last executing test programs: 6m24.645225411s ago: executing program 0 (id=77): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x800000009) r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtaction={0x48, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x34, 0x1, [@m_sample={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x4, {0x3}}}}]}]}, 0x48}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)=@RTM_NEWMDB={0x38, 0x54, 0x1, 0x1, 0x0, {}, [@MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x1, 0x0, 0x3, {@ip4=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x86dd}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002000a000300053582c137153e3704020180fc0b09000c00", 0x33fe0}], 0x1}, 0x0) 6m24.58418042s ago: executing program 3 (id=75): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(0xffffffffffffffff, 0xc1004110, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8) 6m24.47444484s ago: executing program 1 (id=76): r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x44997e9625d2448d}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) fgetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) capset(&(0x7f0000000340)={0x19980330}, 0x0) r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0xc, &(0x7f0000000040)=@framed={{0x18, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r5}}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000180)={0xffffffffffffffff, r0, 0x6, 0x0, @val=@tracing}, 0x40) 6m23.555384885s ago: executing program 1 (id=79): syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff) r0 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x8, 0x76}, [@call={0x27}]}, &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffed8}, 0x3f) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001240)=@base={0xf, 0x4, 0x8, 0x1}, 0x37) close(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0xc, &(0x7f0000001440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}}]}, &(0x7f0000000200)='syzkaller\x00', 0x6}, 0x94) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)={@map=r1, r4, 0x5}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r1}, &(0x7f0000000100), &(0x7f0000000140)=r0}, 0x20) sendmsg(r2, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000001680)=[{&(0x7f0000001400)='H', 0x20001401}], 0x1}, 0x0) 6m23.455449231s ago: executing program 1 (id=80): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000da16c167d803f1f805000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400008a, 0x0) 6m23.395359777s ago: executing program 3 (id=81): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sock_ops}, 0x94) openat$ppp(0xffffffffffffff9c, 0x0, 0x2800, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_open_dev$sndctrl(&(0x7f0000000040), 0x2, 0x0) userfaultfd(0x80001) syz_open_dev$radio(&(0x7f0000000100), 0x2, 0x2) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) bind$bt_l2cap(r1, 0x0, 0x0) shutdown(r1, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x101121) dup(r2) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) r3 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2) ioctl$VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f00000000c0)={0xf0f041}) 6m23.292200225s ago: executing program 3 (id=82): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0) 6m23.291988469s ago: executing program 1 (id=83): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000001940)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="b0000000000000ab284dc9a94095f54e34f11a5a480d2115805745f8a24d"], 0xb0) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) llistxattr(&(0x7f00000018c0)='./file0\x00', 0x0, 0x0) 6m23.235235012s ago: executing program 2 (id=85): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0) 6m23.233930447s ago: executing program 0 (id=92): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000da16c167d803f1f805000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400008a, 0x0) 6m23.144297581s ago: executing program 0 (id=86): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TCFLSH(r0, 0x400455c8, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000380)=0xfd) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000036c0)={0x120, r2, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_FWMARK={0x8}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}, @WGDEVICE_A_PEERS={0xf0, 0x8, 0x0, 0x1, [{0x8c, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e20, @loopback}}, @WGPEER_A_ALLOWEDIPS={0x48, 0x9, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x32}}, {0x5}}]}, {0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5}}]}]}, @WGPEER_A_PUBLIC_KEY={0x24}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6}]}, {0x5c, 0x0, 0x0, 0x1, [@WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x8}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "7e0c9939d757d796a1e7bc26b9664185fddbe74f5b51f2899e475ad95bcf6368"}]}, {0x4}]}]}, 0x120}, 0x1, 0x0, 0x0, 0xc811}, 0x40000) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0) sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x40030000000000}, 0x0) userfaultfd(0x80800) socket(0x1e, 0x4, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$TIOCSIG(0xffffffffffffffff, 0x40045436, 0x38) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r4, 0x0) setsockopt$sock_int(r4, 0x1, 0xf, &(0x7f0000000000)=0x8, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4) listen(r5, 0x0) r6 = syz_open_procfs(0x0, &(0x7f00000009c0)='net/tcp6\x00') read$eventfd(r6, &(0x7f0000000100), 0x8) socket$nl_netfilter(0x10, 0x3, 0xc) 6m23.083526344s ago: executing program 2 (id=87): openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200), 0x60281, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1b0000000000000000000000008000", @ANYRES32, @ANYBLOB="09000000000000000000000000000000712787e584d76a9a7b790b8add4fabfe62bf0c1821e97a21e56c470baca18adfbbb56672b5c587961dbd6a73a000000000", @ANYRES32, @ANYBLOB='\x00'/28], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b70200000200", @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) name_to_handle_at(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1200) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket(0xa, 0x3, 0x3a) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000100)=@bpf_ext={0x1c, 0x0, 0x0, 0x0, 0xf0f, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x1313b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x1ff}, 0x94) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r4) r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r5, 0xc004743e, 0x110e22fff6) setsockopt$MRT6_ADD_MIF(r3, 0x29, 0xca, &(0x7f0000000000)={0x2, 0x1, 0x0, 0x0, 0x9}, 0xc) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0x15) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0xfffffffffffffffe}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7fffffff, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) 6m21.88104444s ago: executing program 3 (id=88): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000100)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000080), 0x12) pread64(r1, &(0x7f0000001840)=""/4096, 0x1000, 0x1) 6m15.69798842s ago: executing program 0 (id=89): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x2}, 0x94) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, r1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000180)={0x4c, 0x2, 0x6, 0x101, 0x0, 0x0, {0x2}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4040000}, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) 6m15.090769971s ago: executing program 1 (id=90): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x4, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) setitimer(0x0, 0x0, 0x0) 6m15.020147967s ago: executing program 0 (id=91): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) bpf$MAP_CREATE(0x0, 0x0, 0x48) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10) r4 = syz_open_dev$media(&(0x7f0000000480), 0x0, 0x20004) ioctl$MEDIA_IOC_ENUM_ENTITIES(r4, 0xc1007c01, &(0x7f0000000f40)) ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000200)={0x6, 0x5, 0x1, {0x5, @win={{0x7, 0xfffffff1, 0x1, 0x2}, 0x4, 0x254, 0x0, 0x7, 0x0, 0x7}}, 0x6}) syz_open_dev$video(0x0, 0xc000, 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2014800, 0x0) io_uring_setup(0x10d7, &(0x7f00000000c0)={0x0, 0xbfff, 0x400, 0x2, 0x1d}) r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) connect$netrom(r5, &(0x7f0000000300)={{0x6, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x1}, [@bcast, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}]}, 0x48) 6m14.815519226s ago: executing program 2 (id=93): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$sock_SIOCDELRT(r0, 0x890c, &(0x7f0000000140)={0x0, @rc={0x1f, @none, 0x5}, @llc={0x1a, 0x10f, 0x2, 0x5, 0x72, 0x6, @random="171a478c85f3"}, @can, 0x4, 0x0, 0x0, 0x0, 0x96, 0x0, 0x4, 0x80000000, 0x1}) 6m14.79573248s ago: executing program 3 (id=94): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_STAT_SET(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x30, 0x1410, 0x1, 0x70bd2c, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_STAT_AUTO_MODE_MASK={0x8, 0x4c, 0x1}, @RDMA_NLDEV_ATTR_STAT_RES={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x24044836}, 0xc094) setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x2, 0x0, 0x0) write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c460000"], 0x158) bpf$MAP_CREATE(0x0, 0x0, 0x48) r5 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x32314247}}) munmap(&(0x7f0000002000/0x2000)=nil, 0x2000) r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r7 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x7000001e}) ioctl$BTRFS_IOC_BALANCE_CTL(r6, 0x40049421, 0x2) 6m14.025904553s ago: executing program 2 (id=95): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000da16c167d803f1f805000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400008a, 0x0) 6m13.913275027s ago: executing program 2 (id=96): syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0) 6m13.760143961s ago: executing program 0 (id=97): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0) 6m11.83831292s ago: executing program 3 (id=98): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000140)={'tunl0\x00', &(0x7f0000000540)=@ethtool_perm_addr}) 6m7.291850608s ago: executing program 2 (id=99): connect$inet6(0xffffffffffffffff, 0x0, 0x0) syz_usb_connect(0x0, 0x24, 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000300)={'gretap0\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)=@newtfilter={0x2c, 0x2c, 0x100, 0x70bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x7, 0x7}, {0x3, 0x7}, {0xfff3, 0x6}}, [@TCA_RATE={0x6, 0x5, {0xb, 0x4}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20008004) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x80000001}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, 0x0, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) 6m1.872633818s ago: executing program 1 (id=100): syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4000) sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001300)=@newtfilter={0xa0, 0x2c, 0xd27, 0x30bd29, 0x21dfdbfc, {0x0, 0x0, 0x0, r3, {0x0, 0xf}, {}, {0x7}}, [@filter_kind_options=@f_u32={{0x8}, {0x74, 0x2, [@TCA_U32_SEL={0x64, 0x5, {0xe, 0x9, 0x5, 0x5, 0x7de, 0x74, 0xe, 0xdc, [{0x80000001, 0x2, 0x9, 0x1ff}, {0x3ee, 0x1, 0x4}, {0x9, 0xf12, 0x7f, 0xa}, {0x7ff, 0x2, 0x1, 0x8000}, {0x3, 0x1, 0x3, 0x3e}]}}, @TCA_U32_CLASSID={0x8, 0x1, {0x1, 0xffe0}}, @TCA_U32_POLICE={0x4}]}}]}, 0xa0}, 0x1, 0x0, 0x0, 0x24000014}, 0x200c4004) 5m57.779545344s ago: executing program 32 (id=97): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0) 5m55.831126577s ago: executing program 33 (id=98): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000140)={'tunl0\x00', &(0x7f0000000540)=@ethtool_perm_addr}) 5m51.409408866s ago: executing program 34 (id=99): connect$inet6(0xffffffffffffffff, 0x0, 0x0) syz_usb_connect(0x0, 0x24, 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000300)={'gretap0\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)=@newtfilter={0x2c, 0x2c, 0x100, 0x70bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x7, 0x7}, {0x3, 0x7}, {0xfff3, 0x6}}, [@TCA_RATE={0x6, 0x5, {0xb, 0x4}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20008004) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x80000001}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, 0x0, 0x0) getsockname$packet(r3, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) 5m45.738312181s ago: executing program 35 (id=100): syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4000) sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001300)=@newtfilter={0xa0, 0x2c, 0xd27, 0x30bd29, 0x21dfdbfc, {0x0, 0x0, 0x0, r3, {0x0, 0xf}, {}, {0x7}}, [@filter_kind_options=@f_u32={{0x8}, {0x74, 0x2, [@TCA_U32_SEL={0x64, 0x5, {0xe, 0x9, 0x5, 0x5, 0x7de, 0x74, 0xe, 0xdc, [{0x80000001, 0x2, 0x9, 0x1ff}, {0x3ee, 0x1, 0x4}, {0x9, 0xf12, 0x7f, 0xa}, {0x7ff, 0x2, 0x1, 0x8000}, {0x3, 0x1, 0x3, 0x3e}]}}, @TCA_U32_CLASSID={0x8, 0x1, {0x1, 0xffe0}}, @TCA_U32_POLICE={0x4}]}}]}, 0xa0}, 0x1, 0x0, 0x0, 0x24000014}, 0x200c4004) 1.099072781s ago: executing program 4 (id=465): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000002c0)="68377863ac6ea61666eaa696435a75f1626fe3a3acedcaf71527ff51d446daac757559d2d6fc2b90952355ec6c61d718c91784312b1b4771888a0811895b02ffb658934b0bbd6466c9cc04cc7252f1f1deea5a8b9c6797c8f1263db526cf88899f7ecab544662eb34743cefb660a78cb9468d2900b3cda4cca9d89ab6d341d145acf249276dda272407bc98d9e5431316d468b9e4750f2316589dc4de3157592d27fd723a512c85b08035842b75ec422346f9696f4bb3226b0ca75d135ebd8cae46fb83b71c103e1fdcb1934fd1d28b4916abe2c44e26ea72be426c27052e816212096000155788943b846746c", 0xed}, {&(0x7f00000003c0)="5453b4b759f9d4f4f33bda880b70e0dadde06223919f4585429ef69078a4956f646ea03bfd4c090a003c01f32b1a175baf38c1eb4572c8b372a4cf9128062e58ff575546876a2804144c3aea98c4a3533396f87e860de8c66bceb0e6b387ec853b7e91c57587d38436637e702ae18eeccefdcd7a3cdd7bfc327b5d619b57d56afe1628b65e2948af5ee0e3f52746a5aff58bb7c6d253a58bf745584d1bc19fe5e42b5534eab9e9d2587b413e81f68b60f56130f82b327f5fe900e3e107bc6b783d1d23a056426d6502133386b51e657046c1c43a2a2c4a7611ee6592a5ee08700d24d832163b3def", 0xe8}, {&(0x7f0000000640)="d48c8225ddfdf2c06c27763617468581389d34126760ba3dd0fe077a7c2ce378dd62cafeeb4ba1493766d09fd561d69a5bf8109ffcd3e43d8c16b9c3fa92d4439c5af1fa4775d01dcf0748a24ab51b52fbe752", 0x53}, {&(0x7f0000000740)="f52ec22aafecc37a6d9995f1afb5c1727f223f9b84451a110b1dfbf19cc7ed183ba93f6d55645001887fc999262b9c938e22ef5ec46b4b1b535060dcca5cff1f0e5a1d9b32cef2b6e0a61af7968dc1759c4d901867d7d6e9f2521f6a1578e1cc2fbf58837a2633c0b8299192718c61227412dafd01e899723b33735bbec3e1429117362acc4139fc3565f183bd5568f47f4bc416adb360fdd9c497c2ad2ffe1ad738f4c073f1378d2b455e61844076a4a97ac1e13e2fb300ae69d55c501f96dcc39bf7ed835cc866f0fbd8e936e8374a484f111919dc610e0a36a0ee3df2ab1dc34cea42a4292e2fbaa8", 0xea}], 0x4}}, {{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)="acc870bde54caaeacb0000108cef4fa7bf44702b284b2e80cb32d33a86853c8c28797cd14c72c87f849f6ccbf3198d11a0b1ef000000000200000088e0e022b04dbd50d36f3c028c27ba0000", 0x4c}, {&(0x7f0000000e80)="5be3b011e12323e4ab88c0472f0700000000000000e71ba6231f303d2db97401439932cfd4855c4cc243dae723789d8a9a16be3135c5f82691837c90ab19545f7a1dcf1449fd59eecae5f52fba1e89d6d34b39297bbbc2580600000000000000d6e36e737691a1c6bd2a64b2a85cbaaf646e72f8fe08c33a33b275787892f61fbb621794716f96031931b55af30fa01d72aa5a53ee4c07ab7c96a4a9ed93f4d20269982ab6feb22d8e77afb7b861622ab963b07f0026fd6424082bcd0864a854e542aacc3201fff776fe1c00"/216, 0xd8}], 0x2}}], 0x2, 0xc0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0) 1.030311987s ago: executing program 7 (id=466): pipe2$9p(0x0, 0x0) syz_emit_vhci(&(0x7f0000003200)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x4}, @HCI_OP_LE_SET_ADV_SET_RAND_ADDR={{}, 0x8}}}, 0x7) 1.030083268s ago: executing program 7 (id=468): write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff5"], 0xfdef) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="24000000340009000000000000400000020000001000018009006400a553"], 0x24}, 0x1, 0x0, 0x0, 0x4841}, 0x4000010) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = dup(r0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x42, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.029680718s ago: executing program 4 (id=469): socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10) socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeef, 0x8031, 0xffffffffffffffff, 0x55779000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r3) r4 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c) listen(r4, 0x0) r5 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) accept(r3, 0x0, 0x0) recvfrom(r5, &(0x7f0000000180)=""/60, 0xfffffffffffffecb, 0x4100, 0x0, 0x0) 1.029580943s ago: executing program 7 (id=470): prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) r2 = fanotify_init(0x8, 0x80000) fanotify_mark(r2, 0x105, 0x4800003a, r1, 0x0) read$FUSE(0xffffffffffffffff, 0x0, 0x0) mkdir(&(0x7f0000000100)='./file1\x00', 0x13b) mkdir(&(0x7f0000000000)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f0000000140)='./bus\x00') r3 = open(&(0x7f0000000580)='./file1\x00', 0x80342, 0x1df2a23c5997fa5f) write$FUSE_CREATE_OPEN(r3, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x8, 0x1000000000003, 0x5, 0x8, 0x3, 0x1, {0x5, 0x17f, 0x20ff, 0x5, 0x89, 0xd615, 0xb, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x3ff, 0x1}}, {0x0, 0x13}}}, 0xa0) sendfile(r3, r3, 0x0, 0x7f03) 345.953862ms ago: executing program 6 (id=480): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c) listen(r0, 0xfffffffc) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000), 0x4) sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={0x28, r2, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0) 287.854816ms ago: executing program 6 (id=481): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8) sendto$inet6(r0, 0x0, 0x0, 0x4c881, &(0x7f0000000540)={0xa, 0x4e24, 