last executing test programs: 757.753503ms ago: executing program 2 (id=334): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_GUEST_MEMFD(r0, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000}) ioctl$KVM_SET_USER_MEMORY_REGION2(r0, 0x40a0ae49, &(0x7f0000000180)={0x4, 0x4, 0x80a0000, 0x1000, &(0x7f000027e000/0x1000)=nil, 0x0, r1}) ioctl$KVM_SET_USER_MEMORY_REGION2(r0, 0x40a0ae49, &(0x7f0000000240)={0x1ff, 0x4, 0xffff1000, 0x2000, &(0x7f000027e000/0x2000)=nil, 0x0, r1}) 757.613257ms ago: executing program 2 (id=335): socket$nl_generic(0x10, 0x3, 0x10) socket$inet6_sctp(0xa, 0x5, 0x84) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0) r1 = ioctl$KVM_CREATE_GUEST_MEMFD(0xffffffffffffffff, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000}) fallocate(r1, 0x1, 0x100000000, 0x10000) 675.798889ms ago: executing program 2 (id=336): r0 = syz_io_uring_setup(0xec4, &(0x7f00000003c0)={0x0, 0xffffff7c, 0x2, 0x3, 0x34b}, &(0x7f0000000500)=0x0, &(0x7f0000000600)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) io_uring_enter(r0, 0x0, 0xa9e7, 0x3, 0x0, 0x0) 675.358496ms ago: executing program 2 (id=339): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2280, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x54, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 671.47193ms ago: executing program 3 (id=340): r0 = syz_open_procfs(0x0, &(0x7f0000000300)='net/dev_snmp6\x00') fchdir(r0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x0, 0x80) r2 = socket$inet6_udp(0xa, 0x2, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x300000a, 0x12, r2, 0x852ac000) getdents64(r1, &(0x7f0000000f80)=""/4096, 0x1000) 569.539375ms ago: executing program 3 (id=341): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x61, 0x0, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000200)={0x1, 0x0, [{0x4b564d03, 0x0, 0x1}]}) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r2, 0x4068aea3, &(0x7f0000000600)={0xbe, 0x0, 0x1}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 567.006949ms ago: executing program 0 (id=343): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$inet(0xa, 0x801, 0x84) listen(r0, 0x6001) ppoll(&(0x7f0000000080)=[{r0, 0x400}], 0x1, &(0x7f0000000100), 0x0, 0x0) 495.651895ms ago: executing program 0 (id=344): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x101800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x6) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00009b3000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x1, 0x0, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000400)={0x1, 0x0, [{0x7, 0x43, 0x6, 0x8, 0x200}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 495.163775ms ago: executing program 2 (id=345): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)={0xaa, 0x30}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5}) mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00') read$FUSE(r1, &(0x7f00000020c0)={0x2020}, 0x2020) read$FUSE(r1, &(0x7f00000075c0)={0x2020}, 0x2020) 397.792557ms ago: executing program 2 (id=347): r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc4042, 0x1ff) creat(&(0x7f00000003c0)='./file1\x00', 0x192) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) r3 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x7) pwrite64(r2, &(0x7f0000000280)='\"', 0x1, 0x4ded0) r4 = open(&(0x7f0000000080)='./file1\x00', 0x64842, 0x86) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r4, &(0x7f0000000040)={0x4, 0xfffffffffffffd80, 0xfa00, {0xffffffffffffffff, 0xd}}, 0xfffffe01) sendfile(r1, r0, 0x0, 0xfffa83) ioctl$KVM_SET_XSAVE(0xffffffffffffffff, 0x5000aea5, &(0x7f0000000400)={[0x5, 0x62, 0x3, 0xffff, 0x5, 0xfff, 0x0, 0x1000, 0x5, 0x6, 0x9, 0x80000001, 0x13c, 0x8, 0x7fff, 0x7e, 0x5, 0x4, 0x6, 0x20000000, 0x8, 0x80000000, 0x6, 0x9, 0x80000001, 0x8, 0x0, 0x1, 0x0, 0x3, 0x1, 0x1200, 0x7, 0x0, 0x27c, 0x5, 0x0, 0x1ff, 0x0, 0x2, 0xccf, 0x0, 0x9, 0x0, 0x9, 0x8, 0xa92, 0x0, 0x10, 0x5e, 0x5, 0xa4, 0x7007, 0x3, 0xf6, 0x0, 0x8, 0x100, 0x2, 0x7, 0x401, 0xc0e, 0x5, 0x7fff, 0x7851, 0xce93, 0x1, 0x1, 0x7, 0x42, 0x7fff, 0x8000, 0x80000000, 0x5, 0x1, 0x62, 0x0, 0x80000000, 0xffffffff, 0xffffffff, 0x1, 0x9, 0x75d, 0x6, 0xc8, 0x0, 0xf6a, 0x9b4, 0x5, 0x40, 0x6, 0x80, 0x5, 0x3, 0x78, 0x8, 0x5, 0xf, 0x7, 0x3, 0x0, 0x401, 0xb5b0, 0xf00, 0x4, 0x5e4, 0x4, 0x0, 0xc408, 0x5, 0x1955, 0x1, 0x2, 0xa, 0x6, 0x81, 0x1, 0x36, 0xfa16, 0x400, 0x7d, 0x4, 0x8, 0x5c, 0x4, 0xef, 0x10, 0x8f, 0x7f, 0x5, 0x9, 0x3, 0x9, 0x1b90d8cf, 0x5, 0x700, 0x5, 0x9, 0x5, 0x1, 0x7, 0x9, 0x200, 0x3, 0x8fc1, 0x0, 0x0, 0x8000, 0x5, 0xfffffffd, 0x7, 0x401, 0x0, 0x200, 0x2, 0x6, 0x2, 0x8, 0x7, 0xe80, 0x200, 0x2, 0x35f7, 0x9, 0x0, 0x5, 0x2, 0xea0, 0x35b, 0x6, 0xffffffff, 0x3, 0x9, 0x8, 0x400, 0x5, 0xfff, 0xc00000, 0x101, 0x3, 0x5, 0x8001, 0x4, 0x5, 0xd0, 0x5, 0x0, 0x7, 0x4, 0x78d, 0xa, 0x0, 0x1, 0xfffffff7, 0x10, 0x3, 0x200, 0x81, 0x3d4b, 0x7ff, 0xd1, 0x8, 0x8, 0x2, 0x8, 0x7ff, 0xdc4, 0x9, 0x6, 0x7, 0x8, 0xffffff62, 0x5, 0x0, 0x2, 0x1, 0x88, 0xfffffff8, 0x7f, 0x2800000, 0x246, 0x2, 0xfffffffa, 0x2, 0x4, 0x400, 0x0, 0x0, 0x5, 0x4, 0x0, 0x5, 0x7, 0x5, 0xb68dc0a, 0xd, 0x6, 0x80, 0x2, 0x7fffffff, 0xfffffff9, 0x0, 0x2, 0xfffffffd, 0x7fffffff, 0x56e, 0x3, 0x6, 0x7, 0x8, 0x8, 0x0, 0x1ff, 0x6, 0x3, 0xc1, 0x8, 0x7fff, 0x4, 0x10000, 0x9, 0x65ce0000, 0xa1, 0xb, 0x100, 0x5cb, 0x8, 0x1, 0x9, 0x5, 0xfc, 0x6, 0x2, 0x6, 0x84f, 0x400, 0x2, 0x1, 0x8, 0x5, 0x3, 0x8001, 0x4, 0x44a, 0xfffffff7, 0x8, 0x9, 0x10, 0x0, 0x3ff, 0x0, 0x9, 0x2, 0x8, 0x4, 0x6, 0x0, 0x100, 0x3, 0xed, 0x2, 0x0, 0x0, 0x1000, 0x7fffffff, 0xc, 0xdb1f, 0x23, 0x7, 0x0, 0x4, 0xfffffffa, 0x9, 0xd68, 0x4, 0x0, 0xff, 0xac, 0x0, 0x7, 0x5, 0x8, 0xf7db, 0x5, 0x9, 0x8, 0xffffff01, 0x10000, 0x6, 0x6, 0xff, 0x24d8, 0x3, 0xc2, 0xfff, 0xfffffff8, 0xf, 0x7, 0x4, 0xfffffff7, 0x7, 0xf, 0x800, 0x40, 0x5, 0x7, 0x63e7, 0xfffffffa, 0x5, 0xf5, 0x3, 0x4, 0x3, 0x6, 0x40, 0x1, 0x7, 0x1, 0x9, 0x3, 0x9, 0x8, 0xd, 0x85b, 0x2b, 0x200, 0x1, 0xf0a9, 0xffffffff, 0x2, 0x7, 0x3d7, 0x8000, 0xffffffff, 0x7, 0x5, 0x100, 0x4, 0x8, 0x1000, 0x1, 0x4, 0x3ef, 0x4, 0x6, 0x7, 0x40, 0x7fffffff, 0x8, 0x2, 0x800, 0x0, 0x36, 0x4, 0x200, 0xfffffff8, 