last executing test programs: 10m15.140761632s ago: executing program 1 (id=4818): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000500)="d8000000100081044e81f782db44b904021d006a0f000000e8fe55a1290015000600142603600e120900040044000000a80016000a0003402e60000000000000b94dcf5c0461c1d67f6f94007134cf6ee0800108e8d8ef52a985162f7ce06bbace80170000000000000000090000001fb791643a5ee4d9d3220a7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e97010000000000000000a9b7", 0xd8}], 0x1}, 0x4040) 10m8.03361419s ago: executing program 1 (id=4842): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000094c0)=ANY=[@ANYBLOB="8c45000043000701feff416ec366166e0314000004004580744501"], 0x458c}, 0x1, 0x0, 0x0, 0xc004}, 0xc000) 10m6.583699633s ago: executing program 1 (id=4848): mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mount$9p_virtio(&(0x7f0000000040), &(0x7f0000000100)='./file1\x00', &(0x7f0000000080), 0x42, &(0x7f0000000000)={'trans=virtio,', {[{@access_uid}]}}) 10m5.191270428s ago: executing program 1 (id=4865): r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2) write$binfmt_aout(r0, &(0x7f0000000100)=ANY=[], 0xc8) 9m52.159760009s ago: executing program 1 (id=4886): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0) ioctl$DRM_IOCTL_VERSION(r0, 0xc0406441, &(0x7f00000000c0)={0x6cc, 0x0, 0x10005, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0}) 9m44.779668729s ago: executing program 1 (id=4889): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000080)=@assoc_value={0x0, 0x8}, 0x8) 9m31.827970798s ago: executing program 32 (id=4887): r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0) ioctl$SIOCAX25DELFWD(r0, 0x89eb, &(0x7f0000000780)={@default, @null}) 9m26.298707259s ago: executing program 33 (id=4888): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@updsa={0x104, 0x10, 0x1, 0x0, 0x0, {{@in=@broadcast, @in=@loopback}, {@in=@local, 0x0, 0x2b}, @in=@private, {}, {}, {}, 0x0, 0x0, 0xa, 0x4, 0x0, 0x42}, [@coaddr={0x14, 0xe, @in6=@private0}]}, 0x104}}, 0x0) 9m26.075149837s ago: executing program 34 (id=4890): r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) setsockopt$netrom_NETROM_N2(r0, 0x103, 0x3, &(0x7f0000000040)=0x1, 0x4) 9m23.639297734s ago: executing program 35 (id=4889): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000080)=@assoc_value={0x0, 0x8}, 0x8) 5m18.948950097s ago: executing program 7 (id=5298): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_int(r0, 0x0, 0x33, &(0x7f0000000040)=0x8001, 0x4) listen(r0, 0xf63f) 5m18.948644417s ago: executing program 7 (id=5299): syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00') r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="07000000040000008000000001"], 0x50) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000280)={r0, &(0x7f0000000240)}, 0x20) 5m18.868365299s ago: executing program 7 (id=5301): r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0) read$FUSE(r0, &(0x7f0000002240)={0x2020}, 0x2020) writev(r0, &(0x7f0000002140)=[{&(0x7f00000000c0)='T01\n', 0x4}, {&(0x7f0000000100)="4789878b5df7bd3c09b030651655fe9d359c9d08fb025b62183d2fe9eafde02c14c040775c303542a348fc4a9b27b2", 0x2f}], 0x2) 5m18.867117594s ago: executing program 7 (id=5303): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0) umount2(&(0x7f0000000100)='./file0\x00', 0x4) 5m18.811236299s ago: executing program 7 (id=5304): r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) listen(r0, 0x1) accept4$x25(r0, 0x0, 0x0, 0x80800) 5m18.550836155s ago: executing program 7 (id=5309): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x401, 0x0) mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='.\x00', 0x0, 0xa00a, 0x0) 5m18.42985457s ago: executing program 36 (id=5309): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x401, 0x0) mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='.\x00', 0x0, 0xa00a, 0x0) 4m51.466874913s ago: executing program 8 (id=6588): syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00') r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="07000000040000008000000001"], 0x50) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000280)={r0, &(0x7f0000000240)}, 0x20) 4m51.466531622s ago: executing program 8 (id=6589): r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000100)={0x18, 0x0, {0x1, @remote, 'ip_vti0\x00'}}, 0x1e) ioctl$PPPOEIOCSFWD(r0, 0x4008b100, &(0x7f0000000080)={0x18, 0x0, {0x1, @remote, 'team_slave_1\x00'}}) 4m51.407099271s ago: executing program 8 (id=6590): r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0) read$FUSE(r0, &(0x7f0000002240)={0x2020}, 0x2020) writev(r0, &(0x7f0000002140)=[{&(0x7f00000000c0)='T01\n', 0x4}, {&(0x7f0000000100)="4789878b5df7bd3c09b030651655fe9d359c9d08fb025b62183d2fe9eafde02c14c040775c303542a348fc4a9b27b2", 0x2f}], 0x2) 4m51.406824175s ago: executing program 8 (id=6591): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0) umount2(&(0x7f0000000100)='./file0\x00', 0x4) 4m51.333671292s ago: executing program 8 (id=6592): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5021900000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={{0x14}, [@NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_OP={0x8, 0x6, 0x1, 0x0, 0x1}]}}}]}]}], {0x14}}, 0x74}}, 0x0) 4m51.128128139s ago: executing program 8 (id=6593): syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0) r0 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="3800000056000100000000f70000000007020000", @ANYRES32, @ANYBLOB="200001"], 0x38}}, 0x0) 4m51.08509712s ago: executing program 37 (id=6593): syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0) r0 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="3800000056000100000000f70000000007020000", @ANYRES32, @ANYBLOB="200001"], 0x38}}, 0x0) 3m24.601442694s ago: executing program 4 (id=9739): socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) sendmsg$tipc(r1, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000c00)=[{&(0x7f0000000800)="7deb", 0x5dc}, {0x0}], 0x2, 0x0, 0x0, 0x10}, 0x24048801) 3m23.675152079s ago: executing program 4 (id=9783): getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800006, 0x7000001, 0x6e073, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000bc0000/0x400000)=nil, 0x600000, 0x9) 3m23.358856659s ago: executing program 4 (id=9800): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_MSRS_cpu(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x40000107, 0x0, 0xd}]}) 3m23.175179024s ago: executing program 4 (id=9806): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x101302, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) prlimit64(0x0, 0x7, &(0x7f0000000440), 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x4}) 3m23.005930813s ago: executing program 4 (id=9815): r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x83) sendmsg$nl_route_sched_retired(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0xf0, 0x32, 0x205, 0x70bd2d, 0x25dfdbfc, {}, [{0xc9}]}, 0xf0}, 0x1, 0x0, 0x0, 0x85}, 0x8000) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40086602, &(0x7f0000000000)) openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) 3m22.938033687s ago: executing program 4 (id=9819): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000900), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000007c0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_KEY(r0, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000200)={0x30, r1, 0x11, 0x70bd26, 0x25dfdbff, {}, [@NL802154_ATTR_SEC_KEY={0x14, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_ID={0x10, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x4}, @NL802154_KEY_ID_ATTR_MODE={0x8}]}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x30}, 0x1, 0x0, 0x0, 0x8080}, 0x0) 3m7.650426716s ago: executing program 38 (id=9819): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000900), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000007c0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_KEY(r0, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000200)={0x30, r1, 0x11, 0x70bd26, 0x25dfdbff, {}, [@NL802154_ATTR_SEC_KEY={0x14, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_ID={0x10, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x4}, @NL802154_KEY_ID_ATTR_MODE={0x8}]}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x30}, 0x1, 0x0, 0x0, 0x8080}, 0x0) 45.969472907s ago: executing program 9 (id=14156): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x659, @empty, 0xff}, 0x1c) setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000040)=0x7, 0x4) r1 = fcntl$dupfd(r0, 0x406, r0) write$cgroup_pid(r1, 0x0, 0x0) 45.920117764s ago: executing program 9 (id=14158): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r1) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c) 45.860075002s ago: executing program 9 (id=14161): ioctl$COMEDI_CMD(0xffffffffffffffff, 0x80506409, &(0x7f0000000180)={0x1, 0x1, 0x80, 0xd, 0x40, 0x1, 0x2, 0x3, 0x20, 0x1, 0x20, 0xa, 0x0, 0x0, 0x0}) r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r1, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_REPLACE(r0, 0x3ba0, &(0x7f0000000180)={0x48, 0x12, r2, 0x0, r1}) 45.859573201s ago: executing program 9 (id=14165): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000180)=0x7f, 0x4) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c) write(r0, &(0x7f0000000300)="89ba41c97928dec7cec15a160d3dba2553b519a795020072aed129d4b5247c983455b3d757e8b2333a", 0x29) 45.777843172s ago: executing program 9 (id=14168): r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x8000, 0x1f7) r1 = fanotify_init(0x200, 0x0) fanotify_mark(r1, 0x201, 0x4000003e, r0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000080)={0x8}) 45.77413005s ago: executing program 9 (id=14170): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000003e40), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SEG6_CMD_SETHMAC(r2, &(0x7f0000004440)={0x0, 0x0, &(0x7f0000000440)={0x0}, 0x1, 0x0, 0x0, 0xc051}, 0x4000) sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x2c, r1, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0xaf}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x6}, @SEG6_ATTR_SECRETLEN={0x5}]}, 0x2c}}, 0x24000806) 30.640914701s ago: executing program 39 (id=14170): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000003e40), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SEG6_CMD_SETHMAC(r2, &(0x7f0000004440)={0x0, 0x0, &(0x7f0000000440)={0x0}, 0x1, 0x0, 0x0, 0xc051}, 0x4000) sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x2c, r1, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0xaf}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x6}, @SEG6_ATTR_SECRETLEN={0x5}]}, 0x2c}}, 0x24000806) 10.524873596s ago: executing program 5 (id=14979): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x74, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_AUTH_TYPE={0x8}, @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}]}, 0x74}}, 0x0) 10.246890104s ago: executing program 5 (id=14986): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_timeval(r0, 0x1, 0x15, &(0x7f0000000040)={0x0, 0xea60}, 0x10) setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000140)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000240)={0xa, 0x4e23, 0xa4e4, @remote, 0x3}, 0x1c) sendmmsg(r0, &(0x7f0000000600)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000500)="ae", 0x1}], 0x1, &(0x7f0000000c00)=ANY=[], 0x14e0}}], 0x1, 0x4010) 10.089968915s ago: executing program 5 (id=14995): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1) r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil) ioctl$KVM_SET_MEMORY_ATTRIBUTES(r1, 0x4020aed2, &(0x7f0000000100)={0x100000, 0x11e000, 0x8}) r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f00000000c0)={0x0, 0x0}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 10.089838404s ago: executing program 5 (id=14996): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000002, 0x200000005c832, 0xffffffffffffffff, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000000)=0xa0, 0x4) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40086602, &(0x7f0000000000)) symlinkat(&(0x7f0000000200)='./file0/file0\x00', r0, &(0x7f0000000240)='./file0\x00') 10.019709538s ago: executing program 5 (id=14998): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000007d40)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000500)={{r0, 0xffffffffffffffff}, &(0x7f0000000400), &(0x7f0000000440)='%pB \x00'}, 0x20) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={r1}, 0x4) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x3, 0x11, &(0x7f0000000340)=ANY=[@ANYBLOB="180200000000000000000000020004008500000097000000b7080000000000007b8af8ff00000000b7080000ffffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0xe, 0x0, &(0x7f0000000100)="b34715ecd04550d3abc89b6f7bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 9.647532539s ago: executing program 5 (id=15002): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1a00000007"], 0x50) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) writev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1) write$binfmt_misc(r0, &(0x7f0000000000), 0xd) 9.573856712s ago: executing program 40 (id=15002): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1a00000007"], 0x50) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) writev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1) write$binfmt_misc(r0, &(0x7f0000000000), 0xd) 3.247605221s ago: executing program 3 (id=15105): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = fanotify_init(0x500, 0x400) r2 = fcntl$dupfd(r0, 0x406, r0) fanotify_mark(r1, 0x1, 0x40000019, r2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x4) writev(r3, &(0x7f0000001340)=[{&(0x7f0000000240)='H\x00', 0x2}], 0x1) 3.247092005s ago: executing program 3 (id=15106): r0 = socket$inet(0xa, 0x801, 0x84) connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r0, 0xfffffffd) r1 = accept4(r0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f00000002c0)={0x3, 0x1, 0x2, 0xff, 0xa4, 0x0, 0x1, 0x0, 0x5, 0x8, 0x0, 0x0, 0x2, 0x20}, 0xe) ioctl$sock_inet_udp_SIOCINQ(r1, 0x541b, &(0x7f0000000000)) 3.15944207s ago: executing program 3 (id=15107): r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000019400)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000779000/0x1000)=nil, 0x400000, 0x3, 0x2}) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000000)=""/188) 3.018074126s ago: executing program 3 (id=15113): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)={0xffffffffffffffff}) close(0x3) socket$nl_route(0x10, 0x3, 0x0) setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000001740)=0x7ffffffd, 0x4) write$binfmt_script(r0, 0x0, 0x6f4000) 2.92924371s ago: executing program 3 (id=15114): unshare(0x22020600) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0x0, 0x3}, 0x1c) close_range(r0, 0xffffffffffffffff, 0x2) 2.878416246s ago: executing program 3 (id=15116): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000402609333340000000000109022400010000000009040000010301000009210000000122010009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000080)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="000002"], 0x0, 0x0, 0x0, 0x0}, 0x0) syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="1101"], 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x400, 0x48940) ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f00000000c0)=""/84) 2.078598906s ago: executing program 6 (id=15152): r0 = syz_io_uring_setup(0x110, &(0x7f0000000380)={0x0, 0x10, 0x0, 0x5, 0x80}, &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000300)=[0xffffffffffffffff], 0x1) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r3 = socket$nl_route(0x10, 0x3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000)=[r3], 0x1}) io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0) 1.999825767s ago: executing program 6 (id=15146): epoll_create1(0x0) r0 = socket$unix(0x1, 0x5, 0x0) setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000040)=0xffff, 0x4) r1 = io_uring_setup(0x6002, &(0x7f0000000140)={0x0, 0xa41, 0x40, 0x1, 0x26f}) close_range(r1, r1, 0x0) pselect6(0x40, &(0x7f0000000100)={0x2, 0x0, 0xfffffffffffffff8, 0x0, 0x1, 0x10}, 0x0, &(0x7f0000000240)={0x1f, 0xc, 0x715, 0x8000000000000000, 0x0, 0x80000000000000, 0x800, 0x20000}, 0x0, 0x0) 1.660606059s ago: executing program 0 (id=15154): r0 = syz_io_uring_setup(0x370a, &(0x7f00000001c0)={0x0, 0xfffffffc, 0x2, 0x3, 0x2cf}, &(0x7f0000000500)=0x0, &(0x7f0000000000)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) io_uring_enter(r0, 0xe7f, 0xe400, 0x3, 0x0, 0x0) io_uring_register$IORING_REGISTER_IOWQ_AFF(r0, 0x11, &(0x7f0000000100)='F', 0x1) io_uring_register$IORING_UNREGISTER_IOWQ_AFF(r0, 0x12, 0x0, 0x0) 1.124571796s ago: executing program 0 (id=15155): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) close(r0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d117"], 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) 1.124400986s ago: executing program 6 (id=15156): getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) r0 = syz_create_resource$binfmt(&(0x7f0000000100)='./file1\x00') r1 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff) close(r1) execveat$binfmt(0xffffffffffffff9c, r0, 0x0, &(0x7f0000004780)={[], 0xf000}, 0x1000) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x42200, 0x8) 1.124140392s ago: executing program 0 (id=15157): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-aes-aesni\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="adcd1a9a3fc36e961ed00fe41b0cd695", 0x20) r1 = accept4$alg(r0, 0x0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f00000021c0)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000100)="a92e81d0991808e33c2330164cf023df", 0xfffffc81}], 0x1, &(0x7f0000001040)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x880}], 0x1, 0x80001) recvmmsg(r1, &(0x7f000000b480)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000001080)=""/4095, 0xfff}], 0x1}, 0x7ff}], 0x1, 0x102, 0x0) 746.24103ms ago: executing program 2 (id=15168): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000240)='cdg', 0x3) sendmmsg$inet(r0, &(0x7f0000001100)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000006c0)="91f8a9849519def28691bb5ac2f580ade1b200cb9b6ca309c4173c3d6f357d0272b7319130feaab952ac4603cad06d2aeb6c69c90477eeaaf6fb51cd9e29dfc6429cdae874ca669078b5e9078329d9cb4f14dba7beda913ef2d4ffee964b0f73440d16d804e8fc8d3d39b7a6770f13", 0x6f}], 