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 192.351164][T14901] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 192.355081][T14901] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 192.359808][T14901] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 192.361979][T14901] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 192.369681][T14901] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 192.377527][ T39] audit: type=1400 audit(1868017913.980:7224): avc: denied { ioctl } for pid=14898 comm="syz.1.3797" path="socket:[44444]" dev="sockfs" ino=44444 ioctlcmd=0x8915 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 192.378510][T14899] netlink: 'syz.1.3797': attribute type 10 has an invalid length. [ 192.424380][ T1464] hid-steam 0003:28DE:1102.0009: unknown main item tag 0x0 [ 192.427090][ T1464] hid-steam 0003:28DE:1102.0009: unknown main item tag 0x0 [ 192.432053][ T1464] hid-steam 0003:28DE:1102.0009: : USB HID v0.00 Device [HID 28de:1102] on usb-dummy_hcd.2-1/input0 [ 192.503419][ T39] audit: type=1400 audit(1868017914.100:7225): avc: denied { bind } for pid=14906 comm="syz.0.3799" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 192.511989][ T1464] hid-steam 0003:28DE:1102.0009: Steam Controller 'XXXXXXXXXX' connected [ 192.516854][ T1464] input: Steam Controller as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:28DE:1102.0009/input/input8 [ 192.539769][ T1464] hid-steam 0003:28DE:1102.000A: unknown main item tag 0x0 [ 192.542457][ T1464] hid-steam 0003:28DE:1102.000A: unknown main item tag 0x0 [ 192.555735][ T1464] hid-steam 0003:28DE:1102.000A: hidraw0: USB HID v0.00 Device [HID 28de:1102] on usb-dummy_hcd.2-1/input0 [ 192.568678][T14909] [ 192.569560][T14909] ====================================================== [ 192.572207][T14909] WARNING: possible circular locking dependency detected [ 192.574256][T14909] 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0 Not tainted [ 192.577206][T14909] ------------------------------------------------------ [ 192.580447][T14909] syz.0.3799/14909 is trying to acquire lock: [ 192.582131][T14909] ffff8880536c32c0 (&dev->mutex#2){+.+.}-{4:4}, at: __input_unregister_device+0x24/0x450 [ 192.585489][T14909] [ 192.585489][T14909] but task is already holding lock: [ 192.588426][T14909] ffff88805f6bde20 (&hdev->ll_open_lock){+.+.}-{4:4}, at: hid_hw_open+0x25/0x170 [ 192.592260][T14909] [ 192.592260][T14909] which lock already depends on the new lock. [ 192.592260][T14909] [ 192.595948][T14909] [ 192.595948][T14909] the existing dependency chain (in reverse order) is: [ 192.598477][T14909] [ 192.598477][T14909] -> #1 (&hdev->ll_open_lock){+.+.}-{4:4}: [ 192.600463][T14909] __mutex_lock+0x19b/0xa60 [ 192.601741][T14909] hid_hw_open+0x25/0x170 [ 192.602968][T14909] input_open_device+0x22c/0x390 [ 192.604391][T14909] evdev_open+0x52d/0x690 [ 192.605601][T14909] chrdev_open+0x237/0x6a0 [ 192.606856][T14909] do_dentry_open+0xf59/0x1ea0 [ 192.608284][T14909] vfs_open+0x82/0x3f0 [ 192.609449][T14909] path_openat+0x1e6a/0x2d60 [ 192.610732][T14909] do_filp_open+0x20c/0x470 [ 192.612020][T14909] do_sys_openat2+0x17a/0x1e0 [ 192.613551][T14909] __x64_sys_openat+0x175/0x210 [ 192.615092][T14909] do_syscall_64+0xcd/0x250 [ 192.616397][T14909] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 192.618056][T14909] [ 192.618056][T14909] -> #0 (&dev->mutex#2){+.+.}-{4:4}: [ 192.620315][T14909] __lock_acquire+0x249e/0x3c40 [ 192.621321][ T72] usb 7-1: USB disconnect, device number 8 [ 192.622103][T14909] lock_acquire.part.0+0x11b/0x380 [ 192.625885][T14909] __mutex_lock+0x19b/0xa60 [ 192.627312][T14909] __input_unregister_device+0x24/0x450 [ 192.628859][T14909] input_unregister_device+0xb9/0x100 [ 192.630346][T14909] steam_input_unregister+0x10c/0x2c0 [ 192.631830][T14909] steam_client_ll_open+0xc9/0x100 [ 192.633259][T14909] hid_hw_open+0xe2/0x170 [ 192.634497][T14909] hidraw_open+0x274/0x7e0 [ 192.635736][T14909] chrdev_open+0x237/0x6a0 [ 192.636966][T14909] do_dentry_open+0xf59/0x1ea0 [ 192.638314][T14909] vfs_open+0x82/0x3f0 [ 192.639487][T14909] path_openat+0x1e6a/0x2d60 [ 192.640923][T14909] do_filp_open+0x20c/0x470 [ 192.642222][T14909] do_sys_openat2+0x17a/0x1e0 [ 192.643527][T14909] __x64_sys_openat+0x175/0x210 [ 192.644896][T14909] do_syscall_64+0xcd/0x250 [ 192.646154][T14909] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 192.647781][T14909] [ 192.647781][T14909] other info that might help us debug this: [ 192.647781][T14909] [ 192.650810][T14909] Possible unsafe locking scenario: [ 192.650810][T14909] [ 192.652962][T14909] CPU0 CPU1 [ 192.654496][T14909] ---- ---- [ 192.656081][T14909] lock(&hdev->ll_open_lock); [ 192.657528][T14909] lock(&dev->mutex#2); [ 192.659415][T14909] lock(&hdev->ll_open_lock); [ 192.661219][T14909] lock(&dev->mutex#2); [ 192.662294][T14909] [ 192.662294][T14909] *** DEADLOCK *** [ 192.662294][T14909] [ 192.664344][T14909] 2 locks held by syz.0.3799/14909: [ 192.665669][T14909] #0: ffffffff8fc3d450 (minors_rwsem){+.