0x0, @mcast2}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000003640)=[{{0x0, 0x0, &(0x7f00000030c0)=[{&(0x7f0000003100)="af", 0x1}, {&(0x7f00000020c0)}], 0x2}}], 0x1, 0x4040005) 218.321876ms ago: executing program 6 (id=483): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) sendmsg$key(r0, &(0x7f00000001c0)={0x40000000, 0x0, 0x0}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400008a, 0x0) 218.012619ms ago: executing program 5 (id=484): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x4}, 0x6) bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="19000000"], 0x48) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000100)=@generic={0x0, 0x0, 0x8}, 0x18) bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d) ioctl$sock_netdev_private(r2, 0x8914, &(0x7f0000000000)) r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, 0x0, 0x0) r4 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, 0x0, 0x0) ioctl$sock_rose_SIOCADDRT(r3, 0x890b, &(0x7f00000007c0)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x7, @null, @bpq0, 0x5, [@null, @default, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null]}) r6 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_mreq(r6, 0x29, 0x1b, 0x0, 0x0) ioctl$sock_rose_SIOCADDRT(r4, 0x890b, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x8000, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000140)) syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, 0x0, 0x0) 116.192415ms ago: executing program 5 (id=485): sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x270, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="0203"], 0x10}}, 0x0) io_submit(0x0, 0x0, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) ioctl$vim2m_VIDIOC_G_FMT(r0, 0xc0285629, &(0x7f0000000080)={0x3, @win={{0x2}, 0x7, 0x0, &(0x7f0000000040)={{0x6}}, 0x0, 0x0}}) 115.892076ms ago: executing program 4 (id=486): pipe2$9p(&(0x7f00000001c0), 0x0) syz_emit_vhci(0x0, 0x0) 115.661752ms ago: executing program 5 (id=487): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='&\x00\x00\x00\a'], 0x50) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, 0x0, 0x0) 66.654165ms ago: executing program 7 (id=488): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e21, @multicast1}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='nv\x00', 0x3) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25) 66.443836ms ago: executing program 6 (id=489): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c) listen(r0, 0xfffffffc) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000), 0x4) sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={0x28, r2, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0) 66.336849ms ago: executing program 5 (id=490): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000002c0)="68377863ac6ea61666eaa696435a75f1626fe3a3acedcaf71527ff51d446daac757559d2d6fc2b90952355ec6c61d718c91784312b1b4771888a0811895b02ffb658934b0bbd6466c9cc04cc7252f1f1deea5a8b9c6797c8f1263db526cf88899f7ecab544662eb34743cefb660a78cb9468d2900b3cda4cca9d89ab6d341d145acf249276dda272407bc98d9e5431316d468b9e4750f2316589dc4de3157592d27fd723a512c85b08035842b75ec422346f9696f4bb3226b0ca75d135ebd8cae46fb83b71c103e1fdcb1934fd1d28b4916abe2c44e26ea72be426c27052e816212096000155788943b846746c", 0xed}, {&(0x7f00000003c0)="5453b4b759f9d4f4f33bda880b70e0dadde06223919f4585429ef69078a4956f646ea03bfd4c090a003c01f32b1a175baf38c1eb4572c8b372a4cf9128062e58ff575546876a2804144c3aea98c4a3533396f87e860de8c66bceb0e6b387ec853b7e91c57587d38436637e702ae18eeccefdcd7a3cdd7bfc327b5d619b57d56afe1628b65e2948af5ee0e3f52746a5aff58bb7c6d253a58bf745584d1bc19fe5e42b5534eab9e9d2587b413e81f68b60f56130f82b327f5fe900e3e107bc6b783d1d23a056426d6502133386b51e657046c1c43a2a2c4a7611ee6592a5ee08700d24d832163b3def", 0xe8}, {&(0x7f0000000640)="d48c8225ddfdf2c06c27763617468581389d34126760ba3dd0fe077a7c2ce378dd62cafeeb4ba1493766d09fd561d69a5bf8109ffcd3e43d8c16b9c3fa92d4439c5af1fa4775d01dcf0748a24ab51b52fbe752", 0x53}, {&(0x7f0000000740)="f52ec22aafecc37a6d9995f1afb5c1727f223f9b84451a110b1dfbf19cc7ed183ba93f6d55645001887fc999262b9c938e22ef5ec46b4b1b535060dcca5cff1f0e5a1d9b32cef2b6e0a61af7968dc1759c4d901867d7d6e9f2521f6a1578e1cc2fbf58837a2633c0b8299192718c61227412dafd01e899723b33735bbec3e1429117362acc4139fc3565f183bd5568f47f4bc416adb360fdd9c497c2ad2ffe1ad738f4c073f1378d2b455e61844076a4a97ac1e13e2fb300ae69d55c501f96dcc39bf7ed835cc866f0fbd8e936e8374a484f111919dc610e0a36a0ee3df2ab1dc34cea42a4292e2fbaa8", 0xea}, {0x0}], 0x5}}, {{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)="acc870bde54caaeacb0000108cef4fa7bf44702b284b2e80cb32d33a86853c8c28797cd14c72c87f849f6ccbf3198d11a0b1ef000000000200000088e0e022b04dbd50d36f3c028c27ba0000", 0x4c}, {&(0x7f0000000e80)="5be3b011e12323e4ab88c0472f0700000000000000e71ba6231f303d2db97401439932cfd4855c4cc243dae723789d8a9a16be3135c5f82691837c90ab19545f7a1dcf1449fd59eecae5f52fba1e89d6d34b39297bbbc2580600000000000000d6e36e737691a1c6bd2a64b2a85cbaaf646e72f8fe08c33a33b275787892f61fbb621794716f96031931b55af30fa01d72aa5a53ee4c07ab7c96a4a9ed93f4d20269982ab6feb22d8e77afb7b861622ab963b07f0026fd6424082bcd0864a854e542aacc3201fff776fe1c00"/216, 0xd8}], 0x2}}], 0x2, 0xc0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0) 66.210459ms ago: executing program 6 (id=491): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) 66.160428ms ago: executing program 4 (id=492): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8) sendto$inet6(r0, 0x0, 0x0, 0x4c881, &(0x7f0000000540)={0xa, 0x4e24, 0x0, @mcast2}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000003640)=[{{0x0, 0x0, &(0x7f00000030c0)=[{&(0x7f0000003100)="af", 0x1}, {&(0x7f00000020c0)}], 0x2}}], 0x1, 0x4040005) 1.023469ms ago: executing program 5 (id=493): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x4}, 0x6) bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="19000000"], 0x48) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000100)=@generic={0x0, 0x0, 0x8}, 0x18) bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d) ioctl$sock_netdev_private(r2, 0x8914, &(0x7f0000000000)) r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, 0x0, 0x0) r4 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, 0x0, 0x0) ioctl$sock_rose_SIOCADDRT(r3, 0x890b, &(0x7f00000007c0)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x7, @null, @bpq0, 0x5, [@null, @default, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null]}) r6 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_mreq(r6, 0x29, 0x1b, 0x0, 0x0) ioctl$sock_rose_SIOCADDRT(r4, 0x890b, &(0x7f00000000c0)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x3, @default, @bpq0, 0x7, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @null]}) openat$tun(0xffffffffffffff9c, 0x0, 0x8000, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0) syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, 0x0, 0x0) 778.029µs ago: executing program 7 (id=494): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x4}, 0x6) bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="19000000"], 0x48) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000100)=@generic={0x0, 0x0, 0x8}, 0x18) bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d) ioctl$sock_netdev_private(r1, 0x8914, &(0x7f0000000000)) r2 = syz_init_net_socket$rose(0xb, 0x5, 0x0) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, 0x0, 0x0) r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, 0x0, 0x0) ioctl$sock_rose_SIOCADDRT(r2, 0x890b, &(0x7f00000007c0)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x7, @null, @bpq0, 0x5, [@null, @default, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null]}) r5 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_mreq(r5, 0x29, 0x1b, 0x0, 0x0) ioctl$sock_rose_SIOCADDRT(r3, 0x890b, &(0x7f00000000c0)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x3, @default, @bpq0, 0x7, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @null]}) openat$tun(0xffffffffffffff9c, 0x0, 0x8000, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000140)) 531.65µs ago: executing program 4 (id=495): write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff5"], 0xfdef) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="24000000340009000000000000400000020000001000018009006400a553"], 0x24}, 0x1, 0x0, 0x0, 0x4841}, 0x4000010) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = dup(r0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x42, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 421.268µs ago: executing program 6 (id=496): socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10) socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeef, 0x8031, 0xffffffffffffffff, 0x55779000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r3) r4 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c) listen(r4, 0x0) r5 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0xfffffdef}, 0x1, 0x0, 0x0, 0xc000}, 0x10) recvfrom(r5, &(0x7f0000000180)=""/60, 0xfffffffffffffecb, 0x4100, 0x0, 0x0) 362.171µs ago: executing program 4 (id=497): sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x270, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="0203"], 0x10}}, 0x0) io_submit(0x0, 0x0, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) ioctl$vim2m_VIDIOC_G_FMT(r0, 0xc0285629, &(0x7f0000000080)={0x3, @win={{0x2}, 0x7, 0x0, &(0x7f0000000040)={{0x6}}, 0x0, 0x0}}) 98.961µs ago: executing program 7 (id=498): r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) connect$rose(r0, &(0x7f0000000040)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x1, @null}, 0x1c) syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0) 0s ago: executing program 5 (id=499): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) sendmsg$key(r0, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={0x0, 0x80}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400008a, 0x0) kernel console output (not intermixed with test programs): [ 38.126452][ T40] audit: type=1400 audit(1751555464.996:60): avc: denied { rlimitinh } for pid=5837 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 38.132996][ T40] audit: type=1400 audit(1751555464.996:61): avc: denied { siginh } for pid=5837 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '[localhost]:24861' (ED25519) to the list of known hosts. [ 39.168025][ T40] audit: type=1400 audit(1751555466.056:62): avc: denied { name_bind } for pid=5844 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 39.186978][ T40] audit: type=1400 audit(1751555466.076:63): avc: denied { write } for pid=5845 comm="sh" path="pipe:[2587]" dev="pipefs" ino=2587 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 39.198829][ T40] audit: type=1400 audit(1751555466.086:64): avc: denied { execute } for pid=5845 comm="sh" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 39.207761][ T40] audit: type=1400 audit(1751555466.086:65): avc: denied { execute_no_trans } for pid=5845 comm="sh" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 41.033092][ T40] audit: type=1400 audit(1751555467.926:66): avc: denied { mounton } for pid=5845 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 41.035600][ T5845] cgroup: Unknown subsys name 'net' [ 41.224782][ T5845] cgroup: Unknown subsys name 'cpuset' [ 41.228679][ T5845] cgroup: Unknown subsys name 'rlimit' [ 41.447185][ T5910] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 42.114966][ T5845] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 45.279480][ T40] kauditd_printk_skb: 13 callbacks suppressed [ 45.279490][ T40] audit: type=1400 audit(1751555472.166:80): avc: denied { execmem } for pid=5926 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 45.477032][ T40] audit: type=1400 audit(1751555472.366:81): avc: denied { create } for pid=5929 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 45.487165][ T40] audit: type=1400 audit(1751555472.366:82): avc: denied { read write } for pid=5929 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 45.496586][ T40] audit: type=1400 audit(1751555472.366:83): avc: denied { open } for pid=5929 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 45.504478][ T40] audit: type=1400 audit(1751555472.376:84): avc: denied { ioctl } for pid=5929 comm="syz-executor" path="socket:[4053]" dev="sockfs" ino=4053 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 45.524419][ T5933] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 45.528278][ T5933] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 45.532765][ T63] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 45.535207][ T63] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 45.538007][ T5936] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 45.538267][ T63] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 45.541107][ T5936] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 45.543209][ T63] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 45.545809][ T5936] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 45.550824][ T5936] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 45.550960][ T5938] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 45.554670][ T5936] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 45.560391][ T5936] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 45.560434][ T5943] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 45.565168][ T40] audit: type=1400 audit(1751555472.446:85): avc: denied { read } for pid=5929 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 45.566367][ T5936] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 45.568693][ T5940] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 45.571554][ T5940] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 45.572085][ T5940] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 45.573279][ T40] audit: type=1400 audit(1751555472.446:86): avc: denied { open } for pid=5929 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 45.573303][ T40] audit: type=1400 audit(1751555472.456:87): avc: denied { mounton } for pid=5929 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 45.574101][ T5943] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 45.575123][ T5936] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 45.819192][ T40] audit: type=1400 audit(1751555472.706:88): avc: denied { module_request } for pid=5929 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 45.863949][ T5929] chnl_net:caif_netlink_parms(): no params data found [ 45.884093][ T5941] chnl_net:caif_netlink_parms(): no params data found [ 46.064474][ T5929] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.067193][ T5929] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.069566][ T5929] bridge_slave_0: entered allmulticast mode [ 46.073745][ T5929] bridge_slave_0: entered promiscuous mode [ 46.081072][ T5937] chnl_net:caif_netlink_parms(): no params data found [ 46.087740][ T5941] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.089974][ T5941] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.092455][ T5941] bridge_slave_0: entered allmulticast mode [ 46.095137][ T5941] bridge_slave_0: entered promiscuous mode [ 46.098349][ T5931] chnl_net:caif_netlink_parms(): no params data found [ 46.104517][ T5929] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.106793][ T5929] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.109039][ T5929] bridge_slave_1: entered allmulticast mode [ 46.111753][ T5929] bridge_slave_1: entered promiscuous mode [ 46.129626][ T5941] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.132009][ T5941] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.134658][ T5941] bridge_slave_1: entered allmulticast mode [ 46.137180][ T5941] bridge_slave_1: entered promiscuous mode [ 46.160077][ T5929] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.168642][ T5929] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.260090][ T5941] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.292660][ T5929] team0: Port device team_slave_0 added [ 46.295907][ T5941] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.328414][ T5929] team0: Port device team_slave_1 added [ 46.428780][ T5941] team0: Port device team_slave_0 added [ 46.430882][ T5931] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.433499][ T5931] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.435765][ T5931] bridge_slave_0: entered allmulticast mode [ 46.438320][ T5931] bridge_slave_0: entered promiscuous mode [ 46.441188][ T5937] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.444219][ T5937] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.446460][ T5937] bridge_slave_0: entered allmulticast mode [ 46.448999][ T5937] bridge_slave_0: entered promiscuous mode [ 46.452310][ T5929] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.455279][ T5929] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.463862][ T5929] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.469760][ T5941] team0: Port device team_slave_1 added [ 46.485683][ T5931] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.487942][ T5931] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.490184][ T5931] bridge_slave_1: entered allmulticast mode [ 46.493765][ T5931] bridge_slave_1: entered promiscuous mode [ 46.496331][ T5937] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.498587][ T5937] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.500796][ T5937] bridge_slave_1: entered allmulticast mode [ 46.504596][ T5937] bridge_slave_1: entered promiscuous mode [ 46.519418][ T5929] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.521622][ T5929] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.529636][ T5929] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.569069][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.571299][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.579380][ T5941] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.638185][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.640343][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.648213][ T5941] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.655680][ T5931] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.660853][ T5937] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.667254][ T5929] hsr_slave_0: entered promiscuous mode [ 46.669615][ T5929] hsr_slave_1: entered promiscuous mode [ 46.678885][ T5931] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.683003][ T5937] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.716328][ T5937] team0: Port device team_slave_0 added [ 46.746344][ T5931] team0: Port device team_slave_0 added [ 46.750402][ T5937] team0: Port device team_slave_1 added [ 46.785249][ T5931] team0: Port device team_slave_1 added [ 46.883037][ T5941] hsr_slave_0: entered promiscuous mode [ 46.885305][ T5941] hsr_slave_1: entered promiscuous mode [ 46.887335][ T5941] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.889809][ T5941] Cannot create hsr debugfs directory [ 46.892911][ T5931] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.895113][ T5931] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.903046][ T5931] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.918492][ T5937] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.920685][ T5937] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.928654][ T5937] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.937936][ T5937] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.940110][ T5937] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.948104][ T5937] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.955445][ T5931] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.957628][ T5931] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.965720][ T5931] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.083314][ T5937] hsr_slave_0: entered promiscuous mode [ 47.085527][ T5937] hsr_slave_1: entered promiscuous mode [ 47.087577][ T5937] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 47.089929][ T5937] Cannot create hsr debugfs directory [ 47.131845][ T5931] hsr_slave_0: entered promiscuous mode [ 47.135107][ T5931] hsr_slave_1: entered promiscuous mode [ 47.137659][ T5931] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 47.140626][ T5931] Cannot create hsr debugfs directory [ 47.357448][ T5929] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 47.369535][ T5929] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 47.379782][ T5929] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 47.387974][ T5929] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 47.414877][ T5941] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 47.419504][ T5941] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 47.423586][ T5941] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 47.430350][ T5941] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 47.486105][ T5937] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 47.490318][ T5937] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 47.495741][ T5937] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 47.507777][ T5937] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 47.536672][ T5929] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.547105][ T5931] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 47.552168][ T5931] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 47.558346][ T5931] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 47.564179][ T5931] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 47.572833][ T63] Bluetooth: hci0: command tx timeout [ 47.589583][ T5929] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.606576][ T1142] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.608971][ T1142] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.617412][ T5941] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.626799][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.629110][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.652823][ T63] Bluetooth: hci1: command tx timeout [ 47.653386][ T5936] Bluetooth: hci3: command tx timeout [ 47.656161][ T5941] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.662024][ T5936] Bluetooth: hci2: command tx timeout [ 47.669078][ T1142] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.671456][ T1142] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.675026][ T1142] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.677214][ T1142] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.707597][ T5929] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 47.742034][ T5937] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.744297][ T40] audit: type=1400 audit(1751555474.636:89): avc: denied { sys_module } for pid=5929 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 47.757883][ T5931] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.771397][ T5937] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.779093][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.782086][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.793837][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.796022][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.801645][ T5931] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.817518][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.819767][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.823890][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.826027][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.874903][ T5929] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.888403][ T5941] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.919786][ T5929] veth0_vlan: entered promiscuous mode [ 47.934194][ T5929] veth1_vlan: entered promiscuous mode [ 47.938599][ T5941] veth0_vlan: entered promiscuous mode [ 47.948514][ T5941] veth1_vlan: entered promiscuous mode [ 47.965961][ T5929] veth0_macvtap: entered promiscuous mode [ 47.971128][ T5929] veth1_macvtap: entered promiscuous mode [ 47.983091][ T5937] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.992932][ T5929] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.001738][ T5931] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.007051][ T5929] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.009706][ T5941] veth0_macvtap: entered promiscuous mode [ 48.018254][ T5929] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.021193][ T5929] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.026360][ T5929] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.029096][ T5929] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.035946][ T5941] veth1_macvtap: entered promiscuous mode [ 48.059064][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.069090][ T5937] veth0_vlan: entered promiscuous mode [ 48.073064][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.081570][ T5941] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.085859][ T5941] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.089478][ T5941] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.093382][ T5941] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.112716][ T5931] veth0_vlan: entered promiscuous mode [ 48.116036][ T5937] veth1_vlan: entered promiscuous mode [ 48.128168][ T5931] veth1_vlan: entered promiscuous mode [ 48.143634][ T1144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.146270][ T1144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.170002][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.173487][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.186802][ T5937] veth0_macvtap: entered promiscuous mode [ 48.190387][ T5931] veth0_macvtap: entered promiscuous mode [ 48.193354][ T96] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.193976][ T5937] veth1_macvtap: entered promiscuous mode [ 48.195819][ T96] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.199075][ T5931] veth1_macvtap: entered promiscuous mode [ 48.216506][ T5929] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 48.220662][ T1142] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.223969][ T1142] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.224752][ T5931] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.230875][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.246222][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.251240][ T5931] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.257942][ T5931] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.261337][ T5931] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.265315][ T5931] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.268910][ T5931] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.276857][ T5937] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.279605][ T5937] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.283145][ T5937] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.288658][ T5937] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.366684][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.369171][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.375184][ T6023] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6'. [ 48.403143][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.406441][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.417978][ T1144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.422804][ T1144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.436469][ T1144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.440847][ T1144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.568317][ T6034] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 48.675489][ T6039] warning: `syz.2.10' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 49.392828][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 49.552158][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 49.555142][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 49.651986][ T5936] Bluetooth: hci0: command tx timeout [ 49.752997][ T5936] Bluetooth: hci1: command tx timeout [ 49.755560][ T5936] Bluetooth: hci2: command tx timeout [ 49.763360][ T5936] Bluetooth: hci3: command tx timeout [ 50.443504][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 50.482743][ T40] kauditd_printk_skb: 58 callbacks suppressed [ 50.482754][ T40] audit: type=1400 audit(1751555477.376:148): avc: denied { read } for pid=6075 comm="syz.2.21" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 50.491552][ T40] audit: type=1400 audit(1751555477.376:149): avc: denied { open } for pid=6075 comm="syz.2.21" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 50.534088][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 50.535868][ T40] audit: type=1400 audit(1751555477.426:150): avc: denied { write } for pid=6075 comm="syz.2.21" name="mcfilter6" dev="proc" ino=4026533118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 50.561944][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 50.621722][ T40] audit: type=1400 audit(1751555477.506:151): avc: denied { ioctl } for pid=6080 comm="syz.1.23" path="socket:[7933]" dev="sockfs" ino=7933 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 50.631550][ T40] audit: type=1400 audit(1751555477.506:152): avc: denied { write } for pid=6080 comm="syz.1.23" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 50.673333][ T40] audit: type=1326 audit(1751555477.566:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6082 comm="syz.1.24" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f54f678e929 code=0x0 [ 50.694682][ T40] audit: type=1400 audit(1751555477.586:154): avc: denied { create } for pid=6078 comm="syz.0.22" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 50.701027][ T40] audit: type=1400 audit(1751555477.586:155): avc: denied { write } for pid=6078 comm="syz.0.22" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 50.711318][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 50.916124][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 51.018499][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 51.092043][ T40] audit: type=1400 audit(1751555477.976:156): avc: denied { create } for pid=6093 comm="syz.3.28" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 51.100273][ T40] audit: type=1400 audit(1751555477.986:157): avc: denied { write } for pid=6093 comm="syz.3.28" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 51.120947][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 51.120981][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 51.734796][ T63] Bluetooth: hci0: command tx timeout [ 51.811951][ T63] Bluetooth: hci3: command tx timeout [ 51.813843][ T63] Bluetooth: hci1: command tx timeout [ 51.815694][ T5936] Bluetooth: hci2: command tx timeout [ 51.836826][ T6112] netlink: 8 bytes leftover after parsing attributes in process `syz.1.32'. [ 52.563290][ T6123] syz.1.38 uses obsolete (PF_INET,SOCK_PACKET) [ 52.709062][ T6129] Bluetooth: MGMT ver 1.23 [ 52.735925][ T6132] netlink: 'syz.0.42': attribute type 10 has an invalid length. [ 52.743958][ T6132] 8021q: adding VLAN 0 to HW filter on device bond0 [ 52.762485][ T6132] team0: Port device bond0 added [ 52.783283][ T6132] netlink: 4 bytes leftover after parsing attributes in process `syz.0.42'. [ 52.892672][ T6132] team0 (unregistering): Port device team_slave_0 removed [ 53.056726][ T6132] team0 (unregistering): Port device team_slave_1 removed [ 53.093177][ T6132] team0 (unregistering): Port device bond0 removed [ 53.237033][ T6141] syz.0.45 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 53.602715][ T6147] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.48'. [ 53.608424][ T6147] xt_hashlimit: size too large, truncated to 1048576 [ 53.812232][ T5936] Bluetooth: hci0: command tx timeout [ 53.891907][ T5936] Bluetooth: hci2: command tx timeout [ 53.905059][ T6159] affs: No valid root block on device nullb0 [ 53.908112][ T63] Bluetooth: hci3: command tx timeout [ 53.909763][ T5936] Bluetooth: hci1: command tx timeout [ 54.771940][ T5935] Bluetooth: hci0: Opcode 0x0401 failed: -110 [ 55.892023][ T5935] Bluetooth: hci0: command 0x0401 tx timeout [ 56.349696][ T40] kauditd_printk_skb: 73 callbacks suppressed [ 56.349763][ T40] audit: type=1400 audit(1751555483.236:231): avc: denied { create } for pid=6232 comm="syz.3.66" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 56.362302][ T40] audit: type=1400 audit(1751555483.256:232): avc: denied { setopt } for pid=6232 comm="syz.3.66" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 56.362946][ T6233] x_tables: duplicate underflow at hook 1 [ 56.412150][ T40] audit: type=1400 audit(1751555483.296:233): avc: denied { read write } for pid=6235 comm="syz.0.67" name="nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 56.419528][ T40] audit: type=1400 audit(1751555483.306:234): avc: denied { open } for pid=6235 comm="syz.0.67" path="/dev/nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 56.427807][ T40] audit: type=1400 audit(1751555483.306:235): avc: denied { create } for pid=6234 comm="syz.3.68" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 56.437818][ T40] audit: type=1400 audit(1751555483.306:236): avc: denied { connect } for pid=6234 comm="syz.3.68" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 56.476481][ T6241] netlink: 96 bytes leftover after parsing attributes in process `syz.0.70'. [ 56.479337][ T6241] netlink: 96 bytes leftover after parsing attributes in process `syz.0.70'. [ 56.508524][ T40] audit: type=1400 audit(1751555483.396:237): avc: denied { bind } for pid=6242 comm="syz.1.71" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 56.538658][ T40] audit: type=1400 audit(1751555483.426:238): avc: denied { execute } for pid=6248 comm="syz.1.73" path=2F6D656D66643A01FDAE2E2BA68CB63F32193994532C7C783F55655BBDE1210333BC2723FF179B25F35B642006202864656C6574656429 dev="hugetlbfs" ino=9422 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 56.576061][ T40] audit: type=1400 audit(1751555483.466:239): avc: denied { ioctl } for pid=6250 comm="syz.1.74" path="/dev/vhost-vsock" dev="devtmpfs" ino=1301 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 56.853345][ T6260] capability: warning: `syz.1.76' uses 32-bit capabilities (legacy support in use) [ 57.429348][ T6267] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.77'. [ 57.730878][ T40] audit: type=1400 audit(1751555484.616:240): avc: denied { read write } for pid=6272 comm="syz.3.81" name="radio4" dev="devtmpfs" ino=1006 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 57.786934][ T6274] vivid-002: disconnect [ 57.789039][ T6272] vivid-002: reconnect [ 66.071821][ C0] sched: DL replenish lagged too much [ 66.533449][ T40] kauditd_printk_skb: 4 callbacks suppressed [ 66.533461][ T40] audit: type=1400 audit(1751555493.416:245): avc: denied { ioctl } for pid=6300 comm="syz.0.91" path="/dev/media0" dev="devtmpfs" ino=954 ioctlcmd=0x7c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 66.745971][ T40] audit: type=1400 audit(1751555493.416:246): avc: denied { create } for pid=6300 comm="syz.0.91" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 66.758290][ T40] audit: type=1400 audit(1751555493.416:247): avc: denied { connect } for pid=6300 comm="syz.0.91" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 67.097209][ T40] audit: type=1400 audit(1751555493.986:248): avc: denied { create } for pid=6307 comm="syz.3.94" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 67.125756][ T40] audit: type=1400 audit(1751555493.996:249): avc: denied { write } for pid=6307 comm="syz.3.94" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 71.217941][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.223875][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 82.270637][ T53] cfg80211: failed to load regulatory.db [ 87.171325][ T6327] netlink: 24 bytes leftover after parsing attributes in process `syz.2.99'. [ 91.680336][ T5936] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 91.820632][ T5936] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 91.843735][ T40] audit: type=1400 audit(1751555518.476:250): avc: denied { ioctl } for pid=6334 comm="syz-executor" path="socket:[10544]" dev="sockfs" ino=10544 