0x1}}, {{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)='f', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f00000003c0)="76cd3737249e92cdbad7b6e704e8cae7f405a85f7d8e20b8d0bb939237bc52d18c99e0a611809bd4669407806d66cda69d59ed38ec6858a4cdacb848a5361397f7b242c223b0b522ada187c93dd27de49a68ccfaaabd0d43c93068f7de9619227f9d6f92ba57e70eab0767d64a76396f0d84380f3cf7d53968105101474bf9d8b3599b0e30aeae778963534b920e853f2bbbb68fed30c6395bdfc18f0484da05decdb889af633d216d3cb43ffefe6da687d69fc53f946a78b41c0c8b4685f4aa19caa8d8e24de898f7", 0xc9}, {&(0x7f0000000180)="e6b533355df96cf11386c82eddb922d918cc7dcb06d2bc76aa2fa0ac0c49a89beb25118cd309894183b5bbd2210a", 0x2e}, {&(0x7f00000008c0)="1f9a2da343bd6403324c2599903bd86466588c4a5578c5b35a05f2a69fea55c9d4be1d45bb9192b600f72b1f2802cfb066ce7d5a75d8b88736174901d995f53a47667c8d2b4caaef31e48a738d52da68966379b6e78c5463a4130492a47cb767a946dd9fc7dc6ae5d069b038137ceefc350d3280d0d6b7f6010f315367ff3d7337c2ab19a1808c52f6ec7b5d29727c163e7160d2ef9a8fac80ac8620559ca5efe6fbf26993be679b71db1f6a226b344e20583f9c7ce9bee6f66a09f685", 0xbd}], 0x3}}], 0x3, 0xa0d0) 317.268642ms ago: executing program 6 (id=15160): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0xffffff1f, 0x0, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4408}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @geneve={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GENEVE_TTL_INHERIT={0x5, 0xc, 0x1}]}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 315.641348ms ago: executing program 2 (id=15170): r0 = syz_io_uring_setup(0x1d1f, &(0x7f0000000200)={0x0, 0xcd1d, 0x10100, 0x0, 0xaa}, &(0x7f0000000000)=0x0, &(0x7f0000000140)=0x0) io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1) syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x20, 0x0, @fd_index=0x5, 0x0, &(0x7f00000001c0)=[{0x0}], 0x1}) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001000)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) io_uring_enter(r0, 0x26c3, 0xdffffffb, 0x4c, 0x0, 0x0) 228.441276ms ago: executing program 0 (id=15161): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000003380)=@hopopts={0x4}, 0x8) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f00000000c0)={0x32}, 0x8) sendto$inet6(r0, &(0x7f00000001c0)="da149d46bd8af3", 0x7, 0x51, &(0x7f0000000080)={0xa, 0x4e22, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}, 0x4}, 0x1c) listen(r0, 0x100101) accept4(r0, 0x0, 0x0, 0x80800) 226.494459ms ago: executing program 2 (id=15172): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000980)='tasks\x00', 0x2, 0x0) r2 = openat$cgroup_procs(r0, &(0x7f00000002c0)='tasks\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f00000000c0), 0x12) pread64(r2, &(0x7f0000001840)=""/4096, 0x1000, 0x1) 187.626502ms ago: executing program 6 (id=15162): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xchacha20\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd301e5a47b2f3caa73dcd2a6a370554375a", 0x20) r1 = accept4(r0, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000006880)=[{{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000240)=""/127, 0x7f}], 0x1}, 0x3}], 0x1, 0x40000021, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000b40), 0x2328}}, 0x0) 184.041819ms ago: executing program 0 (id=15163): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x400000000a882, 0x0) r1 = dup(r0) mmap(&(0x7f0000417000/0x3000)=nil, 0x3000, 0x4, 0x28011, r1, 0xffffe000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) 179.21822ms ago: executing program 2 (id=15164): r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0xc402, 0x80) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000003bc0)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94) write$P9_RVERSION(r0, &(0x7f0000000340)=ANY=[@ANYRES32=r0, @ANYBLOB="814c8d8e"], 0x13) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000280)='./file0\x00', &(0x7f0000000300)=[0x5], 0x0, 0x0, 0x1, 0x1}}, 0x40) 124.533224ms ago: executing program 2 (id=15165): sched_setscheduler(0x0, 0x1, 0x0) syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) setreuid(0xee01, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = dup2(r0, r0) faccessat2(r1, &(0x7f0000000880)='\x00', 0x1, 0x1100) 48.437591ms ago: executing program 6 (id=15166): r0 = syz_io_uring_setup(0x53f, &(0x7f0000000340)={0x0, 0x807734, 0x400, 0xfffffff8, 0xfe}, &(0x7f0000000000)=0x0, &(0x7f00000002c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x3, 0x0, 0x0, 0x202}]}, 0x10) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}) io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0) 26.850811ms ago: executing program 0 (id=15169): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup(r1) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) write$tun(r0, &(0x7f0000001140)=ANY=[@ANYBLOB="0a0000100180c200000300000000000086dd6900040000180001fc010000000000000000000000e70001ff02000000000000000000000000000106"], 0x52) 0s ago: executing program 2 (id=15171): unshare(0x2a020400) r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) r2 = openat$cgroup_pressure(r1, &(0x7f0000000200)='cpu.pressure\x00', 0x2, 0x0) read(r2, &(0x7f0000000040)=""/252, 0xfc) kernel console output (not intermixed with test programs): t:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 653.863918][ T40] audit: type=1400 audit(2001050430.125:31460): avc: denied { create } for pid=32652 comm="syz.9.12165" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 653.872988][ T40] audit: type=1400 audit(2001050430.125:31461): avc: denied { write } for pid=32652 comm="syz.9.12165" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 653.883312][ T40] audit: type=1400 audit(2001050430.125:31462): avc: denied { read } for pid=32652 comm="syz.9.12165" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 653.896192][ T40] audit: type=1400 audit(2001050430.135:31463): avc: denied { ioctl } for pid=32652 comm="syz.9.12165" path="socket:[111277]" dev="sockfs" ino=111277 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 653.949782][ T40] audit: type=1400 audit(2001050430.215:31464): avc: denied { create } for pid=32665 comm="syz.5.12170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 655.330033][T32750] __nla_validate_parse: 13 callbacks suppressed [ 655.330051][T32750] netlink: 32 bytes leftover after parsing attributes in process `syz.9.12204'. [ 655.337489][T32750] netlink: 32 bytes leftover after parsing attributes in process `syz.9.12204'. [ 655.398911][T32761] pimreg: entered allmulticast mode [ 655.407031][T32761] pimreg: left allmulticast mode [ 655.512011][ T308] bond0: entered promiscuous mode [ 655.513607][ T308] bond_slave_0: entered promiscuous mode [ 655.515711][ T308] bond_slave_1: entered promiscuous mode [ 655.527426][ T308] batadv0: entered promiscuous mode [ 655.533018][ T308] 8021q: adding VLAN 0 to HW filter on device hsr2 [ 655.541226][ T308] bond0: left promiscuous mode [ 655.542996][ T308] bond_slave_0: left promiscuous mode [ 655.544961][ T308] bond_slave_1: left promiscuous mode [ 655.549921][ T308] batadv0: left promiscuous mode [ 655.678987][ T325] netlink: 8 bytes leftover after parsing attributes in process `syz.9.12222'. [ 655.682446][ T325] netlink: 200 bytes leftover after parsing attributes in process `syz.9.12222'. [ 655.784173][ T346] bond0: entered promiscuous mode [ 655.786956][ T346] bond_slave_0: entered promiscuous mode [ 655.788830][ T346] bond_slave_1: entered promiscuous mode [ 655.791122][ T346] bond0: left promiscuous mode [ 655.792670][ T346] bond_slave_0: left promiscuous mode [ 655.794419][ T346] bond_slave_1: left promiscuous mode [ 656.675895][ T369] netlink: 8 bytes leftover after parsing attributes in process `syz.9.12246'. [ 656.679165][ T369] netlink: 8 bytes leftover after parsing attributes in process `syz.9.12246'. [ 656.876824][ T394] random: crng reseeded on system resumption [ 656.928819][ T398] 8021q: adding VLAN 0 to HW filter on device bond2 [ 656.932447][ T398] bond0: (slave bond2): Enslaving as an active interface with an up link [ 657.057010][ T413] netlink: 56 bytes leftover after parsing attributes in process `syz.2.12268'. [ 657.764311][ T473] bpf: Bad value for 'gid' [ 657.890217][ T490] netlink: 28 bytes leftover after parsing attributes in process `syz.5.12301'. [ 658.025059][ T505] kAFS: unable to lookup cell '(' [ 658.029082][ T505] kAFS: unable to lookup cell '(,c¾ûL' [ 658.200702][ T526] smc: net device hsr0 applied user defined pnetid SYZ2 [ 658.203076][ T523] syzkaller0: tun_chr_ioctl cmd 1074025678 [ 658.205452][ T523] syzkaller0: group set to 0 [ 658.216354][ T526] smc: net device hsr0 erased user defined pnetid SYZ2 [ 658.319134][ T540] netlink: 4 bytes leftover after parsing attributes in process `syz.6.12324'. [ 658.421604][ T558] netlink: 'syz.6.12333': attribute type 4 has an invalid length. [ 658.429809][ T556] netlink: 8 bytes leftover after parsing attributes in process `syz.2.12331'. [ 658.517076][ T571] vcan0: tx address claim with dlc 0 [ 658.641998][ T589] netlink: 'syz.2.12347': attribute type 4 has an invalid length. [ 658.716518][ T40] kauditd_printk_skb: 72 callbacks suppressed [ 658.716533][ T40] audit: type=1400 audit(2001050434.985:31537): avc: denied { read } for pid=595 comm="syz.9.12349" name="iommu" dev="devtmpfs" ino=632 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 658.728448][ T40] audit: type=1400 audit(2001050434.995:31538): avc: denied { open } for pid=595 comm="syz.9.12349" path="/dev/iommu" dev="devtmpfs" ino=632 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 658.740039][ T596] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 658.757847][ T40] audit: type=1400 audit(2001050435.005:31539): avc: denied { ioctl } for pid=595 comm="syz.9.12349" path="/dev/iommu" dev="devtmpfs" ino=632 ioctlcmd=0x3b81 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 658.835268][ T40] audit: type=1400 audit(2001050435.085:31540): avc: denied { read } for pid=611 comm="syz.9.12356" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 658.845631][ T40] audit: type=1400 audit(2001050435.095:31541): avc: denied { open } for pid=611 comm="syz.9.12356" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 658.853949][ T40] audit: type=1400 audit(2001050435.105:31542): avc: denied { ioctl } for pid=611 comm="syz.9.12356" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 658.871296][ T40] audit: type=1400 audit(2001050435.105:31543): avc: denied { create } for pid=618 comm="syz.6.12359" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 658.878683][ T40] audit: type=1400 audit(2001050435.105:31544): avc: denied { ioctl } for pid=618 comm="syz.6.12359" path="socket:[113594]" dev="sockfs" ino=113594 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 658.888093][ T40] audit: type=1400 audit(2001050435.155:31545): avc: denied { create } for pid=621 comm="syz.6.12360" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 658.904165][ T40] audit: type=1400 audit(2001050435.155:31546): avc: denied { write } for pid=621 comm="syz.6.12360" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 658.954867][ T631] netlink: 'syz.5.12364': attribute type 10 has an invalid length. [ 658.970714][ T631] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 658.975053][ T631] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 658.985720][ T631] netlink: 'syz.5.12364': attribute type 10 has an invalid length. [ 658.989198][ T631] batadv0: entered promiscuous mode [ 658.991398][ T631] batadv0: entered allmulticast mode [ 659.001851][ T631] bond0: (slave batadv0): Releasing backup interface [ 659.008646][ T631] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check. [ 659.049672][ T644] sctp: [Deprecated]: syz.2.12368 (pid 644) Use of struct sctp_assoc_value in delayed_ack socket option. [ 659.049672][ T644] Use struct sctp_sack_info instead [ 659.268628][ T677] netlink: 'syz.2.12387': attribute type 12 has an invalid length. [ 659.564675][ T720] veth1_to_batadv: entered promiscuous mode [ 659.756439][ T6015] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 659.781197][ T743] vcan0: tx address claim with dlc 0 [ 665.196275][ T13] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 669.844401][ T63] Bluetooth: hci1: link tx timeout [ 669.846639][ T63] Bluetooth: hci1: killing stalled connection 10:aa:aa:aa:aa:aa [ 669.851683][ T63] Bluetooth: hci1: link tx timeout [ 670.102045][ T40] kauditd_printk_skb: 57 callbacks suppressed [ 670.102062][ T40] audit: type=1400 audit(2001050446.365:31604): avc: denied { create } for pid=777 comm="syz.2.12422" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 670.113256][ T40] audit: type=1400 audit(2001050446.365:31605): avc: denied { ioctl } for pid=777 comm="syz.2.12422" path="socket:[115020]" dev="sockfs" ino=115020 ioctlcmd=0x89b0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 670.124138][ T40] audit: type=1400 audit(2001050446.375:31606): avc: denied { create } for pid=782 comm="syz.5.12423" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 670.132813][ T40] audit: type=1400 audit(2001050446.385:31607): avc: denied { listen } for pid=782 comm="syz.5.12423" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 670.141334][ T40] audit: type=1400 audit(2001050446.385:31608): avc: denied { accept } for pid=782 comm="syz.5.12423" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 670.174721][ T40] audit: type=1400 audit(2001050446.435:31609): avc: denied { create } for pid=787 comm="syz.2.12426" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 670.175171][ T789] tmpfs: Invalid uid '0x00000000ffffffff' [ 670.186142][ T40] audit: type=1400 audit(2001050446.435:31610): avc: denied { getopt } for pid=787 comm="syz.2.12426" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 670.194253][ T40] audit: type=1400 audit(2001050446.435:31611): avc: denied { mounton } for pid=787 comm="syz.2.12426" path="/618/file0" dev="tmpfs" ino=3175 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 670.204340][ T40] audit: type=1400 audit(2001050446.445:31612): avc: denied { write } for pid=786 comm="syz.5.12425" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 670.214750][ T40] audit: type=1400 audit(2001050446.465:31613): avc: denied { mounton } for pid=790 comm="syz.9.12427" path="/1462/file0" dev="tmpfs" ino=7441 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 670.266856][ T799] __nla_validate_parse: 7 callbacks suppressed [ 670.266875][ T799] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12430'. [ 670.274010][ T799] chnl_net:caif_netlink_parms(): no params data found [ 670.481264][ T812] netlink: 8 bytes leftover after parsing attributes in process `syz.9.12432'. [ 670.484286][ T812] netlink: 'syz.9.12432': attribute type 30 has an invalid length. [ 670.487489][ T812] netlink: 4 bytes leftover after parsing attributes in process `syz.9.12432'. [ 670.879268][ T846] netlink: 40 bytes leftover after parsing attributes in process `syz.9.12449'. [ 671.086636][ T881] netlink: set zone limit has 4 unknown bytes [ 671.260470][ T896] SELinux: failure in selinux_parse_skb(), unable to parse packet [ 671.484877][ T906] xt_hashlimit: size too large, truncated to 1048576 [ 671.918131][ T63] Bluetooth: hci1: command 0x0406 tx timeout [ 672.027930][ T936] netlink: 384 bytes leftover after parsing attributes in process `syz.9.12487'. [ 672.163720][ T964] xt_hashlimit: size too large, truncated to 1048576 [ 672.272515][ T985] netlink: 20 bytes leftover after parsing attributes in process `syz.9.12500'. [ 672.371865][ T1006] ipvlan1: entered allmulticast mode [ 672.373587][ T1006] veth0_vlan: entered allmulticast mode [ 672.382346][ T1006] team0: Device ipvlan1 is VLAN challenged and team device has VLAN set up [ 672.438688][ T1016] vcan0: tx address claim with different name [ 672.495674][ T1021] netlink: 20 bytes leftover after parsing attributes in process `syz.2.12512'. [ 672.552996][ T1030] input: syz1 as /devices/virtual/input/input32 [ 672.658926][ T1045] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12520'. [ 672.669852][ T1047] netlink: 20 bytes leftover after parsing attributes in process `syz.9.12521'. [ 672.702268][ T1054] netlink: 16 bytes leftover after parsing attributes in process `syz.9.12523'. [ 673.638564][ T1136] xt_hashlimit: size too large, truncated to 1048576 [ 673.812382][ T1146] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 674.965220][ T1216] netlink: 'syz.2.12578': attribute type 5 has an invalid length. [ 674.975720][ T1225] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 674.978170][ T1216] netlink: 'syz.2.12578': attribute type 5 has an invalid length. [ 674.978897][ T1225] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 674.986215][ T1225] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 674.989098][ T1225] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 675.262178][ T40] kauditd_printk_skb: 263 callbacks suppressed [ 675.262194][ T40] audit: type=1400 audit(2001050451.525:31877): avc: denied { mount } for pid=1228 comm="syz.2.12585" name="/" dev="9p" ino=77070387 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 675.494299][ T40] audit: type=1400 audit(2001050451.755:31878): avc: denied { name_bind } for pid=1242 comm="syz.2.12590" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 675.549325][ T40] audit: type=1400 audit(2001050451.815:31879): avc: denied { ioctl } for pid=1246 comm="syz.5.12592" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=116946 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 675.565831][ T40] audit: type=1400 audit(2001050451.825:31880): avc: denied { read write } for pid=20356 comm="syz-executor" name="loop9" dev="devtmpfs" ino=667 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 675.585904][ T40] audit: type=1400 audit(2001050451.825:31881): avc: denied { open } for pid=20356 comm="syz-executor" path="/dev/loop9" dev="devtmpfs" ino=667 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 675.594908][ T40] audit: type=1400 audit(2001050451.825:31882): avc: denied { ioctl } for pid=20356 comm="syz-executor" path="/dev/loop9" dev="devtmpfs" ino=667 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 675.621527][ T1252] __nla_validate_parse: 5 callbacks suppressed [ 675.621544][ T1252] netlink: 212368 bytes leftover after parsing attributes in process `syz.9.12593'. [ 675.629802][ T1254] overlayfs: failed to clone upperpath [ 675.633935][ T40] audit: type=1400 audit(2001050451.895:31883): avc: denied { mounton } for pid=1253 comm="syz.2.12595" path="/662/file0" dev="tmpfs" ino=3401 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 675.723226][ T40] audit: type=1400 audit(2001050451.985:31884): avc: denied { mount } for pid=1263 comm="syz.9.12600" name="/" dev="hugetlbfs" ino=116962 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1 [ 675.740538][ T40] audit: type=1400 audit(2001050452.005:31885): avc: denied { unmount } for pid=20356 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1 [ 675.768808][ T40] audit: type=1400 audit(2001050452.035:31886): avc: denied { map_create } for pid=1266 comm="syz.9.12601" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 675.943131][ T1281] netlink: 8 bytes leftover after parsing attributes in process `syz.2.12608'. [ 676.098525][ T1296] netlink: 28 bytes leftover after parsing attributes in process `syz.2.12613'. [ 676.101479][ T1296] netlink: 28 bytes leftover after parsing attributes in process `syz.2.12613'. [ 676.187606][ T1303] fuse: Bad value for 'fd' [ 676.330012][ T1321] netlink: 4 bytes leftover after parsing attributes in process `syz.6.12624'. [ 676.333739][ T1321] netlink: 4 bytes leftover after parsing attributes in process `syz.6.12624'. [ 676.335372][ T1323] fuse: Bad value for 'fd' [ 677.056235][ T1416] macvlan4: entered promiscuous mode [ 677.091665][ T1425] netlink: 4 bytes leftover after parsing attributes in process `syz.9.12657'. [ 677.416438][ T1460] fuse: Bad value for 'fd' [ 677.426140][ T54] usb 14-1: new high-speed USB device number 18 using dummy_hcd [ 677.597467][ T54] usb 14-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 677.601943][ T54] usb 14-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 677.610111][ T54] usb 14-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 253 [ 677.627578][ T54] usb 14-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 677.631454][ T54] usb 14-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 677.634979][ T54] usb 14-1: Manufacturer: syz [ 677.640343][ T54] usb 14-1: config 0 descriptor?? [ 677.646385][ T54] usbhid 14-1:0.0: couldn't find an input interrupt endpoint [ 677.665678][ T1472] netlink: 'syz.6.12676': attribute type 29 has an invalid length. [ 677.670328][ T1472] netlink: 'syz.6.12676': attribute type 29 has an invalid length. [ 677.902898][ T1497] overlayfs: failed to clone upperpath [ 677.915601][ T1499] bond0: entered allmulticast mode [ 677.918020][ T1499] bond_slave_0: entered allmulticast mode [ 677.919948][ T1499] bond_slave_1: entered allmulticast mode [ 677.921759][ T1499] bond2: entered allmulticast mode [ 677.927973][ T1499] 8021q: adding VLAN 0 to HW filter on device bond0 [ 677.931501][ T1499] team0: Device bond0 failed to register rx_handler [ 678.136741][ T1522] netlink: 212916 bytes leftover after parsing attributes in process `syz.2.12698'. [ 678.695145][ T1560] netlink: 92 bytes leftover after parsing attributes in process `syz.5.12714'. [ 678.834740][ T1577] netlink: 28 bytes leftover after parsing attributes in process `syz.5.12722'. [ 679.879185][ T1618] xt_hashlimit: size too large, truncated to 1048576 [ 680.183596][T16523] usb 14-1: USB disconnect, device number 18 [ 680.275495][ T40] kauditd_printk_skb: 154 callbacks suppressed [ 680.275506][ T40] audit: type=1400 audit(2001050456.535:32041): avc: denied { unmount } for pid=1638 comm="syz.9.12748" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 680.285591][ T40] audit: type=1800 audit(2001050456.545:32042): pid=1639 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.9.12748" name="file0" dev="9p" ino=77070401 res=0 errno=0 [ 680.292455][ T40] audit: type=1400 audit(2001050456.555:32043): avc: denied { setattr } for pid=1638 comm="syz.9.12748" name="/" dev="9p" ino=77070387 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 680.455975][ T1649] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 680.513520][ T40] audit: type=1400 audit(2001050456.775:32044): avc: denied { create } for pid=1652 comm="syz.6.12755" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 680.522681][ T40] audit: type=1400 audit(2001050456.775:32045): avc: denied { write } for pid=1652 comm="syz.6.12755" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 680.581674][ T40] audit: type=1400 audit(2001050456.845:32046): avc: denied { name_connect } for pid=1656 comm="syz.9.12750" dest=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 680.615845][ T40] audit: type=1400 audit(2001050456.855:32047): avc: denied { setopt } for pid=1656 comm="syz.9.12750" lport=49822 faddr=::ffff:172.30.0.10 fport=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 680.663379][ T40] audit: type=1400 audit(2001050456.925:32048): avc: denied { node_bind } for pid=1660 comm="syz.5.12758" saddr=fe80::18 src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 680.684981][ T40] audit: type=1400 audit(2001050456.945:32049): avc: denied { read } for pid=1664 comm="syz.9.12759" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 680.693375][ T40] audit: type=1400 audit(2001050456.955:32050): avc: denied { open } for pid=1664 comm="syz.9.12759" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 681.084434][ T1696] fuse: Bad value for 'fd' [ 681.151920][ T1698] lo: entered promiscuous mode [ 681.153365][ T1698] lo: entered allmulticast mode [ 681.157147][ T1698] __nla_validate_parse: 3 callbacks suppressed [ 681.157157][ T1698] netlink: 6 bytes leftover after parsing attributes in process `syz.6.12775'. [ 681.162104][ T1698] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 681.482661][ T1726] netlink: 8 bytes leftover after parsing attributes in process `syz.2.12786'. [ 681.485604][ T1726] netlink: 'syz.2.12786': attribute type 21 has an invalid length. [ 681.536171][ T1728] netlink: 16 bytes leftover after parsing attributes in process `syz.6.12787'. [ 681.841968][ T1783] netlink: 4 bytes leftover after parsing attributes in process `syz.9.12810'. [ 681.996029][ T1802] Bluetooth: MGMT ver 1.23 [ 681.997980][ T1802] Bluetooth: hci1: expected 65469 bytes, got 2 bytes [ 682.029670][ T1804] netlink: 8 bytes leftover after parsing attributes in process `syz.6.12819'. [ 682.086229][ T1814] netlink: 8 bytes leftover after parsing attributes in process `syz.2.12824'. [ 682.382833][ T1852] netlink: 8 bytes leftover after parsing attributes in process `syz.6.12841'. [ 682.385734][ T1852] netlink: 'syz.6.12841': attribute type 30 has an invalid length. [ 682.433961][ T1853] netlink: 8 bytes leftover after parsing attributes in process `syz.6.12841'. [ 682.437047][ T1853] netlink: 'syz.6.12841': attribute type 30 has an invalid length. [ 682.486072][ T5976] usb 14-1: new high-speed USB device number 19 using dummy_hcd [ 682.656098][ T5976] usb 14-1: Using ep0 maxpacket: 8 [ 682.662944][ T5976] usb 14-1: config 0 interface 0 has no altsetting 0 [ 682.665652][ T5976] usb 14-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 682.671528][ T5976] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 682.677439][ T5976] usb 14-1: config 0 descriptor?? [ 682.678728][ T1871] netlink: 52 bytes leftover after parsing attributes in process `syz.6.12849'. [ 682.719511][ T1875] netlink: 212368 bytes leftover after parsing attributes in process `syz.6.12851'. [ 683.089959][ T5976] mcp2221 0003:04D8:00DD.0005: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.9-1/input0 [ 683.288737][ T5976] usb 14-1: USB disconnect, device number 19 [ 683.326773][ T1899] 8021q: adding VLAN 0 to HW filter on device bond1 [ 683.354843][ T1902] sctp: [Deprecated]: syz.6.12864 (pid 1902) Use of struct sctp_assoc_value in delayed_ack socket option. [ 683.354843][ T1902] Use struct sctp_sack_info instead [ 683.904254][ T1945] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 683.965066][ T1954] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 684.004052][ T1954] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type [ 684.013646][ T1954] overlayfs: failed to look up (tracing) for ino (-66) [ 685.304154][ T40] kauditd_printk_skb: 191 callbacks suppressed [ 685.304166][ T40] audit: type=1400 audit(2001050461.565:32242): avc: denied { create } for pid=2045 comm="syz.5.12931" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 685.315968][ T40] audit: type=1400 audit(2001050461.565:32243): avc: denied { create } for pid=2046 comm="syz.6.12932" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 685.322476][ T40] audit: type=1400 audit(2001050461.575:32245): avc: denied { ioctl } for pid=2046 comm="syz.6.12932" path="socket:[119239]" dev="sockfs" ino=119239 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 685.330437][ T40] audit: type=1400 audit(2001050461.565:32244): avc: denied { bind } for pid=2045 comm="syz.5.12931" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 685.336974][ T40] audit: type=1400 audit(2001050461.575:32246): avc: denied { bind } for pid=2046 comm="syz.6.12932" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 685.344117][ T40] audit: type=1400 audit(2001050461.575:32247): avc: denied { connect } for pid=2046 comm="syz.6.12932" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 685.350478][ T40] audit: type=1400 audit(2001050461.575:32248): avc: denied { write } for pid=2046 comm="syz.6.12932" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 685.356849][ T40] audit: type=1400 audit(2001050461.575:32249): avc: denied { setopt } for pid=2045 comm="syz.5.12931" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 685.362810][ T40] audit: type=1400 audit(2001050461.575:32250): avc: denied { accept } for pid=2045 comm="syz.5.12931" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 685.369047][ T40] audit: type=1400 audit(2001050461.575:32251): avc: denied { write } for pid=2045 comm="syz.5.12931" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 686.452815][ T2110] __nla_validate_parse: 6 callbacks suppressed [ 686.452827][ T2110] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12957'. [ 686.508979][ T2114] overlayfs: failed to clone upperpath [ 686.787119][ T2153] netlink: 'syz.2.12977': attribute type 3 has an invalid length. [ 686.875686][ T2168] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 687.285898][T16522] usb 14-1: new high-speed USB device number 20 using dummy_hcd [ 687.455971][T16522] usb 14-1: Using ep0 maxpacket: 8 [ 687.459967][T16522] usb 14-1: config 0 interface 0 has no altsetting 0 [ 687.462860][T16522] usb 14-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 687.467030][T16522] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 687.472781][T16522] usb 14-1: config 0 descriptor?? [ 687.884687][T16522] mcp2221 0003:04D8:00DD.0006: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.9-1/input0 [ 688.083811][T18095] usb 14-1: USB disconnect, device number 20 [ 688.909191][ T2223] netlink: 'syz.5.13005': attribute type 3 has an invalid length. [ 689.001032][ T2229] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13016'. [ 689.152686][ T2240] netlink: 4 bytes leftover after parsing attributes in process `syz.5.13011'. [ 689.209772][ T2243] overlayfs: failed to clone upperpath [ 689.545411][ T2274] vcan0: tx address claim with different name [ 689.810568][ T2304] SELinux: failed to load policy [ 690.514964][ T40] kauditd_printk_skb: 138 callbacks suppressed [ 690.514980][ T40] audit: type=1400 audit(2001050466.775:32390): avc: denied { create } for pid=2319 comm="syz.9.13046" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 690.526599][ T40] audit: type=1400 audit(2001050466.795:32391): avc: denied { ioctl } for pid=2319 comm="syz.9.13046" path="socket:[118594]" dev="sockfs" ino=118594 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 690.535233][ T2323] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13047'. [ 690.575569][ T40] audit: type=1400 audit(2001050466.835:32392): avc: denied { mount } for pid=2324 comm="syz.9.13048" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 690.583766][ T40] audit: type=1400 audit(2001050466.835:32393): avc: denied { mounton } for pid=2327 comm="syz.6.13051" path="/2129/file0" dev="tmpfs" ino=10826 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 690.594997][ T40] audit: type=1400 audit(2001050466.835:32394): avc: denied { mount } for pid=2327 comm="syz.6.13051" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 690.616407][ T40] audit: type=1400 audit(2001050466.885:32395): avc: denied { create } for pid=2331 comm="syz.2.13056" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 690.626180][ T40] audit: type=1400 audit(2001050466.885:32396): avc: denied { read } for pid=2330 comm="syz.9.13053" name="ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 690.634127][ T40] audit: type=1400 audit(2001050466.885:32397): avc: denied { open } for pid=2330 comm="syz.9.13053" path="/dev/ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 690.646085][ T40] audit: type=1400 audit(2001050466.885:32398): avc: denied { setopt } for pid=2331 comm="syz.2.13056" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 690.652569][ T40] audit: type=1400 audit(2001050466.885:32399): avc: denied { write } for pid=2331 comm="syz.2.13056" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 690.797501][ T2350] netlink: 20 bytes leftover after parsing attributes in process `syz.9.13062'. [ 692.080717][ T1418] ieee802154 phy1 wpan1: encryption failed: -22 [ 692.119156][ T2452] input: syz1 as /devices/virtual/input/input33 [ 692.522815][ T2470] netlink: 8 bytes leftover after parsing attributes in process `syz.6.13117'. [ 692.526766][ T2470] netlink: 'syz.6.13117': attribute type 5 has an invalid length. [ 692.529522][ T2470] netlink: 12 bytes leftover after parsing attributes in process `syz.6.13117'. [ 692.535161][ T2470] netlink: 8 bytes leftover after parsing attributes in process `syz.6.13117'. [ 692.538855][ T2470] netlink: 'syz.6.13117': attribute type 5 has an invalid length. [ 692.541612][ T2470] netlink: 12 bytes leftover after parsing attributes in process `syz.6.13117'. [ 692.770309][ T2484] netlink: 4 bytes leftover after parsing attributes in process `syz.6.13124'. [ 692.964202][ T2498] netlink: 28 bytes leftover after parsing attributes in process `syz.6.13136'. [ 692.967476][ T2498] netlink: 28 bytes leftover after parsing attributes in process `syz.6.13136'. [ 693.039882][ T2508] netlink: 8 bytes leftover after parsing attributes in process `syz.6.13132'. [ 693.172931][ T2523] netlink: 4 bytes leftover after parsing attributes in process `syz.5.13141'. [ 693.176861][ T2523] netlink: 4 bytes leftover after parsing attributes in process `syz.5.13141'. [ 693.395866][ T2556] netlink: 'syz.6.13152': attribute type 26 has an invalid length. [ 695.545185][ T40] kauditd_printk_skb: 157 callbacks suppressed [ 695.545201][ T40] audit: type=1400 audit(2001050471.805:32557): avc: denied { create } for pid=2725 comm="syz.9.13202" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 695.557177][ T40] audit: type=1400 audit(2001050471.805:32558): avc: denied { write } for pid=2725 comm="syz.9.13202" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 695.578538][ T40] audit: type=1400 audit(2001050471.845:32559): avc: denied { read } for pid=2732 comm="syz.9.13205" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 695.588315][ T40] audit: type=1400 audit(2001050471.845:32560): avc: denied { open } for pid=2732 comm="syz.9.13205" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 695.652515][ T2739] xt_hashlimit: size too large, truncated to 1048576 [ 695.661627][ T2741] bond0: entered allmulticast mode [ 695.663943][ T2741] bond_slave_0: entered allmulticast mode [ 695.667751][ T2741] bond_slave_1: entered allmulticast mode [ 695.674421][ T2741] 8021q: adding VLAN 0 to HW filter on device bond0 [ 695.680652][ T2741] team0: Device bond0 failed to register rx_handler [ 695.705273][ T40] audit: type=1400 audit(2001050471.965:32561): avc: denied { connect } for pid=2738 comm="syz.2.13209" lport=60 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 695.720487][ T40] audit: type=1400 audit(2001050471.965:32562): avc: denied { write } for pid=2738 comm="syz.2.13209" laddr=::1 lport=60 faddr=::1 fport=20131 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 695.731711][ T40] audit: type=1400 audit(2001050471.965:32563): avc: denied { recv } for pid=5911 comm="sshd-session" saddr=127.0.0.1 src=30000 daddr=127.0.0.1 dest=37096 netif=lo scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1 [ 695.742300][ T40] audit: type=1400 audit(2001050471.995:32564): avc: denied { create } for pid=2744 comm="syz.9.13210" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 695.750658][ T40] audit: type=1400 audit(2001050471.995:32565): avc: denied { connect } for pid=2744 comm="syz.9.13210" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 695.759315][ T40] audit: type=1400 audit(2001050471.995:32566): avc: denied { write } for pid=2744 comm="syz.9.13210" path="socket:[117739]" dev="sockfs" ino=117739 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 695.889186][ T5334] udevd[5334]: worker [27909] /devices/virtual/block/nbd2 is taking a long time [ 695.893000][ T5334] udevd[5334]: worker [27670] /devices/virtual/block/nbd3 is taking a long time [ 696.272143][ T2789] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 697.203777][ T11] block nbd2: Connection timed out, retrying (0/1 alive) [ 697.207877][ T11] block nbd2: Connection timed out, retrying (0/1 alive) [ 697.210796][ T11] block nbd2: Connection timed out, retrying (0/1 alive) [ 697.215401][ T1283] block nbd3: Connection timed out, retrying (0/1 alive) [ 697.218358][ T1283] block nbd3: Connection timed out, retrying (0/1 alive) [ 697.220616][ T1283] block nbd3: Connection timed out, retrying (0/1 alive) [ 697.224305][ T11] block nbd2: Connection timed out, retrying (0/1 alive) [ 697.227664][ T1283] block nbd3: Connection timed out, retrying (0/1 alive) [ 697.230680][ T1283] block nbd2: Dead connection, failed to find a fallback [ 697.234052][ T1283] block nbd2: shutting down sockets [ 697.238824][ T1283] blk_print_req_error: 32 callbacks suppressed [ 697.238839][ T1283] I/O error, dev nbd2, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 697.245685][ T1283] Buffer I/O error on dev nbd2, logical block 3, async page read [ 697.250548][ T11] block nbd3: Dead connection, failed to find a fallback [ 697.253481][ T11] block nbd3: shutting down sockets [ 697.255703][ T11] I/O error, dev nbd3, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 697.260240][ T1283] I/O error, dev nbd2, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 697.265148][ T1283] Buffer I/O error on dev nbd2, logical block 2, async page read [ 697.268761][ T1283] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 697.272335][ T1283] Buffer I/O error on dev nbd2, logical block 1, async page read [ 697.275415][ T1283] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 697.281312][ T11] Buffer I/O error on dev nbd3, logical block 3, async page read [ 697.284583][ T11] I/O error, dev nbd3, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 697.290324][ T1283] Buffer I/O error on dev nbd2, logical block 0, async page read [ 697.297416][ T11] Buffer I/O error on dev nbd3, logical block 2, async page read [ 697.300745][ T11] I/O error, dev nbd3, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 697.304617][ T11] Buffer I/O error on dev nbd3, logical block 1, async page read [ 697.306750][T27909] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 697.308055][ T11] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 697.314145][T27909] Buffer I/O error on dev nbd2, logical block 0, async page read [ 697.316410][ T11] Buffer I/O error on dev nbd3, logical block 0, async page read [ 697.319917][T27909] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 697.323283][T27670] Buffer I/O error on dev nbd3, logical block 0, async page read [ 697.328104][T27909] ldm_validate_partition_table(): Disk read failed. [ 697.331521][T27670] ldm_validate_partition_table(): Disk read failed. [ 697.333697][T27909] Dev nbd2: unable to read RDB block 0 [ 697.336713][T27670] Dev nbd3: unable to read RDB block 0 [ 697.339476][T27909] nbd2: unable to read partition table [ 697.341629][T27670] nbd3: unable to read partition table [ 697.352597][T27909] ldm_validate_partition_table(): Disk read failed. [ 697.356541][T27909] Dev nbd2: unable to read RDB block 0 [ 697.357293][T27670] ldm_validate_partition_table(): Disk read failed. [ 697.359405][T27909] nbd2: unable to read partition table [ 697.362121][T27670] Dev nbd3: unable to read RDB block 0 [ 697.366957][T27670] nbd3: unable to read partition table [ 697.546820][ T2897] __nla_validate_parse: 10 callbacks suppressed [ 697.546840][ T2897] netlink: 8 bytes leftover after parsing attributes in process `syz.6.13262'. [ 697.553751][ T2897] netlink: 'syz.6.13262': attribute type 21 has an invalid length. [ 697.562943][ T2899] fuse: Bad value for 'fd' [ 697.749139][ T2917] netlink: 28 bytes leftover after parsing attributes in process `syz.2.13276'. [ 697.753190][ T2917] netlink: 28 bytes leftover after parsing attributes in process `syz.2.13276'. [ 697.757713][ T2917] netlink: 28 bytes leftover after parsing attributes in process `syz.2.13276'. [ 697.761922][ T2917] netlink: 28 bytes leftover after parsing attributes in process `syz.2.13276'. [ 697.877978][ T2934] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13278'. [ 698.032805][ T2964] netlink: 'syz.9.13288': attribute type 21 has an invalid length. [ 698.036379][ T2964] netlink: 128 bytes leftover after parsing attributes in process `syz.9.13288'. [ 698.040044][ T2964] netlink: 3 bytes leftover after parsing attributes in process `syz.9.13288'. [ 698.043904][ T2964] netlink: 'syz.9.13288': attribute type 21 has an invalid length. [ 698.046559][ T2964] netlink: 128 bytes leftover after parsing attributes in process `syz.9.13288'. [ 698.049218][ T2964] netlink: 3 bytes leftover after parsing attributes in process `syz.9.13288'. [ 699.007595][ T3054] Invalid ELF header magic: != ELF [ 699.094996][ T3062] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 699.452870][ T3095] sctp: [Deprecated]: syz.5.13340 (pid 3095) Use of struct sctp_assoc_value in delayed_ack socket option. [ 699.452870][ T3095] Use struct sctp_sack_info instead [ 700.328357][ T3159] overlayfs: failed to clone lowerpath [ 700.555348][ T40] kauditd_printk_skb: 162 callbacks suppressed [ 700.555366][ T40] audit: type=1400 audit(2001050476.815:32729): avc: denied { allowed } for pid=3182 comm="syz.6.13380" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 700.571576][ T40] audit: type=1400 audit(2001050476.825:32730): avc: denied { create } for pid=3182 comm="syz.6.13380" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 700.596868][ T40] audit: type=1400 audit(2001050476.825:32731): avc: denied { map } for pid=3182 comm="syz.6.13380" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=120239 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 700.607455][ T40] audit: type=1400 audit(2001050476.825:32732): avc: denied { read write } for pid=3182 comm="syz.6.13380" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=120239 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 700.617895][ T40] audit: type=1400 audit(2001050476.825:32733): avc: denied { unmount } for pid=3172 comm="syz.9.13374" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 700.626411][ T40] audit: type=1800 audit(2001050476.835:32734): pid=3176 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.9.13374" name="file0" dev="9p" ino=77070401 res=0 errno=0 [ 700.724811][ T40] audit: type=1400 audit(2001050476.985:32735): avc: denied { create } for pid=3195 comm="syz.6.13387" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1 [ 700.731286][ T40] audit: type=1400 audit(2001050476.985:32736): avc: denied { sys_admin } for pid=3195 comm="syz.6.13387" capability=21 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1 [ 700.761872][ T40] audit: type=1400 audit(2001050477.025:32737): avc: denied { create } for pid=3200 comm="syz.6.13389" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 700.774745][ T40] audit: type=1400 audit(2001050477.025:32738): avc: denied { write } for pid=3200 comm="syz.6.13389" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 700.791016][ T3204] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 700.887430][ T3212] syzkaller1: entered promiscuous mode [ 700.889922][ T3212] syzkaller1: entered allmulticast mode [ 701.706585][ T3259] netlink: 'syz.2.13413': attribute type 1 has an invalid length. [ 701.709479][ T3259] netlink: 'syz.2.13413': attribute type 2 has an invalid length. [ 701.830450][ T3273] sock: sock_set_timeout: `syz.6.13420' (pid 3273) tries to set negative timeout [ 701.875041][ T3277] xt_hashlimit: size too large, truncated to 1048576 [ 701.878479][ T3276] 8021q: adding VLAN 0 to HW filter on device bond0 [ 701.883366][ T3276] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 702.023698][ T3285] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 702.541883][T16522] libceph: connect (1)[c::]:6789 error -22 [ 702.557074][T16522] libceph: mon0 (1)[c::]:6789 connect error [ 702.563979][T16522] libceph: connect (1)[c::]:6789 error -22 [ 702.566595][T16522] libceph: mon0 (1)[c::]:6789 connect error [ 702.841362][T16522] libceph: connect (1)[c::]:6789 error -22 [ 702.844197][T16522] libceph: mon0 (1)[c::]:6789 connect error [ 702.929390][ T3382] netlink: 'syz.9.13466': attribute type 3 has an invalid length. [ 703.324629][ T3349] ceph: No mds server is up or the cluster is laggy [ 704.180379][ T3459] mmap: syz.6.13501 (3459): VmData 29073408 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 704.262746][ T3469] __nla_validate_parse: 7 callbacks suppressed [ 704.262758][ T3469] netlink: 20 bytes leftover after parsing attributes in process `syz.2.13506'. [ 704.396071][T16265] Bluetooth: hci9: command 0x0406 tx timeout [ 704.515306][ T3486] netlink: 20 bytes leftover after parsing attributes in process `syz.2.13513'. [ 704.644606][ T3491] netlink: 4 bytes leftover after parsing attributes in process `syz.9.13515'. [ 705.549004][ T3557] netlink: 212368 bytes leftover after parsing attributes in process `syz.6.13537'. [ 705.586001][ T40] kauditd_printk_skb: 157 callbacks suppressed [ 705.586020][ T40] audit: type=1400 audit(2001050481.855:32896): avc: denied { shutdown } for pid=3558 comm="syz.6.13538" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 705.625925][ T40] audit: type=1400 audit(2001050481.885:32897): avc: denied { create } for pid=3564 comm="syz.6.13540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 705.636632][ T40] audit: type=1400 audit(2001050481.895:32898): avc: denied { setopt } for pid=3564 comm="syz.6.13540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 705.696020][ T40] audit: type=1400 audit(2001050481.955:32899): avc: denied { read write } for pid=20356 comm="syz-executor" name="loop9" dev="devtmpfs" ino=667 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 705.715881][ T40] audit: type=1400 audit(2001050481.955:32900): avc: denied { open } for pid=20356 comm="syz-executor" path="/dev/loop9" dev="devtmpfs" ino=667 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 705.729696][ T40] audit: type=1400 audit(2001050481.955:32901): avc: denied { ioctl } for pid=20356 comm="syz-executor" path="/dev/loop9" dev="devtmpfs" ino=667 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 705.737994][ T3574] netlink: 8 bytes leftover after parsing attributes in process `syz.9.13544'. [ 705.741377][ T40] audit: type=1400 audit(2001050481.965:32902): avc: denied { sys_module } for pid=3568 comm="syz.6.13543" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 705.743915][ T3574] netlink: 'syz.9.13544': attribute type 5 has an invalid length. [ 705.752114][ T40] audit: type=1400 audit(2001050481.995:32903): avc: denied { prog_load } for pid=3568 comm="syz.6.13543" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 705.755936][ T3574] netlink: 12 bytes leftover after parsing attributes in process `syz.9.13544'. [ 705.763705][ T40] audit: type=1400 audit(2001050481.995:32904): avc: denied { prog_run } for pid=3568 comm="syz.6.13543" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 705.785127][ T3574] netlink: 8 bytes leftover after parsing attributes in process `syz.9.13544'. [ 705.789658][ T3574] netlink: 'syz.9.13544': attribute type 5 has an invalid length. [ 705.793057][ T3574] netlink: 12 bytes leftover after parsing attributes in process `syz.9.13544'. [ 705.795703][ T40] audit: type=1400 audit(2001050482.055:32905): avc: denied { mount } for pid=3575 comm="syz.6.13545" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 705.893453][ T3586] overlayfs: failed to clone upperpath [ 705.926775][ T3592] netlink: 28 bytes leftover after parsing attributes in process `syz.5.13551'. [ 705.930682][ T3592] netlink: 28 bytes leftover after parsing attributes in process `syz.5.13551'. [ 706.257304][ T3618] kvm: MONITOR instruction emulated as NOP! [ 706.518220][ T3635] PID 3635 killed due to inadequate hugepage pool [ 706.639991][ T3650] xt_hashlimit: size too large, truncated to 1048576 [ 706.786439][ T3664] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=29037 sclass=netlink_route_socket pid=3664 comm=syz.6.13579 [ 709.378668][ T3787] __nla_validate_parse: 5 callbacks suppressed [ 709.378686][ T3787] netlink: 8 bytes leftover after parsing attributes in process `syz.6.13627'. [ 709.460676][ T3793] vcan0: tx drop: invalid sa for name 0x0000000000000001 [ 709.464117][ T5935] IPVS: starting estimator thread 0... [ 709.515154][ T3800] netlink: 'syz.2.13633': attribute type 29 has an invalid length. [ 709.526693][ T3800] netlink: 'syz.2.13633': attribute type 29 has an invalid length. [ 709.530357][ T3800] netlink: 500 bytes leftover after parsing attributes in process `syz.2.13633'. [ 709.533637][ T3800] unsupported nla_type 58 [ 709.566056][ T3796] IPVS: using max 38 ests per chain, 91200 per kthread [ 709.769617][ T3815] netlink: 4 bytes leftover after parsing attributes in process `syz.6.13640'. [ 709.774109][ T3815] hsr_slave_0: left promiscuous mode [ 710.625209][ T3853] netlink: 12 bytes leftover after parsing attributes in process `syz.2.13656'. [ 710.822582][ T40] kauditd_printk_skb: 84 callbacks suppressed [ 710.822597][ T40] audit: type=1400 audit(2001050487.085:32990): avc: denied { sys_module } for pid=3854 comm="syz.6.13657" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 710.826715][ T3855] Invalid ELF header magic: != ELF [ 710.833983][ T40] audit: type=1400 audit(2001050487.085:32991): avc: denied { module_load } for pid=3854 comm="syz.6.13657" path="/2289/bus" dev="tmpfs" ino=11642 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=system permissive=1 [ 710.885894][ T40] audit: type=1400 audit(2001050487.145:32992): avc: denied { read write } for pid=20356 comm="syz-executor" name="loop9" dev="devtmpfs" ino=667 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 710.893874][ T40] audit: type=1400 audit(2001050487.145:32993): avc: denied { open } for pid=20356 comm="syz-executor" path="/dev/loop9" dev="devtmpfs" ino=667 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 710.904811][ T40] audit: type=1400 audit(2001050487.145:32994): avc: denied { ioctl } for pid=20356 comm="syz-executor" path="/dev/loop9" dev="devtmpfs" ino=667 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 710.913128][ T40] audit: type=1400 audit(2001050487.165:32995): avc: denied { execmem } for pid=3858 comm="syz.2.13660" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 710.919532][ T40] audit: type=1400 audit(2001050487.175:32996): avc: denied { map } for pid=3860 comm="syz.9.13658" path="socket:[122444]" dev="sockfs" ino=122444 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 710.928496][ T40] audit: type=1400 audit(2001050487.175:32997): avc: denied { read accept } for pid=3860 comm="syz.9.13658" path="socket:[122444]" dev="sockfs" ino=122444 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 710.942495][ T40] audit: type=1400 audit(2001050487.205:32998): avc: denied { allowed } for pid=3862 comm="syz.6.13661" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 711.063054][ T40] audit: type=1400 audit(2001050487.325:32999): avc: denied { create } for pid=3872 comm="syz.6.13665" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 711.153898][ T3881] overlay: filesystem on ./bus is read-only [ 711.200279][ T3889] netlink: 'syz.9.13672': attribute type 1 has an invalid length. [ 711.295711][ T3899] netlink: 16 bytes leftover after parsing attributes in process `syz.5.13676'. [ 711.309394][ T3902] netlink: 7 bytes leftover after parsing attributes in process `syz.2.13679'. [ 711.350485][ T3908] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 711.359508][ T3908] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 711.363073][ T3908] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 711.366618][ T3908] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 711.369316][ T3908] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 711.372017][ T3908] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 711.410071][ T3915] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 711.416145][ T3915] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 711.596372][T16522] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 711.756284][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 712.981886][ T63] Bluetooth: hci9: Malformed Event: 0x02 [ 713.037364][T16433] usb 14-1: new high-speed USB device number 21 using dummy_hcd [ 713.198773][T16433] usb 14-1: Using ep0 maxpacket: 8 [ 713.204222][T16433] usb 14-1: config index 0 descriptor too short (expected 301, got 45) [ 713.212565][T16433] usb 14-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 713.217280][T16433] usb 14-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 713.220688][T16433] usb 14-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 713.224367][T16433] usb 14-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 713.228968][T16433] usb 14-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 713.232076][T16433] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 714.010501][ T4069] usbtmc 14-1:16.0: simple usb_control_msg failed -32 [ 714.018722][ T29] usb 14-1: USB disconnect, device number 21 [ 714.060922][ T4075] netlink: 12 bytes leftover after parsing attributes in process `syz.2.13752'. [ 714.293856][ T4099] netlink: 348 bytes leftover after parsing attributes in process `syz.6.13764'. [ 714.660434][ T4142] netlink: 4 bytes leftover after parsing attributes in process `syz.9.13781'. [ 714.758351][ T4152] overlayfs: failed to clone upperpath [ 714.807193][ T4154] netlink: 20 bytes leftover after parsing attributes in process `syz.5.13787'. [ 714.955604][ T4012] udevd[4012]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory [ 714.963939][ T4012] udevd[4012]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory [ 714.967393][ T4168] loop5: detected capacity change from 0 to 7 [ 714.969871][ T4168] Dev loop5: unable to read RDB block 7 [ 714.971746][ T4168] loop5: AHDI p1 p3 p4 [ 714.973149][ T4168] loop5: partition table partially beyond EOD, truncated [ 714.975848][ T4168] loop5: p1 start 4194304 is beyond EOD, truncated [ 714.978725][ T4168] loop5: p3 size 4261412863 extends beyond EOD, truncated [ 715.005514][ T4012] udevd[4012]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory [ 715.163340][ T4185] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.13799'. [ 715.188950][ T4187] netlink: 212328 bytes leftover after parsing attributes in process `syz.5.13800'. [ 715.257037][ T4195] netlink: 8 bytes leftover after parsing attributes in process `syz.5.13804'. [ 715.260031][ T4195] netlink: 'syz.5.13804': attribute type 30 has an invalid length. [ 715.262648][ T4195] netlink: 4 bytes leftover after parsing attributes in process `syz.5.13804'. [ 715.994253][ T40] kauditd_printk_skb: 143 callbacks suppressed [ 715.994271][ T40] audit: type=1800 audit(2001050493.256:33143): pid=4236 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.5.13823" name="SYSV00000000" dev="tmpfs" ino=5 res=0 errno=0 [ 716.008547][ T40] audit: type=1400 audit(2001050493.276:33144): avc: denied { setopt } for pid=4237 comm="syz.9.13824" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 716.044811][ T4240] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb [ 716.045547][ T40] audit: type=1400 audit(2001050493.306:33145): avc: denied { read } for pid=4241 comm="syz.9.13826" name="binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 716.049190][ T4240] tipc: Enabled bearer , priority 10 [ 716.067932][ T40] audit: type=1400 audit(2001050493.306:33146): avc: denied { open } for pid=4241 comm="syz.9.13826" path="/dev/binderfs/binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 716.086012][ T40] audit: type=1400 audit(2001050493.326:33147): avc: denied { ioctl } for pid=4241 comm="syz.9.13826" path="/dev/binderfs/binder0" dev="binder" ino=4 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 716.106325][ T40] audit: type=1400 audit(2001050493.366:33148): avc: denied { create } for pid=4243 comm="syz.9.13827" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 716.114523][ T40] audit: type=1400 audit(2001050493.376:33149): avc: denied { bind } for pid=4243 comm="syz.9.13827" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 716.126730][ T40] audit: type=1400 audit(2001050493.376:33150): avc: denied { node_bind } for pid=4243 comm="syz.9.13827" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 716.142380][ T4252] netlink: 8 bytes leftover after parsing attributes in process `syz.9.13831'. [ 716.186862][ T40] audit: type=1400 audit(2001050493.446:33151): avc: denied { setopt } for pid=4253 comm="syz.9.13832" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 716.224152][ T40] audit: type=1400 audit(2001050493.486:33152): avc: denied { bind } for pid=4257 comm="syz.2.13834" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 716.406608][T16433] net_ratelimit: 27 callbacks suppressed [ 716.406628][T16433] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 716.789770][ T29] usb 14-1: new high-speed USB device number 22 using dummy_hcd [ 716.935957][ T29] usb 14-1: Using ep0 maxpacket: 16 [ 716.940007][ T29] usb 14-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0 [ 716.943368][ T29] usb 14-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0 [ 716.947185][ T29] usb 14-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 716.951825][ T29] usb 14-1: config 1 interface 0 has no altsetting 0 [ 716.956337][ T29] usb 14-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 716.959891][ T29] usb 14-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 716.962641][ T29] usb 14-1: Product: syz [ 716.964257][ T29] usb 14-1: Manufacturer: syz [ 716.966979][ T29] usb 14-1: SerialNumber: syz [ 717.049348][ T6015] tipc: Node number set to 2886997007 [ 717.180502][ T29] usblp 14-1:1.0: usblp0: USB Unidirectional printer dev 22 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8 [ 717.434289][ T4279] usblp0:failed reading printer status (-32) [ 717.441359][T16433] usb 14-1: USB disconnect, device number 22 [ 717.452084][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 717.456456][T16433] usblp0: removed [ 717.679546][T16522] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 718.234815][ T63] Bluetooth: hci9: unexpected event for opcode 0x0c2d [ 718.250929][ T4376] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 718.492170][T16433] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 718.639760][ T4399] can0: slcan on pty38. [ 718.754509][ T4395] can0 (unregistered): slcan off pty38. [ 719.055993][ T34] usb 14-1: new high-speed USB device number 23 using dummy_hcd [ 719.205963][ T34] usb 14-1: Using ep0 maxpacket: 32 [ 719.210014][ T34] usb 14-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 719.215678][ T34] usb 14-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 719.219615][ T34] usb 14-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 719.222320][ T34] usb 14-1: Product: syz [ 719.223790][ T34] usb 14-1: Manufacturer: syz [ 719.225294][ T34] usb 14-1: SerialNumber: syz [ 719.228742][ T34] usb 14-1: config 0 descriptor?? [ 719.233873][ T4404] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22 [ 719.237148][ T34] hub 14-1:0.0: bad descriptor, ignoring hub [ 719.239180][ T34] hub 14-1:0.0: probe with driver hub failed with error -5 [ 719.516349][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 719.532186][ T4443] TCP: TCP_TX_DELAY enabled [ 719.535098][ T4443] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 719.617131][ T5976] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 719.867550][ T4455] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13922'. [ 719.879009][ T4404] usb 14-1: reset high-speed USB device number 23 using dummy_hcd [ 720.051288][ T4404] usb 14-1: device firmware changed [ 720.055439][ T6015] usb 14-1: USB disconnect, device number 23 [ 720.200693][ T6015] usb 14-1: new high-speed USB device number 24 using dummy_hcd [ 720.355922][ T6015] usb 14-1: Using ep0 maxpacket: 32 [ 720.359163][ T6015] usb 14-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 720.372814][ T6015] usb 14-1: string descriptor 0 read error: -22 [ 720.375330][ T6015] usb 14-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 720.381979][ T6015] usb 14-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 720.387639][ T6015] usb 14-1: config 0 descriptor?? [ 720.389787][ T4441] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22 [ 720.397167][ T6015] hub 14-1:0.0: bad descriptor, ignoring hub [ 720.399338][ T6015] hub 14-1:0.0: probe with driver hub failed with error -5 [ 720.490023][ T4494] netlink: 'syz.2.13939': attribute type 4 has an invalid length. [ 720.556120][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 720.706209][ T6015] usb 14-1: USB disconnect, device number 24 [ 720.726452][T16523] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 721.049917][ T4526] netlink: 4 bytes leftover after parsing attributes in process `syz.5.13955'. [ 721.083333][ T40] kauditd_printk_skb: 136 callbacks suppressed [ 721.083345][ T40] audit: type=1400 audit(2001050498.346:33289): avc: denied { create } for pid=4527 comm="syz.5.13956" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 721.092987][ T4528] veth0_to_bridge: entered promiscuous mode [ 721.096262][ T40] audit: type=1400 audit(2001050498.346:33290): avc: denied { ioctl } for pid=4527 comm="syz.5.13956" path="socket:[125557]" dev="sockfs" ino=125557 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 721.098495][ T4527] veth0_to_bridge: left promiscuous mode [ 721.105374][ T40] audit: type=1400 audit(2001050498.356:33291): avc: denied { setopt } for pid=4527 comm="syz.5.13956" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 721.119795][ T40] audit: type=1400 audit(2001050498.386:33292): avc: denied { read write } for pid=20356 comm="syz-executor" name="loop9" dev="devtmpfs" ino=667 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 721.129748][ T40] audit: type=1400 audit(2001050498.386:33293): avc: denied { open } for pid=20356 comm="syz-executor" path="/dev/loop9" dev="devtmpfs" ino=667 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 721.140775][ T40] audit: type=1400 audit(2001050498.386:33294): avc: denied { ioctl } for pid=20356 comm="syz-executor" path="/dev/loop9" dev="devtmpfs" ino=667 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 721.158149][ T40] audit: type=1400 audit(2001050498.426:33295): avc: denied { watch watch_reads } for pid=4533 comm="syz.2.13959" path="/1062" dev="tmpfs" ino=5460 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 721.184487][ T40] audit: type=1400 audit(2001050498.446:33296): avc: denied { name_bind } for pid=4537 comm="syz.9.13961" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 721.214729][ T4544] veth0: entered promiscuous mode [ 721.218368][ T4544] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13964'. [ 721.325428][ T40] audit: type=1400 audit(2001050498.586:33297): avc: denied { write } for pid=4551 comm="syz.2.13967" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 721.335947][ T40] audit: type=1400 audit(2001050498.596:33298): avc: denied { connect } for pid=4551 comm="syz.2.13967" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 721.596202][T18095] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 721.732132][ T4583] netlink: 20 bytes leftover after parsing attributes in process `syz.6.13981'. [ 721.770034][ T4586] netlink: 4 bytes leftover after parsing attributes in process `syz.5.13983'. [ 721.812964][ T4590] netlink: 'syz.5.13985': attribute type 3 has an invalid length. [ 721.817248][ T4590] netlink: 'syz.5.13985': attribute type 3 has an invalid length. [ 721.862668][ T4595] netlink: 20 bytes leftover after parsing attributes in process `syz.5.13986'. [ 722.088793][ T63] Bluetooth: hci8: unexpected cc 0x2039 length: 9 > 1 [ 722.093333][ T63] Bluetooth: hci8: unexpected event for opcode 0x2039 [ 722.452021][ T4624] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.14000'. [ 722.602739][ T4636] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14005'. [ 722.606464][ T4636] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14005'. [ 722.646249][T18095] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 722.709266][ T4642] netlink: 3900 bytes leftover after parsing attributes in process `syz.2.14007'. [ 722.900113][ T4657] netlink: 'syz.6.14014': attribute type 1 has an invalid length. [ 722.902806][ T4657] netlink: 'syz.6.14014': attribute type 1 has an invalid length. [ 723.677224][T18095] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 723.766031][T16522] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 724.716150][T18095] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 724.791191][ T4745] netlink: 'syz.2.14052': attribute type 39 has an invalid length. [ 725.312120][ T4765] team0 (unregistering): Port device team_slave_0 removed [ 725.322827][ T4765] team0 (unregistering): Port device team_slave_1 removed [ 725.401848][ T4772] __nla_validate_parse: 11 callbacks suppressed [ 725.401865][ T4772] netlink: 212368 bytes leftover after parsing attributes in process `syz.5.14064'. [ 725.758480][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 726.158550][ T63] Bluetooth: hci8: Controller not accepting commands anymore: ncmd = 0 [ 726.162113][ T63] Bluetooth: hci8: Injecting HCI hardware error event [ 726.166998][ T63] Bluetooth: hci8: hardware error 0x00 [ 726.294993][ T40] kauditd_printk_skb: 70 callbacks suppressed [ 726.295005][ T40] audit: type=1400 audit(2001050503.556:33369): avc: denied { name_bind } for pid=4814 comm="syz.2.14082" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 726.334963][ T40] audit: type=1400 audit(2001050503.596:33370): avc: denied { create } for pid=4816 comm="syz.2.14083" anonclass=[userfaultfd] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 726.343115][ T40] audit: type=1400 audit(2001050503.606:33371): avc: denied { ioctl } for pid=4816 comm="syz.2.14083" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=124716 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 726.351716][ T40] audit: type=1400 audit(2001050503.606:33372): avc: denied { map } for pid=4816 comm="syz.2.14083" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=124717 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 726.360450][ T40] audit: type=1400 audit(2001050503.606:33373): avc: denied { read write } for pid=4816 comm="syz.2.14083" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=124717 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 726.537810][ C2] vcan0: j1939_tp_rxtimer: 0xffff88803950cc00: rx timeout, send abort [ 726.544436][ C2] vcan0: j1939_xtp_rx_abort_one: 0xffff88803950cc00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 726.561337][ T40] audit: type=1400 audit(2001050503.826:33374): avc: denied { read } for pid=5316 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 726.570501][ T40] audit: type=1400 audit(2001050503.826:33375): avc: denied { search } for pid=5316 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 726.578994][ T40] audit: type=1400 audit(2001050503.826:33376): avc: denied { search } for pid=5316 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 726.587326][ T40] audit: type=1400 audit(2001050503.826:33377): avc: denied { add_name } for pid=5316 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 726.594148][ T40] audit: type=1400 audit(2001050503.826:33378): avc: denied { create } for pid=5316 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 726.740184][ T4840] overlayfs: failed to clone upperpath [ 726.806128][T18095] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 726.809261][T16522] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 726.814304][ T155] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 726.819947][T16522] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 726.823263][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 727.836131][T18095] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 728.050420][ T4913] IPVS: fo: SCTP 172.20.20.187:0 - no destination available [ 728.053953][ T4913] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 728.104512][ T4917] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 728.107778][ T4917] IPv6: NLM_F_CREATE should be set when creating new route [ 728.197401][ T4923] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 728.235967][ T63] Bluetooth: hci8: Opcode 0x0c03 failed: -110 [ 728.398088][ T4944] netlink: 8 bytes leftover after parsing attributes in process `syz.9.14141'. [ 728.561601][ T4969] overlayfs: failed to clone upperpath [ 728.678422][ T4983] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 728.724144][ T4992] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 730.048439][ T5041] netlink: 212368 bytes leftover after parsing attributes in process `syz.6.14184'. [ 730.500163][ T5076] netlink: 28 bytes leftover after parsing attributes in process `syz.2.14200'. [ 730.503789][ T5076] netlink: 'syz.2.14200': attribute type 7 has an invalid length. [ 730.517644][ T5076] netlink: 'syz.2.14200': attribute type 8 has an invalid length. [ 730.521055][ T5076] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14200'. [ 731.494536][ T40] kauditd_printk_skb: 132 callbacks suppressed [ 731.494554][ T40] audit: type=1400 audit(2001050508.756:33511): avc: denied { create } for pid=5121 comm="syz.2.14222" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 731.507366][ T40] audit: type=1400 audit(2001050508.756:33512): avc: denied { connect } for pid=5121 comm="syz.2.14222" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 731.516547][ T40] audit: type=1400 audit(2001050508.756:33513): avc: denied { shutdown } for pid=5121 comm="syz.2.14222" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 731.524727][ T40] audit: type=1400 audit(2001050508.786:33514): avc: denied { mount } for pid=5123 comm="syz.2.14223" name="/" dev="autofs" ino=125873 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1 [ 731.841919][ T40] audit: type=1400 audit(2001050509.106:33515): avc: denied { name_connect } for pid=5135 comm="syz.2.14229" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1 [ 731.891894][ T40] audit: type=1400 audit(2001050509.156:33516): avc: denied { listen } for pid=5135 comm="syz.2.14229" lport=33614 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 731.900082][ T40] audit: type=1400 audit(2001050509.156:33517): avc: denied { accept } for pid=5135 comm="syz.2.14229" lport=33614 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 731.907781][ T40] audit: type=1400 audit(2001050509.156:33518): avc: denied { getopt } for pid=5135 comm="syz.2.14229" lport=33614 faddr=255.255.255.254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 732.006382][T18095] net_ratelimit: 6 callbacks suppressed [ 732.006400][T18095] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 732.342559][ T5159] netlink: 8 bytes leftover after parsing attributes in process `syz.5.14239'. [ 732.346939][ T5159] netlink: 8 bytes leftover after parsing attributes in process `syz.5.14239'. [ 732.747593][ T5168] netlink: 20 bytes leftover after parsing attributes in process `syz.2.14243'. [ 732.854515][ T40] audit: type=1400 audit(2001050510.116:33519): avc: denied { create } for pid=5173 comm="syz.2.14246" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1 [ 732.866116][ T40] audit: type=1400 audit(2001050510.116:33520): avc: denied { sys_admin } for pid=5173 comm="syz.2.14246" capability=21 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1 [ 732.877079][T16523] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 733.043590][ T5189] netlink: 4 bytes leftover after parsing attributes in process `syz.6.14252'. [ 733.047047][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 733.051100][T16522] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 733.302643][ T63] Bluetooth: hci9: hardware error 0xff [ 733.383408][ T5217] netlink: 212368 bytes leftover after parsing attributes in process `syz.5.14266'. [ 734.077304][ T5263] process '/newroot/1163/file0' started with executable stack [ 734.086480][T18095] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 735.013574][ T5314] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 735.018031][ T5314] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 735.115725][ T5321] netlink: 16 bytes leftover after parsing attributes in process `syz.5.14304'. [ 735.130042][T18095] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 735.165047][ T5314] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 735.169960][ T5314] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 735.287387][ T5336] netlink: 212368 bytes leftover after parsing attributes in process `syz.5.14310'. [ 735.343327][ T5314] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 735.355921][ T63] Bluetooth: hci9: Opcode 0x0c03 failed: -110 [ 735.356025][ T5314] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 735.503868][ T5314] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 735.506955][ T5314] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 735.659533][ T12] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 735.662223][ T12] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 735.700892][ T155] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 735.706459][ T155] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 735.730195][T16202] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 735.735834][T16202] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 735.770099][T16202] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 735.774116][T16202] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 736.089700][T16522] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 736.153798][ T5366] netlink: 212368 bytes leftover after parsing attributes in process `syz.5.14321'. [ 736.160215][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 736.760040][ T5380] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14326'. [ 736.927803][ T40] kauditd_printk_skb: 45 callbacks suppressed [ 736.927818][ T40] audit: type=1400 audit(2001050514.196:33566): avc: denied { bpf } for pid=5387 comm="syz.2.14330" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 736.937253][ T40] audit: type=1400 audit(2001050514.196:33567): avc: denied { perfmon } for pid=5387 comm="syz.2.14330" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 736.988624][ T40] audit: type=1400 