+.}-{4:4}, at: hidraw_open+0xa6/0x7e0 [ 192.668223][T14909] #1: ffff88805f6bde20 (&hdev->ll_open_lock){+.+.}-{4:4}, at: hid_hw_open+0x25/0x170 [ 192.670880][T14909] [ 192.670880][T14909] stack backtrace: [ 192.672817][T14909] CPU: 1 UID: 0 PID: 14909 Comm: syz.0.3799 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0 [ 192.676138][T14909] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 192.678798][T14909] Call Trace: [ 192.679650][T14909] [ 192.680419][T14909] dump_stack_lvl+0x116/0x1f0 [ 192.681609][T14909] print_circular_bug+0x419/0x5d0 [ 192.682857][T14909] check_noncircular+0x31a/0x400 [ 192.684086][T14909] ? __pfx_check_noncircular+0x10/0x10 [ 192.685435][T14909] ? __pfx_mark_lock+0x10/0x10 [ 192.686730][T14909] ? lockdep_lock+0xc6/0x200 [ 192.687927][T14909] ? __pfx_lockdep_lock+0x10/0x10 [ 192.689195][T14909] __lock_acquire+0x249e/0x3c40 [ 192.690416][T14909] ? __pfx___lock_acquire+0x10/0x10 [ 192.691862][T14909] ? find_held_lock+0x2d/0x110 [ 192.693211][T14909] lock_acquire.part.0+0x11b/0x380 [ 192.694677][T14909] ? __input_unregister_device+0x24/0x450 [ 192.696259][T14909] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 192.697816][T14909] ? rcu_is_watching+0x12/0xc0 [ 192.699070][T14909] ? trace_lock_acquire+0x14e/0x1f0 [ 192.700429][T14909] ? __input_unregister_device+0x24/0x450 [ 192.701894][T14909] ? lock_acquire+0x2f/0xb0 [ 192.703082][T14909] ? __input_unregister_device+0x24/0x450 [ 192.704691][T14909] __mutex_lock+0x19b/0xa60 [ 192.706301][T14909] ? __input_unregister_device+0x24/0x450 [ 192.708210][T14909] ? __input_unregister_device+0x24/0x450 [ 192.710093][T14909] ? __pfx___mutex_lock+0x10/0x10 [ 192.711591][T14909] ? synchronize_rcu_expedited+0x424/0x450 [ 192.713160][T14909] ? __pfx_autoremove_wake_function+0x10/0x10 [ 192.714811][T14909] ? __pfx_lock_release+0x10/0x10 [ 192.716176][T14909] ? __input_unregister_device+0x24/0x450 [ 192.717830][T14909] __input_unregister_device+0x24/0x450 [ 192.719215][T14909] input_unregister_device+0xb9/0x100 [ 192.720567][T14909] steam_input_unregister+0x10c/0x2c0 [ 192.721966][T14909] steam_client_ll_open+0xc9/0x100 [ 192.723289][T14909] hid_hw_open+0xe2/0x170 [ 192.724422][T14909] hidraw_open+0x274/0x7e0 [ 192.725621][T14909] ? __pfx_hidraw_open+0x10/0x10 [ 192.727088][T14909] chrdev_open+0x237/0x6a0 [ 192.728338][T14909] ? __pfx_chrdev_open+0x10/0x10 [ 192.730003][T14909] do_dentry_open+0xf59/0x1ea0 [ 192.731340][T14909] ? __pfx_chrdev_open+0x10/0x10 [ 192.732915][T14909] ? inode_permission+0xdd/0x5f0 [ 192.734375][T14909] vfs_open+0x82/0x3f0 [ 192.735608][T14909] ? may_open+0x1f2/0x400 [ 192.736777][T14909] path_openat+0x1e6a/0x2d60 [ 192.738016][T14909] ? __pfx_path_openat+0x10/0x10 [ 192.739333][T14909] ? __pfx___lock_acquire+0x10/0x10 [ 192.740657][T14909] ? lock_acquire.part.0+0x11b/0x380 [ 192.742008][T14909] ? find_held_lock+0x2d/0x110 [ 192.743270][T14909] do_filp_open+0x20c/0x470 [ 192.744445][T14909] ? __pfx_do_filp_open+0x10/0x10 [ 192.746022][T14909] ? find_held_lock+0x2d/0x110 [ 192.747270][T14909] ? alloc_fd+0x41f/0x760 [ 192.748569][T14909] do_sys_openat2+0x17a/0x1e0 [ 192.749892][T14909] ? __pfx_do_sys_openat2+0x10/0x10 [ 192.751400][T14909] ? __local_bh_enable_ip+0xa4/0x120 [ 192.752905][T14909] __x64_sys_openat+0x175/0x210 [ 192.754226][T14909] ? __pfx___x64_sys_openat+0x10/0x10 [ 192.755652][T14909] do_syscall_64+0xcd/0x250 [ 192.757198][T14909] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 192.758972][T14909] RIP: 0033:0x7f7fe0b7e880 [ 192.760142][T14909] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 192.764867][T14909] RSP: 002b:00007f7fe1907b90 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 192.767163][T14909] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f7fe0b7e880 [ 192.769517][T14909] RDX: 