last executing test programs: 1.449196266s ago: executing program 2 (id=394): r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f00000003c0)={0x0, 0xa, 0x3, 0x50e1}, &(0x7f0000000400)=0x10) mount(&(0x7f0000000000), &(0x7f0000000100)='.\x00', &(0x7f00000000c0)='hugetlbfs\x00', 0x0, 0x0) 1.378043063s ago: executing program 2 (id=399): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000680)={0x2, 0x4}, 0x4) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000640)=@newlink={0x20, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14615, 0xef}}, 0x20}, 0x1, 0x0, 0x0, 0x300}, 0x0) 1.220069256s ago: executing program 2 (id=406): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) capset(&(0x7f0000000080)={0x20071026}, 0x0) mount$overlay(0x0, 0x0, 0x0, 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}]}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000)=@arm64={0x8, 0x2, 0x2, '\x00', 0x2}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000280)=[@text16={0x10, 0x0}], 0x1, 0x8, 0x0, 0x0) 1.169571614s ago: executing program 0 (id=408): bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x28, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x0, &(0x7f00000002c0)=[{0x5, 0x2, 0xa, 0xa}], 0x10, 0x7ff}, 0x94) r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000780), 0xa400, 0x0) ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x50) r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001800)={0xe, 0x5, &(0x7f00000007c0)=@framed={{0x18, 0x2}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xa}]}, &(0x7f00000005c0)='syzkaller\x00'}, 0x94) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000280)=ANY=[@ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="05"], 0x10) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000440)={r3, &(0x7f0000000440), &(0x7f0000000040)=@udp=r2}, 0x20) bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x21) syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b142b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c04594282423424d00", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x2003}, 0x94) r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x9}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) recvmmsg(r2, &(0x7f0000000400)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000800)=""/4096, 0x1000}], 0x1}, 0xb}], 0x12, 0x40000021, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge0\x00'}) 1.11877644s ago: executing program 3 (id=410): r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x115100, 0x145) renameat(r1, &(0x7f0000000040)='./file1\x00', r0, &(0x7f0000000080)='./file1\x00') r2 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x8, 0x2) ioctl$vim2m_VIDIOC_G_FMT(r2, 0xc0d05604, &(0x7f0000000100)={0x2, @win={{0xe36a, 0x5, 0xfffff9b6, 0x4}, 0x0, 0xffffffa5, 0x0, 0x10, 0x0, 0x60}}) mount$9p_virtio(&(0x7f0000000280), &(0x7f0000000180)='.\x00', &(0x7f0000000000), 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="085d55242469017d50ad27b0947ab2627135306ee4981da88c26b3844d9d35ba77ebea1c247171c0fa8dc2352156b59d382364fcbdc5a7d8d83219bde8023e70dcf5a9445ccc73916f30051447dc3aa61338c0b3269859577526529ad13e7fec9dc59cb5c9c0b25fb172200910bb7c288ba05ee2eef4cb50153c8718151ff6ae49ce3da98cc406dc8d5121317a0ef9b9a5011f9d507e951c155fe3c9f63c079b8dc4f46133cd3ba23a095f95b48d4acd0a7e1e638e1b191bf740f4f0c3112f591fa1e0f2", @ANYRES8=r2, @ANYRES64=r2, @ANYRES16=r1, @ANYRES64=r1, @ANYRESOCT=r2, @ANYRESDEC=0x0]) r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00') read$FUSE(r3, &(0x7f0000003480)={0x2020}, 0x2020) r4 = syz_open_dev$usbfs(&(0x7f00000001c0), 0x800000001fe, 0x2) r5 = dup(r4) read$eventfd(r5, 0x0, 0x0) read$FUSE(r2, &(0x7f00000054c0)={0x2020}, 0xfffffffffffffd35) newfstatat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', &(0x7f0000000440), 0x1000) 1.070481686s ago: executing program 3 (id=411): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0}) 971.373399ms ago: executing program 2 (id=413): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) mount$overlay(0x0, 0x0, 0x0, 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}]}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000)=@arm64={0x8, 0x2, 0x2, '\x00', 0x2}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000280)=[@text16={0x10, 0x0}], 0x1, 0x8, &(0x7f0000000380)=[@flags={0x3, 0x128bc4}], 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 3) 838.677327ms ago: executing program 3 (id=416): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f00000002c0)=ANY=[], 0x8) connect$inet6(r0, &(0x7f00000003c0)={0xa, 0xfffe, 