0x20f, 0x0, 0x6, 0x4, 0xb, 0x0, 0x0, 0x46dc6ea7, 0x6, 0x8, 0x8, 0x80000000, 0x5, 0x3, 0x9, 0x6, 0x2db2, 0x7, 0x4, 0x9, 0x4, 0x1, 0xd, 0x3, 0x2, 0x10000, 0x6, 0x6, 0xfff, 0x8, 0x10001, 0x5, 0x4996, 0xe0, 0x21, 0x4, 0x14, 0xfffffffd, 0x1, 0x5, 0x6, 0x6, 0x3ff, 0x2, 0x2, 0x0, 0xb8, 0x80000001, 0x4, 0x0, 0x42, 0x3, 0x2, 0x6, 0x8, 0x9, 0x3, 0x0, 0x3, 0x8, 0x4, 0x3, 0x80000001, 0x5, 0x7, 0x9b9, 0x6, 0x0, 0x100, 0x8, 0x4, 0x3, 0x0, 0x37b9, 0x6, 0x10001, 0x4, 0x9, 0x8000, 0x7, 0xffffffff, 0x40, 0x2, 0x6, 0x3, 0x6, 0x8000, 0x800, 0xd, 0x6, 0x5, 0xffffffd4, 0x9, 0x0, 0x1, 0x800, 0x4, 0xb0, 0x1000, 0x9, 0x7, 0x80000000, 0xc, 0x3, 0x80000001, 0x1, 0x2, 0xffffffff, 0x0, 0x8, 0x0, 0x8, 0xc940, 0x5, 0xf3, 0x0, 0xccfe, 0x3, 0x8, 0x4, 0x5, 0xfffffffa, 0x53bf, 0x5, 0x5, 0xfff, 0x1e, 0xfffffff7, 0xbb85, 0x2, 0xfff, 0x4, 0x4, 0x8, 0x6, 0x0, 0x83, 0x4, 0x8, 0xa9f, 0x8, 0x7, 0x9, 0x74b, 0x7, 0x5, 0x4, 0x1, 0x0, 0x8, 0x571, 0x3, 0x27, 0x80f1, 0x9, 0x1ff, 0x8, 0x8, 0x5, 0xf, 0x7fffffff, 0x4, 0x3, 0x8, 0x0, 0x101, 0x4, 0xd3e8, 0x3, 0x3, 0x5, 0x5, 0x3, 0x7404, 0x9, 0x1, 0x3, 0x3ff, 0x926, 0x2, 0xffff, 0x3, 0x3, 0xcaac, 0xffff, 0x401, 0x1, 0x1, 0xfffffffb, 0x0, 0x7, 0x7, 0x1, 0x9, 0x6, 0x5f, 0x85f, 0x5, 0x8, 0x3, 0x7, 0x40, 0x2, 0x7ff, 0x401, 0x10000, 0x0, 0x10737f66, 0xcd, 0x9, 0x8, 0x9, 0x0, 0x9, 0x0, 0x4, 0x9, 0x6, 0x2, 0x0, 0x200, 0x6, 0xfffffff7, 0x0, 0x5, 0x6, 0x58f, 0x8, 0x8, 0x9, 0x2, 0x4, 0x6, 0x0, 0x9, 0x1, 0x10000, 0x5, 0x7, 0x95, 0x7, 0x4, 0x0, 0x7, 0x2, 0xa1, 0xc, 0x8000, 0x4, 0x8e, 0xfffffffd, 0xb, 0xfffffffb, 0x80000001, 0x1, 0x9, 0x1e2a, 0x49, 0x8, 0x3, 0xfffffff7, 0x8b98, 0x1, 0x4, 0xa0, 0x3, 0x40, 0x8, 0x1, 0x7, 0x5, 0x69, 0x8, 0xfffffff7, 0x7, 0x8, 0x2, 0x5, 0xe48a, 0x2, 0x9, 0x1, 0xf64, 0x4f, 0x8ab, 0x700, 0x7, 0x8, 0xffffa569, 0xad0, 0x3, 0x8, 0x1, 0x5fb22f8b, 0x4, 0x1, 0x8, 0x1, 0x3, 0x8, 0x8, 0x3, 0x7, 0x0, 0x9, 0xfb52, 0xf1e1, 0xffffffa9, 0x1ff, 0x7, 0x11, 0x5, 0x8, 0x8, 0x9, 0x6, 0xfffffff7, 0x6, 0x1, 0x66, 0x7, 0xfffffff8, 0x6, 0x401, 0xffff, 0x9, 0x5e, 0x1, 0x7, 0xf2, 0x2, 0x3075, 0x5, 0x8f, 0x7fff, 0x180, 0x1, 0x400, 0x3, 0x3, 0x2, 0x40, 0x73, 0x80, 0x5d, 0x100, 0x7c20, 0x1ff, 0x4, 0x1e89, 0xf, 0x0, 0x5, 0xffff, 0xfffff001, 0x5, 0x3, 0xd61, 0x800, 0x401, 0xdf5b, 0xffffffff, 0x6e, 0x3, 0x8, 0x7, 0x80, 0xf8, 0x9, 0x7c, 0x4, 0x2, 0x401, 0x1, 0x5, 0x6, 0x1, 0x1, 0xfffffff7, 0x9, 0x4, 0x2, 0x8df6, 0xf2d, 0x6, 0x4, 0x8000, 0x5, 0x0, 0x2, 0x5, 0xd, 0x3, 0x9, 0x1, 0x5, 0xffffffff, 0xff, 0xfff, 0x1000, 0xffffffff, 0xef, 0x9, 0x5d, 0x3ff, 0x80000001, 0x800, 0x6, 0x1, 0x9, 0x3, 0x40, 0x4, 0xfffffff7, 0xffffffc3, 0x0, 0x1000, 0x80, 0x68, 0x3, 0x1, 0x95, 0x1, 0x1, 0xf25, 0x7f, 0x0, 0x6, 0x7, 0x4, 0x9, 0x8, 0x5, 0x3e4f, 0xf, 0x8, 0xfeb5, 0x2, 0x3ff, 0x0, 0x2, 0x6, 0xfffffffc, 0x100, 0x10, 0x3, 0x10, 0x81, 0x8, 0x7ff, 0x2, 0x2, 0x4, 0x1, 0x7fff, 0xffff, 0xfffffff9, 0xfffffffc, 0x2, 0x0, 0x6, 0x40, 0x2, 0x0, 0x8, 0xfffff1b8, 0x9, 0xef, 0x7ff, 0x40, 0x5, 0x8, 0x2, 0x2, 0x7, 0x1, 0xd, 0x8, 0xb, 0xfffffe00, 0x10000, 0x9, 0x3, 0x7, 0x8, 0x2, 0x9, 0x4, 0xb, 0x200, 0xfff, 0x0, 0x63e, 0xffffe5d5, 0xcc6, 0x2, 0x9, 0x87d, 0xfffffff9, 0x81, 0x41, 0x3, 0x185, 0x100, 0x1, 0x80, 0x6590976b, 0x2, 0x8, 0x0, 0x1, 0x4, 0x7fffffff, 0xc, 0x400, 0x5c6, 0xfffffffc, 0x0, 0xffffffff, 0x9, 0x4, 0xc503, 0x9, 0x8, 0x7, 0x3, 0x10, 0x200, 0xc, 0x7f, 0x7, 0x3, 0xff, 0x3, 0x7, 0x7, 0x10001, 0xd9, 0x8000, 0xe, 0x9, 0x6, 0xe, 0x2, 0x9, 0x9, 0x6, 0x7fff, 0x6, 0x8, 0xd75, 0xfff, 0x9, 0xffffb452, 0x100, 0x5, 0x81, 0x1, 0x4, 0x81, 0x1, 0xe84b, 0x8d9, 0x1, 0x1, 0x7, 0x10001, 0xffff, 0x4, 0xbae5, 0x5064, 0x5, 0xd, 0x10, 0x0, 0x9, 0x4, 0x80000001, 0x10, 0x6, 0x6, 0x4, 0x16c, 0x8, 0x3, 0x100, 0x7, 0x0, 0x400, 0x2, 0xd, 0xfffffffc, 0x6, 0x7fff, 0x3, 0xfffffff7, 0x1000, 0x5, 0x3, 0x3, 0xc4b9, 0xfffffffc, 0x3, 0x3a, 0x1, 0xffff390a, 0x2, 0x80000000, 0x0, 0x93, 0x9, 0xeb, 0x6, 0x80000000, 0x7, 0x4, 0x9, 0x2, 0x8, 0x9, 0xbb, 0x401, 0xffffffff, 0x7, 0xfff, 0x9, 0x0, 0x20000]}) linkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x400) 397.63704ms ago: executing program 3 (id=348): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x3, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) r1 = fcntl$dupfd(r0, 0x406, r0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x0, 0x0}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf32(r1, &(0x7f0000000640)={{0x7f, 0x45, 0x4c, 0x46, 0x40, 0x0, 0x9b, 0x5, 0xffffffff7fffffff, 0x2, 0x3, 0x8, 0x2a, 0x38, 0x329, 0xb, 0x0, 0x20, 0x1, 0x9, 0x7ff}, [{0x2, 0x5dbf, 0x2, 0x6, 0x8000, 0x5, 0x400, 0xb}], "", ['\x00']}, 0x158) shutdown(r0, 0x1) 346.046311ms ago: executing program 3 (id=349): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000bfd000/0x400000)=nil) r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000080)={0x0, &(0x7f0000000f40)=[@rdmsr={0x66, 0x18, {0x40000001}}], 0x18}) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000000)={0x1, 0x0, [{0x40000001, 0x4, 0x2, 0x31237648, 0x6, 0x2, 0x80}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 277.734441ms ago: executing program 1 (id=350): r0 = socket(0xa, 0x5, 0x0) connect$inet(r0, 0x0, 0x0) 277.253318ms ago: executing program 0 (id=351): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x3000, 0x5000, 0x1}) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r1, 0x80286722, &(0x7f0000000140)={&(0x7f0000000080)=""/165, 0xa5, 0x69, 0x8}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000380)={0x2, 0x25000, 0x1}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000040)={0x2, 0x12000, 0x1}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0xeeee8000, 0x2000, 0x1}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 224.757314ms ago: executing program 1 (id=352): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f00000005c0)={0x11, 0x4, 0xef}) 224.626736ms ago: executing program 3 (id=353): prctl$PR_SET_NO_NEW_PRIVS(0x41, 0x1) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4) 224.567864ms ago: executing program 1 (id=354): r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net\x00') fcntl$notify(r0, 0x402, 0xc0000001) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/stat\x00') getdents64(r1, &(0x7f0000000180)=""/118, 