0000000000000000 RSI: 00007f7fe1907c30 RDI: 00000000ffffff9c [ 192.772199][T14909] RBP: 00007f7fe1907c30 R08: 0000000000000000 R09: 0023776172646968 [ 192.774800][T14909] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 192.776935][T14909] R13: 0000000000000000 R14: 00007f7fe0d46080 R15: 00007ffeb54d6448 [ 192.779280][T14909] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 192.782990][ T39] audit: type=1400 audit(1868017914.380:7226): avc: denied { write } for pid=5915 comm="syz-executor" path="pipe:[3818]" dev="pipefs" ino=3818 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 192.806833][ T72] input: Steam Controller as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:28DE:1102.0009/input/input9 [ 192.861434][ T72] hid-steam 0003:28DE:1102.0009: Steam Controller 'XXXXXXXXXX' disconnected [ 193.081089][ T74] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.239339][ T74] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.308572][ T74] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.396516][ T74] bond0: (slave netdevsim0): Releasing backup interface [ 193.400158][ T74] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.466363][ T74] bridge_slave_1: left allmulticast mode [ 193.468405][ T74] bridge_slave_1: left promiscuous mode [ 193.470866][ T74] bridge0: port 2(bridge_slave_1) entered disabled state [ 193.476685][ T74] bridge_slave_0: left allmulticast mode [ 193.478720][ T74] bridge_slave_0: left promiscuous mode [ 193.480744][ T74] bridge0: port 1(bridge_slave_0) entered disabled state [ 193.622621][ T74] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 193.627193][ T74] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 193.631104][ T74] bond0 (unregistering): Released all slaves [ 193.707005][ T74] tipc: Left network mode [ 193.911161][ T74] hsr_slave_0: left promiscuous mode [ 193.913995][ T74] hsr_slave_1: left promiscuous mode [ 193.916688][ T74] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 193.919470][ T74] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 193.923149][ T74] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 193.926375][ T74] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 193.931475][ T74] team_slave_0: left promiscuous mode [ 193.933387][ T74] team_slave_1: left promiscuous mode [ 193.935357][ T74] veth1_macvtap: left promiscuous mode [ 193.937261][ T74] veth0_macvtap: left promiscuous mode [ 193.939269][ T74] veth1_vlan: left promiscuous mode [ 193.941277][ T74] veth0_vlan: left promiscuous mode [ 194.311784][ T74] team0 (unregistering): Port device team_slave_1 removed [ 194.367990][ T74] team0 (unregistering): Port device team_slave_0 removed [ 195.015704][ T74] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.086918][ T74] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.179704][ T74] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.244594][ T74] team0: Port device netdevsim0 removed [ 195.247264][ T74] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.318188][ T74] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.376214][ T74] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.451528][ T39] audit: type=1400 audit(1868017917.050:7227): avc: denied { sys_chroot } for pid=14971 comm="dhcpcd" capability=18 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1 [ 195.452107][ T74] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.496951][ T74] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.559558][ T74] bridge_slave_1: left allmulticast mode [ 195.561277][ T74] bridge_slave_1: left promiscuous mode [ 195.562864][ T74] bridge0: port 2(bridge_slave_1) entered disabled state [ 195.567646][ T74] bridge_slave_0: left allmulticast mode [ 195.569601][ T74] bridge_slave_0: left promiscuous mode [ 195.571589][ T74] bridge0: port 1(bridge_slave_0) entered disabled state [ 195.575646][ T74] bridge_slave_1: left allmulticast mode [ 195.577570][ T74] bridge_slave_1: left promiscuous mode [ 195.579571][ T74] bridge0: port 2(bridge_slave_1) entered disabled state [ 195.583054][ T74] bridge_slave_0: left allmulticast mode [ 195.585746][ T74] bridge_slave_0: left promiscuous mode [ 195.587807][ T74] bridge0: port 1(bridge_slave_0) entered disabled state [ 195.856689][ T74] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 195.859968][ T74] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 195.863014][ T74] bond0 (unregistering): Released all slaves [ 195.869081][ T74] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 195.872256][ T74] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 195.875274][ T74] bond0 (unregistering): Released all slaves [ 196.310302][ T74] hsr_slave_0: left promiscuous mode [ 196.312433][ T74] hsr_slave_1: left promiscuous mode [ 196.316552][ T74] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 196.318944][ T74] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 196.321844][ T74] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 196.324840][ T74] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 196.329501][ T74] hsr_slave_0: left promiscuous mode [ 196.331624][ T74] hsr_slave_1: left promiscuous mode [ 196.333279][ T74] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 196.335454][ T74] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 196.337667][ T74] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 196.339971][ T74] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 196.344812][ T74] veth1_macvtap: left promiscuous mode [ 196.346421][ T74] veth0_macvtap: left promiscuous mode [ 196.347952][ T74] veth1_vlan: left promiscuous mode [ 196.349242][ T74] veth0_vlan: left promiscuous mode [ 196.351454][ T74] veth1_macvtap: left promiscuous mode [ 196.352871][ T74] veth0_macvtap: left promiscuous mode [ 196.354776][ T74] veth1_vlan: left promiscuous mode [ 196.356231][ T74] veth0_vlan: left promiscuous mode [ 196.620356][ T74] team0 (unregistering): Port device team_slave_1 removed [ 196.693410][ T74] team0 (unregistering): Port device team_slave_0 removed [ 197.144469][ T74] team0 (unregistering): Port device team_slave_1 removed [ 197.205619][ T74] team0 (unregistering): Port device team_slave_0 removed VM DIAGNOSIS: 02:27:06 Registers: info registers vcpu 0 CPU#0 RAX=00000000001b16b4 RBX=0000000000000000 RCX=ffffffff8b28e679 RDX=ffffed100d4c6fee RSI=ffffffff8bd1d200 RDI=ffffffff81708549 RBP=fffffbfff1bd2ef8 RSP=ffffffff8de07e20 R8 =0000000000000000 R9 =ffffed100d4c6fed R10=ffff88806a637f6b R11=0000000000000000 R12=0000000000000000 R13=ffffffff8de977c0 R14=ffffffff905f15d0 R15=0000000000000000 RIP=ffffffff8b28fa5f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020002300 CR3=0000000053ffe000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7fe0bf4c42 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7fe0bf4c4f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7fe0bf4c49 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7fe0bf4c5d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7fe0bf4ce3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7fe0bf4dc1 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7fe0d1a488 00007f7fe0d1a480 00007f7fe0d1a478 00007f7fe0d1a450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7fe187d100 00007f7fe0d1a440 00007f7fe0d10004 0008000f0010000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7fe0d1a498 00007f7fe0d1a490 00007f7fe0d1a488 00007f7fe0d1a480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 386edbbfda0e5c39 61dd40949c204141 e8615c8638624151 b17071d33b3cd9dc ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a349d2fd3cb59bc e5ff6973ebbb578c 94205a74a0c95b1e 43a89a1d208954ab ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2b4b047d8de97000 0000000000000000 0000000000000000 0000000000010000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4672ec41466d956d 51e354511d60443d 3d2e1f69511ac667 197931973533fa8b ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 35f5f7718f9e422c 71f986da166b1b27 e5980800c51cb23c e140ce6ea8a4210b ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000035 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff851b9525 RDI=ffffffff9ab0ac20 RBP=ffffffff9ab0abe0 RSP=ffffc90004926e48 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d R12=0000000000000000 R13=0000000000000035 R14=ffffffff851b94c0 R15=0000000000000000 RIP=ffffffff851b954f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007f7fe19086c0 ffffffff 00c00000 GS =0000 ffff88806a700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f7fe1906f40 CR3=0000000053ffe000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f54337f4c42 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f54337f4c4f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f54337f4c49 