audit(2001050514.256:33568): avc: denied { mount } for pid=5389 comm="syz.2.14331" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1 [ 736.989895][ T5390] overlayfs: failed to clone lowerpath [ 737.034804][ T40] audit: type=1400 audit(2001050514.296:33569): avc: denied { create } for pid=5391 comm="syz.2.14332" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 737.057644][ T40] audit: type=1400 audit(2001050514.296:33570): avc: denied { map } for pid=5391 comm="syz.2.14332" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=130096 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 737.086253][ T40] audit: type=1400 audit(2001050514.296:33571): avc: denied { read write } for pid=5391 comm="syz.2.14332" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=130096 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 737.096770][ T40] audit: type=1400 audit(2001050514.306:33572): avc: denied { create } for pid=5391 comm="syz.2.14332" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 737.099167][ T5394] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14333'. [ 737.105857][ T40] audit: type=1400 audit(2001050514.316:33573): avc: denied { write } for pid=5391 comm="syz.2.14332" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 737.113292][ T40] audit: type=1400 audit(2001050514.316:33574): avc: denied { read } for pid=5391 comm="syz.2.14332" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 737.211112][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 737.215737][ T63] Bluetooth: hci1: unexpected event for opcode 0x042c [ 737.264175][ T40] audit: type=1400 audit(2001050514.526:33575): avc: denied { name_bind } for pid=5400 comm="syz.6.14336" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 737.846655][ T5432] netlink: 212368 bytes leftover after parsing attributes in process `syz.6.14348'. [ 738.236096][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 738.376666][ T5461] netlink: 8 bytes leftover after parsing attributes in process `syz.6.14361'. [ 738.806184][T18110] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 738.828717][ T5479] netlink: 12 bytes leftover after parsing attributes in process `syz.6.14369'. [ 739.118451][ T5935] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 739.203606][ T5497] netlink: 68 bytes leftover after parsing attributes in process `syz.5.14377'. [ 739.286101][T18095] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 739.320146][ T5500] overlayfs: failed to clone upperpath [ 739.860210][ T5521] netlink: 212336 bytes leftover after parsing attributes in process `syz.5.14387'. [ 740.316208][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 740.712953][ T5552] overlayfs: failed to clone upperpath [ 741.109092][ T5572] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14410'. [ 741.239570][ T5584] bond3: option downdelay: invalid value (18446744073709551615) [ 741.241987][ T5584] bond3: option downdelay: allowed values 0 - 2147483647 [ 741.248182][ T5584] bond3 (unregistering): Released all slaves [ 741.357142][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 741.441511][ T5591] xt_hashlimit: size too large, truncated to 1048576 [ 741.809802][ T5602] netlink: 44 bytes leftover after parsing attributes in process `syz.5.14422'. [ 741.814375][ T5602] netlink: 44 bytes leftover after parsing attributes in process `syz.5.14422'. [ 741.995425][ T5614] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14427'. [ 741.998607][ T40] kauditd_printk_skb: 57 callbacks suppressed [ 741.998623][ T40] audit: type=1400 audit(2001050519.266:33633): avc: denied { watch watch_reads } for pid=5615 comm="syz.5.14428" path="/2409" dev="tmpfs" ino=12258 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 742.048490][ T40] audit: type=1400 audit(2001050519.316:33634): avc: denied { getopt } for pid=5617 comm="syz.2.14429" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 742.056953][ T40] audit: type=1400 audit(2001050519.316:33635): avc: denied { shutdown } for pid=5619 comm="syz.5.14430" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 742.065422][ T40] audit: type=1400 audit(2001050519.316:33636): avc: denied { getopt } for pid=5619 comm="syz.5.14430" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 742.075598][ T40] audit: type=1400 audit(2001050519.326:33637): avc: denied { setopt } for pid=5619 comm="syz.5.14430" laddr=::7f00:1 lport=56390 faddr=fc02:: scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 742.166323][T16523] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 742.194026][ T40] audit: type=1400 audit(2001050519.456:33638): avc: denied { create } for pid=5632 comm="syz.5.14436" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 742.200639][ T40] audit: type=1400 audit(2001050519.466:33639): avc: denied { read } for pid=5632 comm="syz.5.14436" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 742.207516][ T40] audit: type=1400 audit(2001050519.466:33640): avc: denied { write } for pid=5632 comm="syz.5.14436" path="socket:[129295]" dev="sockfs" ino=129295 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 742.406880][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 742.418120][ T40] audit: type=1400 audit(2001050519.686:33641): avc: denied { execmem } for pid=5646 comm="syz.6.14441" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 742.542805][ T40] audit: type=1400 audit(2001050519.806:33642): avc: denied { mounton } for pid=5658 comm="syz.6.14445" path="/2491/file0" dev="tmpfs" ino=12683 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 743.277493][T18095] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 743.283673][T16202] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 743.290338][T16401] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 743.299122][T18095] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 743.456059][T18095] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 744.132330][T16265] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 744.138816][T16265] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 744.144094][T16265] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 744.152823][T16265] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 744.157520][T16265] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 744.259139][ T5769] netlink: 4 bytes leftover after parsing attributes in process `syz.6.14489'. [ 744.287276][ T5769] bond2: Invalid ad_actor_system MAC address. [ 744.290075][ T5769] bond2: option ad_actor_system: invalid value (255) [ 744.434067][ T5769] bond2 (unregistering): Released all slaves [ 744.476263][T18095] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 744.606302][ T5759] chnl_net:caif_netlink_parms(): no params data found [ 744.677621][ T5759] bridge0: port 1(bridge_slave_0) entered blocking state [ 744.680272][ T5759] bridge0: port 1(bridge_slave_0) entered disabled state [ 744.683177][ T5759] bridge_slave_0: entered allmulticast mode [ 744.687546][ T5759] bridge_slave_0: entered promiscuous mode [ 744.693020][ T5759] bridge0: port 2(bridge_slave_1) entered blocking state [ 744.696249][ T5759] bridge0: port 2(bridge_slave_1) entered disabled state [ 744.699502][ T5759] bridge_slave_1: entered allmulticast mode [ 744.703380][ T5759] bridge_slave_1: entered promiscuous mode [ 744.801295][ T5759] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 744.808204][ T5759] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 744.834550][ T5759] team0: Port device team_slave_0 added [ 744.841732][ T5759] team0: Port device team_slave_1 added [ 744.866751][ T5759] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 744.869744][ T5759] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 744.881902][ T5759] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 744.887964][ T5759] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 744.890890][ T5759] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 744.901526][ T5759] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 744.950999][ T5759] hsr_slave_0: entered promiscuous mode [ 744.954186][ T5759] hsr_slave_1: entered promiscuous mode [ 744.960498][ T5759] debugfs: 'hsr0' already exists in 'hsr' [ 744.962912][ T5759] Cannot create hsr debugfs directory [ 745.126977][ T5825] netlink: 207952 bytes leftover after parsing attributes in process `syz.2.14507'. [ 745.450088][ T5853] overlayfs: failed to clone upperpath [ 745.494434][ T5858] xt_hashlimit: size too large, truncated to 1048576 [ 745.516929][T18095] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 745.764406][ T5759] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 745.772084][ T5759] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 745.781141][ T5759] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 745.792045][ T5759] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 745.883236][ T5759] 8021q: adding VLAN 0 to HW filter on device bond0 [ 745.906281][ T5759] 8021q: adding VLAN 0 to HW filter on device team0 [ 745.920128][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 745.922753][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 745.939122][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 745.941495][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 746.075436][ T5759] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 746.104245][ T5759] veth0_vlan: entered promiscuous mode [ 746.112432][ T5759] veth1_vlan: entered promiscuous mode [ 746.134522][ T5759] veth0_macvtap: entered promiscuous mode [ 746.141476][ T5759] veth1_macvtap: entered promiscuous mode [ 746.155097][ T5759] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 746.166277][ T5759] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 746.176110][ T1225] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 746.180053][ T1225] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 746.184959][ T1225] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 746.189469][ T1225] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 746.246734][ T63] Bluetooth: hci2: command tx timeout [ 746.272937][T16202] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 746.283040][T16202] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 746.309368][ T1225] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 746.312369][ T1225] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 746.316212][T16524] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 746.368446][ T5943] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 746.672363][ T5973] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 746.672363][ T5973] The task syz.5.14542 (5973) triggered the difference, watch for misbehavior. [ 746.780183][ T5981] batadv_slave_1: entered promiscuous mode [ 746.782990][ T5981] netlink: 4 bytes leftover after parsing attributes in process `syz.6.14544'. [ 746.787537][ T5980] batadv_slave_1: left promiscuous mode [ 747.372245][ T40] kauditd_printk_skb: 183 callbacks suppressed [ 747.372263][ T40] audit: type=1400 audit(2001050524.636:33826): avc: denied { perfmon } for pid=6008 comm="syz.2.14547" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 747.405221][ T40] audit: type=1400 audit(2001050524.666:33827): avc: denied { block_suspend } for pid=6010 comm="syz.6.14548" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 747.455312][ T40] audit: type=1400 audit(2001050524.716:33828): avc: denied { name_bind } for pid=6017 comm="syz.2.14551" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 747.464963][ T40] audit: type=1400 audit(2001050524.716:33829): avc: denied { node_bind } for pid=6017 comm="syz.2.14551" saddr=255.255.255.255 src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 747.487641][ T40] audit: type=1400 audit(2001050524.756:33830): avc: denied { create } for pid=6021 comm="syz.5.14553" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 747.509621][ T40] audit: type=1400 audit(2001050524.766:33831): avc: denied { ioctl } for pid=6021 comm="syz.5.14553" path="socket:[131509]" dev="sockfs" ino=131509 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 747.539120][ T40] audit: type=1400 audit(2001050524.766:33832): avc: denied { module_request } for pid=6021 comm="syz.5.14553" kmod="netdev-syzkaller1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 747.560939][ T40] audit: type=1400 audit(2001050524.766:33833): avc: denied { read write } for pid=5759 comm="syz-executor" name="loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 747.571929][ T40] audit: type=1400 audit(2001050524.766:33834): avc: denied { open } for pid=5759 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 747.583249][ T40] audit: type=1400 audit(2001050524.766:33835): avc: denied { ioctl } for pid=5759 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 747.605939][ T34] net_ratelimit: 1 callbacks suppressed [ 747.605957][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 747.978379][ T6066] overlayfs: failed to clone upperpath [ 748.090898][ T6081] netlink: 24 bytes leftover after parsing attributes in process `syz.2.14577'. [ 748.316067][ T63] Bluetooth: hci2: command tx timeout [ 748.400114][ T6000] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 748.437817][ T6100] netlink: 4 bytes leftover after parsing attributes in process `syz.3.14584'. [ 748.636387][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 749.333365][ T6170] netlink: 28 bytes leftover after parsing attributes in process `syz.6.14618'. [ 749.337405][ T6170] netlink: 28 bytes leftover after parsing attributes in process `syz.6.14618'. [ 749.366104][T16524] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 749.398913][ T6176] gretap1: entered promiscuous mode [ 749.676684][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 750.396005][ T63] Bluetooth: hci2: command tx timeout [ 750.422977][ T6233] netlink: 'syz.6.14645': attribute type 1 has an invalid length. [ 750.440883][ T6233] 8021q: adding VLAN 0 to HW filter on device bond2 [ 750.458577][ T6233] bond2: (slave geneve2): making interface the new active one [ 750.462724][ T6233] bond2: (slave geneve2): Enslaving as an active interface with an up link [ 750.727085][T18095] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 750.845619][ T6267] overlayfs: failed to clone upperpath [ 750.882790][ T6269] overlayfs: failed to clone lowerpath [ 750.886555][ T6269] overlayfs: failed to clone lowerpath [ 750.928219][ T6275] netlink: 'syz.5.14664': attribute type 1 has an invalid length. [ 750.940084][ T6275] bond2: entered promiscuous mode [ 750.942301][ T6275] 8021q: adding VLAN 0 to HW filter on device bond2 [ 750.970921][ T6275] 8021q: adding VLAN 0 to HW filter on device bond2 [ 750.973233][ T6275] bond2: (slave xfrm1): The slave device specified does not support setting the MAC address [ 750.977451][ T6275] bond2: (slave xfrm1): Setting fail_over_mac to active for active-backup mode [ 750.983434][ T6275] bond2: (slave xfrm1): making interface the new active one [ 750.986361][ T6275] xfrm1: entered promiscuous mode [ 750.988842][ T6275] bond2: (slave xfrm1): Enslaving as an active interface with an up link [ 751.766080][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 752.307313][ T6332] ceph: No mds server is up or the cluster is laggy [ 752.312749][ T6343] ceph: No mds server is up or the cluster is laggy [ 752.398726][ T40] kauditd_printk_skb: 151 callbacks suppressed [ 752.398741][ T40] audit: type=1400 audit(2001050529.666:33987): avc: denied { read write } for pid=5759 comm="syz-executor" name="loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 752.406083][ T5935] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 752.419493][ T40] audit: type=1400 audit(2001050529.676:33988): avc: denied { open } for pid=5759 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 752.431836][ T40] audit: type=1400 audit(2001050529.676:33989): avc: denied { ioctl } for pid=5759 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 752.466288][ T40] audit: type=1400 audit(2001050529.706:33990): avc: denied { create } for pid=6386 comm="syz.2.14711" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1 [ 752.473048][ T40] audit: type=1400 audit(2001050529.726:33991): avc: denied { sys_admin } for pid=6386 comm="syz.2.14711" capability=21 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1 [ 752.475883][ T63] Bluetooth: hci2: command tx timeout [ 752.483735][ T40] audit: type=1400 audit(2001050529.726:33992): avc: denied { recv } for pid=5911 comm="sshd-session" saddr=127.0.0.1 src=30000 daddr=127.0.0.1 dest=37096 netif=lo scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1 [ 752.538722][ T40] audit: type=1400 audit(2001050529.806:33993): avc: denied { node_bind } for pid=6394 comm="syz.6.14713" saddr=224.0.0.1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 752.548794][ T6395] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 752.560743][ T40] audit: type=1400 audit(2001050529.826:33994): avc: denied { sys_module } for pid=6391 comm="syz.2.14712" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 752.564641][ T6389] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 752.672523][ T6389] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 752.737832][ T40] audit: type=1400 audit(2001050530.006:33995): avc: denied { create } for pid=6404 comm="syz.2.14715" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 752.756675][ T40] audit: type=1400 audit(2001050530.006:33996): avc: denied { setopt } for pid=6404 comm="syz.2.14715" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 752.765349][ T6389] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 752.796557][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 752.853415][ T6389] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 753.029526][ T13] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 753.060575][ T468] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 753.072942][ T468] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 753.073086][ T6416] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.14720'. [ 753.086495][ T468] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 753.153834][ T6422] netlink: 12 bytes leftover after parsing attributes in process `syz.3.14723'. [ 753.325183][ T6434] tls_set_device_offload_rx: netdev not found [ 753.357937][ T6436] overlayfs: failed to clone lowerpath [ 753.365916][ T6438] netlink: 212368 bytes leftover after parsing attributes in process `syz.5.14731'. [ 753.408352][ T6444] netlink: 'syz.5.14734': attribute type 7 has an invalid length. [ 753.412040][ T6444] netlink: 'syz.5.14734': attribute