0x2000001, @mcast2, 0x6}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10) write(r0, &(0x7f00000000c0)="842a0a65bd8c002b0304000e0580a7b6070d63e286a5cefe", 0x5ac) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) futex(&(0x7f0000000040), 0x5, 0x0, 0x0, &(0x7f00000000c0)=0x2, 0xfffffffd) setsockopt$inet_int(r2, 0x0, 0x33, &(0x7f0000000000)=0x80020000, 0x4) listen(r2, 0x2) setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) sendto$inet6(0xffffffffffffffff, &(0x7f0000000300)="cd", 0x1, 0x8804, &(0x7f0000000100)={0xa, 0x4e23, 0x80, @loopback, 0xfffffffe}, 0x1c) close_range(r1, 0xffffffffffffffff, 0x0) 770.00532ms ago: executing program 3 (id=417): r0 = syz_open_dev$swradio(&(0x7f0000000040), 0x1, 0x2) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000080)={0xb, @raw_data="435330386d7045c07d0ced83659145ec87cda60fea0195e62c84f08c70a667dd931f3e0944ae0769d1db71d24638f00994f04ca9318da48efe59ecd5c4bc7e620f0052cf7501c6cb0bc9d6ea9d7f7fd580f51ffdc2205484a488b21c86765b2b6b13822337775fbb604bc443655025b4e6aab93c145aa062dab666d7bee24b65b2f7bed94cbd28be632bb7f7c6c5b301700f7c4af1bf90dd769f7de1d2e4a3e7c70f55979f51c2a89922c00cb68b7869210e8a823b63f4f65558c6d4688870907c1ad8e7ef553988"}) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a40)=ANY=[@ANYBLOB="140000001000010000000000000000002000000a70000000060a0b0400000000000000000200000044000480200001800e000100636f6e6e6c696d69740000000c000280080001400000000010000180090001006c61737400000000100001800a00010072656469720000000900010073797a30000000000900020073797a320000000014000000110001"], 0x98}}, 0x0) close(r1) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000080)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_DELTABLE={0x21c, 0x2, 0xa, 0x801, 0x0, 0x0, {0x3, 0x0, 0x5}, [@NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_TABLE_FLAGS={0x8}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_USERDATA={0xf5, 0x6, "c4fa567af269143d08f63b994c6ee10bef27bcb0df0a676474e6feb2288d77e850d3fc4d02a82b76370c611ab6fe54049441a6977e6e8e3fdc02d9665873db87abfbce0be4b4d1020c821f79c41ea61258137ae27b85f6bd61d86ceeec74bd1b75d5d6f9b4eeca26a2943483a6f3164a31040e8d81fb1a81adc624fc57876cdbd9d2deb32d45ad1225f743886a64d755d7f8639c89a2b9339ae7405fedf1d46ac4a6664243327b0b0510bed189f0e15b3faaa090df5dba45b4ba74f21e43e56178dd7e033496ee93c0af08c355fb7d3d895abb513a848cb1dc1c51cd7ad555b1c7881a393667e73ce51ca986eb2b660d8d"}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_USERDATA={0xd9, 0x6, "35ae31c5ca1c173ad2f43a99df547c8ad7da39e56a6a5e412fe509b1a64a97ab6f0ad3c6eeaaa9658a89e7ff5ae61a473cfbfa7d2cfff9e3e48d19d80380c052f3fcf21a9caaee05ff4487673eeacdb8b3973110b6713861271899711c582e61be8e6ea5877408583f20bd5d16fa1d659e07aa6529c789d99243da8dae81b6e556f653ab9139ea56d55e974f5e66bc6ef45decdd5307d560d8f80cd3a1b91f40f0baa904868df1410def2daa2757802282f4455ad8a6c11a8bd20c2c3f749958d83449e176a12a456ba1e4e034d33a1a64aa5ed164"}]}, @NFT_MSG_DELTABLE={0xac, 0x2, 0xa, 0x401, 0x0, 0x0, {0x3, 0x0, 0x1000}, [@NFTA_TABLE_FLAGS={0x8}, @NFTA_TABLE_USERDATA={0x34, 0x6, "e7426638aceeeb88693a18ece488341abf41b0434fb4923cf32416973530d60674b026e5f74ebeab4d77b11f0c60c8d0"}, @NFTA_TABLE_USERDATA={0x4e, 0x6, "867f0e8efb8ef036ee0fe18dfddfd6341afccfbc754ed8cac4bd6975deb34dea0b1e36b21322f4f888ad98eaeb39744a8ddd50cb5aca9b2f5b2b663164a176642090adb5a49d43c97d95"}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x4}]}, @NFT_MSG_DELTABLE={0x1c, 0x2, 0xa, 0x101, 0x0, 0x0, {0x4, 0x0, 0x9}, [@NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x3}]}, @NFT_MSG_DELFLOWTABLE={0x28, 0x18, 0xa, 0x201, 0x0, 0x0, {0x0, 0x0, 0x5}, [@NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x1}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x334}, 0x1, 0x0, 0x0, 0x24000801}, 0x40804) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$XFS_IOC_ATTRLIST_BY_HANDLE(r2, 0x4058587a, &(0x7f0000000780)={{r2, &(0x7f0000000180)='^,@\x00', 0x40100, &(0x7f00000001c0)={@align=0x8f5, {0x4, 0x4, 0x400, 0x10001}}, 0x400, &(0x7f0000000580)={@_ha_fsid}, &(0x7f0000000600)=0x3}, {[0xc, 0x5, 0x8, 0x7]}, 0x800, 0xda, &(0x7f0000000680)=""/218}) r3 = socket$rds(0x15, 0x5, 0x0) bind$rds(r3, &(0x7f0000000040)={0x2, 0x4e22, @loopback}, 0x10) sendmsg$rds(r3, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000440)=[@cswp={0x58, 0x114, 0x7, {{0x6, 0x2}, 0x0, 0x0, 0x2, 0x9, 0x9, 0x9, 0x1c, 0x4}}], 0x58}, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)='B', 0x1}], 0x1, 0x0, 0x0, 0x11000000}, 0x0) r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r4) ptrace$setregs(0xd, r4, 0x0, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb") ptrace$setregs(0xd, r4, 