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 92.179925][ T5936] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 92.466110][ T5936] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 92.469073][ T5936] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 96.647036][ T5935] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 97.238562][ T5935] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 97.260321][ T5935] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 97.437750][ T5935] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 97.440220][ T5935] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 97.914571][ T5936] Bluetooth: hci4: command tx timeout [ 100.607778][ T5936] Bluetooth: hci1: command tx timeout [ 100.609833][ T5936] Bluetooth: hci4: command tx timeout [ 102.723416][ T5935] Bluetooth: hci4: command tx timeout [ 102.725155][ T5935] Bluetooth: hci1: command tx timeout [ 104.861297][ T5935] Bluetooth: hci1: command tx timeout [ 104.864584][ T5936] Bluetooth: hci4: command tx timeout [ 106.948836][ T5936] Bluetooth: hci1: command tx timeout [ 132.653206][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.662762][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 141.551139][ T5936] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 141.628674][ T5936] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 141.687138][ T5936] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 141.750268][ T5936] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 141.817764][ T5936] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 143.337397][ T5935] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 143.340914][ T5935] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 143.371105][ T5935] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 143.390930][ T5935] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 143.548484][ T5935] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 144.305780][ T5935] Bluetooth: hci0: command tx timeout [ 145.656159][ T5935] Bluetooth: hci3: command tx timeout [ 146.377718][ T5935] Bluetooth: hci0: command tx timeout [ 147.736485][ T5935] Bluetooth: hci3: command tx timeout [ 148.458374][ T5935] Bluetooth: hci0: command tx timeout [ 149.817926][ T5935] Bluetooth: hci3: command tx timeout [ 150.831045][ T5935] Bluetooth: hci0: command tx timeout [ 151.904847][ T5935] Bluetooth: hci3: command tx timeout [ 194.112525][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.122020][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 207.574372][ T63] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 207.584427][ T63] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 207.603944][ T63] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 207.619727][ T63] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 207.645023][ T63] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 207.800030][ T63] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 207.825200][ T63] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 207.830647][ T63] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 207.850511][ T63] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 207.865707][ T63] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 208.618286][ T5936] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 208.635092][ T5936] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 208.649949][ T5936] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 208.805777][ T5936] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 208.870588][ T5936] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 209.839232][ T5936] Bluetooth: hci0: command tx timeout [ 210.461238][ T5935] Bluetooth: hci1: command tx timeout [ 211.905497][ T5935] Bluetooth: hci0: command tx timeout [ 211.988951][ T5935] Bluetooth: hci2: command tx timeout [ 212.537542][ T5935] Bluetooth: hci1: command tx timeout [ 216.025129][ T5935] Bluetooth: hci0: command tx timeout [ 216.026877][ T5935] Bluetooth: hci2: command tx timeout [ 216.028118][ T5936] Bluetooth: hci1: command tx timeout [ 218.064321][ T63] Bluetooth: hci0: command tx timeout [ 218.066269][ T63] Bluetooth: hci1: command tx timeout [ 218.068084][ T5936] Bluetooth: hci2: command tx timeout [ 220.150279][ T5936] Bluetooth: hci2: command tx timeout [ 239.267531][ T5936] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 240.730161][ T5935] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 242.625675][ T6379] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 244.846035][ T5936] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 244.894133][ T5936] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 244.913164][ T5936] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 244.986234][ T5936] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 244.988764][ T5936] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 249.570137][ T5935] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 249.602267][ T5935] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 249.621414][ T5935] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 250.815969][ T5935] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 250.949253][ T5935] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 251.256672][ T5935] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 251.351334][ T5935] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 251.385187][ T5935] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 251.412194][ T5935] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 251.493940][ T5935] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 253.264706][ T5935] Bluetooth: hci4: command tx timeout [ 254.499924][ T5935] Bluetooth: hci3: command tx timeout [ 255.352870][ T5935] Bluetooth: hci4: command tx timeout [ 255.958333][ T5936] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 255.985096][ T5936] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 256.018190][ T5936] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 256.048132][ T5936] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 256.050636][ T5936] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 256.144952][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.154450][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.208963][ T63] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 256.215772][ T63] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 256.226073][ T63] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 256.276608][ T5933] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 256.295197][ T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 256.338414][ T5933] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 256.675702][ T5936] Bluetooth: hci3: command tx timeout [ 257.417614][ T5933] Bluetooth: hci4: command tx timeout [ 258.766743][ T5933] Bluetooth: hci3: command tx timeout [ 258.785689][ T5933] Bluetooth: hci6: command tx timeout [ 259.056002][ T5933] Bluetooth: hci5: command tx timeout [ 259.506188][ T5933] Bluetooth: hci4: command tx timeout [ 260.846701][ T5933] Bluetooth: hci3: command tx timeout [ 260.878415][ T5933] Bluetooth: hci6: command tx timeout [ 261.096659][ T5933] Bluetooth: hci5: command tx timeout [ 262.947423][ T5933] Bluetooth: hci6: command tx timeout [ 263.245525][ T5933] Bluetooth: hci5: command tx timeout [ 265.119306][ T5933] Bluetooth: hci6: command tx timeout [ 265.244192][ T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 265.254567][ T5933] Bluetooth: hci5: command tx timeout [ 273.464322][ T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 281.807389][ T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 287.688361][ T5936] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 287.703893][ T5936] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 287.757850][ T5936] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 287.760764][ T5936] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 287.767856][ T5936] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 290.056656][ T5933] Bluetooth: hci1: command tx timeout [ 292.137358][ T5933] Bluetooth: hci1: command tx timeout [ 294.252351][ T13] bridge_slave_1: left allmulticast mode [ 294.254126][ T5933] Bluetooth: hci1: command tx timeout [ 294.264152][ T13] bridge_slave_1: left promiscuous mode [ 294.293062][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 294.414695][ T13] bridge_slave_0: left allmulticast mode [ 294.425699][ T13] bridge_slave_0: left promiscuous mode [ 294.520602][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 296.385864][ T5933] Bluetooth: hci1: command tx timeout [ 317.022223][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.033030][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 334.483350][ T63] Bluetooth: hci0: command 0x0406 tx timeout [ 334.794219][ T63] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 334.821260][ T63] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 335.075915][ T63] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 335.277780][ T63] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 335.806224][ T63] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 339.086540][ T63] Bluetooth: hci2: command tx timeout [ 341.385879][ T63] Bluetooth: hci2: command tx timeout [ 344.087432][ T63] Bluetooth: hci2: command tx timeout [ 345.048642][ T5933] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 345.129521][ T5933] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 345.141578][ T5933] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 345.247710][ T5933] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 345.304421][ T5933] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 346.154560][ T5933] Bluetooth: hci2: command tx timeout [ 347.435093][ T5933] Bluetooth: hci4: command tx timeout [ 348.393610][ T5933] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 348.463526][ T5933] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 348.476172][ T5933] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 348.836177][ T5933] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 349.406159][ T5933] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 349.503363][ T63] Bluetooth: hci4: command tx timeout [ 352.228896][ T5933] Bluetooth: hci7: command tx timeout [ 352.230831][ T5933] Bluetooth: hci4: command tx timeout [ 354.307492][ T63] Bluetooth: hci4: command tx timeout [ 354.309649][ T63] Bluetooth: hci7: command tx timeout [ 356.513435][ T5933] Bluetooth: hci7: command tx timeout [ 358.567310][ T5933] Bluetooth: hci7: command tx timeout [ 374.577987][ T5933] Bluetooth: hci8: Opcode 0x0c03 failed: -110 [ 375.263254][ T5933] Bluetooth: hci3: command 0x0406 tx timeout [ 378.564062][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.572001][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 381.343805][ T5935] Bluetooth: hci6: command 0x0406 tx timeout [ 381.345755][ T5935] Bluetooth: hci5: command 0x0406 tx timeout [ 382.530944][ T63] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 382.545732][ T63] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 382.548445][ T63] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 382.556367][ T63] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 382.558848][ T63] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 382.648652][ T5933] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 382.690724][ T5933] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 382.697024][ T5933] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 382.777823][ T5933] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 382.780325][ T5933] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 385.002660][ T63] Bluetooth: hci8: command tx timeout [ 385.004715][ T63] Bluetooth: hci9: command tx timeout [ 387.064629][ T5933] Bluetooth: hci9: command tx timeout [ 387.065472][ T63] Bluetooth: hci8: command tx timeout [ 388.143086][ T5933] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 388.163047][ T5933] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 388.869907][ T5933] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 389.095699][ T5936] Bluetooth: hci8: command tx timeout [ 389.098155][ T5933] Bluetooth: hci9: command tx timeout [ 389.184426][ T5933] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 389.604219][ T5933] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 390.778359][ T63] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 390.793006][ T63] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 390.795780][ T63] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 390.798513][ T63] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 391.244604][ T63] Bluetooth: hci9: command tx timeout [ 391.244615][ T5936] Bluetooth: hci8: command tx timeout [ 391.298388][ T5936] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 392.306102][ T5933] Bluetooth: hci10: command tx timeout [ 393.416155][ T5933] Bluetooth: hci11: command tx timeout [ 394.376812][ T5933] Bluetooth: hci10: command tx timeout [ 395.495569][ T5933] Bluetooth: hci11: command tx timeout [ 396.454269][ T5933] Bluetooth: hci10: command tx timeout [ 397.585184][ T5933] Bluetooth: hci11: command tx timeout [ 398.537298][ T5933] Bluetooth: hci10: command tx timeout [ 399.656936][ T5933] Bluetooth: hci11: command tx timeout [ 409.907810][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 409.958710][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 409.996188][ T13] bond0 (unregistering): Released all slaves [ 411.097619][ T13] hsr_slave_0: left promiscuous mode [ 411.099799][ T13] hsr_slave_1: left promiscuous mode [ 411.102324][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 411.104688][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 411.107664][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 411.110167][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 411.135521][ T13] veth1_macvtap: left promiscuous mode [ 411.137966][ T13] veth0_macvtap: left promiscuous mode [ 411.139815][ T13] veth1_vlan: left promiscuous mode [ 411.142176][ T13] veth0_vlan: left promiscuous mode [ 411.252164][ T5936] Bluetooth: hci1: command 0x0406 tx timeout [ 412.018383][ T6366] chnl_net:caif_netlink_parms(): no params data found [ 412.222373][ T6366] bridge0: port 1(bridge_slave_0) entered blocking state [ 412.224603][ T6366] bridge0: port 1(bridge_slave_0) entered disabled state [ 412.226833][ T6366] bridge_slave_0: entered allmulticast mode [ 412.229377][ T6366] bridge_slave_0: entered promiscuous mode [ 412.237637][ T6431] chnl_net:caif_netlink_parms(): no params data found [ 412.242386][ T6429] chnl_net:caif_netlink_parms(): no params data found [ 412.249345][ T6366] bridge0: port 2(bridge_slave_1) entered blocking state [ 412.251612][ T6366] bridge0: port 2(bridge_slave_1) entered disabled state [ 412.254388][ T6366] bridge_slave_1: entered allmulticast mode [ 412.257049][ T6366] bridge_slave_1: entered promiscuous mode [ 412.290370][ T6439] chnl_net:caif_netlink_parms(): no params data found [ 412.377742][ T6366] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 412.382718][ T6366] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 412.607794][ T6366] team0: Port device team_slave_0 added [ 412.610355][ T6429] bridge0: port 1(bridge_slave_0) entered blocking state [ 412.613082][ T6429] bridge0: port 1(bridge_slave_0) entered disabled state [ 412.615385][ T6429] bridge_slave_0: entered allmulticast mode [ 412.617960][ T6429] bridge_slave_0: entered promiscuous mode [ 412.647510][ T6439] bridge0: port 1(bridge_slave_0) entered blocking state [ 412.649785][ T6439] bridge0: port 1(bridge_slave_0) entered disabled state [ 412.652455][ T6439] bridge_slave_0: entered allmulticast mode [ 412.655589][ T6439] bridge_slave_0: entered promiscuous mode [ 412.658594][ T6439] bridge0: port 2(bridge_slave_1) entered blocking state [ 412.660850][ T6439] bridge0: port 2(bridge_slave_1) entered disabled state [ 412.663569][ T6439] bridge_slave_1: entered allmulticast mode [ 412.666188][ T6439] bridge_slave_1: entered promiscuous mode [ 412.673288][ T6366] team0: Port device team_slave_1 added [ 412.676397][ T6429] bridge0: port 2(bridge_slave_1) entered blocking state [ 412.679309][ T6429] bridge0: port 2(bridge_slave_1) entered disabled state [ 412.682214][ T6429] bridge_slave_1: entered allmulticast mode [ 412.685503][ T6429] bridge_slave_1: entered promiscuous mode [ 412.702584][ T6431] bridge0: port 1(bridge_slave_0) entered blocking state [ 412.704794][ T6431] bridge0: port 1(bridge_slave_0) entered disabled state [ 412.707057][ T6431] bridge_slave_0: entered allmulticast mode [ 412.709675][ T6431] bridge_slave_0: entered promiscuous mode [ 412.713073][ T6431] bridge0: port 2(bridge_slave_1) entered blocking state [ 412.715278][ T6431] bridge0: port 2(bridge_slave_1) entered disabled state [ 412.717393][ T6431] bridge_slave_1: entered allmulticast mode [ 412.719843][ T6431] bridge_slave_1: entered promiscuous mode [ 412.782001][ T6438] chnl_net:caif_netlink_parms(): no params data found [ 412.837348][ T6439] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 412.841584][ T6366] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 412.844651][ T6366] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 412.855224][ T6366] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 412.864035][ T6429] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 412.883965][ T6431] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 412.889252][ T6431] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 412.894901][ T6439] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 412.898322][ T6366] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 412.900864][ T6366] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 412.911139][ T6366] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 412.926686][ T6429] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 413.018359][ T6431] team0: Port device team_slave_0 added [ 413.038755][ T6439] team0: Port device