type 7 has an invalid length. [ 753.519735][T20553] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 753.520471][ T1418] ieee802154 phy1 wpan1: encryption failed: -22 [ 753.837327][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 754.429353][ T6508] netlink: 16178 bytes leftover after parsing attributes in process `syz.5.14764'. [ 754.880407][T18095] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 755.446428][T16523] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 755.746773][ T6566] overlayfs: failed to clone upperpath [ 755.916099][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 756.280166][ T6603] netlink: 8 bytes leftover after parsing attributes in process `syz.5.14804'. [ 756.284038][ T6603] netlink: 'syz.5.14804': attribute type 7 has an invalid length. [ 756.288025][ T6603] netlink: 8 bytes leftover after parsing attributes in process `syz.5.14804'. [ 756.292279][ T6603] netlink: 'syz.5.14804': attribute type 7 has an invalid length. [ 756.462867][ T6615] overlayfs: failed to clone upperpath [ 756.517793][ T6620] netlink: 'syz.2.14812': attribute type 1 has an invalid length. [ 756.538411][ T6620] 8021q: adding VLAN 0 to HW filter on device bond3 [ 756.563848][ T6620] bond3: (slave geneve2): making interface the new active one [ 756.570081][ T6620] bond3: (slave geneve2): Enslaving as an active interface with an up link [ 756.966112][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 757.685012][ T6702] netlink: 212408 bytes leftover after parsing attributes in process `syz.5.14848'. [ 757.762009][ T6710] netlink: 'syz.2.14852': attribute type 3 has an invalid length. [ 757.907965][ T6725] trusted_key: encrypted key: instantiation of keys using provided decrypted data is disabled since CONFIG_USER_DECRYPTED_DATA is set to false [ 757.967227][ T40] kauditd_printk_skb: 82 callbacks suppressed [ 757.967240][ T40] audit: type=1400 audit(2001050535.236:34079): avc: denied { name_bind } for pid=6731 comm="syz.2.14862" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 757.976318][ T40] audit: type=1400 audit(2001050535.236:34080): avc: denied { node_bind } for pid=6731 comm="syz.2.14862" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 757.999126][T16433] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 758.071408][ T6740] overlayfs: failed to clone upperpath [ 758.096344][ T6742] netlink: 'syz.5.14868': attribute type 1 has an invalid length. [ 758.101010][ T6742] netlink: 'syz.5.14868': attribute type 4 has an invalid length. [ 758.104500][ T6742] netlink: 9462 bytes leftover after parsing attributes in process `syz.5.14868'. [ 758.130651][ T40] audit: type=1400 audit(2001050535.396:34081): avc: denied { sys_module } for pid=6743 comm="syz.6.14867" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 758.141590][ T40] audit: type=1400 audit(2001050535.396:34082): avc: denied { name_bind } for pid=6746 comm="syz.2.14869" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 758.160216][ T6744] netlink: 16178 bytes leftover after parsing attributes in process `syz.6.14867'. [ 758.200767][ T6756] netlink: 12 bytes leftover after parsing attributes in process `syz.6.14872'. [ 758.218403][ T6756] bond3: entered promiscuous mode [ 758.220316][ T6756] 8021q: adding VLAN 0 to HW filter on device bond3 [ 758.234647][ T6756] 8021q: adding VLAN 0 to HW filter on device bond3 [ 758.238497][ T6756] bond3: (slave vcan1): The slave device specified does not support setting the MAC address [ 758.242835][ T6756] bond3: (slave vcan1): Error -95 calling set_mac_address [ 758.316756][ T40] audit: type=1400 audit(2001050535.576:34083): avc: denied { read write } for pid=5759 comm="syz-executor" name="loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 758.326847][ T40] audit: type=1400 audit(2001050535.576:34084): avc: denied { open } for pid=5759 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 758.338998][ T40] audit: type=1400 audit(2001050535.576:34085): avc: denied { ioctl } for pid=5759 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 758.353351][ T40] audit: type=1400 audit(2001050535.616:34086): avc: denied { execmem } for pid=6762 comm="syz.6.14876" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 758.476014][T16523] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 758.563764][ T6774] netlink: 8 bytes leftover after parsing attributes in process `syz.6.14879'. [ 758.567217][ T6774] netlink: 12 bytes leftover after parsing attributes in process `syz.6.14879'. [ 758.570866][ T6774] netlink: 8 bytes leftover after parsing attributes in process `syz.6.14879'. [ 758.573527][ T6774] netlink: 12 bytes leftover after parsing attributes in process `syz.6.14879'. [ 758.590716][ T40] audit: type=1400 audit(2001050535.856:34087): avc: denied { prog_load } for pid=6775 comm="syz.3.14880" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 758.604072][ T40] audit: type=1400 audit(2001050535.866:34088): avc: denied { create } for pid=6775 comm="syz.3.14880" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 758.636178][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 758.717057][ T6782] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14883'. [ 758.720852][ T6782] netlink: 12 bytes leftover after parsing attributes in process `syz.2.14883'. [ 758.724672][ T6782] netlink: 'syz.2.14883': attribute type 20 has an invalid length. [ 758.729328][ T6782] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14883'. [ 758.733048][ T6782] netlink: 12 bytes leftover after parsing attributes in process `syz.2.14883'. [ 758.738010][ T6782] netlink: 'syz.2.14883': attribute type 20 has an invalid length. [ 759.036248][T16433] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 760.076319][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 760.809461][ T6915] netlink: 'syz.6.14935': attribute type 9 has an invalid length. [ 760.815814][ T6915] netlink: 'syz.6.14935': attribute type 11 has an invalid length. [ 761.126078][T16433] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 761.158492][ T6944] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 761.516086][T16523] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 762.156182][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 762.870812][ T7007] validate_nla: 1 callbacks suppressed [ 762.870838][ T7007] netlink: 'syz.5.14972': attribute type 29 has an invalid length. [ 762.879301][ T7007] netlink: 'syz.5.14972': attribute type 29 has an invalid length. [ 763.005008][ T40] kauditd_printk_skb: 145 callbacks suppressed [ 763.005022][ T40] audit: type=1400 audit(2001050540.266:34234): avc: denied { listen } for pid=7012 comm="syz.2.14975" lport=45164 faddr=::ffff:172.30.0.3 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 763.018435][ T40] audit: type=1400 audit(2001050540.266:34235): avc: denied { accept } for pid=7012 comm="syz.2.14975" lport=45164 faddr=::ffff:172.30.0.3 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 763.027133][ T40] audit: type=1400 audit(2001050540.276:34236): avc: denied { setopt } for pid=7012 comm="syz.2.14975" lport=45164 faddr=::ffff:172.30.0.3 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 763.126709][T20553] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 763.197523][T16433] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 763.757633][T16523] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 763.763288][ T155] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 763.767804][ T6015] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 763.771845][T16523] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 763.825887][ T40] audit: type=1400 audit(2001050541.086:34237): avc: denied { prog_load } for pid=7022 comm="syz.2.14976" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 763.832077][ T40] audit: type=1400 audit(2001050541.086:34238): avc: denied { bpf } for pid=7022 comm="syz.2.14976" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 763.839196][ T40] audit: type=1400 audit(2001050541.086:34239): avc: denied { perfmon } for pid=7022 comm="syz.2.14976" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 763.846899][ T40] audit: type=1400 audit(2001050541.086:34240): avc: denied { prog_run } for pid=7022 comm="syz.2.14976" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 763.854881][ T40] audit: type=1400 audit(2001050541.096:34241): avc: denied { ioctl } for pid=7022 comm="syz.2.14976" path="socket:[135220]" dev="sockfs" ino=135220 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 764.097573][ T7029] /dev/nullb0: Can't lookup blockdev [ 764.097913][ T40] audit: type=1400 audit(2001050541.366:34242): avc: denied { mounton } for pid=7028 comm="syz.2.14988" path="/1333/bus" dev="tmpfs" ino=6853 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1 [ 764.244513][ T40] audit: type=1400 audit(2001050541.506:34243): avc: denied { create } for pid=7038 comm="syz.2.14983" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 764.248235][T16433] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 764.310833][ T6954] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 764.556972][T16523] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 765.108354][T16265] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 765.114290][T16265] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 765.119069][T16265] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 765.124512][T16265] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 765.129788][T16265] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 765.276676][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 765.295989][ T7080] chnl_net:caif_netlink_parms(): no params data found [ 765.370923][ T7080] bridge0: port 1(bridge_slave_0) entered blocking state [ 765.373421][ T7080] bridge0: port 1(bridge_slave_0) entered disabled state [ 765.376000][ T7080] bridge_slave_0: entered allmulticast mode [ 765.379752][ T7080] bridge_slave_0: entered promiscuous mode [ 765.384435][ T7080] bridge0: port 2(bridge_slave_1) entered blocking state [ 765.387724][ T7080] bridge0: port 2(bridge_slave_1) entered disabled state [ 765.391076][ T7080] bridge_slave_1: entered allmulticast mode [ 765.395109][ T7080] bridge_slave_1: entered promiscuous mode [ 765.423699][ T7080] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 765.430483][ T7080] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 765.452042][ T7080] team0: Port device team_slave_0 added [ 765.455635][ T7080] team0: Port device team_slave_1 added [ 765.469640][ T7080] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 765.472539][ T7080] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 765.481385][ T7080] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 765.485694][ T7080] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 765.488666][ T7080] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 765.497029][ T7080] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 765.520169][ T7080] hsr_slave_0: entered promiscuous mode [ 765.522440][ T7080] hsr_slave_1: entered promiscuous mode [ 765.524544][ T7080] debugfs: 'hsr0' already exists in 'hsr' [ 765.527130][ T7080] Cannot create hsr debugfs directory [ 766.107666][ T7080] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 766.120141][ T7080] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 766.135388][ T7080] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 766.144080][ T7080] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 766.201597][ T7080] 8021q: adding VLAN 0 to HW filter on device bond0 [ 766.212513][ T7080] 8021q: adding VLAN 0 to HW filter on device team0 [ 766.218780][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 766.222267][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 766.242983][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 766.246298][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 766.277117][ T7145] IPVS: sh: FWM 3 0x00000003 - no destination available [ 766.434097][ T7080] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 766.470642][ T7080] veth0_vlan: entered promiscuous mode [ 766.483087][ T7080] veth1_vlan: entered promiscuous mode [ 766.514296][ T7080] veth0_macvtap: entered promiscuous mode [ 766.521244][ T7080] veth1_macvtap: entered promiscuous mode [ 766.536768][ T7080] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 766.547990][ T7080] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 766.559191][ T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 766.562660][ T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 766.596205][ T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 766.599457][ T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 766.650918][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 766.662450][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 766.684912][ T1225] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 766.697203][ T1225] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 766.759539][ T7183] __nla_validate_parse: 11 callbacks suppressed [ 766.759554][ T7183] netlink: 4 bytes leftover after parsing attributes in process `syz.0.15003'. [ 766.887995][ T7194] netlink: 'syz.6.15031': attribute type 7 has an invalid length. [ 766.900965][ T7194] netlink: 'syz.6.15031': attribute type 7 has an invalid length. [ 767.206076][ T63] Bluetooth: hci0: command tx timeout [ 767.500011][ T7243] netlink: 8 bytes leftover after parsing attributes in process `syz.2.15041'. [ 767.653284][ T7259] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '#! [ 767.653284][ T7259] cct.usage_percpu_sys' [ 767.828956][ T7275] netlink: 'syz.0.15054': attribute type 1 has an invalid length. [ 768.028750][ T40] kauditd_printk_skb: 194 callbacks suppressed [ 768.028766][ T40] audit: type=1400 audit(2001050545.296:34438): avc: denied { name_bind } for pid=7287 comm="syz.3.15060" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 768.040530][ T40] audit: type=1400 audit(2001050545.296:34439): avc: denied { node_bind } for pid=7287 comm="syz.3.15060" saddr=224.0.0.1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 768.075414][ T40] audit: type=1400 audit(2001050545.336:34440): avc: denied { name_bind } for pid=7289 comm="syz.3.15061" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 768.161726][ T40] audit: type=1400 audit(2001050545.426:34441): avc: denied { prog_load } for pid=7292 comm="syz.3.15062" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 768.169775][ T40] audit: type=1400 audit(2001050545.436:34442): avc: denied { prog_run } for pid=7292 comm="syz.3.15062" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 768.246633][ T40] audit: type=1400 audit(2001050545.506:34443): avc: denied { map_create } for pid=7296 comm="syz.6.15064" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 768.257680][ T40] audit: type=1400 audit(2001050545.506:34444): avc: denied { map_read map_write } for pid=7296 comm="syz.6.15064" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 768.293105][ T40] audit: type=1400 audit(2001050545.556:34445): avc: denied { read write } for pid=7298 comm="syz.3.15065" name="raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 768.300572][ T40] audit: type=1400 audit(2001050545.556:34446): avc: denied { open } for pid=7298 comm="syz.3.15065" path="/dev/raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 768.308976][ T40] audit: type=1400 audit(2001050545.556:34447): avc: denied { ioctl } for pid=7298 comm="syz.3.15065" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 768.397458][T16433] net_ratelimit: 4 callbacks suppressed [ 768.397480][T16433] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 768.407988][ T7311] netlink: 'syz.2.15070': attribute type 30 has an invalid length. [ 768.467194][ T7311] netlink: 'syz.2.15070': attribute type 30 has an invalid length. [ 768.620678][ T7315] netlink: 12 bytes leftover after parsing attributes in process `syz.2.15073'. [ 768.859919][ T7320] SELinux: ebitmap: start bit 0 comes after start bit 0 [ 768.865127][ T7320] SELinux: failed to load policy [ 768.980603][ T7329] 9pnet_virtio: no channels available for device ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 768.982709][ T7329] @0Ù: renamed from bond_slave_1 (while UP) [ 769.275942][ T63] Bluetooth: hci0: command tx timeout [ 769.438104][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 770.037629][ T7369] syzkaller1: entered promiscuous mode [ 770.039452][ T7369] syzkaller1: entered allmulticast mode [ 770.216243][ T7379] "syz.2.15099" (7379) uses obsolete ecb(arc4) skcipher [ 770.477894][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 770.636377][T16522] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 771.362232][ T63] Bluetooth: hci0: command tx timeout [ 771.517228][T16433] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 771.751002][ T7425] ip6gre1: entered promiscuous mode [ 771.753552][ T7425] ip6gre1: entered allmulticast mode [ 772.067245][T16522] libceph: connect (1)[c::]:6789 error -101 [ 772.071345][T16522] libceph: mon0 (1)[c::]:6789 connect error [ 772.134896][T16401] libceph: connect (1)[c::]:6789 error -101 [ 772.137960][T16401] libceph: mon0 (1)[c::]:6789 connect error [ 772.190291][ T7461] netlink: 348 bytes leftover after parsing attributes in process `syz.6.15131'. [ 772.326190][T16522] libceph: connect (1)[c::]:6789 error -101 [ 772.329847][T16522] libceph: mon0 (1)[c::]:6789 connect error [ 772.396384][T16401] libceph: connect (1)[c::]:6789 error -101 [ 772.400167][T16401] libceph: mon0 (1)[c::]:6789 connect error [ 772.561638][T16433] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 772.836326][T16522] libceph: connect (1)[c::]:6789 error -101 [ 772.839055][T16522] libceph: mon0 (1)[c::]:6789 connect error [ 772.895396][ T7447] ceph: No mds server is up or the cluster is laggy [ 772.895939][ T7454] ceph: No mds server is up or the cluster is laggy [ 772.915586][T16401] libceph: connect (1)[c::]:6789 error -101 [ 772.918578][T16401] libceph: mon0 (1)[c::]:6789 connect error [ 773.416570][T18110] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 773.435958][ T63] Bluetooth: hci0: command tx timeout [ 773.450322][ T40] kauditd_printk_skb: 106 callbacks suppressed [ 773.450337][ T40] audit: type=1400 audit(2001050550.716:34554): avc: denied { create } for pid=7513 comm="syz.0.15155" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 773.465875][ T40] audit: type=1400 audit(2001050550.716:34555): avc: denied { write } for pid=7513 comm="syz.0.15155" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 