0x0, &(0x7f0000000540)) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x121000, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2) syz_kvm_setup_cpu$x86(r6, r7, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, 0x0}], 0x1, 0xea736d4a7abf663a, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f00000003c0)="ea00800000a000c4c3957e0503000000e735100000000f22c0f30f5e0d2d000000eab56c0000220166b833000f00d8c4e27932bf2e0ac93d660f388037660f74200f2304b8f4943e1d0f23d80f21f835400000000f23f8", 0x57}], 0x1, 0x1, 0x0, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000440)="45d94d52a98d4908726ae5c6224144dd37392669f6a41a9d3eadda17a9a56c0bed361684d5e928a58363711c4fa9339f1830425ed916a9e2f6d47a2864db18e3b2f3979528309e05a9840fcf49f4a48efa440ffd5cadce6cb8f19e8eb1f8f7661a6c448f79178002bcb1cbf1c71b19a322eb1bc2822f3a8f001b5c3d6bc1312df08545d7b73b40c9e2de8cd9c81f9139a5db8532d322dd474956c0be6bdd54c6040622893c0000af0a300a4f9dfbb32f1411a19fd0b67eb44785bc68abf443", 0xbf}], 0x1, 0x0, 0x0, 0x11000000}, 0x0) r8 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r8) ptrace$setregs(0xd, r8, 0x0, &(0x7f0000000540)) ptrace$cont(0x20, r8, 0x0, 0x0) ptrace$getregset(0x4204, r8, 0x1, &(0x7f0000000100)={&(0x7f0000000080)=""/104, 0x68}) ptrace$cont(0x20, r4, 0x0, 0x0) 669.721939ms ago: executing program 0 (id=418): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1500000000"], 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1200000004000000040000000c"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000001800000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8a00fe00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0x541b, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x0, 0x8d5}) close_range(r2, 0xffffffffffffffff, 0x0) 610.479596ms ago: executing program 2 (id=419): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000680)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="48000000100001040000000000070000003f0000", @ANYRES32=r2, @ANYBLOB="3f00000006020400280012800b0001006272696467650000180002800c002e0003000000030000000500070008"], 0x48}, 0x1, 0x0, 0x0, 0x44000}, 0x0) 610.011852ms ago: executing program 0 (id=420): r0 = openat$panthor(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0]}) ioctl$DRM_IOCTL_MODE_ADDFB(r0, 0xc01c64ae, &(0x7f00000000c0)={r1, 0x0, 0xbde, 0x1, 0xffffff9f, 0xd57, 0x10001}) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000100)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r2, 0xc1004110, &(0x7f0000000140)={0x84, [0x3, 0x0, 0x8], [{0x4, 0x8, 0x1, 0x1, 0x1, 0x1}, {0x7ff, 0xa5, 0x0, 0x0, 0x1}, {0x2, 0xc, 0x0, 0x0, 0x1, 0x1}, {0xa}, {0x4, 0x42d, 0x0, 0x1, 0x0, 0x1}, {0x2, 0x3b, 0x1, 0x1, 0x0, 0x1}, {0x4, 0xdb59, 0x1}, {0x7, 0x9, 0x1, 0x1, 0x1, 0x1}, {0xfd, 0x5, 0x0, 0x1}, {0x0, 0x9, 0x1}, {0x8, 0x1000, 0x1, 0x0, 0x0, 0x1}, {0x6, 0xd, 0x1, 0x1, 0x0, 0x1}], 0x5}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8, r1, 0xeeeeeeee}) (async) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8, r1, 0xeeeeeeee}) ioctl$DRM_IOCTL_MODE_GETENCODER(r0, 0xc01464a6, &(0x7f0000000300)) (async) ioctl$DRM_IOCTL_MODE_GETENCODER(r0, 0xc01464a6, &(0x7f0000000300)={0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000440)={0x201, 0x1, &(0x7f0000000340)=[r10], &(0x7f0000000380)=[0x1, 0x2, 0x800, 0x9], &(0x7f00000003c0)=[r9, r9, r4, r8, r7, r6], &(0x7f0000000400)=[0x8, 0xfffffffffffffffc, 0x7, 0x6, 0x6, 0x8], 0x0, 0x3}) (async) ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000440)={0x201, 0x1, &(0x7f0000000340)=[r10], &(0x7f0000000380)=[0x1, 0x2, 0x800, 0x9], &(0x7f00000003c0)=[r9, r9, r4, r8, r7, r6], &(0x7f0000000400)=[0x8, 0xfffffffffffffffc, 0x7, 0x6, 0x6, 0x8], 0x0, 0x3}) ioctl$DRM_IOCTL_MODE_GETENCODER(r0, 0xc01464a6, &(0x7f0000000480)={0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_GETENCODER(r0, 0xc01464a6, &(0x7f00000004c0)) (async) ioctl$DRM_IOCTL_MODE_GETENCODER(r0, 0xc01464a6, &(0x7f00000004c0)={0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f0000000600)={&(0x7f0000000580)=[0x0, 0x0, 0x0], &(0x7f00000005c0)=[0x0, 0x0, 0x0], 0x3, r1, 0xfbfbfbfb}) (async) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f0000000600)={&(0x7f0000000580)=[0x0, 0x0, 0x0], &(0x7f00000005c0)=[0x0, 0x0, 0x0], 0x3, r1, 0xfbfbfbfb}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r2, 0xc05064a7, &(0x7f0000000880)={&(0x7f0000000640)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000680)=[{}, {}, {}, {}], &(0x7f00000007c0)=[0x0, 0x0, 0x0], &(0x7f0000000800)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x4, 