last executing test programs: 11.176852768s ago: executing program 4 (id=3791): bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) connect$llc(r1, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @multicast}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="05000000040000000900000044"], 0x48) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="07000000040000008000000004"], 0x50) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x40000000000, 0x3, 0x4, 0x0, 0x0, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) 10.327003766s ago: executing program 4 (id=3800): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad", 0x1) r1 = accept4(r0, 0x0, 0x0, 0x0) recvmsg$qrtr(r1, &(0x7f0000002a40)={0x0, 0x0, &(0x7f0000001780), 0x0, 0x0, 0x0, 0x40000100}, 0x38, 0x40000003) sendmsg$TIPC_NL_NODE_GET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[], 0xfd4}, 0x1, 0x0, 0x0, 0x4}, 0x20000050) 9.512266918s ago: executing program 4 (id=3804): r0 = socket$unix(0x1, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$unix(0x1, 0x1, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r3 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000340)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r4, {0x0, 0x5}, {}, {0x7, 0x5}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x8, 0xd, 0x0, 0x9, 0x3}, 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x84}}, 0x0) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r5) socket$inet_sctp(0x2, 0x5, 0x84) ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) r6 = socket$kcm(0x11, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$kcm(r6, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r7, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000140)='\r\x008', 0x3}], 0x1}, 0x4) 5.730824541s ago: executing program 4 (id=3815): fsopen(&(0x7f0000000000)='exfat\x00', 0x0) 5.656687558s ago: executing program 2 (id=3816): r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0xfbc6, 0x10100, 0x8000003}, &(0x7f0000000080)=0x0, &(0x7f00000001c0)=0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x230}}) io_uring_enter(r2, 0x2ded, 0x4000, 0x6, 0x0, 0x0) r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) readv(r5, &(0x7f0000000200)=[{&(0x7f0000003140)=""/4096, 0x8}], 0xe) 5.655145241s ago: executing program 4 (id=3817): syz_open_dev$cec(&(0x7f0000000280), 0x0, 0xc0240) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-aesni\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aa4a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb0", 0x44}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538", 0x58}], 0x2, &(0x7f0000000380)=[@op={0x10, 0x117, 0x3, 0x1}], 0x10}], 0x1, 0x40800) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000580)={0xa, 0x0, &(0x7f0000000340)={&(0x7f0000000480)=ANY=[], 0x10}, 0x1, 0x7}, 0x20000884) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000140)=0x5, 0x2) bpf$MAP_CREATE(0x0, 0x0, 0x48) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x48c00, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw\x00') r4 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141102) fsopen(0x0, 0x0) writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) ioctl$UFFDIO_POISON(r3, 0xc020aa08, &(0x7f00000000c0)={{&(0x7f000002b000/0x2000)=nil, 0x2000}, 0x1}) r5 = syz_open_procfs(0x0, 0x0) read$FUSE(r5, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0, r5) r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) write$bt_hci(r6, &(0x7f0000000000)=ANY=[@ANYBLOB="0e00"], 0x8) r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) sendmmsg$inet(r7, &(0x7f0000000c40)=[{{&(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x23, 0x0, 0x0, 0x0, 0x0, 0x10000000}}], 0x3284b164842c97f7, 0x8014) 4.40280418s ago: executing program 1 (id=3819): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00'}) r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d) ioctl$sock_netdev_private(r1, 0x8914, &(0x7f0000000000)) r2 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$sock_rose_SIOCADDRT(r2, 0x890b, &(0x7f0000000380)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x6, @null, @bpq0, 0x0, [@bcast, @bcast, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}) r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0) connect$rose(r3, &(0x7f0000000040)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x1, @default}, 0x1c) connect$rose(r3, &(0x7f0000000100)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x0, [@null, @null, @null, @default, @bcast, @default]}, 0x40) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00'}, 0x10) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6}]}) ioctl$EVIOCSCLOCKID(0xffffffffffffffff, 0x400445a0, 0x0) close_range(r4, 0xffffffffffffffff, 0x0) 4.388510189s ago: executing program 2 (id=3820): r0 = syz_open_dev$evdev(0x0, 0x0, 0x2002) bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES16=r0, @ANYRES32, @ANYBLOB='\x00'/14], 0x50) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x3, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0xa00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) r2 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) sync_file_range(r2, 0x0, 0x0, 0x0) eventfd(0x80200003) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x6, 0x100000b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) r4 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000100), 0x8001, 0x0) writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) write$6lowpan_control(r4, 0x0, 0x0) r5 = syz_io_uring_setup(0x286, 0x0, &(0x7f0000000340)=0x0, &(0x7f00000000c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r8 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r8, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f0000000980)={0x30, 0x1412, 0x1, 0x70bd27, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8}, @RDMA_NLDEV_ATTR_STAT_RES={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x40084}, 0x810) syz_io_uring_submit(r6, r7, 0x0) r9 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0) write$sysctl(r9, 0x0, 0x0) prctl$PR_GET_TSC(0x43, &(0x7f0000000040)) write$sysctl(r9, &(0x7f0000000000)='2\x00', 0x2) io_uring_enter(r5, 0x47f6, 0x0, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x154) 3.679242678s ago: executing program 4 (id=3822): socket$inet6_sctp(0xa, 0x5, 0x84) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0xffffffff, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x4}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x40844}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_io_uring_setup(0x278, &(0x7f0000000340)={0x0, 0x0, 0x13580}, &(0x7f0000000100)=0x0, &(0x7f0000000280)=0x0) syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_SEND={0x1a, 0x1b, 0x0, 0xffffffffffffffff, 0x0, 0x0}) syz_usbip_server_init(0x6) r5 = syz_open_dev$tty20(0xc, 0x4, 0x1) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800006, 0x7000001, 0x6e073, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000bc0000/0x400000)=nil, 0x600000, 0x9) ioctl$VT_RESIZEX(r5, 0x560a, &(0x7f0000000040)={0x0, 0x8, 0x0, 0x4}) ptrace$ARCH_SHSTK_UNLOCK(0x1e, r0, 0x0, 0x5004) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_clone3(&(0x7f000000c340)={0xa802100, 0x0, 0x0, 0x0, {0x2e}, 0x0, 0x0, 0x0, &(0x7f000000c2c0)=[0x0], 0x1}, 0x58) 2.955133995s ago: executing program 1 (id=3825): socket$inet_sctp(0x2, 0x1, 0x84) sendmsg$sock(0xffffffffffffffff, 0x0, 0x0) socket$inet6_mptcp(0xa, 0x1, 0x106) r0 = socket$kcm(0xa, 0x2, 0x0) sendmsg$sock(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0) 2.830044794s ago: executing program 2 (id=3827): fsopen(&(0x7f0000000000)='exfat\x00', 0x0) 2.82933903s ago: executing program 1 (id=3828): syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000050cb5340450c10108e492940a80909021b00090000000009040002010035040009058dff86"], 0x0) r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x10000) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r1, 0x0) write$char_usb(r0, &(0x7f0000000080)='V', 0x1) 2.704896739s ago: executing program 2 (id=3830): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r0}, 0x18) r1 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0) syz_usb_control_io(r1, 0x0, 0x0) r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) read$char_usb(r2, &(0x7f0000000200)=""/73, 0x49) 2.591589324s ago: executing program 0 (id=3833): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000540)={0x50, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x50}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000300000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0) 1.905882027s ago: executing program 0 (id=3834): r0 = open(&(0x7f0000000380)='./bus\x00', 0x40, 0x0) r1 = creat(&(0x7f0000000200)='./bus\x00', 0x4) write$FUSE_NOTIFY_INVAL_ENTRY(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB], 0x2b) r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0) sendfile(r2, r0, 0x0, 0x4000000053d2) 1.685119395s ago: executing program 0 (id=3836): mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket$pppl2tp(0x18, 0x1, 0x1) r2 = socket$inet_udp(0x2, 0x2, 0x0) connect$pppl2tp(r1, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r2, 0x2, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x32) sendmmsg(r1, &(0x7f0000004380)=[{{0x0, 0x0, 0x0}}], 0x34000, 0x0) 832.86205ms ago: executing program 3 (id=3840): sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000840)=ANY=[@ANYBLOB="080400002100000828bd7000fddbdf25170000006e3c16cb77f25034e763b9c97073e075bee897c43094cd164a0360c97f4e494640dedf33b5b9e7df3c4037d431dacce392f43291b4eb9fba039e6869c218a9d369b852a6db199d5d6a6919628201255eddb2853e778d43421e28c15a4b469eda6ff91ea166c27b645d1a280071d7103a6d8607cfa231f635c72956296084875285a54c6063ab9caf531ec5cac03f67839cecbcd0e780918dc565400a004600776c616e300000001400ca00fc02000000000000000000000000000008004400", @ANYRES32=0x0, @ANYBLOB="2d033280587402ffca73410a3ff757ad9b826dbbfdbdf1daa1af12d43cb74b46a3c9cee502d0fd7a6c03d92f6f0792affb7f71f6a7aea1c11c1b4838c618bc1673e4b5fe6c403bd136eaae8d76122e218dff8ddc693e23143463c72f3c14bb8c7b724e68b0436dbcc9e1b7aab3373fe4de5a9d887b5b626603eea4257c6d4175dc40949634027d61b5837c2ca3dfa7cfbbcf8cb09ae7afc5ed7ea522d37a0c5ff23dceecf602cfc11ed24208f31cf6cbe20b7854704ba75d57bc3c7088ee7d4096bff357da828983c3016ae7ffa9c5d4278f5fced3395e9cfd7f682810ef9fc7c099182cee4102d98008002d00ac1e00017e5958a7b602c412aa658394649301094fa43409e22f8ec4629e04e343ce8fa4cdf747d50d37b1da4c18042edecf8581f3419ed713e2f25197ab219c191238458bc5649178cc9c18bf6eb2ca060a032038ac30b7bfa615486651bd0a999341a22ddbc663509b0357fab88819df5b45b698a6278639559820721fd7a90eee6b9ec65fc22f823ded6cbc4c21a891fa7c757043b436e65d490f35d4d9616b9d86172eaf974ff63c335e05cd566c49616be823a0d46866d0ce7b0a5a98bb978e7368b7a203da4bf8e89c6ebb389db28334d97b226c30cda4c9c156049a62b5c65d04f07b9695ec282444b4dc413a6bb81b240500d12235578c1897bb4e9e89b19f790ddbc4a38397256208003900", @ANYRES32=0x0, @ANYBLOB="021a9be2a620c89d8aeadcd5b1b971d6968ecc04939fe3167e58b0b087ba0e9789483e536150714a8de9cdcbb2601fd02b48157fd70fc2b143a092cf61ce64b5544d6b23cb688b9bc7fa4f07afb71e34cada4b889fa6b4acd5a7e21417f9f577575cc87f478c6ec4dc7793b6713999523500607c5ac93ceb9c307a5b3eb35f50346b80d86a87f5872af7103bb7ab03583efa231722f69d0441d0e088e262acf645ed1002fc580539428a7d3db57b7241a0666aa50408894550dc37b0b8eee74f39d60dcfb74f4701734bec8ce29978aadcf18bd188fc8ba004f7a7e08fc30cefd93baa558608bfcabed344a22903f98e718a071e71339e40125973c883999f3ddbb64fcfb65089582f3bda9915bd39cc752ebf24f70c00a8006e6c3830323131000400b3800000000400ad0000000000898b5c54c6c17fe2d56cc0a49299cb3596cd"], 0x408}, 0x1, 0x0, 0x0, 0x24841}, 0x24060050) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=ANY=[@ANYBLOB="2c00000040000701feffffff00000000017c0000040042800c00018006000600800a00000800028004001980747509582930e575312d7926fd840cf5010000800000000085df30d9ee49e927e631273dfc1641c9cc8e91ab2482122921f30878ac8703c6bef874e5b9fee1faf584b853791e783e606ae42863b2f788963c3694a6f44e38b1727151f828"], 0x2c}, 0x1, 0x0, 0x0, 0x48815}, 0xc000) r0 = socket$nl_route(0x10, 0x3, 0x0) syz_io_uring_setup(0x43b9, &(0x7f00000006c0)={0x0, 0x42f5, 0x13408, 0x2, 0x330}, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000580)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r2, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r3, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 753.290877ms ago: executing program 3 (id=3841): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x400, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00') bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x100, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x3}, 0x50) r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r4}, 0x10) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x11, &(0x7f0000000a00)=ANY=[@ANYBLOB="180000000000000000000000feffffff8500000023000000b7080000000000007baaf8ff00000000b5080000010000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a700000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r5 = socket$inet6(0xa, 0x3, 0xfb) setsockopt$inet6_int(r5, 0x29, 0x16, &(0x7f0000fcb000), 0x4) clock_gettime(0x5, &(0x7f0000000480)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000740)={{0x0, 0x989680}, {r6, r7+60000000}}, 0x0) timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x21}, &(0x7f0000bbdffc)=0x0) timer_settime(r8, 0x1, &(0x7f0000000340)={{0x77359400}, {0x0, 0x9}}, 0x0) r9 = openat$pfkey(0xffffff9c, &(0x7f00000003c0), 0x400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x4, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbfb7}}, &(0x7f00000000c0)='syzkaller\x00', 0x7ff, 0x8e, &(0x7f0000000100)=""/142, 0x40f00, 0x31, '\x00', 0x0, @fallback=0x10, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r2, 0x2, &(0x7f0000000400)=[0x1, r3, r9], &(0x7f0000000440)=[{0x1, 0x4, 0xd, 0x4}, {0x3, 0x3, 0x7, 0x6}], 0x10, 0x917}, 0x94) socket$inet6_sctp(0xa, 0x1, 0x84) 648.169505ms ago: executing program 3 (id=3842): r0 = fsopen(&(0x7f0000000040)='hpfs\x00', 0x1) r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1}) ioctl$vim2m_VIDIOC_EXPBUF(r1, 0xc0405610, &(0x7f0000000040)={0x2}) r2 = openat$comedi(0xffffff9c, 0x0, 0x450c00, 0x0) close_range(r0, r2, 0x0) ioctl$IMCTRLREQ(r0, 0x80044945, 0x0) 591.068507ms ago: executing program 1 (id=3843): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0xffffffff, 0x0, {0x0, 0x0, 0x74, 0x0, {0x0, 0x7}, {0x0, 0x4}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0) sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0) setsockopt$MRT6_ADD_MFC(0xffffffffffffffff, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x4, @remote, 0x5}, {0xa, 0x4e20, 0x1000000, @mcast2, 0xfff}, 0xfffc, {[0x10005, 0xfffffffd, 0x2000, 0x0, 0x0, 0x1, 0x0, 0x40]}}, 0x5c) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r1 = epoll_create1(0x0) r2 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x80042, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xe) ioctl$TCGETA(r2, 0x5405, 0x0) epoll_wait(r1, &(0x7f0000002a80)=[{}], 0x1, 0xfffeffff) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000080)={0x9d32f4b2e0c65377}) 590.310177ms ago: executing program 3 (id=3844): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000100900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWCHAIN={0x38, 0x3, 0xa, 0x3, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}]}], {0x14}}, 0x60}}, 0x0) 509.954669ms ago: executing program 0 (id=3845): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, 0xffffffffffffffff}, 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4) r2 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x2000) ioctl$SG_GET_VERSION_NUM(r2, 0x2284, &(0x7f0000000080)) 499.239435ms ago: executing program 2 (id=3846): r0 = syz_io_uring_setup(0x88f, &(0x7f0000000180)={0x0, 0xc989, 0x800, 0xffffffdf, 0x173}, &(0x7f0000000000)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffa, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x40, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x8001}}) io_uring_enter(r0, 0x2b93, 0xf9d0, 0x22, 0x0, 0x0) 497.192805ms ago: executing program 3 (id=3847): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = dup(r0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x5, @loopback, 0x5d96}], 0x1c) sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000540)={0xa, 0x4e24, 0xb, @loopback, 0x56}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x240048c6) r2 = dup(r1) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)='bond_slave_1\x00', 0x10) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e22, @empty}}, 0x8003, 0xbffc, 0xe652, 0x2, 0x4, 0x8, 0xff}, 0x9c) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000a40)={0x0, @in6={{0xa, 0x4e24, 0x5, @loopback, 0x1}}, 0x4, 0x1, 0xf06, 0x0, 0xac, 0x7d, 0x5}, 0x9c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xfffffff6, @empty, 0x7f}}, 0x1000000, 0x31, 0xffff1896, 0x3, 0x6, 0x8, 0x6}, 0x9c) 433.830854ms ago: executing program 1 (id=3848): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) r2 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0) fstat(r2, &(0x7f00000000c0)) 400.63545ms ago: executing program 0 (id=3849): r0 = socket(0x2a, 0x2, 0x0) sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x20040845}, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newtfilter={0x90, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0xfffa}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x58, 0x2, [@TCA_FLOWER_ACT={0x54, 0x3, [@m_connmark={0x50, 0x1, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xfffffff8, 0xfff, 0x0, 0x200, 0xa}, 0x3}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x13, 0x6}}]}, 0x90}, 0x1, 0x0, 0x0, 0x20000004}, 0x24000000) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, 0x0, 0x0, 0x600) 374.950967ms ago: executing program 3 (id=3850): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0) ioctl$VIDIOC_S_CROP(r0, 0x4014563c, &(0x7f0000000000)={0xe, {0x2, 0x1b288141, 0xe17e, 0x304}}) r1 = fsopen(0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x3, 0xb, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000008000000000000000400000018010000202078250000000000202020791af8ff00000000bfa100000000000007010000f8ffffffb70208000000002200000095000000000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x5, 0xfe7, &(0x7f0000001e00)=""/4071}, 0x94) r2 = fsmount(r1, 0x0, 0x0) flistxattr(r2, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2) syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$MAP_CREATE(0x0, 0x0, 0x0) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128\x00'}, 0x58) r5 = accept4(r4, 0x0, 0x0, 0x0) sendmsg$alg(r5, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x28000054) r6 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sloppy_tcp\x00', 0x2, 0x0) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r7, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000200000a08010000060a010400000000000000000a0000010900010073797a3100000000dc000480d80001800b0001007461726765740000c8000280ac0003009ac420002e0000b9fdd672bad09dfb78c7699c74e891a0c700000000000000000000000000800000f0f2926a65cb332756a177e7cc427ca68c59e7cb45cf2c593555cb2c867ea3874e4a3e3319c9e920e20430ab41efbc6b8878a1176838d768e8f9a48208c252ac7565090001c6886dadc6fed168f596b9ce0636ca279a98e6321409223f7a5d2a32b63645bf333e581dd316eeab6c76cd04f55c1de2d9cd00000000000000000008000240000000000e00010049444c4554494d45520000000900020073797a32"], 0x130}, 0x1, 0x0, 0x0, 0x4000850}, 0x20040040) sendfile(r6, r6, 0x0, 0x3fffff) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r8, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000580)="b9ff03076804268c989e14f088a8", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 79.126498ms ago: executing program 1 (id=3851): syz_io_uring_setup(0x3941, 0x0, 0x0, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58) syz_usb_control_io(0xffffffffffffffff, &(0x7f0000000380)={0x2c, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan1\x00'}) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={0x0, 0x6f4}}, 0x0) 1.660449ms ago: executing program 0 (id=3852): mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0) rmdir(&(0x7f0000000240)='./cgroup/../file0\x00') r2 = socket$nl_generic(0x10, 0x3, 0x10) sendfile(r2, r1, 0x0, 0xa175) 0s ago: executing program 2 (id=3853): symlink(&(0x7f0000000040)='.\x00', 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt(r0, 0x1, 0x10000000000009, &(0x7f0000000100)="0100ddff", 0x507b420f2d51f971) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0xe, @empty, 0x204}, 0x1c) setsockopt(r0, 0x1, 0x9, &(0x7f0000000040), 0x29) kernel console output (not intermixed with test programs): ) [ 315.378275][T16290] vhci_hcd vhci_hcd.0: Device attached [ 315.396576][T16290] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(13) [ 315.403211][T16290] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 315.433708][T16290] vhci_hcd vhci_hcd.0: Device attached [ 315.448096][ T5821] Bluetooth: hci5: command tx timeout [ 315.456732][T16290] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(15) [ 315.463359][T16290] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 315.471882][T16290] vhci_hcd vhci_hcd.0: Device attached [ 315.482831][T16290] vhci_hcd vhci_hcd.0: pdev(3) rhport(3) sockfd(17) [ 315.489466][T16290] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 315.517495][T16290] vhci_hcd vhci_hcd.0: Device attached [ 315.587792][T16308] vhci_hcd vhci_hcd.0: pdev(3) rhport(5) sockfd(22) [ 315.594432][T16308] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 315.627478][T16308] vhci_hcd vhci_hcd.0: Device attached [ 315.649291][ T5818] usb 39-1: new low-speed USB device number 3 using vhci_hcd [ 315.656816][T16290] vhci_hcd vhci_hcd.0: pdev(3) rhport(4) sockfd(19) [ 315.663432][T16290] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 315.684976][T16290] vhci_hcd vhci_hcd.0: Device attached [ 315.695105][T16307] vhci_hcd: connection closed [ 315.695271][ T3855] vhci_hcd vhci_hcd.3: stop threads [ 315.696784][T16159] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 315.705008][ T3855] vhci_hcd vhci_hcd.3: release socket [ 315.708050][T16309] vhci_hcd: connection closed [ 315.712828][T16293] vhci_hcd: connection closed [ 315.725100][T16291] vhci_hcd: connection reset by peer [ 315.725825][ T3855] vhci_hcd vhci_hcd.3: disconnect device [ 315.738043][T16300] vhci_hcd: connection closed [ 315.741294][T16303] vhci_hcd: connection closed [ 315.758560][ T3855] vhci_hcd vhci_hcd.3: stop threads [ 315.789338][ T3855] vhci_hcd vhci_hcd.3: release socket [ 315.805682][ T3855] vhci_hcd vhci_hcd.3: disconnect device [ 315.820162][ T3855] vhci_hcd vhci_hcd.3: stop threads [ 315.829909][T16159] veth0_vlan: entered promiscuous mode [ 315.835455][ T3855] vhci_hcd vhci_hcd.3: release socket [ 315.845083][ T3855] vhci_hcd vhci_hcd.3: disconnect device [ 315.856288][T16159] veth1_vlan: entered promiscuous mode [ 315.862658][ T3855] vhci_hcd vhci_hcd.3: stop threads [ 315.875741][ T3855] vhci_hcd vhci_hcd.3: release socket [ 315.883733][ T3855] vhci_hcd vhci_hcd.3: disconnect device [ 315.897633][ T3855] vhci_hcd vhci_hcd.3: stop threads [ 315.912181][ T3855] vhci_hcd vhci_hcd.3: release socket [ 315.922266][T16159] veth0_macvtap: entered promiscuous mode [ 315.929665][ T3855] vhci_hcd vhci_hcd.3: disconnect device [ 315.936667][ T3855] vhci_hcd vhci_hcd.3: stop threads [ 315.949303][T16159] veth1_macvtap: entered promiscuous mode [ 315.955217][ T3855] vhci_hcd vhci_hcd.3: release socket [ 315.962078][ T3855] vhci_hcd vhci_hcd.3: disconnect device [ 315.975188][ T2205] hsr_slave_0: left promiscuous mode [ 315.981373][ T2205] hsr_slave_1: left promiscuous mode [ 315.994341][ T2205] veth1_macvtap: left promiscuous mode [ 316.000305][ T2205] veth0_macvtap: left promiscuous mode [ 316.006982][ T2205] veth1_vlan: left promiscuous mode [ 316.012436][ T2205] veth0_vlan: left promiscuous mode [ 316.426627][T16325] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2910'. [ 316.668870][ T2205] team0 (unregistering): Port device team_slave_1 removed [ 316.709727][ T2205] team0 (unregistering): Port device team_slave_0 removed [ 317.074366][T16159] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 317.106229][T16159] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 317.156128][ T50] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 317.185705][ T4563] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 317.225918][ T4563] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 317.247517][ T4563] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 317.363148][T16339] tipc: Enabled bearer , priority 0 [ 317.423531][T16338] tipc: Disabling bearer [ 317.466356][ T4235] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 317.482833][ T4235] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 317.537349][ T5821] Bluetooth: hci5: command tx timeout [ 317.570520][ T4235] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 317.589651][ T4235] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 317.616006][ T2205] IPVS: stop unused estimator thread 0... [ 317.682209][T16352] siw: device registration error -23 [ 317.688962][T16352] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=44051 sclass=netlink_route_socket pid=16352 comm=syz.4.2921 [ 317.766137][T16357] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2923'. [ 317.804019][T16359] netlink: 126588 bytes leftover after parsing attributes in process `syz.4.2924'. [ 317.984005][ T5832] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 317.995218][ T5832] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 318.003134][ T5832] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 318.013162][ T5832] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 318.024738][ T5832] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 318.096364][T16367] lo speed is unknown, defaulting to 1000 [ 318.179601][ T5816] bond0: (slave syz_tun): Releasing backup interface [ 318.271552][ T4235] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 318.373637][ T4235] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 318.444945][ T4235] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 318.693523][ T4235] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 318.914290][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 318.920850][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 319.437790][T16390] siw: device registration error -23 [ 319.489561][T16394] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=44051 sclass=netlink_route_socket pid=16394 comm=syz.1.2935 [ 319.506342][T16367] chnl_net:caif_netlink_parms(): no params data found [ 319.738280][ T4235] bridge_slave_1: left allmulticast mode [ 319.747988][ T4235] bridge_slave_1: left promiscuous mode [ 319.751263][ T48] hid_parser_main: 70 callbacks suppressed [ 319.751280][ T48] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 319.753928][ T4235] bridge0: port 2(bridge_slave_1) entered disabled state [ 319.777649][ T4235] bridge_slave_0: left allmulticast mode [ 319.783615][ T4235] bridge_slave_0: left promiscuous mode [ 319.789672][ T4235] bridge0: port 1(bridge_slave_0) entered disabled state [ 319.918283][ T48] hid-generic 0000:0000:0000.0014: hidraw0: HID v0.00 Device [syz1] on syz0 [ 319.971640][T16417] netlink: 'syz.2.2943': attribute type 7 has an invalid length. [ 319.979470][T16417] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2943'. [ 320.083923][ T30] kauditd_printk_skb: 90 callbacks suppressed [ 320.083940][ T30] audit: type=1326 audit(1766378977.493:3369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16423 comm="syz.1.2948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9f898f749 code=0x7ffc0000 [ 320.113726][ T5821] Bluetooth: hci2: command tx timeout [ 320.146966][ T30] audit: type=1326 audit(1766378977.493:3370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16423 comm="syz.1.2948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9f898f749 code=0x7ffc0000 [ 320.171501][ T30] audit: type=1326 audit(1766378977.493:3371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16423 comm="syz.1.2948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff9f898f749 code=0x7ffc0000 [ 320.196089][ T30] audit: type=1326 audit(1766378977.493:3372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16423 comm="syz.1.2948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9f898f749 code=0x7ffc0000 [ 320.220533][ T30] audit: type=1326 audit(1766378977.493:3373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16423 comm="syz.1.2948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9f898f749 code=0x7ffc0000 [ 320.245333][ T30] audit: type=1326 audit(1766378977.493:3374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16423 comm="syz.1.2948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff9f898f749 code=0x7ffc0000 [ 320.273176][ T30] audit: type=1326 audit(1766378977.523:3375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16423 comm="syz.1.2948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9f898f749 code=0x7ffc0000 [ 320.285988][T16429] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2949'. [ 320.307902][ T30] audit: type=1326 audit(1766378977.523:3376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16423 comm="syz.1.2948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff9f898f749 code=0x7ffc0000 [ 320.336407][ T30] audit: type=1326 audit(1766378977.523:3377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16423 comm="syz.1.2948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9f898f749 code=0x7ffc0000 [ 320.395580][ T30] audit: type=1326 audit(1766378977.523:3378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16423 comm="syz.1.2948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7ff9f898f749 code=0x7ffc0000 [ 320.798062][ T5818] vhci_hcd vhci_hcd.3: vhci_device speed not set [ 320.839640][T16435] siw: device registration error -23 [ 320.854824][T16435] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=44051 sclass=netlink_route_socket pid=16435 comm=syz.4.2951 [ 320.998507][ T4235] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 321.015085][ T4235] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 321.027359][ T4235] bond0 (unregistering): Released all slaves [ 321.265087][ T4235] bond1 (unregistering): Released all slaves [ 321.902407][T16444] slcan: can't register candev [ 321.978125][ T4235] bond2 (unregistering): Released all slaves [ 322.036973][T16367] bridge0: port 1(bridge_slave_0) entered blocking state [ 322.055290][T16367] bridge0: port 1(bridge_slave_0) entered disabled state [ 322.068434][T16367] bridge_slave_0: entered allmulticast mode [ 322.087179][T16367] bridge_slave_0: entered promiscuous mode [ 322.104143][T16367] bridge0: port 2(bridge_slave_1) entered blocking state [ 322.121545][T16367] bridge0: port 2(bridge_slave_1) entered disabled state [ 322.140167][T16367] bridge_slave_1: entered allmulticast mode [ 322.157890][T16367] bridge_slave_1: entered promiscuous mode [ 322.168279][ T5821] Bluetooth: hci2: command tx timeout [ 322.438983][T16452] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2957'. [ 322.453994][T16455] netlink: 'syz.0.2959': attribute type 39 has an invalid length. [ 322.469422][T16452] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 322.477794][ T4235] tipc: Left network mode [ 322.498598][T16452] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 322.530329][T16452] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 322.544574][T16452] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 322.643845][T16367] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 322.686511][T16367] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 322.693532][T16462] siw: device registration error -23 [ 322.705510][T16462] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=44051 sclass=netlink_route_socket pid=16462 comm=syz.4.2962 [ 322.750846][T16367] team0: Port device team_slave_0 added [ 322.761724][T16367] team0: Port device team_slave_1 added [ 322.871610][ T48] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0 [ 322.898397][ T48] hid-generic 0000:0000:0000.0015: hidraw0: HID v0.00 Device [syz1] on syz0 [ 323.001398][T16367] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 323.018864][T16367] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 323.090030][T16367] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 323.134933][T16367] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 323.155809][T16367] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 323.183852][T16475] netlink: 'syz.4.2967': attribute type 7 has an invalid length. [ 323.191638][T16475] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2967'. [ 323.211855][T16367] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 323.363484][T16367] hsr_slave_0: entered promiscuous mode [ 323.395481][T16367] hsr_slave_1: entered promiscuous mode [ 323.413848][T16367] debugfs: 'hsr0' already exists in 'hsr' [ 323.431360][T16367] Cannot create hsr debugfs directory [ 323.519759][T16485] siw: device registration error -23 [ 323.526478][T16485] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=44051 sclass=netlink_route_socket pid=16485 comm=syz.1.2972 [ 323.568112][ T4235] hsr_slave_0: left promiscuous mode [ 323.581552][ T4235] hsr_slave_1: left promiscuous mode [ 323.589749][ T4235] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 323.601416][ T4235] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 323.612782][ T4235] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 323.620366][ T4235] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 323.648474][ T4235] veth1_macvtap: left promiscuous mode [ 323.654889][ T4235] veth0_macvtap: left promiscuous mode [ 323.677522][ T4235] veth1_vlan: left promiscuous mode [ 323.692765][ T4235] veth0_vlan: left promiscuous mode [ 324.248055][ T5821] Bluetooth: hci2: command tx timeout [ 324.418723][T16491] slcan: can't register candev [ 325.276848][ T4235] team0 (unregistering): Port device team_slave_1 removed [ 325.305649][ T4235] team0 (unregistering): Port device team_slave_0 removed [ 325.530724][ T90] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 325.548614][T16487] vlan2: entered promiscuous mode [ 325.700934][ T90] usb 1-1: config index 0 descriptor too short (expected 65316, got 36) [ 325.718039][ T90] usb 1-1: config 0 has too many interfaces: 255, using maximum allowed: 32 [ 325.726980][ T90] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 325.738094][ T30] kauditd_printk_skb: 38 callbacks suppressed [ 325.738111][ T30] audit: type=1326 audit(1766378983.143:3417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16508 comm="syz.4.2980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f5b98f749 code=0x7ffc0000 [ 325.769884][ T90] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 255 [ 325.779361][ T90] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 325.789437][ T90] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 325.797548][ T30] audit: type=1326 audit(1766378983.153:3418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16508 comm="syz.4.2980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f5b98f749 code=0x7ffc0000 [ 325.830120][ T90] usb 1-1: config 0 descriptor?? [ 325.840886][T16510] tipc: Enabled bearer , priority 0 [ 325.854003][ T30] audit: type=1326 audit(1766378983.153:3419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16508 comm="syz.4.2980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f5b98f749 code=0x7ffc0000 [ 325.944847][ T30] audit: type=1326 audit(1766378983.153:3420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16508 comm="syz.4.2980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f5b98f749 code=0x7ffc0000 [ 325.972232][T16519] siw: device registration error -23 [ 325.974277][ T30] audit: type=1326 audit(1766378983.153:3421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16508 comm="syz.4.2980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f5b98f749 code=0x7ffc0000 [ 325.980331][T16519] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=44051 sclass=netlink_route_socket pid=16519 comm=syz.4.2983 [ 326.001432][ T30] audit: type=1326 audit(1766378983.153:3422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16508 comm="syz.4.2980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=87 compat=0 ip=0x7f5f5b98f749 code=0x7ffc0000 [ 326.081870][ T30] audit: type=1326 audit(1766378983.153:3423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16508 comm="syz.4.2980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f5b98f749 code=0x7ffc0000 [ 326.081981][T16509] tipc: Disabling bearer [ 326.105502][ T30] audit: type=1326 audit(1766378983.153:3424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16508 comm="syz.4.2980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f5f5b98f749 code=0x7ffc0000 [ 326.105544][ T30] audit: type=1326 audit(1766378983.153:3425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16508 comm="syz.4.2980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f5b98f749 code=0x7ffc0000 [ 326.105580][ T30] audit: type=1326 audit(1766378983.153:3426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16508 comm="syz.4.2980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f5f5b98f749 code=0x7ffc0000 [ 326.254390][T16526] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2986'. [ 326.328440][ T5821] Bluetooth: hci2: command tx timeout [ 326.442394][T16536] netlink: 'syz.0.2977': attribute type 10 has an invalid length. [ 326.461960][T16536] bond2: option mode: unable to set because the bond device is up [ 326.479867][T16536] bond_slave_0: entered promiscuous mode [ 326.486398][T16536] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 326.500987][T16540] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2992'. [ 326.513706][T16536] bond2: (slave macvlan2): Enslaving as a backup interface with an up link [ 326.558893][ T90] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 326.569151][ T90] hid-generic 0000:0000:0000.0016: hidraw0: HID v0.00 Device [syz1] on syz0 [ 326.636956][T16367] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 326.654237][T16367] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 326.672645][T16367] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 326.690006][T16367] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 326.779275][T16367] 8021q: adding VLAN 0 to HW filter on device bond0 [ 326.800980][T16367] 8021q: adding VLAN 0 to HW filter on device team0 [ 326.818823][ T2205] bridge0: port 1(bridge_slave_0) entered blocking state [ 326.825992][ T2205] bridge0: port 1(bridge_slave_0) entered forwarding state [ 326.844381][ T3536] bridge0: port 2(bridge_slave_1) entered blocking state [ 326.851510][ T3536] bridge0: port 2(bridge_slave_1) entered forwarding state [ 326.992330][T16564] tipc: Enabling of bearer rejected, failed to enable media [ 327.136731][T16367] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 327.139582][T16572] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2999'. [ 327.202629][T16367] veth0_vlan: entered promiscuous mode [ 327.226057][T16367] veth1_vlan: entered promiscuous mode [ 327.266546][T16367] veth0_macvtap: entered promiscuous mode [ 327.276304][T16367] veth1_macvtap: entered promiscuous mode [ 327.301067][T16367] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 327.324718][T16367] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 327.349826][ T1152] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 327.372513][ T1152] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 327.557863][ T1152] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 327.568317][ T1152] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 327.583972][T16587] netlink: 'syz.1.3004': attribute type 7 has an invalid length. [ 327.591834][T16587] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3004'. [ 327.626796][ T90] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 327.639713][ T90] hid-generic 0000:0000:0000.0017: hidraw0: HID v0.00 Device [syz1] on syz0 [ 327.709045][T10806] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 327.727292][T10806] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 327.759582][ T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 327.774445][ T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 327.894448][T16597] tipc: Enabling of bearer rejected, failed to enable media [ 328.147096][ T5832] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 328.158869][ T5832] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 328.348940][ T5832] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 328.405146][ T5832] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 328.488814][T16612] can0: slcan on ttyS3. [ 328.543435][ T5832] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 329.182146][ T791] usb 1-1: USB disconnect, device number 13 [ 329.308574][T16609] can0 (unregistered): slcan off ttyS3. [ 329.385890][T16607] lo speed is unknown, defaulting to 1000 [ 329.805383][ T90] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 329.841734][ T90] hid-generic 0000:0000:0000.0018: hidraw0: HID v0.00 Device [syz1] on syz0 [ 330.363779][ T5813] bond0: (slave syz_tun): Releasing backup interface [ 330.515422][ T4235] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 330.541776][ T4235] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 330.648469][ T5832] Bluetooth: hci3: command tx timeout [ 330.666931][ T4235] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 330.677485][ T4235] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 330.697346][T16607] chnl_net:caif_netlink_parms(): no params data found [ 330.737150][ T4235] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 330.747580][ T4235] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 330.782885][T16607] bridge0: port 1(bridge_slave_0) entered blocking state [ 330.790375][T16607] bridge0: port 1(bridge_slave_0) entered disabled state [ 330.797586][T16607] bridge_slave_0: entered allmulticast mode [ 330.804758][T16607] bridge_slave_0: entered promiscuous mode [ 330.820726][ T4235] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 330.831845][ T4235] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 330.845449][T16607] bridge0: port 2(bridge_slave_1) entered blocking state [ 330.852872][T16607] bridge0: port 2(bridge_slave_1) entered disabled state [ 330.860194][T16607] bridge_slave_1: entered allmulticast mode [ 330.867049][T16607] bridge_slave_1: entered promiscuous mode [ 330.895497][T16607] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 330.907177][T16607] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 330.942286][T16607] team0: Port device team_slave_0 added [ 330.955744][T16607] team0: Port device team_slave_1 added [ 330.994809][T16607] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 331.002049][T16607] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 331.029028][T16607] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 331.065280][T16607] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 331.072608][T16607] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 331.098933][T16607] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 331.110261][T16665] netlink: 14 bytes leftover after parsing attributes in process `syz.3.3029'. [ 331.119505][T16642] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 331.133869][T16665] hsr_slave_0: left promiscuous mode [ 331.134125][T16642] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 331.145384][T16665] hsr_slave_1: left promiscuous mode [ 331.145718][T16642] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 331.158189][T16642] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 331.170009][T16642] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 331.185179][T16642] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 331.193113][T16642] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 331.207668][ T4235] bridge_slave_1: left allmulticast mode [ 331.215551][T16642] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 331.221537][ T4235] bridge_slave_1: left promiscuous mode [ 331.221745][ T4235] bridge0: port 2(bridge_slave_1) entered disabled state [ 331.238228][ T4235] bridge_slave_0: left allmulticast mode [ 331.238492][T16642] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 331.250010][ T4235] bridge_slave_0: left promiscuous mode [ 331.252205][T16642] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 331.255839][ T4235] bridge0: port 1(bridge_slave_0) entered disabled state [ 331.270334][T16642] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 331.291657][ T4235] batman_adv: batadv0: Interface deactivated: vxlan0 [ 331.739703][ T4235] batman_adv: batadv0: Removing interface: vxlan0 [ 332.336944][ T4235] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 332.394067][ T4235] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 332.435814][ T4235] bond0 (unregistering): (slave team0): Releasing backup interface [ 332.463263][ T4235] bond0 (unregistering): Released all slaves [ 332.650367][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout [ 332.675337][ T4235] bond1 (unregistering): Released all slaves [ 332.694054][T16607] hsr_slave_0: entered promiscuous mode [ 332.711296][T16607] hsr_slave_1: entered promiscuous mode [ 332.788674][ T4235] tipc: Left network mode [ 332.927366][T16723] tipc: Enabling of bearer rejected, failed to enable media [ 333.218681][ T5821] Bluetooth: hci5: command 0x0c1a tx timeout [ 333.218691][ T52] Bluetooth: hci4: command 0x0c1a tx timeout [ 333.231001][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout [ 333.236811][T16736] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3058'. [ 333.288626][ T5821] Bluetooth: hci3: command 0x040f tx timeout [ 333.316768][T16739] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3059'. [ 333.565513][T16742] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3060'. [ 333.987990][ T24] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 334.001014][T16752] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(11) [ 334.007640][T16752] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 334.023633][ T4235] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 334.032843][ T4235] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 334.042905][ T4235] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 334.058609][ T4235] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 334.098574][T16754] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(14) [ 334.105202][T16754] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 334.114873][T16763] netlink: 'syz.0.3063': attribute type 7 has an invalid length. [ 334.122700][T16763] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3063'. [ 334.152948][T16755] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(17) [ 334.159578][T16755] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 334.181866][ T4235] veth1_macvtap: left promiscuous mode [ 334.199724][ T4235] veth0_macvtap: left promiscuous mode [ 334.221922][ T4235] veth1_vlan: left promiscuous mode [ 334.227647][ T4235] veth0_vlan: left promiscuous mode [ 334.324848][T16752] vhci_hcd vhci_hcd.0: Device attached [ 334.387796][T16754] vhci_hcd vhci_hcd.0: Device attached [ 334.415703][T16755] vhci_hcd vhci_hcd.0: Device attached [ 334.425179][T16758] vhci_hcd: connection closed [ 334.425340][T10806] vhci_hcd vhci_hcd.3: stop threads [ 334.431798][T16757] vhci_hcd: connection closed [ 334.435309][T10806] vhci_hcd vhci_hcd.3: release socket [ 334.436480][T16756] vhci_hcd: connection closed [ 334.440090][T10806] vhci_hcd vhci_hcd.3: disconnect device [ 334.457308][T10806] vhci_hcd vhci_hcd.3: stop threads [ 334.462806][T10806] vhci_hcd vhci_hcd.3: release socket [ 334.468539][T10806] vhci_hcd vhci_hcd.3: disconnect device [ 334.474437][T10806] vhci_hcd vhci_hcd.3: stop threads [ 334.489539][ T24] usb 2-1: config index 0 descriptor too short (expected 65316, got 36) [ 334.490304][T10806] vhci_hcd vhci_hcd.3: release socket [ 334.499160][ T24] usb 2-1: config 0 has too many interfaces: 255, using maximum allowed: 32 [ 334.514700][T10806] vhci_hcd vhci_hcd.3: disconnect device [ 334.530446][ T24] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 334.549218][ T24] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 255 [ 334.558070][ T5818] usb 39-1: new low-speed USB device number 4 using vhci_hcd [ 334.563726][ T24] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 334.568193][ T5818] usb 39-1: enqueue for inactive port 0 [ 334.575983][ T4235] pimreg (unregistering): left allmulticast mode [ 334.605034][ T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 334.629381][ T24] usb 2-1: config 0 descriptor?? [ 334.658536][ T5818] vhci_hcd vhci_hcd.3: vhci_device speed not set [ 334.907891][T16772] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3069'. [ 334.942297][ T4235] team0 (unregistering): Port device team_slave_1 removed [ 334.972322][ T4235] team0 (unregistering): Port device team_slave_0 removed [ 335.261033][T16779] netlink: 'syz.1.3062': attribute type 10 has an invalid length. [ 335.292536][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout [ 335.305972][ T5821] Bluetooth: hci5: command 0x0c1a tx timeout [ 335.327153][T16779] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 335.365085][T16777] 8021q: adding VLAN 0 to HW filter on device bond1 [ 335.372422][ T5821] Bluetooth: hci3: command 0x040f tx timeout [ 335.401407][T16779] bond_slave_0: entered promiscuous mode [ 335.407157][T16779] bond_slave_1: entered promiscuous mode [ 335.412860][T16779] syz_tun: entered promiscuous mode [ 335.483535][T16779] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 335.502524][T16779] bond1: (slave macvlan2): unknown ethtool speed (30000) for port 1 (set it to 0) [ 335.538476][T16779] bond1: (slave macvlan2): speed changed to 0 on port 1 [ 335.559969][T16779] bond1: (slave macvlan2): Enslaving as a backup interface with an up link [ 335.696865][T16789] can0: slcan on ttyS3. [ 335.744301][T16607] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 335.776276][T16607] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 335.816538][T16607] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 335.852769][T16607] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 336.101342][T16607] 8021q: adding VLAN 0 to HW filter on device bond0 [ 336.135057][T16607] 8021q: adding VLAN 0 to HW filter on device team0 [ 336.156497][ T1089] bridge0: port 1(bridge_slave_0) entered blocking state [ 336.163696][ T1089] bridge0: port 1(bridge_slave_0) entered forwarding state [ 336.214604][ T1089] bridge0: port 2(bridge_slave_1) entered blocking state [ 336.221800][ T1089] bridge0: port 2(bridge_slave_1) entered forwarding state [ 336.240752][T16783] can0 (unregistered): slcan off ttyS3. [ 336.451846][T16607] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 336.742017][T16607] veth0_vlan: entered promiscuous mode [ 336.759631][T16607] veth1_vlan: entered promiscuous mode [ 336.788960][ T90] usb 2-1: USB disconnect, device number 9 [ 336.812702][T16607] veth0_macvtap: entered promiscuous mode [ 336.844396][T16607] veth1_macvtap: entered promiscuous mode [ 