0x76) openat$kvm(0xffffffffffffff9c, 0x0, 0x181900, 0x0) getdents(r1, 0x0, 0x0) 129.718644ms ago: executing program 1 (id=355): syz_io_uring_setup(0x2f90, 0x0, 0x0, 0x0) epoll_create(0xaf2) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0xc0, 0x49, 0x7fff0000}]}) mlock(&(0x7f00007fe000/0x800000)=nil, 0x800000) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) madvise(&(0x7f00005ff000/0x3000)=nil, 0x3000, 0x17) gettid() timer_create(0x0, 0x0, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) r0 = eventfd2(0x8, 0x0) read(r0, &(0x7f0000000000)=""/57, 0x39) 129.544024ms ago: executing program 3 (id=356): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f00000003c0)="0f326635004000000f300f00d636808a0d0001ba4300b80b00eb66b88c5000000f23d02a3ff866352000000e0f23f80f01c30f789deb32660f3a21cf220f2bb00058660f1bde", 0x46}], 0x1, 0x0, 0x0, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000380)={0xa, 0x4, 0x9, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x9}, 0x1c) ioctl$KVM_RUN(r5, 0xae80, 0x0) 129.329425ms ago: executing program 0 (id=357): r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x100, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xa) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000614000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000100)="660fc732650f07470f01cab9800000c02e6726f3400fc7b50000000008040421020f30c4417ff030b9800000c048b800000000008000000f23c00f21f835010003000f23f80f30640f01cf65490fc79ce656000000f3010f1efcfc64653e470f1f690c", 0x63}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, 0x0}], 0x1, 0x77, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 7.68977ms ago: executing program 1 (id=358): sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x1bdca277f23de2a5}, 0x8801) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000000)={0x0, 0x64}, &(0x7f0000000040)=0x8) 7.550571ms ago: executing program 0 (id=359): r0 = socket(0xa, 0x3, 0xff) setsockopt$inet6_int(r0, 0x29, 0x3, &(0x7f0000000040)=0x7, 0x4) syz_emit_ethernet(0x3e, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa3986dd6c4000000000000000010000000000000000000000000000fe8000000000000000000000000000aaff"], 0x0) setsockopt$inet6_int(r0, 0x29, 0x8, &(0x7f0000000080)=0x8000, 0x4) recvmmsg(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=""/231, 0xe7}, 0x73b}], 0x1, 0x4020, 0x0) 7.497274ms ago: executing program 1 (id=360): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x101800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x6) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00009b3000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, &(0x7f0000000240)="b9800000c00f3235004000000f30b9fa000000130f01d9300d76c4020a1bf7b805000000b90000c0fe0f3cae0a41d941d9000f32ba00e500000f30660fc775022e0fba600c9864660ffc76002f3166b85766baa00066ed00d0", 0x59}], 0x1, 0x1, 0x0, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 0s ago: executing program 0 (id=361): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB="300000006a0019012cbd7000eedbdf2502000000000000040400090008000100"], 0x30}, 0x1, 0x0, 0x0, 0x40d0}, 0x0) kernel console output (not intermixed with test programs): [ 44.101525][ T40] audit: type=1400 audit(1767159591.817:59): avc: denied { write } for pid=5837 comm="sh" path="pipe:[7419]" dev="pipefs" ino=7419 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 44.114688][ T40] audit: type=1400 audit(1767159591.817:60): avc: denied { rlimitinh } for pid=5837 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 44.123725][ T40] audit: type=1400 audit(1767159591.817:61): avc: denied { siginh } for pid=5837 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '[localhost]:22848' (ED25519) to the list of known hosts. [ 46.343739][ T40] audit: type=1400 audit(1767159594.067:62): avc: denied { name_bind } for pid=5844 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 46.388429][ T40] audit: type=1400 audit(1767159594.117:63): avc: denied { execute } for pid=5845 comm="sh" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 46.396893][ T40] audit: type=1400 audit(1767159594.117:64): avc: denied { execute_no_trans } for pid=5845 comm="sh" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 48.407519][ T40] audit: type=1400 audit(1767159596.137:65): avc: denied { getattr } for pid=5897 comm="rm" path="/run/dhcpcd/hook-state/resolv.conf.lapb3.ipv4ll" dev="tmpfs" ino=1953 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 48.421237][ T40] audit: type=1400 audit(1767159596.137:66): avc: denied { unlink } for pid=5897 comm="rm" name="resolv.conf.lapb3.ipv4ll" dev="tmpfs" ino=1953 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 48.437027][ T5845] cgroup: Unknown subsys name 'net' [ 48.579036][ T5845] cgroup: Unknown subsys name 'cpuset' [ 48.585146][ T5845] cgroup: Unknown subsys name 'rlimit' [ 48.806961][ T5907] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 49.628257][ T5845] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 53.003680][ T40] kauditd_printk_skb: 18 callbacks suppressed [ 53.003691][ T40] audit: type=1400 audit(1767159600.727:85): avc: denied { execmem } for pid=5929 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 53.171072][ T40] audit: type=1400 audit(1767159600.897:86): avc: denied { create } for pid=5933 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 53.191574][ T5937] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 53.193742][ T40] audit: type=1400 audit(1767159600.897:87): avc: denied { read write } for pid=5933 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 53.202225][ T5938] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 53.205756][ T40] audit: type=1400 audit(1767159600.897:88): avc: denied { open } for pid=5933 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 53.209183][ T5937] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 53.221027][ T5938] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 53.221150][ T40] audit: type=1400 audit(1767159600.907:89): avc: denied { ioctl } for pid=5933 comm="syz-executor" path="socket:[6520]" dev="sockfs" ino=6520 