0x3, 0x8}) ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f00000009c0)={0x200, 0x5, &(0x7f0000000500)=[r11, r7, r3, r12, 0x0], &(0x7f0000000540)=[0x9], &(0x7f0000000900)=[r13, r18, r4, r6], &(0x7f0000000940)=[0x9, 0x5, 0x35, 0x7fffffff, 0x2132b2af, 0xc66, 0x8, 0xe7, 0x3, 0x4], 0x0, 0x3}) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000b00)={&(0x7f0000000a00)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000a40)=[0x0, 0x0], &(0x7f0000000a80)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000ac0)=[0x0, 0x0, 0x0], 0x8, 0x2, 0x5, 0x3}) ioctl$DRM_IOCTL_MODE_GET_LEASE(r2, 0xc01064c8, &(0x7f0000000b80)={0x3, 0x0, &(0x7f0000000b40)=[0x0, 0x0, 0x0]}) ioctl$DRM_IOCTL_MODE_ATOMIC(r2, 0xc03864bc, &(0x7f0000000cc0)={0x80, 0x7, &(0x7f0000000bc0)=[r17, r21, r20, r24, r14, r5, r5], &(0x7f0000000c00)=[0x5, 0x0, 0x8000, 0xea3], &(0x7f0000000c40)=[r9], &(0x7f0000000c80)=[0x4, 0x8a], 0x0, 0x1ec}) ioctl$DRM_IOCTL_MODE_GETENCODER(r0, 0xc01464a6, &(0x7f0000000d00)={r23}) (async) ioctl$DRM_IOCTL_MODE_GETENCODER(r0, 0xc01464a6, &(0x7f0000000d00)={r23}) ioctl$DRM_IOCTL_PANTHOR_GROUP_CREATE(r2, 0xc0386447, &(0x7f0000000d80)={{0x8, 0x1, &(0x7f0000000d40)=[{0x9, 0x0, 0x3}]}, 0x1, 0x9, 0x3, 0x0, 0x0, 0x87c0, 0x15ac, 0x2fe05650, 0x0, 0x0}) ioctl$DRM_IOCTL_PANTHOR_GROUP_DESTROY(r0, 0xc0086448, &(0x7f0000000dc0)={r25}) socket(0x1e, 0x4, 0x4) r26 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000e00), 0x2, 0x0) r27 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000e40), 0x20400, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r0, 0xc01864c2, &(0x7f0000000e80)={0x0, 0x1, r2}) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(r27, 0xc00864c0, &(0x7f0000000ec0)={r28}) (async) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(r27, 0xc00864c0, &(0x7f0000000ec0)={r28}) statx(r2, &(0x7f0000000f40)='./file0\x00', 0x0, 0x8, &(0x7f0000000f80)) (async) statx(r2, &(0x7f0000000f40)='./file0\x00', 0x0, 0x8, &(0x7f0000000f80)={0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$nl_route(r26, &(0x7f0000001100)={&(0x7f0000000f00)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000010c0)={&(0x7f0000001080)=@ipv6_newroute={0x3c, 0x18, 0x400, 0x70bd26, 0x25dfdbff, {0xa, 0x10, 0x20, 0x3, 0xfe, 0x0, 0xfe, 0x6, 0x3c00}, [@RTA_UID={0x8, 0x19, r29}, @RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @LWT_BPF_XMIT_HEADROOM={0x8, 0x4, 0x100}}, @RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @ILA_ATTR_IDENT_TYPE={0x5}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x20000044) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000001180)={&(0x7f0000001140)=[0x0], 0x1}) (async) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000001180)={&(0x7f0000001140)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_GETENCODER(r27, 0xc01464a6, &(0x7f00000011c0)={r15}) (async) ioctl$DRM_IOCTL_MODE_GETENCODER(r27, 0xc01464a6, &(0x7f00000011c0)={r15, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r2, 0xc05064a7, &(0x7f0000001540)={&(0x7f0000001280)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000012c0)=[{}, {}, {}, {}, {}, {}, {}], &(0x7f00000014c0)=[0x0], &(0x7f0000001500)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7, 0x1, 0x5, 0x0, r24}) ioctl$DRM_IOCTL_MODE_ATOMIC(r2, 0xc03864bc, &(0x7f0000001700)={0x400, 0x4, &(0x7f0000001200)=[r30, r31, r22, r16], &(0x7f0000001240)=[0xf8, 0x7], &(0x7f0000001680)=[r32, 0x0, r8, r13, r19, r7, r14, r14, r14, r4], &(0x7f00000016c0)=[0xa972, 0x9], 0x0, 0x1}) 608.952644ms ago: executing program 2 (id=421): pipe(&(0x7f0000000000)={0xffffffffffffffff}) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND_IP(r0, &(0x7f0000000500)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e22, 0x1006, @dev={0xfe, 0x80, '\x00', 0x21}, 0x5}, r1}}, 0x30) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r3, &(0x7f0000000980), 0xfdef) r4 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f00000007c0)=@mangle={'mangle\x00', 0x2, 0x6, 0x730, 0x270, 0x190, 0x270, 0x270, 0x190, 0x660, 0x660, 0x660, 0x660, 0x660, 0x6, 0x0, {[{{@ipv6={@mcast1, @private1, [], [], 'bond_slave_0\x00', 'vlan1\x00', {}, {}, 0x21}, 0x0, 0x168, 0x190, 0x0, {0x7a00000010000000}, [@common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @empty, @mcast2, @private2, [], [0x0, 0xffffffff], [], 0x0, 0x10}}, @common=@inet=@dccp={{0x30}, {[0x4e24, 0x4e24], [0x4e23, 0x4e24], 0xd, 0x0, 0x4, 0x7}}]}, @HL={0x28}}, {{@ipv6={@mcast2, @dev={0xfe, 0x80, '\x00', 0x2}, [], [], 'bridge0\x00', 'veth1_vlan\x00'}, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{}, {}, {0x0, 