team_slave_0 added [ 413.049573][ T6429] team0: Port device team_slave_0 added [ 413.076213][ T6431] team0: Port device team_slave_1 added [ 413.078986][ T6439] team0: Port device team_slave_1 added [ 413.119853][ T6429] team0: Port device team_slave_1 added [ 413.225540][ T6366] hsr_slave_0: entered promiscuous mode [ 413.228160][ T6366] hsr_slave_1: entered promiscuous mode [ 413.230203][ T6366] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 413.232809][ T6366] Cannot create hsr debugfs directory [ 413.264910][ T6429] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 413.267738][ T6429] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 413.276688][ T6429] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 413.280615][ T6431] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 413.282861][ T6431] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 413.290820][ T6431] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 413.318329][ T6439] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 413.321227][ T6439] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 413.331960][ T6439] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 413.340462][ T6439] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 413.343550][ T6439] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 413.354218][ T6439] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 413.374342][ T6429] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 413.376581][ T6429] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 413.386334][ T6429] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 413.390567][ T6431] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 413.392941][ T6431] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 413.402250][ T6431] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 413.437253][ T13] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 413.448065][ T6438] bridge0: port 1(bridge_slave_0) entered blocking state [ 413.451101][ T6438] bridge0: port 1(bridge_slave_0) entered disabled state [ 413.454223][ T6438] bridge_slave_0: entered allmulticast mode [ 413.458055][ T6438] bridge_slave_0: entered promiscuous mode [ 413.462694][ T6438] bridge0: port 2(bridge_slave_1) entered blocking state [ 413.465605][ T6438] bridge0: port 2(bridge_slave_1) entered disabled state [ 413.468564][ T6438] bridge_slave_1: entered allmulticast mode [ 413.472478][ T6438] bridge_slave_1: entered promiscuous mode [ 413.563173][ T13] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 413.571528][ T6438] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 413.580091][ T6438] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 413.623408][ T6438] team0: Port device team_slave_0 added [ 413.627283][ T6438] team0: Port device team_slave_1 added [ 413.665447][ T13] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 413.767125][ T6438] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 413.769984][ T6438] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 413.780549][ T6438] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 413.789239][ T6439] hsr_slave_0: entered promiscuous mode [ 413.791446][ T6439] hsr_slave_1: entered promiscuous mode [ 413.794547][ T6439] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 413.796935][ T6439] Cannot create hsr debugfs directory [ 413.801181][ T6429] hsr_slave_0: entered promiscuous mode [ 413.804492][ T6429] hsr_slave_1: entered promiscuous mode [ 413.807342][ T6429] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 413.809822][ T6429] Cannot create hsr debugfs directory [ 413.817814][ T13] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 413.839307][ T6438] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 413.842296][ T6438] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 413.850577][ T6438] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 413.889748][ T6431] hsr_slave_0: entered promiscuous mode [ 413.892066][ T6431] hsr_slave_1: entered promiscuous mode [ 413.894123][ T6431] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 413.896458][ T6431] Cannot create hsr debugfs directory [ 414.018901][ T6438] hsr_slave_0: entered promiscuous mode [ 414.021128][ T6438] hsr_slave_1: entered promiscuous mode [ 414.023471][ T6438] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 414.025958][ T6438] Cannot create hsr debugfs directory [ 414.259991][ T6366] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 414.290992][ T13] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 414.316769][ T6366] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 414.335944][ T6366] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 414.342369][ T6366] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 414.362099][ T13] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 414.411364][ T6429] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 414.433550][ T6429] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 414.437755][ T6429] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 414.441670][ T6429] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 414.456467][ T13] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 414.486393][ T6366] 8021q: adding VLAN 0 to HW filter on device bond0 [ 414.506519][ T6366] 8021q: adding VLAN 0 to HW filter on device team0 [ 414.533076][ T1147] bridge0: port 1(bridge_slave_0) entered blocking state [ 414.535336][ T1147] bridge0: port 1(bridge_slave_0) entered forwarding state [ 414.538541][ T1147] bridge0: port 2(bridge_slave_1) entered blocking state [ 414.540760][ T1147] bridge0: port 2(bridge_slave_1) entered forwarding state [ 414.547565][ T6429] 8021q: adding VLAN 0 to HW filter on device bond0 [ 414.565872][ T6429] 8021q: adding VLAN 0 to HW filter on device team0 [ 414.574927][ T13] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 414.588913][ T1147] bridge0: port 1(bridge_slave_0) entered blocking state [ 414.591076][ T1147] bridge0: port 1(bridge_slave_0) entered forwarding state [ 414.600221][ T1146] bridge0: port 2(bridge_slave_1) entered blocking state [ 414.602435][ T1146] bridge0: port 2(bridge_slave_1) entered forwarding state [ 414.647653][ T6429] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 414.743330][ T13] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 414.783246][ T6366] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 414.793561][ T6429] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 414.820955][ T13] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 414.926361][ T6366] veth0_vlan: entered promiscuous mode [ 414.935386][ T6366] veth1_vlan: entered promiscuous mode [ 414.955061][ T13] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 414.971296][ T6429] veth0_vlan: entered promiscuous mode [ 414.983073][ T6429] veth1_vlan: entered promiscuous mode [ 414.987410][ T6366] veth0_macvtap: entered promiscuous mode [ 414.991523][ T6366] veth1_macvtap: entered promiscuous mode [ 415.001054][ T6366] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 415.015449][ T6366] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 415.020493][ T6429] veth0_macvtap: entered promiscuous mode [ 415.031028][ T13] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 415.039448][ T6429] veth1_macvtap: entered promiscuous mode [ 415.072504][ T6429] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 415.077055][ T6429] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 415.089050][ T6429] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 415.092861][ T6429] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 415.095588][ T6429] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 415.098275][ T6429] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 415.119160][ T1142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 415.123372][ T1142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 415.161082][ T13] bridge_slave_1: left allmulticast mode [ 415.164156][ T13] bridge_slave_1: left promiscuous mode [ 415.166164][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 415.170048][ T13] bridge_slave_0: left allmulticast mode [ 415.172759][ T13] bridge_slave_0: left promiscuous mode [ 415.174778][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 415.179796][ T13] bridge_slave_1: left allmulticast mode [ 415.181554][ T13] bridge_slave_1: left promiscuous mode [ 415.184305][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 415.188213][ T13] bridge_slave_0: left allmulticast mode [ 415.190005][ T13] bridge_slave_0: left promiscuous mode [ 415.191956][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 415.196394][ T13] bridge_slave_1: left allmulticast mode [ 415.198104][ T13] bridge_slave_1: left promiscuous mode [ 415.200288][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 415.204311][ T13] bridge_slave_0: left allmulticast mode [ 415.206041][ T13] bridge_slave_0: left promiscuous mode [ 415.207820][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 415.437085][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 415.443299][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 415.448216][ T13] bond0 (unregistering): Released all slaves [ 415.660791][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 415.666740][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 415.670180][ T13] bond0 (unregistering): Released all slaves [ 415.881718][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 415.890652][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 415.894451][ T13] bond0 (unregistering): Released all slaves [ 415.900373][ T1146] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 415.904085][ T1146] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 415.928047][ T40] audit: type=1400 audit(1751555842.816:251): avc: denied { mount } for pid=6366 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 415.930921][ T6415] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 415.935229][ T40] audit: type=1400 audit(1751555842.816:252): avc: denied { mounton } for pid=6366 comm="syz-executor" path="/syzkaller.PbDnji/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 415.937715][ T6415] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 416.023781][ T6415] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 416.031309][ T6415] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 416.043963][ T6438] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 416.061478][ T6438] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 416.067470][ T6438] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 416.071555][ T6438] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 416.158814][ T6431] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 416.169310][ T6431] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 416.214414][ T6431] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 416.218758][ T6431] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 416.388612][ T6439] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 416.395017][ T6439] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 416.442054][ T6439] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 416.480274][ T6439] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 416.728306][ T13] hsr_slave_0: left promiscuous mode [ 416.731453][ T13] hsr_slave_1: left promiscuous mode [ 416.734594][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 416.737971][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 416.742394][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 416.744841][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 416.763658][ T13] hsr_slave_0: left promiscuous mode [ 416.766373][ T13] hsr_slave_1: left promiscuous mode [ 416.768533][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 416.770967][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 416.775802][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 416.778283][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 416.823684][ T13] hsr_slave_0: left promiscuous mode [ 416.826983][ T13] hsr_slave_1: left promiscuous mode [ 416.829070][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 416.831476][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 416.835862][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 416.838277][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 416.919777][ T13] veth1_macvtap: left promiscuous mode [ 416.921632][ T13] veth0_macvtap: left promiscuous mode [ 416.923533][ T13] veth1_vlan: left promiscuous mode [ 416.925214][ T13] veth0_vlan: left promiscuous mode [ 416.931524][ T13] veth1_macvtap: left promiscuous mode [ 416.934104][ T13] veth0_macvtap: left promiscuous mode [ 416.935941][ T13] veth1_vlan: left promiscuous mode [ 416.937618][ T13] veth0_vlan: left promiscuous mode [ 416.941085][ T13] veth1_macvtap: left promiscuous mode [ 416.942974][ T13] veth0_macvtap: left promiscuous mode [ 416.945170][ T13] veth1_vlan: left promiscuous mode [ 416.946888][ T13] veth0_vlan: left promiscuous mode [ 417.549508][ T13] team0 (unregistering): Port device team_slave_1 removed [ 417.597465][ T13] team0 (unregistering): Port device team_slave_0 removed [ 418.396082][ T13] team0 (unregistering): Port device team_slave_1 removed [ 418.448317][ T13] team0 (unregistering): Port device team_slave_0 removed [ 419.205465][ T13] team0 (unregistering): Port device team_slave_1 removed [ 419.262582][ T13] team0 (unregistering): Port device team_slave_0 removed [ 419.707749][ T6438] 8021q: adding VLAN 0 to HW filter on device bond0 [ 419.727396][ T6438] 8021q: adding VLAN 0 to HW filter on device team0 [ 419.731579][ T6431] 8021q: adding VLAN 0 to HW filter on device bond0 [ 419.746315][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 419.748989][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 419.754701][ T6439] 8021q: adding VLAN 0 to HW filter on device bond0 [ 419.763565][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 419.765781][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 419.794960][ T6431] 8021q: adding VLAN 0 to HW filter on device team0 [ 419.804275][ T6439] 8021q: adding VLAN 0 to HW filter on device team0 [ 419.810101][ T6358] bridge0: port 1(bridge_slave_0) entered blocking state [ 419.812468][ T6358] bridge0: port 1(bridge_slave_0) entered forwarding state [ 419.825501][ T6358] bridge0: port 2(bridge_slave_1) entered blocking state [ 419.827786][ T6358] bridge0: port 2(bridge_slave_1) entered forwarding state [ 419.831186][ T6358] bridge0: port 1(bridge_slave_0) entered blocking state [ 419.834031][ T6358] bridge0: port 1(bridge_slave_0) entered forwarding state [ 419.848133][ T96] bridge0: port 2(bridge_slave_1) entered blocking state [ 419.850324][ T96] bridge0: port 2(bridge_slave_1) entered forwarding state [ 419.942887][ T6431] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 420.007755][ T6438] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 420.188596][ T6431] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 420.261227][ T6439] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 420.374649][ T6438] veth0_vlan: entered promiscuous mode [ 420.379809][ T6431] veth0_vlan: entered promiscuous mode [ 420.389719][ T6438] veth1_vlan: entered promiscuous mode [ 420.399096][ T6431] veth1_vlan: entered promiscuous mode [ 420.419191][ T6438] veth0_macvtap: entered promiscuous mode [ 420.423129][ T6438] veth1_macvtap: entered promiscuous mode [ 420.432205][ T6431] veth0_macvtap: entered promiscuous mode [ 420.441692][ T6431] veth1_macvtap: entered promiscuous mode [ 420.471769][ T6438] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 420.478007][ T6431] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 420.483642][ T6439] veth0_vlan: entered promiscuous mode [ 420.489087][ T6431] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 420.493043][ T6438] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 420.497725][ T6439] veth1_vlan: entered promiscuous mode [ 420.511000][ T6438] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 420.513894][ T6438] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 420.516680][ T6438] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 420.519448][ T6438] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 420.524759][ T6431] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 420.528353][ T6431] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 420.532707][ T6431] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 420.536135][ T6431] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 420.613978][ T6439] veth0_macvtap: entered promiscuous mode [ 420.629565][ T1142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 420.633423][ T6439] veth1_macvtap: entered promiscuous mode [ 420.633560][ T1146] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 420.634980][ T1142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 420.640791][ T1146] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 420.661780][ T6439] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 420.681041][ T6358] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 420.681727][ T6439] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 420.689963][ T6358] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 420.705414][ T6439] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 420.708177][ T6439] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 420.710904][ T6439] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 420.715668][ T6439] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 420.725688][ T1147] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 420.731558][ T1147] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 420.835752][ T1146] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 420.847840][ T1146] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 421.010514][ T1142] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 421.010528][ T1142] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 421.500441][ T13] bridge_slave_1: left allmulticast mode [ 421.512737][ T13] bridge_slave_1: left promiscuous mode [ 421.522647][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 421.634037][ T13] bridge_slave_0: left allmulticast mode [ 421.640363][ T13] bridge_slave_0: left promiscuous mode [ 421.649394][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 421.957528][ T40] audit: type=1400 audit(1751555848.846:253): avc: denied { bind } for pid=6683 comm="syz.6.103" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 421.966282][ T40] audit: type=1400 audit(1751555848.846:254): avc: denied { name_bind } for pid=6683 comm="syz.6.103" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 421.973913][ T40] audit: type=1400 audit(1751555848.846:255): avc: denied { node_bind } for pid=6683 comm="syz.6.103" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1 [ 421.982921][ T40] audit: type=1400 audit(1751555848.846:256): avc: denied { connect } for pid=6683 comm="syz.6.103" lport=20001 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 421.991758][ T40] audit: type=1400 audit(1751555848.846:257): avc: denied { name_connect } for pid=6683 comm="syz.6.103" dest=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 422.239175][ T40] audit: type=1400 audit(1751555849.126:258): avc: denied { create } for pid=6693 comm="syz.5.114" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 422.245600][ T40] audit: type=1400 audit(1751555849.126:259): avc: denied { ioctl } for pid=6693 comm="syz.5.114" path="socket:[15876]" dev="sockfs" ino=15876 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 422.349635][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 422.356202][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 422.366000][ T13] bond0 (unregistering): Released all slaves [ 422.536467][ T40] audit: type=1400 audit(1751555849.426:260): avc: denied { bind } for pid=6702 comm="syz.4.118" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 422.553007][ T40] audit: type=1400 audit(1751555849.436:261): avc: denied { setopt } for pid=6702 comm="syz.4.118" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 422.705854][ T40] audit: type=1400 audit(1751555849.596:262): avc: denied { checkpoint_restore } for pid=6707 comm="syz.6.120" capability=40 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 422.720033][ T6709] Zero length message leads to an empty skb [ 422.791303][ T13] hsr_slave_0: left promiscuous mode [ 422.795685][ T13] hsr_slave_1: left promiscuous mode [ 422.798489][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 422.801520][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 422.811433][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 422.816355][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 422.842117][ T13] veth1_macvtap: left promiscuous mode [ 422.843915][ T13] veth0_macvtap: left promiscuous mode [ 422.845866][ T13] veth1_vlan: left promiscuous mode [ 422.848039][ T13] veth0_vlan: left promiscuous mode [ 423.429184][ T13] team0 (unregistering): Port device team_slave_1 removed [ 423.486960][ T13] team0 (unregistering): Port device team_slave_0 removed [ 424.379700][ T6794] FAULT_INJECTION: forcing a failure. [ 424.379700][ T6794] name failslab, interval 1, probability 0, space 0, times 1 [ 424.383823][ T6794] CPU: 3 UID: 0 PID: 6794 Comm: syz.6.147 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 424.383838][ T6794] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 424.383844][ T6794] Call Trace: [ 424.383848][ T6794] [ 424.383852][ T6794] dump_stack_lvl+0x16c/0x1f0 [ 424.383885][ T6794] should_fail_ex+0x512/0x640 [ 424.383903][ T6794] ? trace_contention_end+0xdd/0x130 [ 424.383921][ T6794] should_failslab+0xc2/0x120 [ 424.383937][ T6794] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 424.383951][ T6794] ? hci_sock_sendmsg+0xde2/0x25f0 [ 424.383966][ T6794] ? __alloc_skb+0x2b2/0x380 [ 424.383980][ T6794] ? __pfx___mutex_lock+0x10/0x10 [ 424.383997][ T6794] __alloc_skb+0x2b2/0x380 [ 424.384011][ T6794] ? __pfx___alloc_skb+0x10/0x10 [ 424.384029][ T6794] hci_sock_sendmsg+0x1a6f/0x25f0 [ 424.384053][ T6794] ? __pfx_hci_sock_sendmsg+0x10/0x10 [ 424.384082][ T6794] sock_write_iter+0x4ff/0x5b0 [ 424.384101][ T6794] ? __pfx_sock_write_iter+0x10/0x10 [ 424.384133][ T6794] ? bpf_lsm_file_permission+0x9/0x10 [ 424.384158][ T6794] ? security_file_permission+0x71/0x210 [ 424.384184][ T6794] ? rw_verify_area+0xcf/0x680 [ 424.384205][ T6794] vfs_write+0x6c4/0x1150 [ 424.384226][ T6794] ? __pfx_sock_write_iter+0x10/0x10 [ 424.384246][ T6794] ? __pfx_vfs_write+0x10/0x10 [ 424.384263][ T6794] ? find_held_lock+0x2b/0x80 [ 424.384300][ T6794] ksys_write+0x1f8/0x250 [ 424.384320][ T6794] ? __pfx_ksys_write+0x10/0x10 [ 424.384348][ T6794] do_syscall_64+0xcd/0x4c0 [ 424.384374][ T6794] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 424.384390][ T6794] RIP: 0033:0x7f7880f8e929 [ 424.384401][ T6794] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 424.384411][ T6794] RSP: 002b:00007f7881d10038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 424.384420][ T6794] RAX: ffffffffffffffda RBX: 00007f78811b5fa0 RCX: 00007f7880f8e929 [ 424.384427][ T6794] RDX: 000000000000000d RSI: 0000200000000000 RDI: 0000000000000004 [ 424.384432][ T6794] RBP: 00007f7881d10090 R08: 0000000000000000 R09: 0000000000000000 [ 424.384438][ T6794] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 424.384443][ T6794] R13: 0000000000000000 R14: 00007f78811b5fa0 R15: 00007ffebfd2e088 [ 424.384456][ T6794] [ 424.771613][ T6816] FAULT_INJECTION: forcing a failure. [ 424.771613][ T6816] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 424.776447][ T6816] CPU: 2 UID: 0 PID: 6816 Comm: syz.6.152 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 424.776462][ T6816] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 424.776468][ T6816] Call Trace: [ 424.776472][ T6816] [ 424.776477][ T6816] dump_stack_lvl+0x16c/0x1f0 [ 424.776496][ T6816] should_fail_ex+0x512/0x640 [ 424.776511][ T6816] _copy_to_user+0x32/0xd0 [ 424.776528][ T6816] simple_read_from_buffer+0xcb/0x170 [ 424.776542][ T6816] proc_fail_nth_read+0x197/0x270 [ 424.776556][ T6816] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 424.776570][ T6816] ? rw_verify_area+0xcf/0x680 [ 424.776581][ T6816] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 424.776593][ T6816] vfs_read+0x1e4/0xc60 [ 424.776607][ T6816] ? __pfx___mutex_lock+0x10/0x10 [ 424.776623][ T6816] ? __pfx_vfs_read+0x10/0x10 [ 424.776638][ T6816] ? __fget_files+0x20e/0x3c0 [ 424.776656][ T6816] ksys_read+0x12a/0x250 [ 424.776668][ T6816] ? __pfx_ksys_read+0x10/0x10 [ 424.776684][ T6816] do_syscall_64+0xcd/0x4c0 [ 424.776700][ T6816] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 424.776710][ T6816] RIP: 0033:0x7f7880f8d33c [ 424.776719][ T6816] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 424.776729][ T6816] RSP: 002b:00007f7881d10030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 424.776739][ T6816] RAX: ffffffffffffffda RBX: 00007f78811b5fa0 RCX: 00007f7880f8d33c [ 424.776745][ T6816] RDX: 000000000000000f RSI: 00007f7881d100a0 RDI: 0000000000000004 [ 424.776751][ T6816] RBP: 00007f7881d10090 R08: 0000000000000000 R09: 0000000000000000 [ 424.776757][ T6816] R10: 0000000000000023 R11: 0000000000000246 R12: 0000000000000001 [ 424.776762][ T6816] R13: 0000000000000000 R14: 00007f78811b5fa0 R15: 00007ffebfd2e088 [ 424.776775][ T6816] [ 424.838475][ C2] vkms_vblank_simulate: vblank timer overrun [ 425.129654][ T6851] netlink: 8 bytes leftover after parsing attributes in process `syz.6.162'. [ 425.144387][ T6851] : entered promiscuous mode [ 425.239563][ T6859] bond1: entered promiscuous mode [ 425.241417][ T6859] 8021q: adding VLAN 0 to HW filter on device bond1 [ 425.357185][ T6882] FAULT_INJECTION: forcing a failure. [ 425.357185][ T6882] name failslab, interval 1, probability 0, space 0, times 0 [ 425.362664][ T6882] CPU: 0 UID: 0 PID: 6882 Comm: syz.6.174 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 425.362679][ T6882] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 425.362685][ T6882] Call Trace: [ 425.362689][ T6882] [ 425.362693][ T6882] dump_stack_lvl+0x16c/0x1f0 [ 425.362712][ T6882] should_fail_ex+0x512/0x640 [ 425.362728][ T6882] should_failslab+0xc2/0x120 [ 425.362743][ T6882] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 425.362757][ T6882] ? skb_clone+0x190/0x3f0 [ 425.362774][ T6882] skb_clone+0x190/0x3f0 [ 425.362789][ T6882] netlink_deliver_tap+0xabd/0xd30 [ 425.362808][ T6882] netlink_unicast+0x5df/0x7f0 [ 425.362820][ T6882] ? __pfx_netlink_unicast+0x10/0x10 [ 425.362834][ T6882] netlink_sendmsg+0x8d1/0xdd0 [ 425.362846][ T6882] ? __pfx_netlink_sendmsg+0x10/0x10 [ 425.362861][ T6882] ____sys_sendmsg+0xa95/0xc70 [ 425.362872][ T6882] ? copy_msghdr_from_user+0x10a/0x160 [ 425.362886][ T6882] ? __pfx_____sys_sendmsg+0x10/0x10 [ 425.362902][ T6882] ___sys_sendmsg+0x134/0x1d0 [ 425.362917][ T6882] ? __pfx____sys_sendmsg+0x10/0x10 [ 425.362930][ T6882] ? __lock_acquire+0x622/0x1c90 [ 425.362961][ T6882] __sys_sendmsg+0x16d/0x220 [ 425.362976][ T6882] ? __pfx___sys_sendmsg+0x10/0x10 [ 425.362998][ T6882] do_syscall_64+0xcd/0x4c0 [ 425.363015][ T6882] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 425.363025][ T6882] RIP: 0033:0x7f7880f8e929 [ 425.363034][ T6882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 425.363043][ T6882] RSP: 002b:00007f7881d10038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 425.363053][ T6882] RAX: ffffffffffffffda RBX: 00007f78811b5fa0 RCX: 00007f7880f8e929 [ 425.363060][ T6882] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 425.363066][ T6882] RBP: 00007f7881d10090 R08: 0000000000000000 R09: 0000000000000000 [ 425.363071][ T6882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 425.363077][ T6882] R13: 0000000000000000 R14: 00007f78811b5fa0 R15: 00007ffebfd2e088 [ 425.363089][ T6882] [ 425.363114][ T6882] netlink: 8 bytes leftover after parsing attributes in process `syz.6.174'. [ 425.429152][ T6890] trusted_key: syz.7.176 sent an empty control message without MSG_MORE. [ 425.445971][ T6882] openvswitch: : Dropping previously announced user features [ 425.533289][ T6898] xt_hashlimit: size too large, truncated to 1048576 [ 425.548557][ T6898] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 426.456240][ T5933] Bluetooth: hci11: Controller not accepting commands anymore: ncmd = 0 [ 426.460157][ T5933] Bluetooth: hci11: Injecting HCI hardware error event [ 426.466828][ T5936] Bluetooth: hci11: hardware error 0x00 [ 426.587077][ T6971] tmpfs: Unknown parameter 'muota' [ 426.618296][ T6971] netlink: 64 bytes leftover after parsing attributes in process `syz.6.196'. [ 426.623807][ T6971] usb usb8: usbfs: process 6971 (syz.6.196) did not claim interface 0 before use [ 426.707690][ T6981] FAULT_INJECTION: forcing a failure. [ 426.707690][ T6981] name failslab, interval 1, probability 0, space 0, times 0 [ 426.711640][ T6981] CPU: 3 UID: 0 PID: 6981 Comm: syz.7.198 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 426.711654][ T6981] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 426.711661][ T6981] Call Trace: [ 426.711665][ T6981] [ 426.711669][ T6981] dump_stack_lvl+0x16c/0x1f0 [ 426.711688][ T6981] should_fail_ex+0x512/0x640 [ 426.711702][ T6981] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 426.711717][ T6981] should_failslab+0xc2/0x120 [ 426.711732][ T6981] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 426.711745][ T6981] ? __alloc_skb+0x2b2/0x380 [ 426.711761][ T6981] __alloc_skb+0x2b2/0x380 [ 426.711774][ T6981] ? __pfx___alloc_skb+0x10/0x10 [ 426.711800][ T6981] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 426.711814][ T6981] netlink_alloc_large_skb+0x69/0x130 [ 426.711825][ T6981] netlink_sendmsg+0x6a1/0xdd0 [ 426.711838][ T6981] ? __pfx_netlink_sendmsg+0x10/0x10 [ 426.711853][ T6981] ____sys_sendmsg+0xa95/0xc70 [ 426.711864][ T6981] ? copy_msghdr_from_user+0x10a/0x160 [ 426.711878][ T6981] ? __pfx_____sys_sendmsg+0x10/0x10 [ 426.711895][ T6981] ___sys_sendmsg+0x134/0x1d0 [ 426.711910][ T6981] ? __pfx____sys_sendmsg+0x10/0x10 [ 426.711922][ T6981] ? __lock_acquire+0x622/0x1c90 [ 426.711955][ T6981] __sys_sendmsg+0x16d/0x220 [ 426.711969][ T6981] ? __pfx___sys_sendmsg+0x10/0x10 [ 426.711992][ T6981] do_syscall_64+0xcd/0x4c0 [ 426.712008][ T6981] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 426.712019][ T6981] RIP: 0033:0x7f8d59d8e929 [ 426.712028][ T6981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 426.712038][ T6981] RSP: 002b:00007f8d5ab78038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 426.712048][ T6981] RAX: ffffffffffffffda RBX: 00007f8d59fb5fa0 RCX: 00007f8d59d8e929 [ 426.712054][ T6981] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003 [ 426.712060][ T6981] RBP: 00007f8d5ab78090 R08: 0000000000000000 R09: 0000000000000000 [ 426.712066][ T6981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 426.712072][ T6981] R13: 0000000000000000 R14: 00007f8d59fb5fa0 R15: 00007fffaa3e7c38 [ 426.712084][ T6981] [ 427.077821][ T7003] process 'syz.6.204' launched './file1' with NULL argv: empty string added [ 427.080566][ T40] kauditd_printk_skb: 15 callbacks suppressed [ 427.080573][ T40] audit: type=1400 audit(1751555853.966:278): avc: denied { execute } for pid=7002 comm="syz.6.204" name="file1" dev="tmpfs" ino=234 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 427.092461][ T40] audit: type=1400 audit(1751555853.976:279): avc: denied { execute_no_trans } for pid=7002 comm="syz.6.204" path="/42/file1" dev="tmpfs" ino=234 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 427.105277][ T7004] syz.6.204: attempt to access beyond end of device [ 427.105277][ T7004] nbd6: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 427.109818][ T40] audit: type=1400 audit(1751555853.996:280): avc: denied { read write } for pid=7000 comm="syz.7.203" dev="9p" ino=4611686018427387906 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 427.120311][ T40] audit: type=1400 audit(1751555854.006:281): avc: denied { open } for pid=7000 comm="syz.7.203" path="/24/file0" dev="9p" ino=4611686018427387906 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 427.128131][ T7004] XFS (nbd6): SB validate failed with error -5. [ 427.136063][ T7001] netfs: Couldn't get user pages (rc=-14) [ 427.142726][ T40] audit: type=1800 audit(1751555854.006:282): pid=7001 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.7.203" name="/" dev="9p" ino=4611686018427387906 res=0 errno=0 [ 427.159743][ T40] audit: type=1400 audit(1751555854.046:283): avc: denied { unmount } for pid=6429 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 427.349393][ T40] audit: type=1400 audit(1751555854.236:284): avc: denied { watch } for pid=7020 comm="syz.5.208" path="/17" dev="tmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 427.366323][ T40] audit: type=1400 audit(1751555854.236:285): avc: denied { watch_sb watch_reads } for pid=7020 comm="syz.5.208" path="/17" dev="tmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 427.387510][ T40] audit: type=1400 audit(1751555854.266:286): avc: denied { unlink } for pid=7020 comm="syz.5.208" name="#1" dev="tmpfs" ino=110 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 427.412124][ T40] audit: type=1400 audit(1751555854.276:287): avc: denied { mount } for pid=7020 comm="syz.5.208" name="/" dev="overlay" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 427.455394][ T7033] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci10/hci10:200/input6 [ 427.514362][ T7035] FAULT_INJECTION: forcing a failure. [ 427.514362][ T7035] name failslab, interval 1, probability 0, space 0, times 0 [ 427.518647][ T7035] CPU: 3 UID: 0 PID: 7035 Comm: syz.6.212 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 427.518662][ T7035] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 427.518668][ T7035] Call Trace: [ 427.518672][ T7035] [ 427.518676][ T7035] dump_stack_lvl+0x16c/0x1f0 [ 427.518694][ T7035] should_fail_ex+0x512/0x640 [ 427.518707][ T7035] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 427.518723][ T7035] should_failslab+0xc2/0x120 [ 427.518738][ T7035] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 427.518751][ T7035] ? __alloc_skb+0x2b2/0x380 [ 427.518767][ T7035] __alloc_skb+0x2b2/0x380 [ 427.518780][ T7035] ? __pfx___alloc_skb+0x10/0x10 [ 427.518796][ T7035] ? netlink_has_listeners+0x20f/0x430 [ 427.518814][ T7035] alloc_uevent_skb+0x7d/0x210 [ 427.518826][ T7035] kobject_uevent_env+0xca4/0x1870 [ 427.518839][ T7035] ? down_write+0x14d/0x200 [ 427.518851][ T7035] set_disk_ro+0x1b3/0x210 [ 427.518863][ T7035] ? __pfx_set_disk_ro+0x10/0x10 [ 427.518874][ T7035] ? nbd_start_device+0x172/0xcd0 [ 427.518891][ T7035] ? up_write+0x1b2/0x520 [ 427.518903][ T7035] nbd_start_device+0x811/0xcd0 [ 427.518918][ T7035] ? bpf_lsm_capable+0x9/0x10 [ 427.518932][ T7035] nbd_ioctl+0x219/0xda0 [ 427.518945][ T7035] ? ioctl_has_perm.constprop.0.isra.0+0x379/0x540 [ 427.518960][ T7035] ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540 [ 427.518974][ T7035] ? __pfx_nbd_ioctl+0x10/0x10 [ 427.518987][ T7035] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 427.519006][ T7035] ? __pfx_nbd_ioctl+0x10/0x10 [ 427.519020][ T7035] blkdev_ioctl+0x274/0x6d0 [ 427.519030][ T7035] ? __pfx_blkdev_ioctl+0x10/0x10 [ 427.519039][ T7035] ? selinux_file_ioctl+0x180/0x270 [ 427.519052][ T7035] ? selinux_file_ioctl+0xb4/0x270 [ 427.519073][ T7035] ? __pfx_blkdev_ioctl+0x10/0x10 [ 427.519084][ T7035] __x64_sys_ioctl+0x18b/0x210 [ 427.519097][ T7035] do_syscall_64+0xcd/0x4c0 [ 427.519113][ T7035] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 427.519123][ T7035] RIP: 0033:0x7f7880f8e929 [ 427.519132][ T7035] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 427.519141][ T7035] RSP: 002b:00007f7881d10038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 427.519151][ T7035] RAX: ffffffffffffffda RBX: 00007f78811b5fa0 RCX: 00007f7880f8e929 [ 427.519158][ T7035] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 427.519164][ T7035] RBP: 00007f7881d10090 R08: 0000000000000000 