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 53.232165][ T5939] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 53.233191][ T5943] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 53.236391][ T5939] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 53.239649][ T5943] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 53.241032][ T5939] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 53.242170][ T5937] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 53.245003][ T5943] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 53.250150][ T5937] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 53.250376][ T40] audit: type=1400 audit(1767159600.977:90): avc: denied { read } for pid=5936 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 53.250794][ T40] audit: type=1400 audit(1767159600.977:91): avc: denied { open } for pid=5936 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 53.252032][ T40] audit: type=1400 audit(1767159600.977:92): avc: denied { mounton } for pid=5936 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 53.253656][ T5943] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 53.256601][ T5937] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 53.266809][ T5943] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 53.300027][ T5938] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 53.304446][ T5938] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 53.308674][ T5938] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 53.312326][ T5938] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 53.315736][ T5938] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 53.428399][ T40] audit: type=1400 audit(1767159601.157:93): avc: denied { module_request } for pid=5936 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 53.530258][ T5936] chnl_net:caif_netlink_parms(): no params data found [ 53.643134][ T5933] chnl_net:caif_netlink_parms(): no params data found [ 53.700966][ T5936] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.703840][ T5936] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.706463][ T5936] bridge_slave_0: entered allmulticast mode [ 53.710022][ T5936] bridge_slave_0: entered promiscuous mode [ 53.717243][ T5936] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.719823][ T5936] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.722358][ T5936] bridge_slave_1: entered allmulticast mode [ 53.725327][ T5936] bridge_slave_1: entered promiscuous mode [ 53.818916][ T5936] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.842240][ T5946] chnl_net:caif_netlink_parms(): no params data found [ 53.852471][ T5936] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.857157][ T5933] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.860987][ T5933] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.864289][ T5933] bridge_slave_0: entered allmulticast mode [ 53.868587][ T5933] bridge_slave_0: entered promiscuous mode [ 53.879232][ T5933] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.882717][ T5933] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.886351][ T5933] bridge_slave_1: entered allmulticast mode [ 53.889553][ T5933] bridge_slave_1: entered promiscuous mode [ 53.942695][ T5936] team0: Port device team_slave_0 added [ 53.965726][ T5942] chnl_net:caif_netlink_parms(): no params data found [ 53.975705][ T5936] team0: Port device team_slave_1 added [ 53.980128][ T5933] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.992855][ T5933] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.061693][ T5936] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 54.064276][ T5936] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 54.073008][ T5936] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 54.092910][ T5946] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.095741][ T5946] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.098934][ T5946] bridge_slave_0: entered allmulticast mode [ 54.101869][ T5946] bridge_slave_0: entered promiscuous mode [ 54.107449][ T5933] team0: Port device team_slave_0 added [ 54.109573][ T5936] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 54.111693][ T5936] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 54.119442][ T5936] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 54.132185][ T5946] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.135423][ T5946] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.137935][ T5946] bridge_slave_1: entered allmulticast mode [ 54.141679][ T5946] bridge_slave_1: entered promiscuous mode [ 54.146361][ T5933] team0: Port device team_slave_1 added [ 54.188107][ T5933] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 54.191068][ T5933] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 54.201910][ T5933] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 54.241199][ T5933] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 54.243805][ T5933] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 54.254092][ T5933] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 54.261865][ T5946] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.274297][ T5942] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.277540][ T5942] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.280086][ T5942] bridge_slave_0: entered allmulticast mode [ 54.283853][ T5942] bridge_slave_0: entered promiscuous mode [ 54.293603][ T5946] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.301375][ T5936] hsr_slave_0: entered promiscuous mode [ 54.304705][ T5936] hsr_slave_1: entered promiscuous mode [ 54.307514][ T5942] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.309925][ T5942] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.312533][ T5942] bridge_slave_1: entered allmulticast mode [ 54.316054][ T5942] bridge_slave_1: entered promiscuous mode [ 54.355829][ T5942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.366164][ T5946] team0: Port device team_slave_0 added [ 54.372981][ T5942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.389385][ T5946] team0: Port device team_slave_1 