0xfd}, 0x300, 0x4}}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @rand_addr=0x1000000}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'bridge0\x00', 'bond_slave_0\x00', {0xff}}, 0x0, 0xa8, 0xd0, 0x48000000}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffc}}, {{@ipv6={@loopback, @local, [0xff, 0x0, 0xff, 0xff000000], [0xff000000, 0xff000000, 0xffffffff, 0xffffff00], 'macvlan0\x00', 'veth1_to_bridge\x00', {}, {0xff}, 0x8, 0x81, 0x1, 0x36}, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4, @ipv6=@private1, 0x0, 0x37}}}, {{@uncond, 0x0, 0x208, 0x230, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@rt={{0x138}, {0x0, [], 0x0, 0x0, 0x0, [@empty, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0, @empty, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty, @mcast2, @mcast2, @private0, @empty, @loopback, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @remote, @private1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private0]}}]}, @HL={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x790) splice(r0, 0x0, r3, 0x0, 0x80, 0x4) r5 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r5, &(0x7f00000003c0)={0x18, 0x0, {0x2, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, 'batadv_slave_0\x00'}}, 0x1e) sendmmsg(r5, &(0x7f0000000300)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000200)="70db", 0x2}], 0x1}}], 0x1, 0x0) read$FUSE(r2, &(0x7f0000000980)={0x2020}, 0x2020) socket$nl_netfilter(0x10, 0x3, 0xc) 548.96569ms ago: executing program 0 (id=422): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000f003000000400001802c0004001400010002000000ac1414aa00000000000000001400020002000000e000000200000000000004000d0001007564703a73"], 0x54}}, 0x0) 547.540181ms ago: executing program 0 (id=424): r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_int(r0, 0x0, 0x18, 0x0, &(0x7f0000000040)) r1 = syz_open_dev$tty1(0xc, 0x4, 0x4) r2 = dup(r1) write$UHID_INPUT(r2, &(0x7f0000001040)={0x1a, {"a2e3ad21ed6b52f99cfbf4c087f71e9b230963ff7fc6e5539b9b3b09719b711b5d52101b080d29428f0e1ac6e7049b3468959b189a242a9b45f3988f7ef319520100ffe8d178708c523c921b1b23380a169b63d336cd3b78130daa61d8e81aea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae11a973735b36d5b1b63e91c00305d9be7bd1d020000000000000075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801000000005b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c580263093ca9a34af674f3f39fe23491e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6fa94fc488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b412435111c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269caf12c31357c8219793e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a687974e7b4ab01b7f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da3710ac000000001a527777a5371f87d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ef06e288e810bac9c766000a5e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1386abdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f103000000416d59fdee5325928974d12dad99dac44c3f0008047096a44060fb30e900caab415db6578b4779415d97b9a6d601005c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3c901cd34e5c92f76cc4c24eeb8bc4e9ac292d9e53803ed000000009737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ffffff7f000000007f889b09114edb8e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca405d8c5f64fdb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb67ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe529003d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb40800000077d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e5e2c664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85e654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd84e935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba30b4279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53dc10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227edff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fa6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b30f0b932a4d02da711b757fe43c06d21e759595e4e98b27faea8aa12bc8040000000000000033eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d0000010000000000fcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d080e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed704887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6ff7ffb1d62458d0741a12830052fcc460db043afe525629b40d7cee65802cb5e930ed624806c43a006dc9336d07c2b8081c188d26558f48261f7897084c2a1a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c0ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf475bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264c7b34252600c9654e502dcea39cb0800eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc640df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c02b5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadbb25c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa7082ead01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058093fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d060000008926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) 