336.899120][T16607] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 336.929740][T16607] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 336.953930][ T2205] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 336.984790][ T2205] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.009691][ T2205] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.034897][ T2205] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.137546][ T2205] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 337.161880][ T2205] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 337.199469][ T30] kauditd_printk_skb: 9 callbacks suppressed [ 337.199484][ T30] audit: type=1400 audit(1766378994.603:3436): avc: denied { read } for pid=16607 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 337.242386][ T4235] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 337.262563][ T4235] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 337.301192][ T30] audit: type=1400 audit(1766378994.643:3437): avc: denied { write } for pid=16607 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 337.364263][ T30] audit: type=1400 audit(1766378994.703:3438): avc: denied { mounton } for pid=16607 comm="syz-executor" path="/root/syzkaller.Y89xIX/syz-tmp" dev="sda1" ino=2051 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 337.368223][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout [ 337.395775][ T5821] Bluetooth: hci5: command 0x0c1a tx timeout [ 337.448527][ T5832] Bluetooth: hci3: command 0x040f tx timeout [ 337.479813][T16812] netlink: 80 bytes leftover after parsing attributes in process `syz.1.3076'. [ 337.511419][ T30] audit: type=1400 audit(1766378994.703:3439): avc: denied { mount } for pid=16607 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 337.628003][ T30] audit: type=1400 audit(1766378994.703:3440): avc: denied { mounton } for pid=16607 comm="syz-executor" path="/root/syzkaller.Y89xIX/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 337.718556][ T30] audit: type=1400 audit(1766378994.703:3441): avc: denied { mount } for pid=16607 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 337.793501][ T30] audit: type=1400 audit(1766378994.703:3442): avc: denied { mounton } for pid=16607 comm="syz-executor" path="/root/syzkaller.Y89xIX/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 337.878014][ T30] audit: type=1400 audit(1766378994.703:3443): avc: denied { mounton } for pid=16607 comm="syz-executor" path="/root/syzkaller.Y89xIX/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=37155 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 337.998035][ T30] audit: type=1400 audit(1766378994.733:3444): avc: denied { read write } for pid=16159 comm="syz-executor" name="loop1" dev="devtmpfs" ino=2794 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 338.078156][ T30] audit: type=1400 audit(1766378994.733:3445): avc: denied { open } for pid=16159 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=2794 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 338.308068][T16820] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11) [ 338.314713][T16820] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 338.349644][T16820] vhci_hcd vhci_hcd.0: Device attached [ 338.376185][T16823] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(14) [ 338.382820][T16823] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 338.420723][T16823] vhci_hcd vhci_hcd.0: Device attached [ 338.444994][T16820] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(13) [ 338.452155][T16820] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 338.492914][T16820] vhci_hcd vhci_hcd.0: Device attached [ 338.520559][T16824] vhci_hcd: connection closed [ 338.520632][T16821] vhci_hcd: connection closed [ 338.528671][T16826] vhci_hcd: connection closed [ 338.534725][ T64] vhci_hcd vhci_hcd.1: stop threads [ 338.582462][ T64] vhci_hcd vhci_hcd.1: release socket [ 338.598030][ T48] usb 35-1: new low-speed USB device number 3 using vhci_hcd [ 338.602715][ T64] vhci_hcd vhci_hcd.1: disconnect device [ 338.620014][T16822] vhci_hcd: sendmsg failed!, ret=-32 for 48 [ 338.651599][ T64] vhci_hcd vhci_hcd.1: stop threads [ 338.663839][ T64] vhci_hcd vhci_hcd.1: release socket [ 338.675997][ T64] vhci_hcd vhci_hcd.1: disconnect device [ 338.812303][ T64] vhci_hcd vhci_hcd.1: stop threads [ 338.994760][ T64] vhci_hcd vhci_hcd.1: release socket [ 339.013596][ T64] vhci_hcd vhci_hcd.1: disconnect device [ 339.395947][T16839] netlink: 'syz.3.3081': attribute type 7 has an invalid length. [ 339.403796][T16839] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3081'. [ 339.546405][ T5832] Bluetooth: hci3: command 0x040f tx timeout [ 340.030692][T16841] tipc: Enabling of bearer rejected, failed to enable media [ 340.204124][ T791] IPVS: starting estimator thread 0... [ 340.308050][T16856] IPVS: using max 41 ests per chain, 98400 per kthread [ 340.414335][ T5821] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 340.429226][ T5821] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 340.429863][ T5821] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 340.430481][ T5821] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 340.453338][ T5821] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 340.483536][T16859] lo speed is unknown, defaulting to 1000 [ 340.927108][ T5814] syz_tun (unregistering): left allmulticast mode [ 340.944010][ T5814] bond0: (slave syz_tun): Releasing backup interface [ 341.463433][ T1152] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 341.499859][T16880] siw: device registration error -23 [ 341.608916][ T5821] Bluetooth: hci3: command 0x040f tx timeout [ 341.642916][ T1152] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 341.678534][T16887] netlink: 'syz.3.3099': attribute type 21 has an invalid length. [ 341.741174][ T1152] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 341.838193][T16891] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(11) [ 341.844853][T16891] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 341.977377][T16891] vhci_hcd vhci_hcd.0: Device attached [ 342.027430][T16899] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(14) [ 342.034069][T16899] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 342.042485][ T1152] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 342.074319][T16899] vhci_hcd vhci_hcd.0: Device attached [ 342.090547][T16901] smc: net device bond0 applied user defined pnetid SYZ0 [ 342.122703][T16891] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(13) [ 342.129343][T16891] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 342.210117][ T5818] usb 39-1: new low-speed USB device number 5 using vhci_hcd [ 342.217667][ T30] kauditd_printk_skb: 74 callbacks suppressed [ 342.217687][ T30] audit: type=1400 audit(1766378999.613:3520): avc: denied { open } for pid=16888 comm="syz.4.3094" path="/dev/input/mouse0" dev="devtmpfs" ino=923 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1 [ 342.308942][T16891] vhci_hcd vhci_hcd.0: Device attached [ 342.379193][T16903] vhci_hcd: connection closed [ 342.379793][ T50] vhci_hcd vhci_hcd.3: stop threads [ 342.422828][T16900] vhci_hcd: connection closed [ 342.490218][ T5821] Bluetooth: hci0: command tx timeout [ 342.514246][T16893] vhci_hcd: connection reset by peer [ 342.544725][ T50] vhci_hcd vhci_hcd.3: release socket [ 342.599684][ T30] audit: type=1400 audit(1766378999.663:3521): avc: denied { read } for pid=16888 comm="syz.4.3094" name="card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 342.647758][ T50] vhci_hcd vhci_hcd.3: disconnect device [ 342.677056][ T50] vhci_hcd vhci_hcd.3: stop threads [ 342.728526][ T50] vhci_hcd vhci_hcd.3: release socket [ 342.748078][ T50] vhci_hcd vhci_hcd.3: disconnect device [ 342.757742][ T30] audit: type=1400 audit(1766378999.663:3522): avc: denied { open } for pid=16888 comm="syz.4.3094" path="/dev/dri/card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 342.778155][ T50] vhci_hcd vhci_hcd.3: stop threads [ 342.786667][ T50] vhci_hcd vhci_hcd.3: release socket [ 342.914120][ T50] vhci_hcd vhci_hcd.3: disconnect device [ 343.180608][ T30] audit: type=1400 audit(1766379000.593:3523): avc: denied { setopt } for pid=16914 comm="syz.4.3106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 343.253207][T16859] chnl_net:caif_netlink_parms(): no params data found [ 343.260294][ T30] audit: type=1400 audit(1766379000.613:3524): avc: denied { ioctl } for pid=16914 comm="syz.4.3106" path="socket:[37478]" dev="sockfs" ino=37478 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 343.361523][ T30] audit: type=1400 audit(1766379000.613:3525): avc: denied { write } for pid=16914 comm="syz.4.3106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 343.464246][ T30] audit: type=1400 audit(1766379000.873:3526): avc: denied { read write } for pid=16928 comm="syz.2.3111" name="virtual_nci" dev="devtmpfs" ino=698 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 343.492842][ T30] audit: type=1400 audit(1766379000.903:3527): avc: denied { open } for pid=16928 comm="syz.2.3111" path="/dev/virtual_nci" dev="devtmpfs" ino=698 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 343.536448][ T30] audit: type=1400 audit(1766379000.943:3528): avc: denied { ioctl } for pid=16928 comm="syz.2.3111" path="/dev/virtual_nci" dev="devtmpfs" ino=698 ioctlcmd=0x0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 343.571335][ T1152] bond_slave_0: left promiscuous mode [ 343.773134][ T48] vhci_hcd vhci_hcd.1: vhci_device speed not set [ 343.927726][ T30] audit: type=1400 audit(1766379001.333:3529): avc: denied { create } for pid=16948 comm="syz.4.3114" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 344.171923][ T1152] dvmrp6 (unregistering): left allmulticast mode [ 344.578074][ T5821] Bluetooth: hci0: command tx timeout [ 344.637897][ T1152] bond2 (unregistering): (slave macvlan2): Removing an active aggregator [ 344.652481][ T1152] bond2 (unregistering): (slave macvlan2): Releasing backup interface [ 344.664467][ T1152] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 344.674081][ T1152] bond0 (unregistering): Released all slaves [ 344.741257][ T1152] bond1 (unregistering): (slave dummy0): Releasing backup interface [ 344.751724][ T1152] bond1 (unregistering): Released all slaves [ 344.815769][ T1152] bond2 (unregistering): Released all slaves [ 344.990820][ T1152] tipc: Left network mode [ 345.069365][ T1152] IPVS: stopping master sync thread 13944 ... [ 345.116885][T16979] syz0: rxe_newlink: already configured on bond_slave_0 [ 345.145791][T16981] netlink: 'syz.4.3124': attribute type 39 has an invalid length. [ 345.205076][T16859] bridge0: port 1(bridge_slave_0) entered blocking state [ 345.220350][T16859] bridge0: port 1(bridge_slave_0) entered disabled state [ 345.227578][T16859] bridge_slave_0: entered allmulticast mode [ 345.235720][T16859] bridge_slave_0: entered promiscuous mode [ 345.260149][T16859] bridge0: port 2(bridge_slave_1) entered blocking state [ 345.268462][T16859] bridge0: port 2(bridge_slave_1) entered disabled state [ 345.275671][T16859] bridge_slave_1: entered allmulticast mode [ 345.302852][T16859] bridge_slave_1: entered promiscuous mode [ 345.404877][T16993] siw: device registration error -23 [ 345.413176][T16993] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=44051 sclass=netlink_route_socket pid=16993 comm=syz.2.3129 [ 345.450607][T16859] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 345.516593][T16859] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 345.714893][T17008] rdma_rxe: rxe_newlink: failed to add bond_slave_0 [ 345.734906][T16859] team0: Port device team_slave_0 added [ 345.752974][T16859] team0: Port device team_slave_1 added [ 345.945530][ T1152] hsr_slave_0: left promiscuous mode [ 345.976267][ T1152] hsr_slave_1: left promiscuous mode [ 345.987835][ T1152] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 345.990924][T17018] netlink: 'syz.2.3142': attribute type 39 has an invalid length. [ 345.995411][ T1152] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 346.018858][ T1152] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 346.031256][ T1152] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 346.031972][T17022] siw: device registration error -23 [ 346.047088][T17022] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=44051 sclass=netlink_route_socket pid=17022 comm=syz.3.3141 [ 346.063558][ T1152] veth1_macvtap: left promiscuous mode [ 346.075448][ T1152] veth0_macvtap: left promiscuous mode [ 346.090436][ T1152] veth1_vlan: left promiscuous mode [ 346.107354][ T1152] veth0_vlan: left promiscuous mode [ 346.359403][T17034] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3148'. [ 346.586368][ T1152] team0 (unregistering): Port device team_slave_1 removed [ 346.615799][ T1152] team0 (unregistering): Port device team_slave_0 removed [ 346.658083][ T5821] Bluetooth: hci0: command tx timeout [ 346.880831][ T48] lo speed is unknown, defaulting to 1000 [ 346.881943][T16859] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 346.891447][ T48] infiniband syz2: ib_query_port failed (-19) [ 346.918011][T16859] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 346.965319][T16859] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 346.978150][T16859] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 346.985122][T16859] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 347.027906][T16859] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 347.368219][ T5818] vhci_hcd vhci_hcd.3: vhci_device speed not set [ 347.439048][ T30] kauditd_printk_skb: 51 callbacks suppressed [ 347.439066][ T30] audit: type=1400 audit(1766379004.853:3581): avc: denied { append } for pid=17052 comm="syz.3.3155" name="loop7" dev="devtmpfs" ino=654 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 347.517894][T17058] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3156'. [ 347.542015][T16859] hsr_slave_0: entered promiscuous mode [ 347.554488][T16859] hsr_slave_1: entered promiscuous mode [ 347.570356][T16859] debugfs: 'hsr0' already exists in 'hsr' [ 347.589460][T16859] Cannot create hsr debugfs directory [ 347.630411][T17060] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3158'. [ 347.761598][ T30] audit: type=1400 audit(1766379005.173:3582): avc: denied { setopt } for pid=17065 comm="syz.4.3161" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 347.862039][T17069] veth0: entered promiscuous mode [ 347.895588][T17069] veth0: left promiscuous mode [ 347.900475][T17073] lo speed is unknown, defaulting to 1000 [ 347.907696][T17073] lo speed is unknown, defaulting to 1000 [ 347.941262][T17073] lo speed is unknown, defaulting to 1000 [ 347.951869][T17075] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=44051 sclass=netlink_route_socket pid=17075 comm=syz.4.3164 [ 347.957063][T17073] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 348.078140][T17073] lo speed is unknown, defaulting to 1000 [ 348.105927][T17073] lo speed is unknown, defaulting to 1000 [ 348.425834][T17073] lo speed is unknown, defaulting to 1000 [ 348.469619][T17073] lo speed is unknown, defaulting to 1000 [ 348.550648][T17073] lo speed is unknown, defaulting to 1000 [ 348.568450][T17082] tipc: Started in network mode [ 348.583533][T17082] tipc: Node identity 061c9236b9cc, cluster identity 4711 [ 348.618113][T17082] tipc: Enabled bearer , priority 0 [ 348.635237][ T30] audit: type=1326 audit(1766379006.043:3583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17085 comm="syz.1.3168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9f898f749 code=0x7ffc0000 [ 348.669794][ T30] audit: type=1326 audit(1766379006.043:3584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17085 comm="syz.1.3168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9f898f749 code=0x7ffc0000 [ 348.694659][ T30] audit: type=1326 audit(1766379006.043:3585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17085 comm="syz.1.3168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7ff9f898f749 code=0x7ffc0000 [ 348.695187][T17081] tipc: Disabling bearer [ 348.733835][ T5818] hid-generic 0000:0000:0000.0019: unknown main item tag 0x0 [ 348.741257][ T5821] Bluetooth: hci0: command tx timeout [ 348.748229][ T30] audit: type=1326 audit(1766379006.043:3586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17085 comm="syz.1.3168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9f898f749 code=0x7ffc0000 [ 348.771808][ T30] audit: type=1326 audit(1766379006.043:3587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17085 comm="syz.1.3168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9f898f749 code=0x7ffc0000 [ 348.796033][ T30] audit: type=1400 audit(1766379006.143:3588): avc: denied { read write } for pid=17087 comm="syz.4.3169" name="uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 348.796151][ T5818] hid-generic 0000:0000:0000.0019: hidraw0: HID v0.00 Device [syz1] on syz0 [ 348.819732][ T30] audit: type=1400 audit(1766379006.143:3589): avc: denied { open } for pid=17087 comm="syz.4.3169" path="/dev/uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 