added [ 54.393997][ T5933] hsr_slave_0: entered promiscuous mode [ 54.396724][ T5933] hsr_slave_1: entered promiscuous mode [ 54.398988][ T5933] debugfs: 'hsr0' already exists in 'hsr' [ 54.400979][ T5933] Cannot create hsr debugfs directory [ 54.431916][ T5942] team0: Port device team_slave_0 added [ 54.449042][ T5942] team0: Port device team_slave_1 added [ 54.458488][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 54.461485][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 54.470886][ T5946] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 54.505767][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 54.508275][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 54.517871][ T5946] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 54.542612][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 54.545631][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 54.556592][ T5942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 54.565264][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 54.568190][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 54.578923][ T5942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 54.669299][ T5946] hsr_slave_0: entered promiscuous mode [ 54.672113][ T5946] hsr_slave_1: entered promiscuous mode [ 54.675498][ T5946] debugfs: 'hsr0' already exists in 'hsr' [ 54.677453][ T5946] Cannot create hsr debugfs directory [ 54.704255][ T5942] hsr_slave_0: entered promiscuous mode [ 54.707686][ T5942] hsr_slave_1: entered promiscuous mode [ 54.710953][ T5942] debugfs: 'hsr0' already exists in 'hsr' [ 54.713439][ T5942] Cannot create hsr debugfs directory [ 54.830996][ T5936] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 54.869614][ T5936] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 54.895094][ T5936] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 54.915492][ T5936] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 54.945672][ T5933] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 54.956176][ T5933] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 54.968751][ T5933] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 54.976073][ T5933] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 55.021462][ T5946] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 55.030487][ T5946] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 55.037703][ T5946] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 55.043413][ T5946] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 55.094413][ T5942] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 55.100189][ T5942] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 55.109131][ T5942] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 55.115604][ T5942] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 55.198642][ T5936] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.223674][ T5933] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.243624][ T5936] 8021q: adding VLAN 0 to HW filter on device team0 [ 55.257160][ T5933] 8021q: adding VLAN 0 to HW filter on device team0 [ 55.264133][ T89] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.267246][ T89] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.276545][ T5946] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.281679][ T89] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.284764][ T89] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.285641][ T5938] Bluetooth: hci1: command tx timeout [ 55.298775][ T89] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.302086][ T89] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.309340][ T89] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.311998][ T89] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.342342][ T5946] 8021q: adding VLAN 0 to HW filter on device team0 [ 55.349714][ T5942] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.354698][ T5938] Bluetooth: hci2: command tx timeout [ 55.365206][ T5938] Bluetooth: hci3: command tx timeout [ 55.365291][ T5943] Bluetooth: hci0: command tx timeout [ 55.368414][ T1217] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.371865][ T1217] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.403643][ T1217] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.406876][ T1217] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.415220][ T5942] 8021q: adding VLAN 0 to HW filter on device team0 [ 55.450304][ T1217] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.453552][ T1217] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.475877][ T1217] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.478414][ T1217] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.494699][ T40] audit: type=1400 audit(1767159603.217:94): avc: denied { sys_module } for pid=5933 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 55.622549][ T5933] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.640677][ T5936] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.659930][ T5946] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.687525][ T5933] veth0_vlan: entered promiscuous mode [ 55.708139][ T5933] veth1_vlan: entered promiscuous mode [ 55.720545][ T5942] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.744065][ T5936] veth0_vlan: entered promiscuous mode [ 55.748904][ T5946] veth0_vlan: entered promiscuous mode [ 55.771408][ T5933] veth0_macvtap: entered promiscuous mode [ 55.778171][ T5946] veth1_vlan: entered promiscuous mode [ 55.782256][ T5936] veth1_vlan: entered promiscuous mode [ 55.790225][ T5933] veth1_macvtap: entered promiscuous mode [ 55.808224][ T5942] veth0_vlan: entered promiscuous mode [ 55.829665][ T5942] veth1_vlan: entered promiscuous mode [ 55.839382][ T5933] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.848709][ T5933] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.865966][ T5936] veth0_macvtap: entered promiscuous mode [ 55.871936][ T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.880688][ T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.890497][ T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.896260][ T5946] veth0_macvtap: entered promiscuous mode [ 55.900234][ T5936] veth1_macvtap: entered promiscuous mode [ 55.903103][ T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.922781][ T5946] veth1_macvtap: entered promiscuous mode [ 55.943903][ T5936] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.953778][ T5942] veth0_macvtap: entered promiscuous mode [ 55.970514][ T5936] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.990485][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.994420][ T5942] veth1_macvtap: entered promiscuous mode [ 56.014324][ T1217] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.018883][ T1217] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.026695][ T1217] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.027256][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.031452][ T1217] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.034344][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.045216][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 56.082670][ T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.095358][ T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.099336][ T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.105545][ T1146] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.107754][ T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.109133][ T1146] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.118098][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 56.154017][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 56.173468][ T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.188367][ T5933] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 56.189831][ T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.203199][ T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.210357][ T1146] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.217552][ T1146] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.218930][ T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.267463][ T99] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.274628][ T99] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.312769][ T89] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.326754][ T89] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.363257][ T89] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.370826][ T89] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.427319][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.430724][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.473100][ T227] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.481745][ T227] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.922265][ T6046] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 57.110707][ T6050] kvm: kvm [6049]: vcpu10, guest rIP: 0x9121 Unhandled WRMSR(0xc2) = 0x600004e0 [ 57.115839][ T6050] kvm: kvm [6049]: vcpu10, guest rIP: 0x9145 Unhandled WRMSR(0xc2) = 0x461 [ 57.157213][ T6050] kvm: kvm [6049]: vcpu10, guest rIP: 0x9121 Unhandled WRMSR(0xc2) = 0x1b31 [ 57.161941][ T6050] kvm: kvm [6049]: vcpu10, guest rIP: 0x9145 Unhandled WRMSR(0xc2) = 0x64d [ 57.201814][ T6050] kvm: kvm [6049]: vcpu10, guest rIP: 0x9121 Unhandled WRMSR(0xc2) = 0x18d9 [ 57.207332][ T6050] kvm: kvm [6049]: vcpu10, guest rIP: 0x9145 Unhandled WRMSR(0xc2) = 0xd1c [ 57.355131][ T5943] Bluetooth: hci1: command tx timeout [ 57.435820][ T5943] Bluetooth: hci3: command tx timeout [ 57.435897][ T5938] Bluetooth: hci2: command tx timeout [ 57.438086][ T5937] Bluetooth: hci0: command tx timeout [ 58.083003][ T6108] kvm: kvm [6107]: vcpu10, guest rIP: 0x9121 Unhandled WRMSR(0xc2) = 0x600004e0 [ 58.087271][ T6108] kvm: kvm [6107]: vcpu10, guest rIP: 0x9145 Unhandled WRMSR(0xc2) = 0x461 [ 58.119003][ T6108] kvm: kvm [6107]: vcpu10, guest rIP: 0x9121 Unhandled WRMSR(0xc2) = 0x1b31 [ 58.122679][ T6108] kvm: kvm [6107]: vcpu10, guest rIP: 0x9145 Unhandled WRMSR(0xc2) = 0x64d [ 58.550919][ T40] kauditd_printk_skb: 40 callbacks suppressed [ 58.550934][ T40] audit: type=1400 audit(1767159606.277:135): avc: denied { append } for pid=6124 comm="syz.1.41" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 58.606055][ T40] audit: type=1400 audit(1767159606.337:136): avc: denied { getopt } for pid=6128 comm="syz.3.43" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 58.693341][ T40] audit: type=1400 audit(1767159606.417:137): avc: denied { write } for pid=6132 comm="syz.2.45" path=2F5B6B766D2D676D656D5D202864656C6574656429 dev="guest_memfd" ino=9094 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 58.914073][ T40] audit: type=1400 audit(1767159606.637:138): avc: denied { execute } for pid=6151 comm="syz.1.52" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=12548 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 59.435167][ T5943] Bluetooth: hci1: command tx timeout [ 59.524835][ T5937] Bluetooth: hci2: command tx timeout [ 59.524849][ T5938] Bluetooth: hci0: command tx timeout [ 59.526713][ T5943] Bluetooth: hci3: command tx timeout [ 59.850200][ T40] audit: type=1400 audit(1767159607.577:139): avc: denied { bind } for pid=6147 comm="syz.2.51" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 59.904661][ T40] audit: type=1400 audit(1767159607.577:140): avc: denied { name_bind } for pid=6147 comm="syz.2.51" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 59.911779][ T40] audit: type=1400 audit(1767159607.577:141): avc: denied { node_bind } for pid=6147 comm="syz.2.51" saddr=::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1 [ 59.921787][ T40] audit: type=1400 audit(1767159607.587:142): avc: denied { write } for pid=6147 comm="syz.2.51" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 59.928812][ T40] audit: type=1400 audit(1767159607.587:143): avc: denied { connect } for pid=6147 comm="syz.2.51" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 59.944683][ T40] audit: type=1400 audit(1767159607.587:144): avc: denied { name_connect } for pid=6147 comm="syz.2.51" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 61.524911][ T5938] Bluetooth: hci1: command tx timeout [ 