773.549855][ T40] audit: type=1400 audit(2001050550.816:34556): avc: denied { read } for pid=7517 comm="syz.0.15157" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 773.596068][T16433] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 773.676121][T16523] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 773.711460][ T40] audit: type=1400 audit(2001050550.976:34557): avc: denied { module_request } for pid=7522 comm="syz.2.15158" kmod="netdev-syzkaller1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 773.789191][ T40] audit: type=1400 audit(2001050551.056:34558): avc: denied { prog_load } for pid=7526 comm="syz.2.15159" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 773.797014][ T40] audit: type=1400 audit(2001050551.056:34559): avc: denied { bpf } for pid=7526 comm="syz.2.15159" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 773.804259][ T40] audit: type=1400 audit(2001050551.056:34560): avc: denied { map_create } for pid=7526 comm="syz.2.15159" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 773.814213][ T40] audit: type=1400 audit(2001050551.056:34561): avc: denied { perfmon } for pid=7526 comm="syz.2.15159" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 773.824913][ T40] audit: type=1400 audit(2001050551.056:34562): avc: denied { map_read map_write } for pid=7526 comm="syz.2.15159" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 773.831235][ T63] Bluetooth: hci1: ACL packet for unknown connection handle 200 [ 773.885468][ T40] audit: type=1400 audit(2001050551.146:34563): avc: denied { name_bind } for pid=7530 comm="syz.2.15168" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 774.043114][T16523] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 774.313692][ T7536] netlink: 'syz.6.15160': attribute type 1 has an invalid length. [ 774.332081][ T7536] 8021q: adding VLAN 0 to HW filter on device bond4 [ 774.359129][ T7536] bond4: (slave geneve3): making interface the new active one [ 774.365360][ T7536] bond4: (slave geneve3): Enslaving as an active interface with an up link [ 774.614142][ T7558] ================================================================== [ 774.617549][ T7558] BUG: KASAN: slab-use-after-free in __list_add_valid_or_report+0x105/0x130 [ 774.621129][ T7558] Read of size 8 at addr ffff8880269b7940 by task syz.2.15171/7558 [ 774.625866][ T7558] [ 774.627392][ T7558] CPU: 1 UID: 0 PID: 7558 Comm: syz.2.15171 Tainted: G L syzkaller #0 PREEMPT(full) [ 774.627422][ T7558] Tainted: [L]=SOFTLOCKUP [ 774.627430][ T7558] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 774.627445][ T7558] Call Trace: [ 774.627453][ T7558] [ 774.627461][ T7558] dump_stack_lvl+0x100/0x190 [ 774.627495][ T7558] print_report+0x156/0x4c9 [ 774.627524][ T7558] ? __virt_addr_valid+0x81/0x620 [ 774.627551][ T7558] ? __phys_addr+0xe8/0x180 [ 774.627578][ T7558] ? __list_add_valid_or_report+0x105/0x130 [ 774.627600][ T7558] kasan_report+0xdf/0x1e0 [ 774.627631][ T7558] ? __list_add_valid_or_report+0x105/0x130 [ 774.627656][ T7558] __list_add_valid_or_report+0x105/0x130 [ 774.627677][ T7558] clone_mnt+0x633/0x930 [ 774.627705][ T7558] copy_tree+0xfc/0xbf0 [ 774.627732][ T7558] ? __pfx_down_write+0x10/0x10 [ 774.627761][ T7558] copy_mnt_ns+0x2bd/0xc30 [ 774.627785][ T7558] ? create_new_namespaces+0x30/0xac0 [ 774.627809][ T7558] ? rcu_is_watching+0x12/0xc0 [ 774.627834][ T7558] create_new_namespaces+0xd3/0xac0 [ 774.627859][ T7558] ? bpf_lsm_capable+0x9/0x10 [ 774.627876][ T7558] ? security_capable+0x80/0x260 [ 774.627905][ T7558] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 774.627932][ T7558] ksys_unshare+0x455/0xab0 [ 774.627954][ T7558] ? kfree+0x2ec/0x6b0 [ 774.627974][ T7558] ? rcu_is_watching+0x12/0xc0 [ 774.627994][ T7558] ? __pfx_ksys_unshare+0x10/0x10 [ 774.628018][ T7558] ? kcov_ioctl+0x16a/0x720 [ 774.628045][ T7558] __x64_sys_unshare+0x31/0x40 [ 774.628069][ T7558] do_syscall_64+0x106/0xf80 [ 774.628089][ T7558] ? clear_bhb_loop+0x40/0x90 [ 774.628112][ T7558] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 774.628133][ T7558] RIP: 0033:0x7f221e59c629 [ 774.628149][ T7558] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 774.628167][ T7558] RSP: 002b:00007f221f48d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 774.628186][ T7558] RAX: ffffffffffffffda RBX: 00007f221e815fa0 RCX: 00007f221e59c629 [ 774.628200][ T7558] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000002a020400 [ 774.628211][ T7558] RBP: 00007f221e632b39 R08: 0000000000000000 R09: 0000000000000000 [ 774.628224][ T7558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 774.628235][ T7558] R13: 00007f221e816038 R14: 00007f221e815fa0 R15: 00007ffc0e08d128 [ 774.628253][ T7558] [ 774.628261][ T7558] [ 774.731481][ T7558] Allocated by task 5885: [ 774.733312][ T7558] kasan_save_stack+0x30/0x50 [ 774.735433][ T7558] kasan_save_track+0x14/0x30 [ 774.737515][ T7558] __kasan_slab_alloc+0x89/0x90 [ 774.739587][ T7558] kmem_cache_alloc_noprof+0x241/0x6e0 [ 774.741814][ T7558] alloc_vfsmnt+0x23/0x6a0 [ 774.743695][ T7558] clone_mnt+0x4b/0x930 [ 774.745384][ T7558] vfs_open_tree+0xb02/0x1500 [ 774.747378][ T7558] __x64_sys_open_tree+0xa3/0x150 [ 774.749480][ T7558] do_syscall_64+0x106/0xf80 [ 774.751418][ T7558] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 774.753981][ T7558] [ 774.755055][ T7558] Freed by task 33: [ 774.756846][ T7558] kasan_save_stack+0x30/0x50 [ 774.758895][ T7558] kasan_save_track+0x14/0x30 [ 774.760859][ T7558] kasan_save_free_info+0x3b/0x70 [ 774.762930][ T7558] __kasan_slab_free+0x5f/0x80 [ 774.764951][ T7558] kmem_cache_free+0x124/0x6a0 [ 774.766964][ T7558] rcu_core+0x5a2/0x10d0 [ 774.768770][ T7558] handle_softirqs+0x1eb/0x9e0 [ 774.770832][ T7558] run_ksoftirqd+0x38/0x60 [ 774.772706][ T7558] smpboot_thread_fn+0x3d3/0xaa0 [ 774.775085][ T7558] kthread+0x370/0x450 [ 774.776865][ T7558] ret_from_fork+0x754/0xd80 [ 774.778494][ T7558] ret_from_fork_asm+0x1a/0x30 [ 774.780183][ T7558] [ 774.780966][ T7558] Last potentially related work creation: [ 774.782741][ T7558] kasan_save_stack+0x30/0x50 [ 774.784234][ T7558] kasan_record_aux_stack+0xa7/0xc0 [ 774.785946][ T7558] __call_rcu_common.constprop.0+0xa5/0x9b0 [ 774.787973][ T7558] task_work_run+0x150/0x240 [ 774.789665][ T7558] exit_to_user_mode_loop+0x100/0x4a0 [ 774.791730][ T7558] do_syscall_64+0x67c/0xf80 [ 774.793477][ T7558] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 774.795363][ T7558] [ 774.796190][ T7558] Second to last potentially related work creation: [ 774.798297][ T7558] kasan_save_stack+0x30/0x50 [ 774.799836][ T7558] kasan_record_aux_stack+0xa7/0xc0 [ 774.801487][ T7558] task_work_add+0x28b/0x3b0 [ 774.803049][ T7558] mntput_no_expire_slowpath+0x3da/0xb00 [ 774.805094][ T7558] mntput_no_expire+0x1fd/0x220 [ 774.806755][ T7558] mntput+0x6b/0xa0 [ 774.808223][ T7558] vfs_open_tree+0x1235/0x1500 [ 774.809851][ T7558] __x64_sys_open_tree+0xa3/0x150 [ 774.811658][ T7558] do_syscall_64+0x106/0xf80 [ 774.813283][ T7558] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 774.815445][ T7558] [ 774.816490][ T7558] The buggy address belongs to the object at ffff8880269b7880 [ 774.816490][ T7558] which belongs to the cache mnt_cache of size 352 [ 774.822026][ T7558] The buggy address is located 192 bytes inside of [ 774.822026][ T7558] freed 352-byte region [ffff8880269b7880, ffff8880269b79e0) [ 774.827401][ T7558] [ 774.828432][ T7558] The buggy address belongs to the physical page: [ 774.831044][ T7558] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x269b6 [ 774.834564][ T7558] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 774.838045][ T7558] memcg:ffff888058697001 [ 774.839858][ T7558] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 774.843137][ T7558] page_type: f5(slab) [ 774.844961][ T7558] raw: 00fff00000000040 ffff88801ceb4280 dead000000000100 dead000000000122 [ 774.848438][ T7558] raw: 0000000000000000 0000000800120012 00000000f5000000 ffff888058697001 [ 774.851884][ T7558] head: 00fff00000000040 ffff88801ceb4280 dead000000000100 dead000000000122 [ 774.855370][ T7558] head: 0000000000000000 0000000800120012 00000000f5000000 ffff888058697001 [ 774.858689][ T7558] head: 00fff00000000001 ffffea00009a6d81 00000000ffffffff 00000000ffffffff [ 774.862249][ T7558] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 774.865793][ T7558] page dumped because: kasan: bad access detected [ 774.868468][ T7558] page_owner tracks the page as allocated [ 774.870569][ T7558] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 6870427730, free_ts 0 [ 774.878353][ T7558] post_alloc_hook+0x153/0x170 [ 774.880310][ T7558] get_page_from_freelist+0x111d/0x3140 [ 774.882582][ T7558] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 774.884650][ T7558] new_slab+0xa6/0x6d0 [ 774.886005][ T7558] refill_objects+0x26b/0x400 [ 774.887598][ T7558] __pcs_replace_empty_main+0x19f/0x600 [ 774.889644][ T7558] kmem_cache_alloc_noprof+0x480/0x6e0 [ 774.891472][ T7558] alloc_vfsmnt+0x23/0x6a0 [ 774.892842][ T7558] fc_mount+0x105/0x220 [ 774.894243][ T7558] vfs_kern_mount.part.0+0x10e/0x120 [ 774.895932][ T7558] vfs_kern_mount+0x3f/0x60 [ 774.897322][ T7558] simple_pin_fs+0xf2/0x190 [ 774.898769][ T7558] drm_dev_init+0x465/0x980 [ 774.900199][ T7558] __devm_drm_dev_alloc+0x4c/0xf0 [ 774.901872][ T7558] vgem_init+0xc5/0x170 [ 774.903326][ T7558] do_one_initcall+0x11d/0x760 [ 774.904957][ T7558] page_owner free stack trace missing [ 774.906746][ T7558] [ 774.907500][ T7558] Memory state around the buggy address: [ 774.909188][ T7558] ffff8880269b7800: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 774.911592][ T7558] ffff8880269b7880: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 774.914047][ T7558] >ffff8880269b7900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 774.916469][ T7558] ^ [ 774.918304][ T7558] ffff8880269b7980: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 774.920770][ T7558] ffff8880269b7a00: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 774.923335][ T7558] ================================================================== [ 774.931606][T18095] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 774.939747][ T7558] Kernel panic - not syncing: KASAN: panic_on_warn set ... SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 774.942797][ T7558] CPU: 0 UID: 0 PID: 7558 Comm: syz.2.15171 Tainted: G L syzkaller #0 PREEMPT(full) [ 774.947431][ T7558] Tainted: [L]=SOFTLOCKUP [ 774.949460][ T7558] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 774.954615][ T7558] Call Trace: [ 774.956162][ T7558] [ 774.957470][ T7558] dump_stack_lvl+0x100/0x190 [ 774.959446][ T7558] vpanic+0x552/0x970 [ 774.961120][ T7558] ? __pfx_vpanic+0x10/0x10 [ 774.963054][ T7558] ? __list_add_valid_or_report+0x105/0x130 [ 774.965506][ T7558] panic+0xd1/0xe0 [ 774.967151][ T7558] ? __pfx_panic+0x10/0x10 [ 774.969035][ T7558] ? __list_add_valid_or_report+0x105/0x130 [ 774.971456][ T7558] ? preempt_schedule_common+0x42/0xc0 [ 774.973710][ T7558] check_panic_on_warn.cold+0x19/0x34 [ 774.975932][ T7558] end_report.part.0+0x3a/0x90 [ 774.977965][ T7558] kasan_report.cold+0xe/0x18 [ 774.979886][ T7558] ? __list_add_valid_or_report+0x105/0x130 [ 774.982288][ T7558] __list_add_valid_or_report+0x105/0x130 [ 774.984547][ T7558] clone_mnt+0x633/0x930 [ 774.986252][ T7558] copy_tree+0xfc/0xbf0 [ 774.987999][ T7558] ? __pfx_down_write+0x10/0x10 [ 774.989942][ T7558] copy_mnt_ns+0x2bd/0xc30 [ 774.991796][ T7558] ? create_new_namespaces+0x30/0xac0 [ 774.993950][ T7558] ? rcu_is_watching+0x12/0xc0 [ 774.995892][ T7558] create_new_namespaces+0xd3/0xac0 [ 774.998170][ T7558] ? bpf_lsm_capable+0x9/0x10 [ 775.000199][ T7558] ? security_capable+0x80/0x260 [ 775.002313][ T7558] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 775.004639][ T7558] ksys_unshare+0x455/0xab0 [ 775.006543][ T7558] ? kfree+0x2ec/0x6b0 [ 775.008280][ T7558] ? rcu_is_watching+0x12/0xc0 [ 775.010308][ T7558] ? __pfx_ksys_unshare+0x10/0x10 [ 775.012490][ T7558] ? kcov_ioctl+0x16a/0x720 [ 775.014628][ T7558] __x64_sys_unshare+0x31/0x40 [ 775.016896][ T7558] do_syscall_64+0x106/0xf80 [ 775.018858][ T7558] ? clear_bhb_loop+0x40/0x90 [ 775.020797][ T7558] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 775.023300][ T7558] RIP: 0033:0x7f221e59c629 [ 775.025197][ T7558] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 775.033202][ T7558] RSP: 002b:00007f221f48d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 775.036836][ T7558] RAX: ffffffffffffffda RBX: 00007f221e815fa0 RCX: 00007f221e59c629 [ 775.040265][ T7558] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000002a020400 [ 775.043902][ T7558] RBP: 00007f221e632b39 R08: 0000000000000000 R09: 0000000000000000 [ 775.047182][ T7558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 775.050620][ T7558] R13: 00007f221e816038 R14: 00007f221e815fa0 R15: 00007ffc0e08d128 [ 775.054209][ T7558] [ 775.056385][ T7558] Kernel Offset: disabled [ 775.058189][ T7558] Rebooting in 86400 seconds.. VM DIAGNOSIS: 15:41:28 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=000000000005ef9c RCX=ffffffff8281d24e RDX=ffff88802ae10000 RSI=ffffffff8281d95d RDI=ffff88802ae10000 RBP=0000000000000001 RSP=ffffc9000356f478 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=0000000000000008 R13=0000000000000001 R14=0000000000000001 R15=0000000000000000 RIP=ffffffff81ed2650 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 000055558af4f500 ffffffff 00c00000 GS =0000 ffff8880d6348000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fe1131456b8 CR3=000000002c0f2000 CR4=00352ef0 DR0=0000000000000000 DR1=000000000000afe8 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000600 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=0000000002fefc04 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 64656772656d5f6f 692e7166622e6f69 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdc4fa69b6 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdc4fa69b6 00007ffdc4fa69bc ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe11243319f ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe1124331df ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe112433343 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe1124331d1 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6379656b00657461 69746e6174736e69 246c746379656b00 7974697275636573 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=000000000000002e RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8578f6c5 RDI=ffffffff9b49d940 RBP=ffffffff9b49d900 RSP=ffffc90005f17648 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3230383838666666 R12=0000000000000000 R13=000000000000002e R14=0000000000000010 R15=ffffffff8578f660 RIP=ffffffff8578f6ef RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f221f48d6c0 ffffffff 00c00000 GS =0000 ffff8880d6448000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f221e64e9d3 CR3=000000005f7b8000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000010001 Opmask01=0000000000000000 Opmask02=0000000002fefce0 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 203a6b6361747320 6461657268747020 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc0e08d616 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc0e08d616 00007ffc0e08d61c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f221e63319f ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f221e6331df ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f221e633343 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f221e6331d1 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 657a6973203c2065 7a69736565726600 632e6b6361747365 7461636f6c6c6100 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 405f4c5605190540 5f4c564040574300 460b4e4644515640 5144464a49494400 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f221e7eb5f8 00007f221e7eb5c8 00007f221e7eb600 00007f221e7eb5e0 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffffea00014008c0 RCX=ffffffff82477b10 RDX=0000000000000000 RSI=0000000000000000 RDI=ffff88802ffb8000 RBP=0000000000000000 RSP=ffffc90007276950 R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000004 R14=1ffff92000e4ed37 R15=ffffea00014008c8 RIP=ffffffff82089530 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f221f48d6c0 ffffffff 00c00000 GS =0000 ffff8880d6548000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f221e817dac CR3=000000004285a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=0000000002fefce0 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7570637265705f65 676173752e746363 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc0e08d616 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc0e08d616 00007ffc0e08d61c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f221e63319f ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f221e6331df ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f221e633343 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f221e6331d1 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6379656b00657461 69746e6174736e69 246c746379656b00 7974697275636573 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000002 RBX=ffff88806a73c340 RCX=ffffffff81fc5fbe RDX=ffff88801ea90000 RSI=ffffffff81fc5f98 RDI=ffff88801ea90000 RBP=ffffc90000157cd8 RSP=ffffc90000157b78 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=ffff88806a633ca0 R12=1ffff9200002af78 R13=ffffed100d4e7869 R14=0000000000000003 R15=0000000000000001 RIP=ffffffff82089c17 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6648000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000001b2f50eff8 CR3=0000000063359000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff81766903 ffffffff81766903 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000003172 ffffffff81766903 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe8982e4d6 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe8982e4d6 00007ffe8982e4dc ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f790803319f ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f79080331df ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7908033343 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f79080331d1 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0601000000000000 0000000000000002 ff0100e700000000 0000000000000001 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000040008 0000000f0010000c ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f79081eb5f8 00007f79081eb5c8 00007f79081eb600 00007f79081eb5e0 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000