348.863988][ T30] audit: type=1400 audit(1766379006.273:3590): avc: denied { read } for pid=17089 comm="syz.1.3170" name="sg0" dev="devtmpfs" ino=749 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 348.865353][T17090] sd 0:0:1:0: device reset [ 349.041509][T16859] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 349.080738][T16859] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 349.103444][T17098] loop9: detected capacity change from 0 to 7 [ 349.111044][T16859] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 349.129690][T17098] buffer_io_error: 19 callbacks suppressed [ 349.129706][T17098] Buffer I/O error on dev loop9, logical block 0, async page read [ 349.169108][T16859] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 349.221275][T17098] Buffer I/O error on dev loop9, logical block 0, async page read [ 349.361454][T17098] Buffer I/O error on dev loop9, logical block 0, async page read [ 349.483517][T17098] Buffer I/O error on dev loop9, logical block 0, async page read [ 349.546250][T17098] Buffer I/O error on dev loop9, logical block 0, async page read [ 349.569156][T16859] 8021q: adding VLAN 0 to HW filter on device bond0 [ 349.577306][T17098] Buffer I/O error on dev loop9, logical block 0, async page read [ 349.588898][T17098] Buffer I/O error on dev loop9, logical block 0, async page read [ 349.597319][T17098] ldm_validate_partition_table(): Disk read failed. [ 349.604185][T17098] Buffer I/O error on dev loop9, logical block 0, async page read [ 349.616407][T17098] Buffer I/O error on dev loop9, logical block 0, async page read [ 349.631245][T16859] 8021q: adding VLAN 0 to HW filter on device team0 [ 349.654471][ T6025] bridge0: port 1(bridge_slave_0) entered blocking state [ 349.661624][ T6025] bridge0: port 1(bridge_slave_0) entered forwarding state [ 349.678381][T17098] Buffer I/O error on dev loop9, logical block 0, async page read [ 349.679514][ T6025] bridge0: port 2(bridge_slave_1) entered blocking state [ 349.686254][T17098] Dev loop9: unable to read RDB block 0 [ 349.693368][ T6025] bridge0: port 2(bridge_slave_1) entered forwarding state [ 349.712770][T17121] netlink: 'syz.4.3180': attribute type 9 has an invalid length. [ 349.721834][T17098] loop9: unable to read partition table [ 349.728832][T17098] loop9: partition table beyond EOD, truncated [ 349.735107][T17098] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ â·û [ 349.735107][T17098] ) failed (rc=-5) [ 349.754811][T17124] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3181'. [ 349.771345][T17124] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3181'. [ 349.782242][ T5927] hid-generic 0000:0000:0000.001A: unknown main item tag 0x0 [ 349.800205][ T5927] hid-generic 0000:0000:0000.001A: hidraw0: HID v0.00 Device [syz1] on syz0 [ 349.870706][T17128] rdma_rxe: rxe_newlink: failed to add bond_slave_0 [ 349.927331][T17130] tipc: Enabled bearer , priority 0 [ 349.944747][T17129] tipc: Disabling bearer [ 350.144180][T16859] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 350.193466][T17147] netlink: 'syz.2.3192': attribute type 9 has an invalid length. [ 350.413905][T17154] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3193'. [ 350.525056][T17156] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3193'. [ 350.545478][T16859] veth0_vlan: entered promiscuous mode [ 350.563883][T16859] veth1_vlan: entered promiscuous mode [ 350.607665][T16859] veth0_macvtap: entered promiscuous mode [ 350.638885][T16859] veth1_macvtap: entered promiscuous mode [ 350.687824][T16859] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 350.743380][T16859] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 350.783827][ T50] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.819287][ T50] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.830402][ T50] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.840052][ T50] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.861115][T17172] netlink: 'syz.1.3202': attribute type 39 has an invalid length. [ 350.879710][T17177] netlink: 'syz.4.3204': attribute type 9 has an invalid length. [ 350.999374][ T4235] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 351.012093][T17181] siw: device registration error -23 [ 351.023139][T17181] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=44051 sclass=netlink_route_socket pid=17181 comm=syz.2.3206 [ 351.033158][ T4235] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 351.096570][ T4235] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 351.118774][ T4235] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 351.124868][T17186] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3208'. [ 351.144998][T17186] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3208'. [ 351.439547][T17208] siw: device registration error -23 [ 351.450394][T17210] netlink: 'syz.0.3217': attribute type 9 has an invalid length. [ 351.471409][T17208] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=44051 sclass=netlink_route_socket pid=17208 comm=syz.1.3218 [ 351.556499][T17217] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3224'. [ 351.569096][T17217] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3224'. [ 352.447444][T17231] can0: slcan on ttyS3. [ 352.658467][T17215] can0 (unregistered): slcan off ttyS3. [ 352.796088][ T30] kauditd_printk_skb: 58 callbacks suppressed [ 352.796104][ T30] audit: type=1400 audit(1766379010.203:3649): avc: denied { setopt } for pid=17237 comm="syz.1.3229" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 352.918750][ T30] audit: type=1400 audit(1766379010.243:3650): avc: denied { read } for pid=17237 comm="syz.1.3229" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 352.979572][T17243] siw: device registration error -23 [ 353.006592][T17243] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=44051 sclass=netlink_route_socket pid=17243 comm=syz.2.3233 [ 353.237997][ T30] audit: type=1400 audit(1766379010.643:3651): avc: denied { read write } for pid=17252 comm="syz.0.3237" name="fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 353.314046][ T30] audit: type=1400 audit(1766379010.643:3652): avc: denied { open } for pid=17252 comm="syz.0.3237" path="/dev/fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 353.463963][ T5832] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 353.473679][ T5832] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 353.482165][ T5832] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 353.493787][ T5832] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 353.506261][ T5832] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 353.604142][ T8664] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0 [ 353.619674][ T8664] hid-generic 0000:0000:0000.001B: hidraw0: HID v0.00 Device [syz1] on syz0 [ 353.808675][T17273] netlink: 'syz.1.3245': attribute type 39 has an invalid length. [ 353.927277][ T8862] bond0: (slave syz_tun): Releasing backup interface [ 353.938700][ T8862] syz_tun (unregistering): left allmulticast mode [ 354.078359][T17281] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=44051 sclass=netlink_route_socket pid=17281 comm=syz.3.3246 [ 354.365187][T17258] lo speed is unknown, defaulting to 1000 [ 354.574262][T17259] lo speed is unknown, defaulting to 1000 [ 354.584320][T17275] siw: device registration error -23 [ 354.719765][ T24] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0 [ 354.757166][ T24] hid-generic 0000:0000:0000.001C: hidraw0: HID v0.00 Device [syz1] on syz0 [ 354.918038][ T30] audit: type=1400 audit(1766379012.323:3653): avc: denied { create } for pid=17305 comm="syz.3.3259" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 354.991674][ T30] audit: type=1400 audit(1766379012.383:3654): avc: denied { read } for pid=17305 comm="syz.3.3259" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 355.124653][ T30] audit: type=1400 audit(1766379012.533:3655): avc: denied { mounton } for pid=17314 comm="syz.4.3261" path="/proc/97" dev="proc" ino=40057 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 355.218659][T17259] chnl_net:caif_netlink_parms(): no params data found [ 355.330169][ T30] audit: type=1400 audit(1766379012.723:3656): avc: denied { read write } for pid=17308 comm="syz.1.3258" name="loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 355.541294][ T5821] Bluetooth: hci1: command tx timeout [ 355.702880][ T30] audit: type=1400 audit(1766379012.723:3657): avc: denied { open } for pid=17308 comm="syz.1.3258" path="/dev/loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 355.729908][ T30] audit: type=1400 audit(1766379012.733:3658): avc: denied { ioctl } for pid=17308 comm="syz.1.3258" path="/dev/loop-control" dev="devtmpfs" ino=646 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 355.995299][ T791] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 356.024742][ T791] hid-generic 0000:0000:0000.001D: hidraw0: HID v0.00 Device [syz1] on syz0 [ 356.125461][T17259] bridge0: port 1(bridge_slave_0) entered blocking state [ 356.160236][T17259] bridge0: port 1(bridge_slave_0) entered disabled state [ 356.167530][T17259] bridge_slave_0: entered allmulticast mode [ 356.208079][T17259] bridge_slave_0: entered promiscuous mode [ 356.229063][T17259] bridge0: port 2(bridge_slave_1) entered blocking state [ 356.238084][T17259] bridge0: port 2(bridge_slave_1) entered disabled state [ 356.248802][T17259] bridge_slave_1: entered allmulticast mode [ 356.256166][T17259] bridge_slave_1: entered promiscuous mode [ 356.327194][T17338] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=44051 sclass=netlink_route_socket pid=17338 comm=syz.4.3270 [ 356.377314][T17259] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 356.414826][T17259] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 356.478679][T17345] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3272'. [ 356.523575][T17259] team0: Port device team_slave_0 added [ 356.540692][T17259] team0: Port device team_slave_1 added [ 356.663005][T17259] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 356.670323][T17259] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 356.766526][T17259] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 356.784780][T17259] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 356.803223][T17259] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 356.842796][T17259] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 356.892846][T17259] hsr_slave_0: entered promiscuous mode [ 356.941366][T17259] hsr_slave_1: entered promiscuous mode [ 356.960505][T17259] debugfs: 'hsr0' already exists in 'hsr' [ 356.966328][T17259] Cannot create hsr debugfs directory [ 357.011612][T17306] lo speed is unknown, defaulting to 1000 [ 357.472046][T17366] can0: slcan on ttyS3. [ 357.609493][ T5821] Bluetooth: hci1: command tx timeout [ 358.004683][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 358.004723][ T30] audit: type=1400 audit(1766379015.413:3661): avc: denied { bind } for pid=17367 comm="syz.0.3280" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 358.252202][ T30] audit: type=1400 audit(1766379015.443:3662): avc: denied { node_bind } for pid=17367 comm="syz.0.3280" saddr=172.20.20.0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 358.379001][T17356] can0 (unregistered): slcan off ttyS3. [ 358.428132][ T30] audit: type=1400 audit(1766379015.563:3663): avc: denied { ioctl } for pid=17367 comm="syz.0.3280" path="socket:[40977]" dev="sockfs" ino=40977 ioctlcmd=0x8922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 358.698924][T17377] netlink: 'syz.0.3283': attribute type 39 has an invalid length. [ 358.918497][T17379] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3284'. [ 359.035228][T17382] 9p: Bad value for 'rfdno' [ 359.225627][ T30] audit: type=1400 audit(1766379016.633:3664): avc: denied { mounton } for pid=17386 comm="syz.4.3288" path="/53/file0" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:devpts_t tclass=dir permissive=1 [ 359.274880][ T30] audit: type=1400 audit(1766379016.663:3665): avc: denied { unmount } for pid=17386 comm="syz.4.3288" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 359.335468][ T30] audit: type=1400 audit(1766379016.743:3666): avc: denied { unmount } for pid=16607 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 359.411397][T17389] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4) [ 359.417942][T17389] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 359.439950][T17389] vhci_hcd vhci_hcd.0: Device attached [ 359.458041][T17392] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(7) [ 359.464589][T17392] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 359.488053][T17392] vhci_hcd vhci_hcd.0: Device attached [ 359.501222][T17389] vhci_hcd vhci_hcd.0: pdev(4) rhport(2) sockfd(6) [ 359.507769][T17389] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 359.528225][T17389] vhci_hcd vhci_hcd.0: Device attached [ 359.558076][T17389] vhci_hcd vhci_hcd.0: pdev(4) rhport(3) sockfd(10) [ 359.564710][T17389] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 359.588257][T17389] vhci_hcd vhci_hcd.0: Device attached [ 359.601953][T17400] vhci_hcd: connection closed [ 359.602237][ T50] vhci_hcd vhci_hcd.4: stop threads [ 359.607829][T17259] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 359.618119][T17396] vhci_hcd: connection closed [ 359.620028][T17390] vhci_hcd: connection closed [ 359.620451][T17393] vhci_hcd: connection closed [ 359.625737][ T50] vhci_hcd vhci_hcd.4: release socket [ 359.681218][ T50] vhci_hcd vhci_hcd.4: disconnect device [ 359.688032][ T5821] Bluetooth: hci1: command tx timeout [ 359.717440][ T50] vhci_hcd vhci_hcd.4: stop threads [ 359.720424][ T791] usb 41-1: new low-speed USB device number 4 using vhci_hcd [ 359.730637][ T50] vhci_hcd vhci_hcd.4: release socket [ 359.746365][ T50] vhci_hcd vhci_hcd.4: disconnect device [ 359.752392][T17391] vhci_hcd: sendmsg failed!, ret=-32 for 48 [ 359.758797][ T50] vhci_hcd vhci_hcd.4: stop threads [ 359.764022][ T50] vhci_hcd vhci_hcd.4: release socket [ 359.774268][T17259] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 359.779843][ T50] vhci_hcd vhci_hcd.4: disconnect device [ 359.802128][ T50] vhci_hcd vhci_hcd.4: stop threads [ 359.814392][ T50] vhci_hcd vhci_hcd.4: release socket [ 359.827283][T17259] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 359.829556][ T50] vhci_hcd vhci_hcd.4: disconnect device [ 359.846282][T17398] "syz.1.3291" (17398) uses obsolete ecb(arc4) skcipher [ 359.865020][T17259] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 360.051974][T17259] 8021q: adding VLAN 0 to HW filter on device bond0 [ 360.096464][T17259] 8021q: adding VLAN 0 to HW filter on device team0 [ 360.113911][ T64] bridge0: port 1(bridge_slave_0) entered blocking state [ 360.121084][ T64] bridge0: port 1(bridge_slave_0) entered forwarding state [ 360.136748][ T4563] bridge0: port 2(bridge_slave_1) entered blocking state [ 360.143940][ T4563] bridge0: port 2(bridge_slave_1) entered forwarding state [ 360.179674][T17415] netlink: 'syz.0.3292': attribute type 9 has an invalid length. [ 360.198732][ T5898] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 360.204283][ T30] audit: type=1326 audit(1766379017.603:3667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17414 comm="syz.0.3292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe51738f749 code=0x7ffc0000 [ 360.267302][ T30] audit: type=1326 audit(1766379017.603:3668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17414 comm="syz.0.3292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7fe51738f749 code=0x7ffc0000 [ 360.293849][T17422] 9pnet_fd: Insufficient options for proto=fd [ 360.328399][T17421] bond0: (slave syz_tun): Releasing backup interface [ 360.336968][T17421] syz_tun: left promiscuous mode [ 360.348574][ T30] audit: type=1326 audit(1766379017.603:3669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17414 comm="syz.0.3292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe51738f749 code=0x7ffc0000 [ 360.369723][ T5898] usb 4-1: config index 0 descriptor too short (expected 65316, got 36) [ 360.380209][T17421] bridge_slave_0: left allmulticast mode [ 360.381408][T17427] netlink: 'syz.1.3293': attribute type 10 has an invalid length. [ 360.394129][ T5898] usb 4-1: config 0 has too many interfaces: 255, using maximum allowed: 32 [ 360.398485][T17421] bridge_slave_0: left promiscuous mode [ 360.416435][T17421] bridge0: port 1(bridge_slave_0) entered disabled state [ 360.428514][T17421] bridge_slave_1: left allmulticast mode [ 360.435234][ T5898] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 360.435261][ T5898] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 255 [ 360.435300][ T5898] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 360.435322][ T5898] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 360.458909][ T5898] usb 4-1: config 0 descriptor?? [ 360.465616][T17421] bridge_slave_1: left promiscuous mode [ 360.493937][T17421] bridge0: port 2(bridge_slave_1) entered disabled state [ 360.507068][T17421] bond0: (slave bond_slave_0): Releasing