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f54337f4c5d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f54337f4ce3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f54337f4dc1 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f543391a488 00007f543391a480 00007f543391a478 00007f543391a450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f543447d100 00007f543391a440 00007f5433910004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f543391a498 00007f543391a490 00007f543391a488 00007f543391a480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000001 RBX=1ffff9200080bf00 RCX=ffffffff8176a9e9 RDX=0000000000000000 RSI=ffffffff8bd1d200 RDI=ffffffff8da74bf0 RBP=0000000000000002 RSP=ffffc9000405f7e0 R8 =0000000000000000 R9 =fffffbfff20be2ba R10=ffffffff905f15d7 R11=00000000000a4001 R12=ffff8880267dc6b0 R13=0000000000200000 R14=0000000000000000 R15=ffff888033ca8000 RIP=ffffffff817f8e43 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fb942cb1280 ffffffff 00c00000 GS =0000 ffff88806a800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f7fe0ba7cb0 CR3=000000001cac4000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000004080 Opmask01=0000000000000000 Opmask02=00000000fffeff7f Opmask03=2040000404420020 Opmask04=00000000ffffffff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdc1d06780 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000ff0000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000ff00000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 413030302e323031 313a454438323a33 3030302f302e303a 312d372f312d372f ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 30302e323031313a 454438323a333030 302f302e303a312d 372f312d372f3762 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f4a414d0018454d 414e564544001858 45444e4946490018 4550595456454400 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 302c302c30302c30 2c00000000003030 2c423130302c4131 3000000000323230 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 26262c2c262c2630 2600000000002c30 26332c3026263331 2600000000323230 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 263b3838263a3838 263b3f3b263a3f3b 264f393b264e393b 2649393b2648393b ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a263b383a3a263a 383a3a26493b3a3a 26483b3a3a264b3b 3a0a0a0a007d6c79 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 info registers vcpu 3 CPU#3 RAX=ffffffff90f07048 RBX=ffffffff906ee988 RCX=dffffc0000000000 RDX=1ffffffff20ddd31 RSI=0000000000000000 RDI=ffffffff906ee97c RBP=ffffffff906ee97c RSP=ffffc90003bcf868 R8 =ffffffff90f07072 R9 =ffffffff90f166b8 R10=ffffc90003bcf968 R11=000000000000406d R12=ffffffff906ee994 R13=ffffffff81406d43 R14=ffffffff906ee97c R15=ffffffff906ee97c RIP=ffffffff81493590 RFL=00000a02 [-O-----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fb942cb1280 ffffffff 00c00000 GS =0000 ffff88806a900000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000056100b70ff98 CR3=0000000030cd4000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000004080 Opmask01=0000000000000000 Opmask02=00000000bfdfdfdf Opmask03=2040000404420020 Opmask04=00000000ffffffff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4b5f5455504e495f 4449006b636f6c62 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdc1d0aa00 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 ffff000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000ff0000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f5e 2f2f58495c43031b ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 42031e031f2f4a5c 5a4042025b414a59 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f00534b4e494c56 454400454d414e56 4544005845444e49 464900524f4e494d ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6f742079617272 6120656c75722079 7261726f706d6574 002a3f005b3f2a00 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a4a51055c445757 440540495057055c 5744574a55484051 000f1a005b1a0f00 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3031313a45443832 3a333030302f302e 303a312d372f312d 372f376273752f32 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7261742f78756e69 6c65732f6374652f 0000000000000041 0000413030302e32 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000056100b6d0d20 00007fb942e60250 00000000000085a1 0000003077617264 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a263b383a3a263a 383a3a26493b3a3a 26483b3a3a264b3b 3a0a00307f617930 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020