542.258907ms ago: executing program 1 (id=425): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f00000002c0)=ANY=[], 0x8) connect$inet6(r0, &(0x7f00000003c0)={0xa, 0xfffe, 0x2000001, @mcast2, 0x6}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10) write(r0, &(0x7f00000000c0)="842a0a65bd8c002b0304000e0580a7b6070d63e286a5cefe", 0x5ac) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) futex(&(0x7f0000000040), 0x5, 0x0, 0x0, &(0x7f00000000c0)=0x2, 0xfffffffd) setsockopt$inet_int(r2, 0x0, 0x33, &(0x7f0000000000)=0x80020000, 0x4) listen(r2, 0x2) setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) sendto$inet6(0xffffffffffffffff, &(0x7f0000000300)="cd", 0x1, 0x8804, &(0x7f0000000100)={0xa, 0x4e23, 0x80, @loopback, 0xfffffffe}, 0x1c) close_range(r1, 0xffffffffffffffff, 0x0) 542.009287ms ago: executing program 3 (id=426): bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x28, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x0, &(0x7f00000002c0)=[{0x5, 0x2, 0xa, 0xa}], 0x10, 0x7ff}, 0x94) r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000780), 0xa400, 0x0) ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x50) r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001800)={0xe, 0x5, &(0x7f00000007c0)=@framed={{0x18, 0x2}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xa}]}, &(0x7f00000005c0)='syzkaller\x00'}, 0x94) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000280)=ANY=[@ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="05"], 0x10) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000440)={r3, &(0x7f0000000440), &(0x7f0000000040)=@udp=r2}, 0x20) bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x21) syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b142b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c04594282423424d00", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x2003}, 0x94) r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x9}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) recvmmsg(r2, &(0x7f0000000400)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000800)=""/4096, 0x1000}], 0x1}, 0xb}], 0x12, 0x40000021, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge0\x00'}) 460.257307ms ago: executing program 1 (id=427): r0 = socket$kcm(0xa, 0x2, 0x0) sendmsg$sock(r0, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0xa00, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0) 459.971111ms ago: executing program 0 (id=428): socket$nl_netfilter(0x10, 0x3, 0xc) (async) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r1, 0x5) (async) listen(r1, 0x5) getrandom(&(0x7f0000000580)=""/265, 0xffffff3f, 0x3) prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_clone(0x1144280, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0) mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2) (async) mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) mremap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x400000, 0x3, &(0x7f0000c00000/0x400000)=nil) (async) mremap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x400000, 0x3, &(0x7f0000c00000/0x400000)=nil) accept(r1, 0x0, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x6, 0xff, 0x7, 0x7fc00002}]}) syz_clone3(0x0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000000)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r3, 0x40182103, &(0x7f0000000080)={r4, 0x1, r3, 0x4}) socket$nl_generic(0x10, 0x3, 0x10) (async) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0xfeaa, 0x2e, 0x9, 0x70bd27, 0x0, {0x6}, [@typed={0x14, 0x12, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x33}}}, @generic="c5e4dd2b8b772fd5ad0d15bc4f5865672491c6b6d70ad74de7680b05d0cfd02cd448ac98148323e8b48e5a38964361ebfc76ccba5af2260604b0d206b2985f0407a953d0d13036ce06f9a0e9feac033adb369e580abab9e04ca8aaf6504904bc76c3"]}, 0x8c}, 0x1, 0x0, 0x0, 0x42814}, 0x0) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000140)={0x0, 0x10001}, 0x8) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={0x60, 0x2, 0x6, 0x201, 0x0, 0x0, {0x1, 0x0, 0xfffe}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000001}, 