backup interface [ 360.516427][T17421] bond_slave_0: left promiscuous mode [ 360.526472][T17421] bond0: (slave bond_slave_1): Releasing backup interface [ 360.537677][T17421] bond_slave_1: left promiscuous mode [ 360.549473][T17421] team0: Port device team_slave_0 removed [ 360.558942][T17421] team0: Port device team_slave_1 removed [ 360.566198][T17421] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 360.598501][T17427] mac80211_hwsim hwsim13 wlan1: entered promiscuous mode [ 360.606376][T17427] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 360.648810][ T5898] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 360.696989][ T30] audit: type=1400 audit(1766379018.103:3670): avc: denied { connect } for pid=17438 comm="syz.4.3298" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 360.716765][T17259] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 360.791711][T17259] veth0_vlan: entered promiscuous mode [ 360.799638][ T5898] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 360.812346][T17259] veth1_vlan: entered promiscuous mode [ 360.826034][T17443] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3300'. [ 360.835162][T17259] veth0_macvtap: entered promiscuous mode [ 360.838525][ T5898] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 360.847042][T17259] veth1_macvtap: entered promiscuous mode [ 360.858374][ T5898] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 360.871702][ T5898] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 360.884101][T17259] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 360.902461][T17259] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 360.903572][ T5898] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 360.920336][ T5898] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 360.929581][ T5898] usb 1-1: Manufacturer: syz [ 360.936288][ T64] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 360.939941][ T5898] usb 1-1: config 0 descriptor?? [ 360.956600][ T64] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 360.962889][T17446] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3301'. [ 360.977679][ T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 361.002887][ T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 361.070091][T17447] netlink: 'syz.3.3289': attribute type 10 has an invalid length. [ 361.078047][ T3556] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 361.078067][ T3556] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 361.109667][T17447] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 361.165730][T17447] 8021q: adding VLAN 0 to HW filter on device bond1 [ 361.187263][ T50] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 361.201120][T17447] bond_slave_0: entered promiscuous mode [ 361.206803][T17447] bond_slave_1: entered promiscuous mode [ 361.212470][T17447] syz_tun: entered promiscuous mode [ 361.218343][ T50] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 361.229837][T17447] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 361.257718][T17447] bond1: (slave macvlan2): speed changed to 0 on port 1 [ 361.267410][T17447] bond1: (slave macvlan2): Enslaving as a backup interface with an up link [ 361.494399][ T5898] appleir 0003:05AC:8243.001E: unknown main item tag 0x0 [ 361.519664][ T5898] appleir 0003:05AC:8243.001E: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0 [ 361.617594][T17459] netlink: 'syz.2.3236': attribute type 7 has an invalid length. [ 361.625451][T17459] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3236'. [ 361.778716][ T5821] Bluetooth: hci1: command tx timeout [ 362.003379][T17463] "syz.4.3305" (17463) uses obsolete ecb(arc4) skcipher [ 362.023105][ T5927] usb 1-1: USB disconnect, device number 14 [ 362.316778][T17477] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3310'. [ 362.364210][T17479] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3311'. [ 362.440044][ T5898] IPVS: starting estimator thread 0... [ 362.482387][T17486] 9p: Bad value for 'rfdno' [ 362.529475][T17484] IPVS: using max 77 ests per chain, 184800 per kthread [ 362.791770][ T5927] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0 [ 362.800627][ T5927] hid-generic 0000:0000:0000.001F: hidraw0: HID v0.00 Device [syz1] on syz0 [ 362.976301][ T5898] usb 4-1: USB disconnect, device number 4 [ 363.011019][ T30] kauditd_printk_skb: 3 callbacks suppressed [ 363.011035][ T30] audit: type=1326 audit(1766379020.423:3674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17500 comm="syz.4.3320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb891f8f749 code=0x7ffc0000 [ 363.068218][ T30] audit: type=1326 audit(1766379020.423:3675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17500 comm="syz.4.3320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb891f8f749 code=0x7ffc0000 [ 363.109580][ T30] audit: type=1326 audit(1766379020.423:3676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17500 comm="syz.4.3320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7fb891f8f749 code=0x7ffc0000 [ 363.118373][T17506] 8021q: adding VLAN 0 to HW filter on device bond0 [ 363.134834][ T30] audit: type=1326 audit(1766379020.423:3677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17500 comm="syz.4.3320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb891f8f749 code=0x7ffc0000 [ 363.174865][T17506] bond0: (slave rose0): Enslaving as an active interface with an up link [ 363.186008][ T30] audit: type=1326 audit(1766379020.423:3678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17500 comm="syz.4.3320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb891f8f749 code=0x7ffc0000 [ 363.263103][ T30] audit: type=1400 audit(1766379020.483:3679): avc: denied { create } for pid=17505 comm="syz.4.3322" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 363.287811][ T30] audit: type=1400 audit(1766379020.483:3680): avc: denied { ioctl } for pid=17505 comm="syz.4.3322" path="socket:[40656]" dev="sockfs" ino=40656 ioctlcmd=0x8990 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 363.314649][ T30] audit: type=1400 audit(1766379020.583:3681): avc: denied { create } for pid=17505 comm="syz.4.3322" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 363.334577][ T30] audit: type=1400 audit(1766379020.583:3682): avc: denied { bind } for pid=17505 comm="syz.4.3322" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 363.393729][T17514] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 363.414444][ T30] audit: type=1400 audit(1766379020.583:3683): avc: denied { connect } for pid=17505 comm="syz.4.3322" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 363.472141][T17516] bond0: entered promiscuous mode [ 363.479077][T17516] bond_slave_0: entered promiscuous mode [ 363.485896][T17516] bond_slave_1: entered promiscuous mode [ 363.498938][T17516] batadv0: entered promiscuous mode [ 363.509636][T17514] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 363.511502][T17516] netlink: 'syz.4.3326': attribute type 10 has an invalid length. [ 363.530420][T17516] syz_tun: entered promiscuous mode [ 363.541654][T17516] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 363.579451][T17519] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 363.619026][T17514] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 364.183585][T17540] sd 0:0:1:0: device reset [ 364.300722][T17548] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3338'. [ 364.878093][ T791] vhci_hcd vhci_hcd.4: vhci_device speed not set [ 365.528097][T17518] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 365.609669][ T5821] Bluetooth: hci5: command 0x0c1a tx timeout [ 365.615714][T17520] Bluetooth: hci5: Opcode 0x0c1a failed: -110 [ 365.798657][T17556] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3341'. [ 365.809740][T17556] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3341'. [ 366.019176][T17561] tunl0: entered promiscuous mode [ 366.026262][T17561] netlink: 'syz.3.3343': attribute type 4 has an invalid length. [ 366.034315][T17561] netlink: 9 bytes leftover after parsing attributes in process `syz.3.3343'. [ 366.443883][T17520] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 366.450148][T17520] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 366.456900][T17520] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 366.462967][T17520] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 366.469030][T17520] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 366.475633][T17520] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 366.578705][T17576] rdma_rxe: rxe_newlink: failed to add bond_slave_0 [ 366.603522][T17579] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3351'. [ 366.718016][ T48] IPVS: starting estimator thread 0... [ 366.728232][ T5927] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 366.858038][T17587] IPVS: using max 48 ests per chain, 115200 per kthread [ 367.689930][ T5821] Bluetooth: hci2: command 0x0c1a tx timeout [ 367.822162][ T791] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0 [ 367.855031][ T791] hid-generic 0000:0000:0000.0020: hidraw0: HID v0.00 Device [syz1] on syz0 [ 368.181524][T17612] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3363'. [ 368.375524][T17621] syzkaller0: entered promiscuous mode [ 368.382891][T17621] syzkaller0: entered allmulticast mode [ 368.403245][T17621] tipc: Started in network mode [ 368.409643][T17621] tipc: Node identity 7a3e89208ae6, cluster identity 4711 [ 368.417586][T17621] tipc: Enabled bearer , priority 0 [ 368.428526][T17619] tipc: Resetting bearer [ 368.464889][T17619] tipc: Disabling bearer [ 368.488272][ T5832] Bluetooth: hci3: command 0x040f tx timeout [ 368.494324][ T5821] Bluetooth: hci1: command 0x0c1a tx timeout [ 368.532317][T17627] sd 0:0:1:0: device reset [ 369.075001][ T30] kauditd_printk_skb: 33 callbacks suppressed [ 369.075023][ T30] audit: type=1400 audit(1766379026.483:3717): avc: denied { getopt } for pid=17636 comm="syz.2.3373" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 369.284009][ T30] audit: type=1400 audit(1766379026.613:3718): avc: denied { mount } for pid=17636 comm="syz.2.3373" name="/" dev="configfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 369.656424][T17641] bond0: entered promiscuous mode [ 369.942680][T17649] netlink: 'syz.3.3374': attribute type 10 has an invalid length. [ 369.969792][T17641] bond0: left promiscuous mode [ 370.056699][T17656] sd 0:0:1:0: device reset [ 370.067755][ T30] audit: type=1400 audit(1766379027.473:3719): avc: denied { remount } for pid=17657 comm="syz.1.3382" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 370.244152][T17669] netlink: 'syz.0.3385': attribute type 39 has an invalid length. [ 370.583377][ T5821] Bluetooth: hci1: command 0x0c1a tx timeout [ 371.184662][T17706] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3402'. [ 371.718109][ T5818] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 371.787367][ T30] audit: type=1400 audit(1766379029.193:3720): avc: denied { create } for pid=17738 comm="syz.3.3416" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 371.798306][T17739] netlink: 104 bytes leftover after parsing attributes in process `syz.3.3416'. [ 371.845276][T17741] syzkaller0: entered promiscuous mode [ 371.851588][T17741] syzkaller0: entered allmulticast mode [ 371.858067][ T30] audit: type=1400 audit(1766379029.193:3721): avc: denied { write } for pid=17738 comm="syz.3.3416" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 371.865919][T17741] tipc: Enabled bearer , priority 0 [ 371.918018][ T30] audit: type=1400 audit(1766379029.193:3722): avc: denied { nlmsg_write } for pid=17738 comm="syz.3.3416" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 371.968002][ T30] audit: type=1400 audit(1766379029.193:3723): avc: denied { nlmsg_read } for pid=17738 comm="syz.3.3416" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 372.058198][T17740] tipc: Resetting bearer [ 372.139299][T17740] tipc: Disabling bearer [ 372.467289][T17721] lo speed is unknown, defaulting to 1000 [ 372.568336][ T5818] usb 2-1: config 0 has no interfaces? [ 372.576402][ T5818] usb 2-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 372.585568][ T5818] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 372.599496][ T5818] usb 2-1: Product: syz [ 372.603713][ T5818] usb 2-1: Manufacturer: syz [ 372.618482][ T5818] usb 2-1: SerialNumber: syz [ 372.634419][ T5818] usb 2-1: config 0 descriptor?? [ 372.648766][ T5821] Bluetooth: hci1: command 0x0c1a tx timeout [ 372.947824][ T5818] IPVS: starting estimator thread 0... [ 373.017645][ T30] audit: type=1400 audit(1766379030.423:3724): avc: denied { ioctl } for pid=17720 comm="syz.1.3409" path="socket:[41965]" dev="sockfs" ino=41965 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 373.091832][T17771] IPVS: using max 39 ests per chain, 93600 per kthread [ 373.115193][T17721] veth0_vlan: left promiscuous mode [ 373.129803][T17721] veth0_vlan: entered promiscuous mode [ 373.243157][ T5927] usb 2-1: USB disconnect, device number 10 [ 373.382687][ T30] audit: type=1400 audit(1766379030.793:3725): avc: denied { search } for pid=17783 comm="syz.2.3435" name="/" dev="configfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 373.407381][ T30] audit: type=1400 audit(1766379030.793:3726): avc: denied { read write } for pid=17785 comm="syz.4.3436" name="rdma_cm" dev="devtmpfs" ino=1271 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 374.208482][ T30] kauditd_printk_skb: 5 callbacks suppressed [ 374.208499][ T30] audit: type=1400 audit(1766379031.623:3732): avc: denied { read write } for pid=17815 comm="syz.2.3451" name="uinput" dev="devtmpfs" ino=920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 374.450500][ T30] audit: type=1400 audit(1766379031.653:3733): avc: denied { open } for pid=17815 comm="syz.2.3451" path="/dev/uinput" dev="devtmpfs" ino=920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 374.554450][ T30] audit: type=1400 audit(1766379031.663:3734): avc: denied { read append } for pid=17817 comm="syz.1.3450" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 374.562221][T17826] sd 0:0:1:0: device reset [ 374.696299][ T30] audit: type=1400 audit(1766379031.663:3735): avc: denied { open } for pid=17817 comm="syz.1.3450" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 374.722006][T17834] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3457'. [ 374.899034][T17828] syzkaller0: entered promiscuous mode [ 374.921013][T17828] syzkaller0: entered allmulticast mode [ 374.928280][T17843] tipc: Started in network mode [ 374.934000][T17843] tipc: Node identity a68934f34753, cluster identity 4711 [ 374.941515][T17843] tipc: Enabled bearer , priority 0 [ 374.954531][T17852] netlink: 'syz.2.3459': attribute type 9 has an invalid length. [ 374.963905][ T30] audit: type=1400 audit(1766379032.373:3736): avc: denied { watch watch_reads } for pid=17850 comm="syz.4.3462" path="/proc/215" dev="proc" ino=42409 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 375.020131][T17823] tipc: Resetting bearer [ 375.037974][ T30] audit: type=1326 audit(1766379032.393:3737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17838 comm="syz.2.3459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa17e38f749 code=0x7ffc0000 [ 375.094283][ T30] audit: type=1326 audit(1766379032.393:3738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17838 comm="syz.2.3459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7fa17e38f749 code=0x7ffc0000 [ 375.135161][ T30] audit: type=1326 audit(1766379032.403:3739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17838 comm="syz.2.3459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa17e38f749 code=0x7ffc0000 [ 375.136067][T17823] tipc: Disabling bearer [ 375.162158][ T30] audit: type=1326 audit(1766379032.403:3740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17838 comm="syz.2.3459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa17e38f749 code=0x7ffc0000 [ 375.206270][ T30] audit: type=1400 audit(1766379032.413:3741): avc: denied { watch watch_reads } for pid=17849 comm="syz.3.3463" path="/99" dev="tmpfs" ino=516 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 375.334907][T17869] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3471'. [ 376.141044][T17900] sd 0:0:1:0: device reset [ 376.496887][T17929] sd 0:0:1:0: device reset [ 376.549495][T17933] random: crng reseeded on system resumption [ 376.564388][T17932] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=44051 sclass=netlink_route_socket pid=17932 comm=syz.4.3498 [ 376.719989][ T5927] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 377.739503][ T5927] usb 1-1: config index 0 descriptor too short (expected 65316, got 36) [ 377.748062][ T5927] usb 1-1: config 0 has too many interfaces: 255, using maximum allowed: 32 [ 377.756749][ T5927] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 377.787969][ T5927] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 255 [ 377.803498][ T5927] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 377.812952][ T5927] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 377.824467][ T5927] usb 1-1: config 0 descriptor?? [ 377.967986][ T5927] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 378.086107][T17975] netlink: 'syz.0.3495': attribute type 10 has an invalid length. [ 378.110155][T17975] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 378.138801][ T5927] usb 3-1: config 0 has no interfaces? [ 378.162201][T17927] 8021q: adding VLAN 0 to HW filter on device bond1 [ 378.180453][T17927] bond_slave_0: entered promiscuous mode [ 378.186138][T17927] bond_slave_1: entered promiscuous mode [ 378.191863][T17927] syz_tun: entered promiscuous mode [ 378.191866][ T5927] usb 3-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 378.191891][ T5927] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 378.198241][T17927] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 378.214941][ T5927] usb 3-1: Product: syz [ 378.222205][T17927] bond1: (slave macvlan2): speed changed to 0 on port 1 [ 378.234814][ T5927] usb 3-1: Manufacturer: syz [ 378.235015][T17927] bond1: (slave macvlan2): Enslaving as a backup interface with an up link [ 378.240362][ T5927] usb 3-1: SerialNumber: syz [ 378.248547][ T5818] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 378.260778][T17946] lo speed is unknown, defaulting to 1000 [ 378.279951][ T48] usb 1-1: USB disconnect, device number 15 [ 378.321908][ T5927] usb 3-1: config 0 descriptor?? [ 378.345930][T17985] capability: warning: `syz.1.3517' uses 32-bit capabilities (legacy support in use) [ 378.410384][ T5818] usb 5-1: Using ep0 maxpacket: 32 [ 378.418226][ T5818] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 378.430436][ T5818] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 378.442906][ T5818] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 378.451244][ T5818] usb 5-1: Product: syz [ 378.455485][ T5818] usb 5-1: Manufacturer: syz [ 378.460301][ T5818] usb 5-1: SerialNumber: syz [ 378.467473][ T5818] usb 5-1: config 0 descriptor?? [ 378.473349][T17968] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22 [ 378.547876][ T5818] usb 3-1: USB disconnect, device number 16 [ 378.779077][ T48] usb 5-1: USB disconnect, device number 25 [ 379.452605][T18016] syzkaller0: entered promiscuous mode [ 379.488086][T18016] syzkaller0: entered allmulticast mode [ 379.542461][T18016] tipc: Started in network mode [ 379.549663][T18016] tipc: Node identity 36e3074140a9, cluster identity 4711 [ 379.574670][T18016] tipc: Enabled bearer , priority 0 [ 379.595046][ T30] kauditd_printk_skb: 13 callbacks suppressed [ 379.595064][ T30] audit: type=1400 audit(1766379037.003:3755): avc: denied { ioctl } for pid=18019 comm="syz.3.3531" path="/dev/fuse" dev="devtmpfs" ino=99 ioctlcmd=0x583b scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 379.655982][ T48] IPVS: starting estimator thread 0... [ 379.669654][T18015] tipc: Resetting bearer [ 379.749726][T18015] tipc: Disabling bearer [ 379.758180][T18023] IPVS: using max 36 ests per chain, 86400 per kthread [ 380.142805][ T30] audit: type=1400 audit(1766379037.553:3756): avc: denied { connect } for pid=18043 comm="syz.2.3540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 380.227994][ T48] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 380.340277][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 380.346702][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 380.382715][ T48] usb 4-1: config 0 has no interfaces? [ 380.407702][ T48] usb 4-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 380.431519][ T48] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 380.455545][ T48] usb 4-1: Product: syz [ 380.466084][ T48] usb 4-1: Manufacturer: syz [ 380.475540][ T48] usb 4-1: SerialNumber: syz [ 380.495212][ T48] usb 4-1: config 0 descriptor?? [ 380.792244][T18031] lo speed is unknown, defaulting to 1000 [ 381.116114][T18059] sd 0:0:1:0: device reset [ 381.205630][T17968] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 381.253077][ T5818] usb 4-1: USB disconnect, device number 5 [ 381.446845][ T30] audit: type=1400 audit(1766379038.853:3757): avc: denied { name_bind } for pid=18070 comm="syz.0.3550" src=65530 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=rawip_socket permissive=1 [ 381.544272][ T30] audit: type=1400 audit(1766379038.883:3758): avc: denied { write } for pid=18070 comm="syz.0.3550" laddr=172.20.20.170 lport=6 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 381.585103][T18078] netlink: 104 bytes leftover after parsing attributes in process `syz.0.3553'. [ 382.377447][T18101] netlink: 'syz.0.3566': attribute type 39 has an invalid length. [ 382.451238][ T30] audit: type=1400 audit(1766379039.863:3759): avc: denied { name_bind } for pid=18102 comm="syz.2.3565" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 382.496624][T18053] syz.1.3543 (18053): drop_caches: 2 [ 383.048227][ T48] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 383.078113][T18129] netlink: 'syz.2.3577': attribute type 39 has an invalid length. [ 383.272353][ T48] usb 5-1: config 0 has no interfaces? [ 383.289844][ T48] usb 5-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 383.299305][ T48] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 383.314803][ T48] usb 5-1: Product: syz [ 383.321319][ T48] usb 5-1: Manufacturer: syz [ 383.327996][ T48] usb 5-1: SerialNumber: syz [ 383.339126][ T48] usb 5-1: config 0 descriptor?? [ 383.753200][T18111] lo speed is unknown, defaulting to 1000 [ 383.896582][ T5818] usb 5-1: USB disconnect, device number 26 [ 384.631871][T18163] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3591'. [ 384.856746][ T30] audit: type=1400 audit(1766379042.253:3760): avc: denied { read } for pid=18174 comm="syz.0.3596" name="file2" dev="tmpfs" ino=392 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 384.962601][T18181] netlink: 104 bytes leftover after parsing attributes in process `syz.2.3599'. [ 385.424796][T18195] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3605'. [ 385.509672][T18198] rdma_rxe: rxe_newlink: failed to add bond_slave_0 [ 385.764823][T18177] syz.0.3596 (18177): drop_caches: 2 [ 385.961967][T18224] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3616'. [ 386.122396][ T30] audit: type=1326 audit(1766379043.533:3761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18234 comm="syz.2.3621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa17e38f749 code=0x7ffc0000 [ 386.182458][ T30] audit: type=1326 audit(1766379043.533:3762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18234 comm="syz.2.3621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa17e38f749 code=0x7ffc0000 [ 386.200979][T18241] netlink: 'syz.3.3623': attribute type 39 has an invalid length. [ 386.207413][ T30] audit: type=1326 audit(1766379043.533:3763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18234 comm="syz.2.3621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa17e38df90 code=0x7ffc0000 [ 386.286187][ T30] audit: type=1326 audit(1766379043.533:3764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18234 comm="syz.2.3621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa17e38df90 code=0x7ffc0000 [ 386.372386][ T30] audit: type=1326 audit(1766379043.533:3765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18234 comm="syz.2.3621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa17e38f749 code=0x7ffc0000 [ 386.403352][ T30] audit: type=1326 audit(1766379043.533:3766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18234 comm="syz.2.3621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa17e38f749 code=0x7ffc0000 [ 386.446338][T18257] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3629'. [ 386.459272][ T30] audit: type=1326 audit(1766379043.533:3767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18234 comm="syz.2.3621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fa17e38f749 code=0x7ffc0000 [ 386.565104][ T30] audit: type=1326 audit(1766379043.533:3768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18234 comm="syz.2.3621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa17e38f749 code=0x7ffc0000 [ 386.628792][ T30] audit: type=1326 audit(1766379043.533:3769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18234 comm="syz.2.3621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa17e38f749 code=0x7ffc0000 [ 386.673227][T18271] sd 0:0:1:0: device reset [ 386.732342][T18275] rdma_rxe: rxe_newlink: failed to add bond_slave_0 [ 386.844329][T18287] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3642'. [ 387.267297][T18322] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3656'. [ 387.409475][ T48] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 387.574948][T18311] lo speed is unknown, defaulting to 1000 [ 387.612666][ T48] usb 5-1: config 0 has no interfaces? [ 387.622031][ T48] usb 5-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 387.657257][ T48] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 387.707996][ T48] usb 5-1: Product: syz [ 387.712202][ T48] usb 5-1: Manufacturer: syz [ 387.716801][ T48] usb 5-1: SerialNumber: syz [ 387.740806][ T48] usb 5-1: config 0 descriptor?? [ 387.820043][T18348] netlink: 'syz.0.3663': attribute type 10 has an invalid length. [ 387.865341][T18348] bond1: option mode: unable to set because the bond device has slaves [ 387.878536][T18350] "syz.2.3666" (18350) uses obsolete ecb(arc4) skcipher [ 387.923994][T18344] bond1: (slave macvlan3): Error -98 calling set_mac_address [ 387.965188][ T48] usb 5-1: USB disconnect, device number 27 [ 388.031119][T18354] netlink: 'syz.3.3665': attribute type 7 has an invalid length. [ 388.038967][T18354] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3665'. [ 388.137771][T18355] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3668'. [ 388.783465][T18371] syzkaller1: entered promiscuous mode [ 388.937711][T18371] syzkaller1: entered allmulticast mode [ 389.380453][T18386] netlink: 104 bytes leftover after parsing attributes in process `syz.1.3681'. [ 389.420167][T18387] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3680'. [ 389.895994][T18399] netlink: 'syz.3.3684': attribute type 7 has an invalid length. [ 389.904491][T18399] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3684'. [ 390.517143][ T30] kauditd_printk_skb: 23 callbacks suppressed [ 390.517158][ T30] audit: type=1400 audit(1766379047.923:3793): avc: denied { unmount } for pid=16859 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 390.692924][T18410] netlink: 104 bytes leftover after parsing attributes in process `syz.4.3687'. [ 390.704822][T18411] netlink: 'syz.1.3688': attribute type 10 has an invalid length. [ 390.726629][T18411] syz_tun: entered promiscuous mode [ 390.733644][T18411] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 390.756160][T18407] bond1: option mode: unable to set because the bond device has slaves [ 390.774536][T18407] bond1: (slave macvlan0): Error -98 calling set_mac_address [ 390.776327][T18416] netlink: 104 bytes leftover after parsing attributes in process `syz.4.3687'. [ 391.397977][ T5818] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 391.430743][T18424] netlink: 104 bytes leftover after parsing attributes in process `syz.1.3693'. [ 391.453912][ T30] audit: type=1400 audit(1766379048.863:3794): avc: denied { read } for pid=18425 comm="syz.3.3694" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 391.480827][ T30] audit: type=1400 audit(1766379048.893:3795): avc: denied { open } for pid=18425 comm="syz.3.3694" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 391.525255][ T30] audit: type=1400 audit(1766379048.913:3796): avc: denied { ioctl } for pid=18425 comm="syz.3.3694" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 391.579323][ T5818] usb 3-1: Using ep0 maxpacket: 32 [ 391.586259][ T5818] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 391.621132][ T5818] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 391.646523][ T5818] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 391.675039][ T5818] usb 3-1: Product: syz [ 391.684115][ T5818] usb 3-1: Manufacturer: syz [ 391.703144][ T5818] usb 3-1: SerialNumber: syz [ 391.720147][ T5818] usb 3-1: config 0 descriptor?? [ 391.730572][T18421] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 391.791122][T18434] 9pnet_virtio: no channels available for device syz [ 391.974553][ T5818] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 391.983199][ T5818] hid-generic 0000:0000:0000.0021: hidraw0: HID v0.00 Device [syz1] on syz0 [ 392.040650][ T30] audit: type=1400 audit(1766379049.453:3797): avc: denied { listen } for pid=18444 comm="syz.4.3703" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 392.113695][ T30] audit: type=1400 audit(1766379049.473:3798): avc: denied { accept } for pid=18444 comm="syz.4.3703" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 392.905500][T18462] sd 0:0:1:0: device reset [ 393.313963][ T30] audit: type=1400 audit(1766379050.723:3799): avc: denied { connect } for pid=18465 comm="syz.0.3709" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 393.558278][ T5818] usb 5-1: new high-speed USB device number 28 using dummy_hcd [ 393.710393][ T5818] usb 5-1: config index 0 descriptor too short (expected 23569, got 27) [ 393.732465][ T5818] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 393.773358][ T5818] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 393.784884][ T5818] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 393.792972][ T5818] usb 5-1: Manufacturer: syz [ 394.041806][ T5818] usb 5-1: config 0 descriptor?? [ 394.182137][ T30] audit: type=1400 audit(1766379051.583:3800): avc: denied { create } for pid=18483 comm="syz.3.3715" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 395.173947][ T5818] rc_core: IR keymap rc-hauppauge not found [ 395.184064][ T5818] Registered IR keymap rc-empty [ 395.195088][ T5818] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0 [ 395.298854][ T5818] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input7 [ 395.431699][ T30] audit: type=1400 audit(1766379052.843:3801): avc: denied { read } for pid=5175 comm="acpid" name="event4" dev="devtmpfs" ino=2928 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 395.462611][ T5818] usb 5-1: USB disconnect, device number 28 [ 395.530907][T18498] netlink: 'syz.3.3718': attribute type 7 has an invalid length. [ 395.539384][T18498] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3718'. [ 395.936437][ T5898] usb 3-1: reset high-speed USB device number 17 using dummy_hcd [ 395.948568][ T5898] usb 3-1: device reset changed ep0 maxpacket size! [ 395.980664][ T30] audit: type=1400 audit(1766379052.863:3802): avc: denied { open } for pid=5175 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=2928 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 396.009903][ T5898] usb 3-1: USB disconnect, device number 17 [ 396.064586][ T30] audit: type=1400 audit(1766379052.863:3803): avc: denied { ioctl } for pid=5175 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=2928 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 396.165575][ T30] audit: type=1400 audit(1766379053.383:3804): avc: denied { wake_alarm } for pid=18499 comm="syz.0.3721" capability=35 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 396.307044][T18502] netlink: 'syz.4.3722': attribute type 10 has an invalid length. [ 396.382287][T18502] 8021q: adding VLAN 0 to HW filter on device bond1 [ 396.388949][ T5898] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 396.515846][T18512] sd 0:0:1:0: device reset [ 396.530931][T18508] evm: overlay not supported [ 396.550915][ T5898] usb 3-1: Using ep0 maxpacket: 16 [ 396.569045][ T5898] usb 3-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 396.609851][ T5898] usb 3-1: config 0 interface 0 has no altsetting 0 [ 396.626684][ T5898] usb 3-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00 [ 396.645892][ T5898] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 396.658964][ T5898] usb 3-1: config 0 descriptor?? [ 396.892735][T18525] 9pnet_virtio: no channels available for device syz [ 397.094257][ T5898] nzxt-smart2 0003:1E71:2009.0022: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.2-1/input0 [ 397.204186][T18530] wg1: entered promiscuous mode [ 397.209173][T18530] wg1: entered allmulticast mode [ 397.531348][ T5818] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 397.591734][ T5927] usb 3-1: USB disconnect, device number 18 [ 397.676065][T18535] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 397.688615][ T5818] usb 4-1: Using ep0 maxpacket: 8 [ 397.718027][ T5818] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 397.736970][ T5818] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 397.756229][ T30] audit: type=1400 audit(1766379055.163:3805): avc: denied { create } for pid=18536 comm="syz.1.3732" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 397.806903][ T5818] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 397.817804][ T30] audit: type=1400 audit(1766379055.193:3806): avc: denied { listen } for pid=18536 comm="syz.1.3732" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 397.865436][ T5818] usb 4-1: config 0 descriptor?? [ 398.014398][ T30] audit: type=1400 audit(1766379055.193:3807): avc: denied { write } for pid=18536 comm="syz.1.3732" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 398.046826][ T30] audit: type=1400 audit(1766379055.253:3808): avc: denied { read } for pid=18540 comm="syz.1.3733" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 398.103339][ T30] audit: type=1400 audit(1766379055.253:3809): avc: denied { open } for pid=18540 comm="syz.1.3733" path="/dev/binderfs/binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 398.145224][ T5818] iowarrior 4-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 398.267435][ T30] audit: type=1400 audit(1766379055.353:3810): avc: denied { write } for pid=18540 comm="syz.1.3733" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 398.849396][T18551] rdma_rxe: rxe_newlink: failed to add bond_slave_0 [ 398.925412][T18553] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=44051 sclass=netlink_route_socket pid=18553 comm=syz.0.3736 [ 399.393614][ T30] audit: type=1400 audit(1766379056.803:3811): avc: denied { write } for pid=18565 comm="syz.4.3742" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 399.610085][T18566] netlink: 'syz.4.3742': attribute type 39 has an invalid length. [ 399.950349][T18579] rdma_rxe: rxe_newlink: failed to add bond_slave_0 [ 400.517566][ T5818] usb 4-1: USB disconnect, device number 6 [ 400.799708][T18589] "syz.2.3750" (18589) uses obsolete ecb(arc4) skcipher [ 400.891933][T18593] random: crng reseeded on system resumption [ 401.087475][ T30] kauditd_printk_skb: 4 callbacks suppressed [ 401.087491][ T30] audit: type=1400 audit(1766379058.493:3816): avc: denied { write } for pid=18583 comm="syz.3.3748" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 401.675683][ T30] audit: type=1400 audit(1766379058.743:3817): avc: denied { read } for pid=18583 comm="syz.3.3748" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 401.675721][ T30] audit: type=1400 audit(1766379059.033:3818): avc: denied { ioctl } for pid=18583 comm="syz.3.3748" path="/dev/fb0" dev="devtmpfs" ino=629 ioctlcmd=0x4601 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 401.803256][ T30] audit: type=1400 audit(1766379059.213:3819): avc: denied { read } for pid=18598 comm="syz.2.3753" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 401.881441][T18604] netlink: 104 bytes leftover after parsing attributes in process `syz.4.3754'. [ 402.310027][T18611] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 403.412551][T18619] QAT: failed to copy from user. [ 404.941670][T18624] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3760'. [ 404.951501][T18624] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=44051 sclass=netlink_route_socket pid=18624 comm=syz.2.3760 [ 405.101850][T18633] "syz.0.3762" (18633) uses obsolete ecb(arc4) skcipher [ 405.281961][ T30] audit: type=1400 audit(1766379062.693:3820): avc: denied { relabelfrom } for pid=18635 comm="syz.4.3765" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 405.312393][T18636] syzkaller0: entered promiscuous mode [ 405.378962][T18636] syzkaller0: entered allmulticast mode [ 406.105079][T18650] slcan: can't register candev [ 406.347247][ T30] audit: type=1400 audit(1766379062.713:3821): avc: denied { relabelto } for pid=18635 comm="syz.4.3765" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 406.834923][ T30] audit: type=1326 audit(1766379064.243:3822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18656 comm="syz.1.3770" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff9f898f749 code=0x0 [ 406.992798][T18670] "syz.2.3776" (18670) uses obsolete ecb(arc4) skcipher [ 407.449544][T18685] netlink: 'syz.3.3782': attribute type 9 has an invalid length. [ 407.467961][ T30] audit: type=1326 audit(1766379064.873:3823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18684 comm="syz.3.3782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb2c18f749 code=0x7ffc0000 [ 407.498170][ T30] audit: type=1326 audit(1766379064.873:3824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18684 comm="syz.3.3782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7fdb2c18f749 code=0x7ffc0000 [ 407.526488][ T30] audit: type=1326 audit(1766379064.873:3825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18684 comm="syz.3.3782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb2c18f749 code=0x7ffc0000 [ 407.637381][T18687] can0: slcan on ttyS3. [ 408.293409][ T30] audit: type=1326 audit(1766379065.703:3826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18688 comm="syz.3.3783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb2c18f749 code=0x7ffc0000 [ 408.469644][T18680] can0 (unregistered): slcan off ttyS3. [ 408.560443][ T30] audit: type=1326 audit(1766379065.743:3827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18688 comm="syz.3.3783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7fdb2c18f749 code=0x7ffc0000 [ 408.619476][ T5821] Bluetooth: hci5: Invalid handle: 0x31c9 > 0x0eff [ 408.651646][T18696] sd 0:0:1:0: device reset [ 408.696833][ T30] audit: type=1326 audit(1766379065.793:3828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18688 comm="syz.3.3783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb2c18f749 code=0x7ffc0000 [ 408.794557][ T30] audit: type=1326 audit(1766379065.803:3829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18688 comm="syz.3.3783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb2c18f749 code=0x7ffc0000 [ 408.850594][T18703] "syz.4.3788" (18703) uses obsolete ecb(arc4) skcipher [ 409.412534][T18693] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 409.420332][T18693] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 409.426451][T18693] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 409.432574][T18693] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 409.438697][T18693] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 409.525859][T18725] netlink: 'syz.3.3793': attribute type 9 has an invalid length. [ 409.548549][ T30] audit: type=1326 audit(1766379066.963:3830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18724 comm="syz.3.3793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb2c18f749 code=0x7ffc0000 [ 409.946726][T18744] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3798'. [ 409.971460][T18743] "syz.4.3800" (18743) uses obsolete ecb(arc4) skcipher [ 410.672833][ T5832] Bluetooth: hci5: command 0x0c1a tx timeout [ 410.929073][T18755] 9pnet_virtio: no channels available for device syz [ 411.468133][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout [ 411.474401][ T5832] Bluetooth: hci3: command 0x040f tx timeout [ 411.480649][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout [ 411.914615][T18759] netlink: 'syz.3.3805': attribute type 39 has an invalid length. [ 412.076807][T18761] fuse: Bad value for 'fd' [ 412.566593][ T30] kauditd_printk_skb: 8 callbacks suppressed [ 412.566609][ T30] audit: type=1400 audit(1766379069.973:3839): avc: denied { map } for pid=18762 comm="syz.2.3808" path="socket:[46629]" dev="sockfs" ino=46629 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 412.839966][ T30] audit: type=1400 audit(1766379070.003:3840): avc: denied { read } for pid=18762 comm="syz.2.3808" path="socket:[46629]" dev="sockfs" ino=46629 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 414.605842][ T30] audit: type=1326 audit(1766379072.013:3841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18779 comm="syz.3.3813" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdb2c18f749 code=0x0 [ 416.473288][ T30] audit: type=1326 audit(1766379073.883:3842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18797 comm="syz.1.3819" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff9f898f749 code=0x0 [ 417.181351][T18805] nvme_fabrics: missing parameter 'transport=%s' [ 417.275586][T18816] netlink: 'syz.0.3823': attribute type 39 has an invalid length. [ 417.283701][T18805] nvme_fabrics: missing parameter 'nqn=%s' [ 417.668078][ T5818] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 417.928482][ T5898] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 417.998065][ T5818] usb 2-1: too many configurations: 9, using maximum allowed: 8 [ 418.111158][ T5818] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 418.150230][ T5818] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 418.161844][ T5898] usb 3-1: Using ep0 maxpacket: 8 [ 418.195553][ T5898] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 418.227860][ T5818] usb 2-1: config 0 interface 0 has no altsetting 0 [ 418.239417][T18835] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7) [ 418.245379][ T5898] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 418.245946][T18835] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 418.263492][ T5818] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 418.283112][T18835] vhci_hcd vhci_hcd.0: Device attached [ 418.291048][ T5898] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 418.302874][ T5818] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 418.367122][ T5898] usb 3-1: config 0 descriptor?? [ 418.386485][ T5818] usb 2-1: config 0 interface 0 has no altsetting 0 [ 418.418023][ T5818] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 418.474358][ T5818] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 418.522000][ T5818] usb 2-1: config 0 interface 0 has no altsetting 0 [ 418.541222][ T5818] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 418.558103][ T791] usb 42-1: SetAddress Request (2) to port 0 [ 418.570994][ T791] usb 42-1: new SuperSpeed USB device number 2 using vhci_hcd [ 418.574805][ T5818] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 418.574829][ T5818] usb 2-1: config 0 interface 0 has no altsetting 0 [ 418.578620][ T5818] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 418.578660][ T5818] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 418.578676][ T5818] usb 2-1: config 0 interface 0 has no altsetting 0 [ 418.583265][ T5818] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 418.583306][ T5818] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 418.583322][ T5818] usb 2-1: config 0 interface 0 has no altsetting 0 [ 418.586783][ T5818] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 418.586846][ T5818] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 418.586873][ T5818] usb 2-1: config 0 interface 0 has no altsetting 0 [ 418.589496][ T5818] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 418.589534][ T5818] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 418.589549][ T5818] usb 2-1: config 0 interface 0 has no altsetting 0 [ 418.591098][ T5818] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 418.591116][ T5818] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 418.591142][ T5818] usb 2-1: Product: syz [ 418.591151][ T5818] usb 2-1: Manufacturer: syz [ 418.591159][ T5818] usb 2-1: SerialNumber: syz [ 418.592585][ T5818] usb 2-1: config 0 descriptor?? [ 418.595279][ T5818] yurex 2-1:0.0: USB YUREX device now attached to Yurex #0 [ 418.611128][ T5898] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior1 [ 418.889108][ T30] audit: type=1400 audit(1766379076.273:3843): avc: denied { write } for pid=18846 comm="syz.0.3836" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 418.925711][ T48] usb 3-1: USB disconnect, device number 19 [ 418.980144][ T5898] usb 2-1: USB disconnect, device number 11 [ 418.995153][ T5898] yurex 2-1:0.0: USB YUREX #0 now disconnected [ 419.009566][T18852] kAFS: No cell specified [ 419.135930][T18838] vhci_hcd: connection reset by peer [ 419.147867][ T4563] vhci_hcd vhci_hcd.4: stop threads [ 419.148121][ T4563] vhci_hcd vhci_hcd.4: release socket [ 419.148162][ T4563] vhci_hcd vhci_hcd.4: disconnect device [ 419.477762][ T30] audit: type=1400 audit(1766379076.883:3844): avc: denied { append } for pid=18857 comm="syz.3.3841" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 419.490910][ T30] audit: type=1400 audit(1766379076.903:3845): avc: denied { append } for pid=18857 comm="syz.3.3841" name="pfkey" dev="proc" ino=4026533120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 419.772709][T18870] sd 0:0:1:0: device reset [ 420.258837][ T30] audit: type=1400 audit(1766379077.663:3846): avc: denied { add_name } for pid=18883 comm="syz.0.3852" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0" [ 420.262784][ T30] audit: type=1400 audit(1766379077.673:3847): avc: denied { create } for pid=18883 comm="syz.0.3852" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 420.262964][ T30] audit: type=1400 audit(1766379077.673:3848): avc: denied { associate } for pid=18883 comm="syz.0.3852" name="file0" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 420.263333][T18885] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000007: 0000 [#1] SMP KASAN NOPTI [ 420.263348][T18885] KASAN: null-ptr-deref in range [0x0000000000000038-0x000000000000003f] [ 420.263360][T18885] CPU: 0 UID: 0 PID: 18885 Comm: syz.0.3852 Not tainted syzkaller #0 PREEMPT(full) [ 420.263374][T18885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 420.263382][T18885] RIP: 0010:simple_xattrs_free+0x60/0x1e0 [ 420.263402][T18885] Code: ea 03 80 3c 02 00 0f 85 8b 01 00 00 49 c7 45 00 00 00 00 00 e8 21 9c 75 ff 4c 89 fa 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 56 01 00 00 48 bd 00 00 00 00 00 fc ff df 49 8b [ 420.263414][T18885] RSP: 0018:ffffc9000b50fae0 EFLAGS: 00010202 [ 420.263425][T18885] RAX: dffffc0000000000 RBX: ffff8880299daa50 RCX: ffffc9000e83b000 [ 420.263433][T18885] RDX: 0000000000000007 RSI: ffffffff82494a4f RDI: 0000000000000038 [ 420.263440][T18885] RBP: ffff8880299daae8 R08: 0000000000000005 R09: 0000000000000000 [ 420.263447][T18885] R10: 00000000ffffffea R11: ffffffff82288a74 R12: 1ffff920016a1f6b [ 420.263455][T18885] R13: 0000000000000000 R14: ffff88801fe8df00 R15: 0000000000000038 [ 420.263463][T18885] FS: 00007fe5181496c0(0000) GS:ffff8881248f5000(0000) knlGS:0000000000000000 [ 420.263474][T18885] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 420.263482][T18885] CR2: 00007fe518148f98 CR3: 000000005ee74000 CR4: 00000000003526f0 [ 420.263489][T18885] Call Trace: [ 420.263493][T18885] [ 420.263499][T18885] __kernfs_new_node+0x7b4/0x990 [ 420.263516][T18885] ? __pfx___kernfs_new_node+0x10/0x10 [ 420.263531][T18885] ? find_held_lock+0x2b/0x80 [ 420.263549][T18885] ? kernfs_root+0xee/0x2a0 [ 420.263570][T18885] kernfs_new_node+0x13c/0x1e0 [ 420.263586][T18885] ? kasan_save_track+0x14/0x30 [ 420.263601][T18885] kernfs_create_dir_ns+0x4c/0x1a0 [ 420.263619][T18885] cgroup_mkdir+0x40f/0x12e0 [ 420.263634][T18885] ? __pfx_cgroup_mkdir+0x10/0x10 [ 420.263646][T18885] kernfs_iop_mkdir+0x111/0x190 [ 420.263662][T18885] ? bpf_lsm_inode_mkdir+0x9/0x10 [ 420.263681][T18885] vfs_mkdir+0x731/0xb60 [ 420.263694][T18885] do_mkdirat+0x442/0x5e0 [ 420.263711][T18885] ? __pfx_do_mkdirat+0x10/0x10 [ 420.263726][T18885] ? strncpy_from_user+0x203/0x2e0 [ 420.263748][T18885] ? getname_flags.part.0+0x1c5/0x550 [ 420.263760][T18885] __x64_sys_mkdir+0xef/0x140 [ 420.263776][T18885] do_syscall_64+0xcd/0xf80 [ 420.263792][T18885] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 420.263804][T18885] RIP: 0033:0x7fe51738f749 [ 420.263813][T18885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 420.263824][T18885] RSP: 002b:00007fe518149038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 420.263834][T18885] RAX: ffffffffffffffda RBX: 00007fe5175e5fa0 RCX: 00007fe51738f749 [ 420.263841][T18885] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 420.263848][T18885] RBP: 00007fe517413f91 R08: 0000000000000000 R09: 0000000000000000 [ 420.263854][T18885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 420.263861][T18885] R13: 00007fe5175e6038 R14: 00007fe5175e5fa0 R15: 00007ffcdde03538 [ 420.263871][T18885] [ 420.263874][T18885] Modules linked in: [ 420.263890][T18885] ---[ end trace 0000000000000000 ]--- [ 420.263900][T18885] RIP: 0010:simple_xattrs_free+0x60/0x1e0 [ 420.263912][T18885] Code: ea 03 80 3c 02 00 0f 85 8b 01 00 00 49 c7 45 00 00 00 00 00 e8 21 9c 75 ff 4c 89 fa 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 56 01 00 00 48 bd 00 00 00 00 00 fc ff df 49 8b [ 420.263922][T18885] RSP: 0018:ffffc9000b50fae0 EFLAGS: 00010202 [ 420.263931][T18885] RAX: dffffc0000000000 RBX: ffff8880299daa50 RCX: ffffc9000e83b000 [ 420.263938][T18885] RDX: 0000000000000007 RSI: ffffffff82494a4f RDI: 0000000000000038 [ 420.263945][T18885] RBP: ffff8880299daae8 R08: 0000000000000005 R09: 0000000000000000 [ 420.263953][T18885] R10: 00000000ffffffea R11: ffffffff82288a74 R12: 1ffff920016a1f6b [ 420.263961][T18885] R13: 0000000000000000 R14: ffff88801fe8df00 R15: 0000000000000038 [ 420.263969][T18885] FS: 00007fe5181496c0(0000) GS:ffff8881248f5000(0000) knlGS:0000000000000000 [ 420.263981][T18885] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 420.263989][T18885] CR2: 00007fe518148f98 CR3: 000000005ee74000 CR4: 00000000003526f0 [ 420.263998][T18885] Kernel panic - not syncing: Fatal exception [ 420.264360][T18885] Kernel Offset: disabled