R09: 0000000000000000 [ 427.519169][ T7035] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 427.519175][ T7035] R13: 0000000000000000 R14: 00007f78811b5fa0 R15: 00007ffebfd2e088 [ 427.519187][ T7035] [ 427.632621][ T7041] block nbd6: shutting down sockets [ 427.670781][ T7045] netfs: Couldn't get user pages (rc=-14) [ 427.708074][ T7050] netlink: 8 bytes leftover after parsing attributes in process `syz.7.215'. [ 427.742167][ T7053] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci10/hci10:200/input7 [ 428.051994][ T5933] Bluetooth: hci8: Controller not accepting commands anymore: ncmd = 0 [ 428.054798][ T5933] Bluetooth: hci8: Injecting HCI hardware error event [ 428.058448][ T63] Bluetooth: hci8: hardware error 0x00 [ 428.542517][ T5933] Bluetooth: hci10: Controller not accepting commands anymore: ncmd = 0 [ 428.545786][ T5936] Bluetooth: hci11: Opcode 0x0c03 failed: -110 [ 428.546472][ T5933] Bluetooth: hci10: Injecting HCI hardware error event [ 428.551195][ T5933] Bluetooth: hci10: hardware error 0x00 [ 429.252563][ T5936] Bluetooth: hci9: Controller not accepting commands anymore: ncmd = 0 [ 429.256200][ T5936] Bluetooth: hci9: Injecting HCI hardware error event [ 429.259476][ T5936] Bluetooth: hci9: hardware error 0x00 [ 429.643662][ T7143] netlink: 8 bytes leftover after parsing attributes in process `syz.4.227'. [ 429.658937][ T7143] : entered promiscuous mode [ 429.768905][ T7148] syzkaller1: entered promiscuous mode [ 429.771331][ T7148] syzkaller1: entered allmulticast mode [ 429.786780][ T7146] block nbd5: shutting down sockets [ 429.954028][ T7172] netlink: 84 bytes leftover after parsing attributes in process `syz.4.233'. [ 430.132080][ T63] Bluetooth: hci8: Opcode 0x0c03 failed: -110 [ 430.592957][ T7193] netlink: 8 bytes leftover after parsing attributes in process `syz.7.239'. [ 430.600495][ T7193] : entered promiscuous mode [ 430.612044][ T5933] Bluetooth: hci10: Opcode 0x0c03 failed: -110 [ 431.331963][ T5936] Bluetooth: hci9: Opcode 0x0c03 failed: -110 [ 431.574577][ T7239] FAULT_INJECTION: forcing a failure. [ 431.574577][ T7239] name failslab, interval 1, probability 0, space 0, times 0 [ 431.580156][ T7239] CPU: 2 UID: 0 PID: 7239 Comm: syz.5.255 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 431.580180][ T7239] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 431.580191][ T7239] Call Trace: [ 431.580198][ T7239] [ 431.580204][ T7239] dump_stack_lvl+0x16c/0x1f0 [ 431.580233][ T7239] should_fail_ex+0x512/0x640 [ 431.580255][ T7239] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 431.580275][ T7239] should_failslab+0xc2/0x120 [ 431.580295][ T7239] __kmalloc_cache_noprof+0x6a/0x3e0 [ 431.580306][ T7239] ? __pfx___might_resched+0x10/0x10 [ 431.580319][ T7239] ? vhost_task_create+0xe5/0x2e0 [ 431.580329][ T7239] ? rcu_is_watching+0x12/0xc0 [ 431.580341][ T7239] ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 431.580357][ T7239] ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 431.580376][ T7239] vhost_task_create+0xe5/0x2e0 [ 431.580385][ T7239] ? __pfx_vhost_task_create+0x10/0x10 [ 431.580399][ T7239] ? __pfx_vhost_task_fn+0x10/0x10 [ 431.580415][ T7239] kvm_mmu_post_init_vm+0x1b7/0x370 [ 431.580429][ T7239] kvm_arch_vcpu_ioctl_run+0x66/0x18c0 [ 431.580442][ T7239] ? kvm_vcpu_ioctl+0x14c6/0x1690 [ 431.580457][ T7239] kvm_vcpu_ioctl+0x5eb/0x1690 [ 431.580471][ T7239] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 431.580486][ T7239] ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540 [ 431.580502][ T7239] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 431.580521][ T7239] ? hook_file_ioctl_common+0x145/0x410 [ 431.580550][ T7239] ? selinux_file_ioctl+0x180/0x270 [ 431.580572][ T7239] ? selinux_file_ioctl+0xb4/0x270 [ 431.580595][ T7239] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 431.580617][ T7239] __x64_sys_ioctl+0x18b/0x210 [ 431.580638][ T7239] do_syscall_64+0xcd/0x4c0 [ 431.580665][ T7239] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 431.580683][ T7239] RIP: 0033:0x7f2c09f8e929 [ 431.580698][ T7239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 431.580732][ T7239] RSP: 002b:00007f2c0ad21038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 431.580750][ T7239] RAX: ffffffffffffffda RBX: 00007f2c0a1b5fa0 RCX: 00007f2c09f8e929 [ 431.580761][ T7239] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008 [ 431.580771][ T7239] RBP: 00007f2c0ad21090 R08: 0000000000000000 R09: 0000000000000000 [ 431.580782][ T7239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 431.580792][ T7239] R13: 0000000000000000 R14: 00007f2c0a1b5fa0 R15: 00007ffecc25c738 [ 431.580816][ T7239] [ 431.684809][ C2] vkms_vblank_simulate: vblank timer overrun [ 432.183773][ T7257] netlink: 52 bytes leftover after parsing attributes in process `syz.4.261'. [ 432.261748][ T40] kauditd_printk_skb: 21 callbacks suppressed [ 432.261758][ T40] audit: type=1800 audit(1751555859.146:309): pid=7259 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.4.263" name="/" dev="9p" ino=4611686018427387906 res=0 errno=0 [ 432.487693][ T7274] FAULT_INJECTION: forcing a failure. [ 432.487693][ T7274] name failslab, interval 1, probability 0, space 0, times 0 [ 432.494748][ T7274] CPU: 0 UID: 0 PID: 7274 Comm: syz.4.269 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 432.494763][ T7274] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 432.494770][ T7274] Call Trace: [ 432.494774][ T7274] [ 432.494777][ T7274] dump_stack_lvl+0x16c/0x1f0 [ 432.494810][ T7274] should_fail_ex+0x512/0x640 [ 432.494827][ T7274] ? fs_reclaim_acquire+0xae/0x150 [ 432.494839][ T7274] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 432.494853][ T7274] should_failslab+0xc2/0x120 [ 432.494868][ T7274] __kmalloc_noprof+0xd2/0x510 [ 432.494884][ T7274] tomoyo_realpath_from_path+0xc2/0x6e0 [ 432.494900][ T7274] ? tomoyo_profile+0x47/0x60 [ 432.494916][ T7274] tomoyo_path_number_perm+0x245/0x580 [ 432.494928][ T7274] ? tomoyo_path_number_perm+0x237/0x580 [ 432.494941][ T7274] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 432.494954][ T7274] ? find_held_lock+0x2b/0x80 [ 432.494979][ T7274] ? find_held_lock+0x2b/0x80 [ 432.494996][ T7274] ? hook_file_ioctl_common+0x145/0x410 [ 432.495016][ T7274] ? __fget_files+0x20e/0x3c0 [ 432.495032][ T7274] security_file_ioctl+0x9b/0x240 [ 432.495047][ T7274] __x64_sys_ioctl+0xb7/0x210 [ 432.495060][ T7274] do_syscall_64+0xcd/0x4c0 [ 432.495076][ T7274] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 432.495087][ T7274] RIP: 0033:0x7fe30cb8e929 [ 432.495095][ T7274] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 432.495106][ T7274] RSP: 002b:00007fe30d9ab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 432.495116][ T7274] RAX: ffffffffffffffda RBX: 00007fe30cdb5fa0 RCX: 00007fe30cb8e929 [ 432.495122][ T7274] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006 [ 432.495129][ T7274] RBP: 00007fe30d9ab090 R08: 0000000000000000 R09: 0000000000000000 [ 432.495135][ T7274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 432.495140][ T7274] R13: 0000000000000000 R14: 00007fe30cdb5fa0 R15: 00007ffcdb97ba28 [ 432.495153][ T7274] [ 432.495158][ T7274] ERROR: Out of memory at tomoyo_realpath_from_path. [ 432.563610][ T40] audit: type=1800 audit(1751555859.456:310): pid=7282 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.5.272" name="/" dev="9p" ino=4611686018427387906 res=0 errno=0 [ 432.584385][ T7284] ipt_REJECT: TCP_RESET invalid for non-tcp [ 433.262660][ T40] audit: type=1800 audit(1751555860.156:311): pid=7312 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.6.282" name="/" dev="9p" ino=4611686018427387906 res=0 errno=0 [ 433.585135][ T40] audit: type=1400 audit(1751555860.476:312): avc: denied { getopt } for pid=7328 comm="syz.4.288" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 433.634559][ T40] audit: type=1800 audit(1751555860.526:313): pid=7342 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.7.291" name="/" dev="9p" ino=4611686018427387906 res=0 errno=0 [ 433.662610][ T7346] netlink: 'syz.4.295': attribute type 1 has an invalid length. [ 433.675955][ T7346] 8021q: adding VLAN 0 to HW filter on device bond1 [ 433.704121][ T7346] vlan2: entered allmulticast mode [ 433.705852][ T7346] veth1: entered allmulticast mode [ 433.709883][ T7346] bond1: (slave vlan2): making interface the new active one [ 433.714064][ T7346] bond1: (slave vlan2): Enslaving as an active interface with an up link [ 433.780566][ T7358] netlink: 8 bytes leftover after parsing attributes in process `syz.4.299'. [ 433.785831][ T7358] openvswitch: : Dropping previously announced user features [ 433.805766][ T40] audit: type=1400 audit(1751555860.696:314): avc: denied { connect } for pid=7360 comm="syz.7.300" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 433.886784][ T40] audit: type=1400 audit(1751555860.776:315): avc: denied { add_name } for pid=7368 comm="syz.4.303" name="cpuset.effective_cpus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 433.895104][ T40] audit: type=1400 audit(1751555860.776:316): avc: denied { create } for pid=7368 comm="syz.4.303" name="cpuset.effective_cpus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 433.902102][ T40] audit: type=1400 audit(1751555860.776:317): avc: denied { associate } for pid=7368 comm="syz.4.303" name="cpuset.effective_cpus" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 433.910855][ T40] audit: type=1400 audit(1751555860.776:318): avc: denied { append } for pid=7368 comm="syz.4.303" path="/44/file0/cpuset.effective_cpus" dev="9p" ino=35913956 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 434.088786][ T7380] FAULT_INJECTION: forcing a failure. [ 434.088786][ T7380] name failslab, interval 1, probability 0, space 0, times 0 [ 434.094479][ T7380] CPU: 2 UID: 0 PID: 7380 Comm: syz.5.306 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 434.094496][ T7380] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 434.094502][ T7380] Call Trace: [ 434.094507][ T7380] [ 434.094511][ T7380] dump_stack_lvl+0x16c/0x1f0 [ 434.094546][ T7380] should_fail_ex+0x512/0x640 [ 434.094565][ T7380] ? __kmalloc_noprof+0xbf/0x510 [ 434.094580][ T7380] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 434.094595][ T7380] should_failslab+0xc2/0x120 [ 434.094611][ T7380] __kmalloc_noprof+0xd2/0x510 [ 434.094625][ T7380] ? avc_has_perm_noaudit+0x149/0x3b0 [ 434.094645][ T7380] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 434.094662][ T7380] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 434.094676][ T7380] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 434.094694][ T7380] ? bpf_lsm_capable+0x9/0x10 [ 434.094705][ T7380] ? security_capable+0x7e/0x260 [ 434.094718][ T7380] ? ns_capable+0xd7/0x110 [ 434.094731][ T7380] genl_rcv_msg+0x55c/0x800 [ 434.094745][ T7380] ? __pfx_genl_rcv_msg+0x10/0x10 [ 434.094758][ T7380] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 434.094778][ T7380] netlink_rcv_skb+0x158/0x420 [ 434.094789][ T7380] ? __pfx_genl_rcv_msg+0x10/0x10 [ 434.094802][ T7380] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 434.094819][ T7380] ? netlink_deliver_tap+0x1ae/0xd30 [ 434.094838][ T7380] genl_rcv+0x28/0x40 [ 434.094849][ T7380] netlink_unicast+0x53d/0x7f0 [ 434.094861][ T7380] ? __pfx_netlink_unicast+0x10/0x10 [ 434.094876][ T7380] netlink_sendmsg+0x8d1/0xdd0 [ 434.094889][ T7380] ? __pfx_netlink_sendmsg+0x10/0x10 [ 434.094906][ T7380] ____sys_sendmsg+0xa95/0xc70 [ 434.094918][ T7380] ? copy_msghdr_from_user+0x10a/0x160 [ 434.094933][ T7380] ? __pfx_____sys_sendmsg+0x10/0x10 [ 434.094951][ T7380] ___sys_sendmsg+0x134/0x1d0 [ 434.094966][ T7380] ? __pfx____sys_sendmsg+0x10/0x10 [ 434.094980][ T7380] ? __lock_acquire+0x622/0x1c90 [ 434.095019][ T7380] __sys_sendmsg+0x16d/0x220 [ 434.095034][ T7380] ? __pfx___sys_sendmsg+0x10/0x10 [ 434.095058][ T7380] do_syscall_64+0xcd/0x4c0 [ 434.095075][ T7380] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 434.095087][ T7380] RIP: 0033:0x7f2c09f8e929 [ 434.095096][ T7380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 434.095106][ T7380] RSP: 002b:00007f2c0ad21038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 434.095117][ T7380] RAX: ffffffffffffffda RBX: 00007f2c0a1b5fa0 RCX: 00007f2c09f8e929 [ 434.095124][ T7380] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 434.095131][ T7380] RBP: 00007f2c0ad21090 R08: 0000000000000000 R09: 0000000000000000 [ 434.095137][ T7380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 434.095143][ T7380] R13: 0000000000000000 R14: 00007f2c0a1b5fa0 R15: 00007ffecc25c738 [ 434.095171][ T7380] [ 434.189800][ C2] vkms_vblank_simulate: vblank timer overrun [ 434.665734][ T7425] netlink: 8 bytes leftover after parsing attributes in process `syz.4.321'. [ 434.669630][ T7425] openvswitch: : Dropping previously announced user features [ 434.766552][ T7440] netlink: 12 bytes leftover after parsing attributes in process `syz.6.328'. [ 434.938074][ T7461] FAULT_INJECTION: forcing a failure. [ 434.938074][ T7461] name failslab, interval 1, probability 0, space 0, times 0 [ 434.942948][ T7461] CPU: 3 UID: 0 PID: 7461 Comm: syz.7.333 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 434.942964][ T7461] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 434.942971][ T7461] Call Trace: [ 434.942974][ T7461] [ 434.942978][ T7461] dump_stack_lvl+0x16c/0x1f0 [ 434.942997][ T7461] should_fail_ex+0x512/0x640 [ 434.943010][ T7461] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 434.943024][ T7461] should_failslab+0xc2/0x120 [ 434.943039][ T7461] __kmalloc_cache_noprof+0x6a/0x3e0 [ 434.943050][ T7461] ? system_heap_allocate+0xe8/0x10a0 [ 434.943065][ T7461] system_heap_allocate+0xe8/0x10a0 [ 434.943086][ T7461] ? __pfx_system_heap_allocate+0x10/0x10 [ 434.943098][ T7461] ? __might_fault+0xe3/0x190 [ 434.943117][ T7461] dma_heap_ioctl+0x385/0x610 [ 434.943128][ T7461] ? __pfx_dma_heap_ioctl+0x10/0x10 [ 434.943143][ T7461] ? selinux_file_ioctl+0x180/0x270 [ 434.943157][ T7461] ? selinux_file_ioctl+0xb4/0x270 [ 434.943187][ T7461] ? __pfx_dma_heap_ioctl+0x10/0x10 [ 434.943200][ T7461] __x64_sys_ioctl+0x18b/0x210 [ 434.943213][ T7461] do_syscall_64+0xcd/0x4c0 [ 434.943229][ T7461] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 434.943240][ T7461] RIP: 0033:0x7f8d59d8e929 [ 434.943248][ T7461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 434.943258][ T7461] RSP: 002b:00007f8d5ab78038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 434.943268][ T7461] RAX: ffffffffffffffda RBX: 00007f8d59fb5fa0 RCX: 00007f8d59d8e929 [ 434.943274][ T7461] RDX: 0000200000000200 RSI: 000000004008af00 RDI: 0000000000000004 [ 434.943280][ T7461] RBP: 00007f8d5ab78090 R08: 0000000000000000 R09: 0000000000000000 [ 434.943286][ T7461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 434.943292][ T7461] R13: 0000000000000000 R14: 00007f8d59fb5fa0 R15: 00007fffaa3e7c38 [ 434.943305][ T7461] [ 434.944974][ T7463] netlink: 8 bytes leftover after parsing attributes in process `syz.5.334'. [ 435.019980][ T7467] hfsplus: unable to find HFS+ superblock [ 435.287463][ T7480] netlink: 28 bytes leftover after parsing attributes in process `syz.7.339'. [ 435.701947][ T61] usb 10-1: new full-speed USB device number 2 using dummy_hcd [ 435.861919][ T61] usb 10-1: unable to get BOS descriptor or descriptor too short [ 435.866096][ T61] usb 10-1: no configurations [ 435.867927][ T61] usb 10-1: can't read configurations, error -22 [ 436.033671][ T7535] block nbd4: shutting down sockets [ 436.075299][ T7538] ipt_rpfilter: unknown options [ 436.433977][ T7555] netlink: 8 bytes leftover after parsing attributes in process `syz.7.369'. [ 436.437172][ T7555] FAULT_INJECTION: forcing a failure. [ 436.437172][ T7555] name failslab, interval 1, probability 0, space 0, times 0 [ 436.441075][ T7555] CPU: 2 UID: 0 PID: 7555 Comm: syz.7.369 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 436.441089][ T7555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 436.441096][ T7555] Call Trace: [ 436.441100][ T7555] [ 436.441104][ T7555] dump_stack_lvl+0x16c/0x1f0 [ 436.441123][ T7555] should_fail_ex+0x512/0x640 [ 436.441136][ T7555] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 436.441150][ T7555] should_failslab+0xc2/0x120 [ 436.441165][ T7555] __kmalloc_cache_noprof+0x6a/0x3e0 [ 436.441176][ T7555] ? ovs_flow_tbl_init+0xb0/0x600 [ 436.441189][ T7555] ? ovs_flow_tbl_init+0x1c7/0x600 [ 436.441204][ T7555] ovs_flow_tbl_init+0x1c7/0x600 [ 436.441218][ T7555] ovs_dp_cmd_new+0x251/0xe60 [ 436.441239][ T7555] ? rcu_is_watching+0x12/0xc0 [ 436.441252][ T7555] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 436.441269][ T7555] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 436.441283][ T7555] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 436.441299][ T7555] genl_family_rcv_msg_doit+0x209/0x2f0 [ 436.441312][ T7555] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 436.441328][ T7555] ? bpf_lsm_capable+0x9/0x10 [ 436.441339][ T7555] ? security_capable+0x7e/0x260 [ 436.441351][ T7555] ? ns_capable+0xd7/0x110 [ 436.441364][ T7555] genl_rcv_msg+0x55c/0x800 [ 436.441377][ T7555] ? __pfx_genl_rcv_msg+0x10/0x10 [ 436.441390][ T7555] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 436.441408][ T7555] netlink_rcv_skb+0x158/0x420 [ 436.441418][ T7555] ? __pfx_genl_rcv_msg+0x10/0x10 [ 436.441431][ T7555] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 436.441447][ T7555] ? netlink_deliver_tap+0x1ae/0xd30 [ 436.441465][ T7555] genl_rcv+0x28/0x40 [ 436.441475][ T7555] netlink_unicast+0x53d/0x7f0 [ 436.441487][ T7555] ? __pfx_netlink_unicast+0x10/0x10 [ 436.441511][ T7555] netlink_sendmsg+0x8d1/0xdd0 [ 436.441526][ T7555] ? __pfx_netlink_sendmsg+0x10/0x10 [ 436.441542][ T7555] ____sys_sendmsg+0xa95/0xc70 [ 436.441554][ T7555] ? copy_msghdr_from_user+0x10a/0x160 [ 436.441568][ T7555] ? __pfx_____sys_sendmsg+0x10/0x10 [ 436.441586][ T7555] ___sys_sendmsg+0x134/0x1d0 [ 436.441601][ T7555] ? __pfx____sys_sendmsg+0x10/0x10 [ 436.441614][ T7555] ? __lock_acquire+0x622/0x1c90 [ 436.441646][ T7555] __sys_sendmsg+0x16d/0x220 [ 436.441661][ T7555] ? __pfx___sys_sendmsg+0x10/0x10 [ 436.441684][ T7555] do_syscall_64+0xcd/0x4c0 [ 436.441701][ T7555] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 436.441711][ T7555] RIP: 0033:0x7f8d59d8e929 [ 436.441720][ T7555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 436.441730][ T7555] RSP: 002b:00007f8d5ab78038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 436.441741][ T7555] RAX: ffffffffffffffda RBX: 00007f8d59fb5fa0 RCX: 00007f8d59d8e929 [ 436.441747][ T7555] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 436.441753][ T7555] RBP: 00007f8d5ab78090 R08: 0000000000000000 R09: 0000000000000000 [ 436.441759][ T7555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 436.441810][ T7555] R13: 0000000000000000 R14: 00007f8d59fb5fa0 R15: 00007fffaa3e7c38 [ 436.441823][ T7555] [ 436.537885][ C2] vkms_vblank_simulate: vblank timer overrun [ 436.619390][ T7563] netlink: 182712 bytes leftover after parsing attributes in process `syz.7.373'. [ 436.662888][ T7558] block nbd5: shutting down sockets [ 437.297368][ T40] kauditd_printk_skb: 28 callbacks suppressed [ 437.297380][ T40] audit: type=1400 audit(1751555864.186:347): avc: denied { ioctl } for pid=7597 comm="syz.5.388" path="socket:[16759]" dev="sockfs" ino=16759 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 437.643043][ T7605] IPVS: length: 184 != 24 [ 437.659404][ T40] audit: type=1400 audit(1751555864.546:348): avc: denied { read write } for pid=7607 comm="syz.5.391" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1 [ 437.682584][ T40] audit: type=1400 audit(1751555864.546:349): avc: denied { open } for pid=7607 comm="syz.5.391" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1 [ 438.144238][ T40] audit: type=1800 audit(1751555865.036:350): pid=7641 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.4.402" name="/" dev="9p" ino=4611686018427387906 res=0 errno=0 [ 438.489614][ T40] audit: type=1800 audit(1751555865.376:351): pid=7675 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.4.412" name="/" dev="9p" ino=4611686018427387906 res=0 errno=0 [ 438.695066][ T40] audit: type=1800 audit(1751555865.586:352): pid=7693 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.4.421" name="/" dev="9p" ino=4611686018427387906 res=0 errno=0 [ 439.742224][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.744477][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 441.161058][ T7925] ================================================================== [ 441.163759][ T7925] BUG: KASAN: slab-use-after-free in rose_get_neigh+0x549/0x640 [ 441.166156][ T7925] Read of size 1 at addr ffff888035764830 by task syz.7.498/7925 [ 441.169932][ T7925] [ 441.170817][ T7925] CPU: 1 UID: 0 PID: 7925 Comm: syz.7.498 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 441.170832][ T7925] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 441.170840][ T7925] Call Trace: [ 441.170844][ T7925] [ 441.170849][ T7925] dump_stack_lvl+0x116/0x1f0 [ 441.170868][ T7925] print_report+0xcd/0x680 [ 441.170884][ T7925] ? __virt_addr_valid+0x81/0x610 [ 441.170897][ T7925] ? __phys_addr+0xe8/0x180 [ 441.170909][ T7925] ? rose_get_neigh+0x549/0x640 [ 441.170922][ T7925] kasan_report+0xe0/0x110 [ 441.170937][ T7925] ? rose_get_neigh+0x549/0x640 [ 441.170951][ T7925] rose_get_neigh+0x549/0x640 [ 441.170970][ T7925] rose_connect+0x2d4/0x1540 [ 441.170981][ T7925] ? __pfx_rose_connect+0x10/0x10 [ 441.170991][ T7925] ? selinux_netlbl_socket_connect+0x30/0x40 [ 441.171006][ T7925] ? rcu_is_watching+0x12/0xc0 [ 441.171019][ T7925] ? __local_bh_enable_ip+0xa4/0x120 [ 441.171031][ T7925] ? lockdep_hardirqs_on+0x7c/0x110 [ 441.171045][ T7925] ? selinux_netlbl_socket_connect+0x30/0x40 [ 441.171059][ T7925] ? __local_bh_enable_ip+0xa4/0x120 [ 441.171071][ T7925] ? selinux_netlbl_socket_connect+0x30/0x40 [ 441.171084][ T7925] ? selinux_socket_connect+0x6b/0x80 [ 441.171097][ T7925] ? __pfx_rose_connect+0x10/0x10 [ 441.171107][ T7925] __sys_connect_file+0x141/0x1a0 [ 441.171121][ T7925] __sys_connect+0x13b/0x160 [ 441.171133][ T7925] ? __pfx___sys_connect+0x10/0x10 [ 441.171147][ T7925] ? xfd_validate_state+0x61/0x180 [ 441.171162][ T7925] __x64_sys_connect+0x72/0xb0 [ 441.171174][ T7925] ? lockdep_hardirqs_on+0x7c/0x110 [ 441.171187][ T7925] do_syscall_64+0xcd/0x4c0 [ 441.171202][ T7925] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 441.171213][ T7925] RIP: 0033:0x7f8d59d8e929 [ 441.171223][ T7925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 441.171234][ T7925] RSP: 002b:00007f8d5ab78038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 441.171245][ T7925] RAX: ffffffffffffffda RBX: 00007f8d59fb5fa0 RCX: 00007f8d59d8e929 [ 441.171252][ T7925] RDX: 000000000000001c RSI: 0000200000000040 RDI: 0000000000000004 [ 441.171258][ T7925] RBP: 00007f8d59e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 441.171265][ T7925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 441.171271][ T7925] R13: 0000000000000000 R14: 00007f8d59fb5fa0 R15: 00007fffaa3e7c38 [ 441.171280][ T7925] [ 441.171283][ T7925] [ 441.185350][ T7932] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 441.186126][ T7925] Allocated by task 7807: [ 441.186135][ T7925] kasan_save_stack+0x33/0x60 [ 441.252863][ T7925] kasan_save_track+0x14/0x30 [ 441.254367][ T7925] __kasan_kmalloc+0xaa/0xb0 [ 441.255826][ T7925] rose_rt_ioctl+0x87e/0x1d40 [ 441.257316][ T7925] rose_ioctl+0x64d/0x7d0 [ 441.258686][ T7925] sock_do_ioctl+0x115/0x280 [ 441.260143][ T7925] sock_ioctl+0x227/0x6b0 [ 441.261535][ T7925] __x64_sys_ioctl+0x18b/0x210 [ 441.263072][ T7925] do_syscall_64+0xcd/0x4c0 [ 441.264515][ T7925] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 441.266363][ T7925] [ 441.267149][ T7925] Freed by task 7888: [ 441.268387][ T7925] kasan_save_stack+0x33/0x60 [ 441.269869][ T7925] kasan_save_track+0x14/0x30 [ 441.271343][ T7925] kasan_save_free_info+0x3b/0x60 [ 441.272929][ T7925] __kasan_slab_free+0x51/0x70 [ 441.274461][ T7925] kfree+0x2b4/0x4d0 [ 441.275714][ T7925] rose_remove_neigh+0x25e/0x370 [ 441.277281][ T7925] rose_rt_device_down+0x2aa/0x390 [ 441.278935][ T7925] rose_device_event+0xfc/0x120 [ 441.280472][ T7925] notifier_call_chain+0xb9/0x410 [ 441.282074][ T7925] call_netdevice_notifiers_info+0xbe/0x140 [ 441.283916][ T7925] __dev_notify_flags+0x1f7/0x2e0 [ 441.285483][ T7925] netif_change_flags+0x108/0x160 [ 441.287071][ T7925] dev_change_flags+0xba/0x250 [ 441.288582][ T7925] dev_ifsioc+0x1498/0x1f70 [ 441.290020][ T7925] dev_ioctl+0x223/0x10e0 [ 441.291348][ T7925] sock_do_ioctl+0x19d/0x280 [ 441.292768][ T7925] sock_ioctl+0x227/0x6b0 [ 441.294147][ T7925] __x64_sys_ioctl+0x18b/0x210 [ 441.295661][ T7925] do_syscall_64+0xcd/0x4c0 [ 441.297063][ T7925] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 441.298923][ T7925] [ 441.299695][ T7925] The buggy address belongs to the object at ffff888035764800 [ 441.299695][ T7925] which belongs to the cache kmalloc-512 of size 512 [ 441.303979][ T7925] The buggy address is located 48 bytes inside of [ 441.303979][ T7925] freed 512-byte region [ffff888035764800, ffff888035764a00) [ 441.308162][ T7925] [ 441.308951][ T7925] The buggy address belongs to the physical page: [ 441.310953][ T7925] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x35764 [ 441.313656][ T7925] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 441.316284][ T7925] ksm flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 441.318701][ T7925] page_type: f5(slab) [ 441.319941][ T7925] raw: 00fff00000000040 ffff88801b842c80 ffffea000152c900 dead000000000003 [ 441.322539][ T7925] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 441.325151][ T7925] head: 00fff00000000040 ffff88801b842c80 ffffea000152c900 dead000000000003 [ 441.327790][ T7925] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 441.330468][ T7925] head: 00fff00000000002 ffffea0000d5d901 00000000ffffffff 00000000ffffffff [ 441.333117][ T7925] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 441.335779][ T7925] page dumped because: kasan: bad access detected [ 441.337783][ T7925] page_owner tracks the page as allocated [ 441.339573][ T7925] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5346, tgid 5346 (udevd), ts 25679740871, free_ts 24015841922 [ 441.345829][ T7925] post_alloc_hook+0x1c0/0x230 [ 441.347343][ T7925] get_page_from_freelist+0x1321/0x3890 [ 441.349110][ T7925] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 441.350974][ T7925] alloc_pages_mpol+0x1fb/0x550 [ 441.352513][ T7925] new_slab+0x23b/0x330 [ 441.353847][ T7925] ___slab_alloc+0xd9c/0x1940 [ 441.355335][ T7925] __slab_alloc.constprop.0+0x56/0xb0 [ 441.357021][ T7925] __kmalloc_cache_noprof+0xfb/0x3e0 [ 441.358701][ T7925] kernfs_fop_open+0x244/0xda0 [ 441.360184][ T7925] do_dentry_open+0x744/0x1c10 [ 441.361702][ T7925] vfs_open+0x82/0x3f0 [ 441.363029][ T7925] path_openat+0x1de4/0x2cb0 [ 441.364499][ T7925] do_filp_open+0x20b/0x470 [ 441.365951][ T7925] do_sys_openat2+0x11b/0x1d0 [ 441.367456][ T7925] __x64_sys_openat+0x174/0x210 [ 441.369019][ T7925] do_syscall_64+0xcd/0x4c0 [ 441.370460][ T7925] page last free pid 5354 tgid 5354 stack trace: [ 441.372405][ T7925] __free_frozen_pages+0x7fe/0x1180 [ 441.374038][ T7925] qlist_free_all+0x4d/0x120 [ 441.375504][ T7925] kasan_quarantine_reduce+0x195/0x1e0 [ 441.377220][ T7925] __kasan_slab_alloc+0x69/0x90 [ 441.378812][ T7925] kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 441.380530][ T7925] do_epoll_ctl+0x1170/0x35b0 [ 441.382035][ T7925] __x64_sys_epoll_ctl+0x15c/0x1e0 [ 441.383649][ T7925] do_syscall_64+0xcd/0x4c0 [ 441.385077][ T7925] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 441.386923][ T7925] [ 441.387679][ T7925] Memory state around the buggy address: [ 441.389382][ T7925] ffff888035764700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 441.391805][ T7925] ffff888035764780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 441.394236][ T7925] >ffff888035764800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 441.396631][ T7925] ^ [ 441.398365][ T7925] ffff888035764880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 441.400823][ T7925] ffff888035764900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 441.403211][ T7925] ================================================================== [ 441.406012][ T7925] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 441.408238][ T7925] CPU: 1 UID: 0 PID: 7925 Comm: syz.7.498 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(full) [ 441.412192][ T7925] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 441.416408][ T7925] Call Trace: [ 441.417746][ T7925] [ 441.418902][ T7925] dump_stack_lvl+0x3d/0x1f0 [ 441.420655][ T7925] panic+0x71c/0x800 [ 441.422049][ T7925] ? __pfx_panic+0x10/0x10 [ 441.423667][ T7925] ? irqentry_exit+0x3b/0x90 [ 441.425351][ T7925] ? lockdep_hardirqs_on+0x7c/0x110 [ 441.427235][ T7925] ? rose_get_neigh+0x549/0x640 [ 441.428870][ T7925] ? rose_get_neigh+0x549/0x640 [ 441.430395][ T7925] check_panic_on_warn+0xab/0xb0 [ 441.431935][ T7925] end_report+0x107/0x170 [ 441.433277][ T7925] kasan_report+0xee/0x110 [ 441.434648][ T7925] ? rose_get_neigh+0x549/0x640 [ 441.436157][ T7925] rose_get_neigh+0x549/0x640 [ 441.437627][ T7925] rose_connect+0x2d4/0x1540 [ 441.439128][ T7925] ? __pfx_rose_connect+0x10/0x10 [ 441.440712][ T7925] ? selinux_netlbl_socket_connect+0x30/0x40 [ 441.442595][ T7925] ? rcu_is_watching+0x12/0xc0 [ 441.444098][ T7925] ? __local_bh_enable_ip+0xa4/0x120 [ 441.445749][ T7925] ? lockdep_hardirqs_on+0x7c/0x110 [ 441.447383][ T7925] ? selinux_netlbl_socket_connect+0x30/0x40 [ 441.449263][ T7925] ? __local_bh_enable_ip+0xa4/0x120 [ 441.450921][ T7925] ? selinux_netlbl_socket_connect+0x30/0x40 [ 441.452786][ T7925] ? selinux_socket_connect+0x6b/0x80 [ 441.454462][ T7925] ? __pfx_rose_connect+0x10/0x10 [ 441.456031][ T7925] __sys_connect_file+0x141/0x1a0 [ 441.457601][ T7925] __sys_connect+0x13b/0x160 [ 441.459073][ T7925] ? __pfx___sys_connect+0x10/0x10 [ 441.460683][ T7925] ? xfd_validate_state+0x61/0x180 [ 441.462290][ T7925] __x64_sys_connect+0x72/0xb0 [ 441.463787][ T7925] ? lockdep_hardirqs_on+0x7c/0x110 [ 441.465413][ T7925] do_syscall_64+0xcd/0x4c0 [ 441.466876][ T7925] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 441.468707][ T7925] RIP: 0033:0x7f8d59d8e929 [ 441.470121][ T7925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 441.475979][ T7925] RSP: 002b:00007f8d5ab78038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 441.478540][ T7925] RAX: ffffffffffffffda RBX: 00007f8d59fb5fa0 RCX: 00007f8d59d8e929 [ 441.480977][ T7925] RDX: 000000000000001c RSI: 0000200000000040 RDI: 0000000000000004 [ 441.483416][ T7925] RBP: 00007f8d59e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 441.485844][ T7925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 441.488286][ T7925] R13: 0000000000000000 R14: 00007f8d59fb5fa0 R15: 00007fffaa3e7c38 [ 441.490660][ T7925] [ 441.492211][ T7925] Kernel Offset: disabled [ 441.493563][ T7925] Rebooting in 86400 seconds.. VM DIAGNOSIS: 15:17:48 Registers: info registers vcpu 0 CPU#0 RAX=dffffc0000000000 RBX=ffffffff8e5cf7c0 RCX=ffffc90043a41000 RDX=ffffffff8e5cf830 RSI=ffffffff8c157ce0 RDI=ffffffff8e5cf830 RBP=0000000000000001 RSP=ffffc90006ca7688 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=ffff88802a00b700 R13=0000000000000000 R14=0000000000000001 R15=1ffff92000d94f05 RIP=ffffffff81a15eb5 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f7881d106c0 ffffffff 00c00000 GS =0000 ffff8880d6752000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c34e2f3 CR3=00000000256a1000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7881011b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7881011b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7881011b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7881011b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7881011bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7881011c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7881184488 00007f7881184480 00007f7881184478 00007f7881184450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7881ced100 00007f7881184440 00007f7881184458 00007f78811844a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7881184498 00007f7881184490 00007f7881184488 00007f7881184480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000074 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff855bffa5 RDI=ffffffff9b088320 RBP=ffffffff9b0882e0 RSP=ffffc90006b97688 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552 R12=0000000000000000 R13=0000000000000074 R14=ffffffff9b0882e0 R15=ffffffff855bff40 RIP=ffffffff855bffcf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f8d5ab786c0 ffffffff 00c00000 GS =0000 ffff8880d6852000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c338dff CR3=000000005d4c7000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8d59e11b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8d59e11b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8d59e11b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8d59e11b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8d59e11bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8d59e11c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8d59f84488 00007f8d59f84480 00007f8d59f84478 00007f8d59f84450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8d5aaed100 00007f8d59f84440 00007f8d59f84458 00007f8d59f844a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8d59f84498 00007f8d59f84490 00007f8d59f84488 00007f8d59f84480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffffed100d4870f0 RCX=ffffffff8a457686 RDX=ffff888023eda440 RSI=ffffffff8a457694 RDI=0000000000000001 RBP=0000000006cd1e70 RSP=ffffc900035afa40 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=ffffe8fefc497000 R13=0000000000000000 R14=dffffc0000000000 R15=ffff88806a438780 RIP=ffffffff8a4576a9 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000555587cb0500 ffffffff 00c00000 GS =0000 ffff8880d6952000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f2c0a17e2d8 CR3=000000003bc2b000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000010040408 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffecc25cac0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2c0a011b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2c0a011b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2c0a011b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2c0a011b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2c0a011bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2c0a011c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000004f800000006 0000034000000270 000001a0000000d0 0000000000000340 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000d000000000 0000034000000270 000001a0000000d0 000000000000001f ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000001 RBX=ffffffff8e5c4880 RCX=00000000e7580ee6 RDX=0000000000000000 RSI=ffffffff8ddf507b RDI=ffffffff8c157d60 RBP=0000000000000002 RSP=ffffc900066df6c0 R8 =881f34d59cde9127 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff81987e70 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6a52000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c384dea CR3=0000000052be9000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe30cc11b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe30cc11b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe30cc11b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe30cc11b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe30cc11bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe30cc11c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe30cd84488 00007fe30cd84480 00007fe30cd84478 00007fe30cd84450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe30d8ed100 00007fe30cd84440 00007fe30cd80004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe30cd84498 00007fe30cd84490 00007fe30cd84488 00007fe30cd84480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000