0x0) (async) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={0x60, 0x2, 0x6, 0x201, 0x0, 0x0, {0x1, 0x0, 0xfffe}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000001}, 0x0) 459.725619ms ago: executing program 1 (id=429): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000680)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4800000010000104000003000007000000000000", @ANYRES32=r2, @ANYBLOB="3f00000006020400280012800b0001006272696467650000180002800c002e000300000003000000050007"], 0x48}, 0x1, 0x0, 0x0, 0x44000}, 0x0) 199.284857ms ago: executing program 1 (id=430): setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000080)=0x3, 0x4) r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0) syz_emit_ethernet(0xbe, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa018031c22ba7f9585186113543c20000000800450000b0"], 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="3800000056000100000000f70000000007020000", @ANYRES32, @ANYBLOB="200001"], 0x38}}, 0x0) ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r0, 0xc01064d1, &(0x7f0000000040)={0x1, 0x0, &(0x7f0000000080)=[0x0]}) r2 = socket$kcm(0xa, 0x2, 0x0) sendmsg$sock(r2, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0) 198.935618ms ago: executing program 1 (id=431): r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) r2 = accept$netrom(r1, &(0x7f0000000440)={{}, [@null, @remote, @null, @rose, @bcast, @null, @default, @bcast]}, &(0x7f0000000380)=0x48) recvfrom$netrom(r2, &(0x7f0000000500)=""/31, 0x1f, 0x120, 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100)) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r4 = dup3(r3, r1, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) syz_clone(0x80842111, 0x0, 0x0, 0x0, 0x0, 0x0) r5 = syz_init_net_socket$ax25(0x3, 0x2, 0x7) recvmmsg(r5, &(0x7f0000002780)=[{{0x0, 0x0, 0x0}, 0x7}], 0x1, 0x2, 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@xino_auto}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r6, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1}) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) ioctl$BINDER_THREAD_EXIT(r3, 0x40046208, 0x0) ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"}) ioctl$BINDER_THREAD_EXIT(r6, 0x40046208, 0x0) write$P9_RSTATu(r0, &(0x7f0000000100)={0x234, 0x7d, 0x1, {{0x500, 0xf3, 0x0, 0x400, {0x0, 0x0, 0x4}, 0x10000000, 0x0, 0x0, 0x0, 0x1f, '\x04nodev{cvfox%\xff\xff\xff\x81\x02\x00\x00\x00\x00\x001\xff\xce\xbc\x92\x00\x00\x00', 0x38, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18{\x82\x00\xb5\x00\x00;Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x05\xb4\x94\xe1', 0x12, '\xcf\xc2\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3\x13\xf6\x00', 0x57, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbb\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xd4\x89\xdad\x9a7\x00\x0eG'}, 0x12c, 'odev-n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0x234) r7 = openat(0xffffffffffffff9c, &(0x7f0000004d00)='./file1\x00', 0x250942, 0x1cd) quotactl_fd$Q_GETNEXTQUOTA(r7, 0xffffffff80000900, 0x0, 0x0) sendmsg$RDMA_NLDEV_CMD_PORT_GET(r7, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0x1405, 0x800, 0x70bd25, 0x25dfdbff, "", [{{0x8, 0x1, 0x1}, {0x8, 0x3, 0x1}}]}, 0x20}, 0x1, 0x0, 0x0, 0x40010}, 0xc080) 131.296264ms ago: executing program 3 (id=432): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) mount$overlay(0x0, 0x0, 0x0, 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}]}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000)=@arm64={0x8, 0x2, 0x2, '\x00', 0x2}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000280)=[@text16={0x10, 0x0}], 0x1, 0x8, &(0x7f0000000380)=[@flags={0x3, 0x128bc4}], 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) 0s ago: executing program 1 (id=433): r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) r1 = dup(r0) write$UHID_INPUT(r1, &(0x7f0000001040)={0x1a, {"a2e3ad21ed1f52f99cfbf4c087f71e9b230963ff7fc6e5539b9b3b09719b711b5d52101b080d29428f0e1ac6e7049b3468959b189a242a9b45f3988f7ef319520100ffe8d178708c523c921b1b23380a169b63d336cd3b78130daa61d8e81aea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae11a973735b36d5b1b63e91c00305d9be7bd1d020000000000000075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801000000005b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c580263093ca9a34af674f3f39fe23491e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6fa94fc488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b412435111c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269caf12c31357c8219