61.594996][ T5938] Bluetooth: hci0: command tx timeout [ 61.604611][ T5938] Bluetooth: hci3: command tx timeout [ 61.605568][ T5943] Bluetooth: hci2: command tx timeout [ 63.659328][ T6418] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 63.718302][ T40] kauditd_printk_skb: 36 callbacks suppressed [ 63.718312][ T40] audit: type=1400 audit(1767159611.447:181): avc: denied { create } for pid=6421 comm="syz.1.160" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 63.727343][ T40] audit: type=1400 audit(1767159611.467:182): avc: denied { connect } for pid=6421 comm="syz.1.160" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 63.734690][ T40] audit: type=1400 audit(1767159611.467:183): avc: denied { setopt } for pid=6421 comm="syz.1.160" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 63.947810][ T40] audit: type=1400 audit(1767159611.677:184): avc: denied { bind } for pid=6436 comm="syz.1.167" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 63.956713][ T40] audit: type=1400 audit(1767159611.677:185): avc: denied { listen } for pid=6436 comm="syz.1.167" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 63.976956][ T40] audit: type=1400 audit(1767159611.697:186): avc: denied { accept } for pid=6436 comm="syz.1.167" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 63.989417][ T40] audit: type=1400 audit(1767159611.697:187): avc: denied { write } for pid=6436 comm="syz.1.167" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 64.021044][ T6442] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 64.252695][ T40] audit: type=1400 audit(1767159611.977:188): avc: denied { read } for pid=6452 comm="syz.0.174" path="socket:[14496]" dev="sockfs" ino=14496 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 64.293664][ T6457] kvm_pr_unimpl_wrmsr: 7 callbacks suppressed [ 64.293678][ T6457] kvm: kvm [6456]: vcpu2, guest rIP: 0x9131 Unhandled WRMSR(0x11e) = 0x0 [ 64.412334][ T6460] kvm: pic: non byte write [ 64.537998][ T40] audit: type=1400 audit(1767159612.267:189): avc: denied { name_connect } for pid=6471 comm="syz.1.180" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1 [ 64.545202][ T40] audit: type=1400 audit(1767159612.267:190): avc: denied { listen } for pid=6471 comm="syz.1.180" lport=33438 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 65.181169][ T6523] futex_wake_op: syz.1.200 tries to shift op by 144; fix this program [ 65.726479][ T6550] kvm: kvm [6549]: vcpu10, guest rIP: 0x9121 Unhandled WRMSR(0xc2) = 0x600004e0 [ 65.730130][ T6550] kvm: kvm [6549]: vcpu10, guest rIP: 0x9145 Unhandled WRMSR(0xc2) = 0x461 [ 65.761884][ T6550] kvm: kvm [6549]: vcpu10, guest rIP: 0x9121 Unhandled WRMSR(0xc2) = 0x1b31 [ 65.765777][ T6550] kvm: kvm [6549]: vcpu10, guest rIP: 0x9145 Unhandled WRMSR(0xc2) = 0x64d [ 65.805687][ T6550] kvm: kvm [6549]: vcpu10, guest rIP: 0x9121 Unhandled WRMSR(0xc2) = 0x18d9 [ 65.810260][ T6550] kvm: kvm [6549]: vcpu10, guest rIP: 0x9145 Unhandled WRMSR(0xc2) = 0xd1c [ 66.778038][ T6613] netlink: 4 bytes leftover after parsing attributes in process `syz.3.237'. [ 66.919978][ T6625] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 67.845028][ T6690] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 68.770881][ T40] kauditd_printk_skb: 18 callbacks suppressed [ 68.770892][ T40] audit: type=1400 audit(1767159616.497:209): avc: denied { write } for pid=6759 comm="syz.0.297" name="urandom" dev="devtmpfs" ino=9 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1 [ 69.061124][ T6779] sock: sock_timestamping_bind_phc: sock not bind to device [ 69.095203][ T40] audit: type=1400 audit(1767159616.827:210): avc: denied { listen } for pid=6780 comm="syz.3.305" lport=20002 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 69.102829][ T40] audit: type=1400 audit(1767159616.827:211): avc: denied { write } for pid=6780 comm="syz.3.305" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 69.110223][ T40] audit: type=1400 audit(1767159616.827:212): avc: denied { connect } for pid=6780 comm="syz.3.305" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 69.335846][ T6799] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 70.264393][ T40] audit: type=1400 audit(1767159617.987:213): avc: denied { map } for pid=6862 comm="syz.3.340" path="socket:[19218]" dev="sockfs" ino=19218 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1 [ 70.334438][ T40] audit: type=1400 audit(1767159618.057:214): avc: denied { shutdown } for pid=6867 comm="syz.0.342" lport=57152 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 70.710394][ T40] audit: type=1400 audit(1767159618.437:215): avc: denied { watch watch_reads } for pid=6900 comm="syz.1.354" path="/proc/220/net" dev="proc" ino=21888 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 70.934360][ T6905] ------------[ cut here ]------------ [ 70.936887][ T6905] WARNING: arch/x86/kvm/vmx/vmx.c:5393 at handle_exception_nmi+0x14a2/0x1720, CPU#1: syz.3.356/6905 [ 70.940476][ T6905] Modules linked in: [ 70.942386][ T6905] CPU: 1 UID: 0 PID: 6905 Comm: syz.3.356 Not tainted syzkaller #0 PREEMPT(full) [ 70.945645][ T6905] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 70.949370][ T6905] RIP: 0010:handle_exception_nmi+0x14a2/0x1720 [ 70.951552][ T6905] Code: 1e fe ff 31 ff 89 c5 89 c6 e8 aa 77 6a 00 85 ed 0f 85 ea fd ff ff e8 fd 7c 6a 00 90 0f 0b 90 e9 dc fd ff ff e8 ef 7c 6a 00 90 <0f> 0b 90 e9 fd f2 ff ff e8 e1 7c 6a 00 31 f6 48 89 df e8 57 e6 ec [ 70.958482][ T6905] RSP: 0018:ffffc900247479c0 EFLAGS: 00010283 [ 70.960857][ T6905] RAX: 000000000001e1b0 RBX: ffff888054610000 RCX: ffffc90005761000 [ 70.963935][ T6905] RDX: 0000000000080000 RSI: ffffffff81546bd1 RDI: 0000000000000001 [ 70.967188][ T6905] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 70.969797][ T6905] R10: 0000000000000000 R11: ffff8880546c2ff0 R12: 000000000f6632eb [ 70.972413][ T6905] R13: 0000000000000007 R14: 0000000080000300 R15: ffff8880546100d8 [ 70.975124][ T6905] FS: 00007f6534c226c0(0000) GS:ffff8880d69f5000(0000) knlGS:0000000000000000 [ 70.978039][ T6905] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.980264][ T6905] CR2: 000000000f6632eb CR3: 0000000025019000 CR4: 0000000000352ef0 [ 70.983095][ T6905] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000020 [ 70.985973][ T6905] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 70.988921][ T6905] Call Trace: [ 70.990052][ T6905] [ 70.991063][ T6905] ? __pfx_handle_exception_nmi+0x10/0x10 [ 70.992948][ T6905] vmx_handle_exit+0x129b/0x1a00 [ 70.994722][ T6905] vcpu_run+0x3468/0x5a80 [ 70.996188][ T6905] ? __pfx_vcpu_run+0x10/0x10 [ 70.997826][ T6905] ? rcu_is_watching+0x12/0xc0 [ 71.000239][ T6905] ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860 [ 71.002886][ T6905] kvm_arch_vcpu_ioctl_run+0xfd3/0x1860 [ 71.005479][ T6905] kvm_vcpu_ioctl+0x76d/0x16d0 [ 71.007671][ T6905] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 71.009935][ T6905] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 71.012532][ T6905] ? do_vfs_ioctl+0x128/0x14f0 [ 71.014754][ T6905] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 71.016642][ T6905] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 71.018903][ T6905] ? hook_file_ioctl_common+0x144/0x410 [ 71.020782][ T6905] ? selinux_file_ioctl+0x180/0x270 [ 71.022503][ T6905] ? selinux_file_ioctl+0xb4/0x270 [ 71.024582][ T6905] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 71.026338][ T6905] __x64_sys_ioctl+0x18e/0x210 [ 71.028174][ T6905] do_syscall_64+0xcd/0xf80 [ 71.029714][ T6905] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 71.031713][ T6905] RIP: 0033:0x7f6533d8f7c9 [ 71.033208][ T6905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 71.040229][ T6905] RSP: 002b:00007f6534c22038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 71.043008][ T6905] RAX: ffffffffffffffda RBX: 00007f6533fe5fa0 RCX: 00007f6533d8f7c9 [ 71.045758][ T6905] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008 [ 71.049001][ T6905] RBP: 00007f6533e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 71.051733][ T6905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 71.054332][ T6905] R13: 00007f6533fe6038 R14: 00007f6533fe5fa0 R15: 00007fffd321a8a8 [ 71.057032][ T6905] [ 71.058090][ T6905] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 71.060532][ T6905] CPU: 1 UID: 0 PID: 6905 Comm: syz.3.356 Not tainted syzkaller #0 PREEMPT(full) [ 71.063719][ T6905] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 71.067657][ T6905] Call Trace: [ 71.068778][ T6905] [ 71.069805][ T6905] dump_stack_lvl+0x3d/0x1f0 [ 71.071375][ T6905] vpanic+0x640/0x6f0 [ 71.072741][ T6905] ? handle_exception_nmi+0x14a2/0x1720 [ 71.074650][ T6905] panic+0xca/0xd0 [ 71.075956][ T6905] ? __pfx_panic+0x10/0x10 [ 71.077535][ T6905] check_panic_on_warn+0xab/0xb0 [ 71.079592][ T6905] __warn+0x108/0x3c0 [ 71.081202][ T6905] __report_bug+0x2a0/0x520 [ 71.082741][ T6905] ? handle_exception_nmi+0x14a2/0x1720 [ 71.084615][ T6905] ? __pfx___report_bug+0x10/0x10 [ 71.086288][ T6905] ? kvm_sched_in+0x9a/0xf0 [ 71.087841][ T6905] ? finish_task_switch.isra.0+0x53b/0xbd0 [ 71.089779][ T6905] ? rcu_is_watching+0x12/0xc0 [ 71.091403][ T6905] ? handle_exception_nmi+0x14a2/0x1720 [ 71.093370][ T6905] report_bug+0xb2/0x220 [ 71.094818][ T6905] ? handle_exception_nmi+0x14a2/0x1720 [ 71.096648][ T6905] handle_bug+0x127/0x260 [ 71.098129][ T6905] exc_invalid_op+0x17/0x50 [ 71.099677][ T6905] asm_exc_invalid_op+0x1a/0x20 [ 71.101296][ T6905] RIP: 0010:handle_exception_nmi+0x14a2/0x1720 [ 71.103389][ T6905] Code: 1e fe ff 31 ff 89 c5 89 c6 e8 aa 77 6a 00 85 ed 0f 85 ea fd ff ff e8 fd 7c 6a 00 90 0f 0b 90 e9 dc fd ff ff e8 ef 7c 6a 00 90 <0f> 0b 90 e9 fd f2 ff ff e8 e1 7c 6a 00 31 f6 48 89 df e8 57 e6 ec [ 71.109843][ T6905] RSP: 0018:ffffc900247479c0 EFLAGS: 00010283 [ 71.111818][ T6905] RAX: 000000000001e1b0 RBX: ffff888054610000 RCX: ffffc90005761000 [ 71.114429][ T6905] RDX: 0000000000080000 RSI: ffffffff81546bd1 RDI: 0000000000000001 [ 71.117056][ T6905] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 71.120173][ T6905] R10: 0000000000000000 R11: ffff8880546c2ff0 R12: 000000000f6632eb [ 71.123221][ T6905] R13: 0000000000000007 R14: 0000000080000300 R15: ffff8880546100d8 [ 71.125899][ T6905] ? handle_exception_nmi+0x14a1/0x1720 [ 71.127772][ T6905] ? __pfx_handle_exception_nmi+0x10/0x10 [ 71.129983][ T6905] vmx_handle_exit+0x129b/0x1a00 [ 71.132213][ T6905] vcpu_run+0x3468/0x5a80 [ 71.134122][ T6905] ? __pfx_vcpu_run+0x10/0x10 [ 71.136153][ T6905] ? rcu_is_watching+0x12/0xc0 [ 71.137795][ T6905] ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860 [ 71.139688][ T6905] kvm_arch_vcpu_ioctl_run+0xfd3/0x1860 [ 71.141513][ T6905] kvm_vcpu_ioctl+0x76d/0x16d0 [ 71.143165][ T6905] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 71.144906][ T6905] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 71.146805][ T6905] ? do_vfs_ioctl+0x128/0x14f0 [ 71.148404][ T6905] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 71.150070][ T6905] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 71.152331][ T6905] ? hook_file_ioctl_common+0x144/0x410 [ 71.154187][ T6905] ? selinux_file_ioctl+0x180/0x270 [ 71.156086][ T6905] ? selinux_file_ioctl+0xb4/0x270 [ 71.157885][ T6905] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 71.159681][ T6905] __x64_sys_ioctl+0x18e/0x210 [ 71.161247][ T6905] do_syscall_64+0xcd/0xf80 [ 71.162754][ T6905] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 71.164760][ T6905] RIP: 0033:0x7f6533d8f7c9 [ 71.166295][ T6905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 71.172480][ T6905] RSP: 002b:00007f6534c22038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 71.175249][ T6905] RAX: ffffffffffffffda RBX: 00007f6533fe5fa0 RCX: 00007f6533d8f7c9 [ 71.177827][ T6905] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008 [ 71.180495][ T6905] RBP: 00007f6533e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 71.183044][ T6905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 71.185586][ T6905] R13: 00007f6533fe6038 R14: 00007f6533fe5fa0 R15: 00007fffd321a8a8 [ 71.188061][ T6905] [ 71.189960][ T6905] Kernel Offset: disabled [ 71.191417][ T6905] Rebooting in 86400 seconds..