793e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a687974e7b4ab01b7f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da3710ac000000001a527777a5371f87d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ef06e288e810bac9c766000a5e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1386abdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f103000000416d59fdee5325928974d12dad99dac44c3f0008047096a44060fb30e900caab415db6578b4779415d97b9a6d601005c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3c901cd34e5c92f76cc4c24eeb8bc4e9ac292d9e53803ed000000009737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ffffff7f000000007f889b09114edb8e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca405d8c5f64fdb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb67ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe529003d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb40800000077d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e5e2c664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85e654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd84e935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba30b4279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53dc10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227edff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fa6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b30f0b932a4d02da711b757fe43c06d21e759595e4e98b27faea8aa12bc8040000000000000033eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d0000010000000000fcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d080e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed704887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6ff7ffb1d62458d0741a12830052fcc460db043afe525629b40d7cee65802cb5e930ed624806c43a006dc9336d07c2b8081c188d26558f48261f7897084c2a1a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c0ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf475bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264c7b34252600c9654e502dcea39cb0800eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc640df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c02b5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadbb25c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa7082ead01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058093fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d060000008926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:32542' (ED25519) to the list of known hosts. [ 55.187752][ T40] audit: type=1400 audit(1771097763.633:62): avc: denied { name_bind } for pid=5916 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 55.225830][ T40] audit: type=1400 audit(1771097763.673:63): avc: denied { execute } for pid=5917 comm="sh" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 55.234883][ T40] audit: type=1400 audit(1771097763.673:64): avc: denied { execute_no_trans } for pid=5917 comm="sh" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 57.789557][ T40] audit: type=1400 audit(1771097766.233:65): avc: denied { mounton } for pid=5917 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 57.798170][ T40] audit: type=1400 audit(1771097766.243:66): avc: denied { mount } for pid=5917 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 57.800830][ T5917] cgroup: Unknown subsys name 'net' [ 57.939915][ T5917] cgroup: Unknown subsys name 'cpuset' [ 57.947349][ T5917] cgroup: Unknown subsys name 'rlimit' [ 58.067336][ T40] kauditd_printk_skb: 1 callbacks suppressed [ 58.067353][ T40] audit: type=1400 audit(1771097766.513:68): avc: denied { setattr } for pid=5917 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 58.079336][ T40] audit: type=1400 audit(1771097766.513:69): avc: denied { create } for pid=5917 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 58.087495][ T40] audit: type=1400 audit(1771097766.513:70): avc: denied { write } for pid=5917 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 58.095781][ T40] audit: type=1400 audit(1771097766.513:71): avc: denied { read } for pid=5917 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 58.102999][ T40] audit: type=1400 audit(1771097766.523:72): avc: denied { mounton } for pid=5917 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 58.112482][ T5922] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 58.113066][ T40] audit: type=1400 audit(1771097766.523:73): avc: denied { mount } for pid=5917 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 58.124921][ T40] audit: type=1400 audit(1771097766.523:74): avc: denied { read } for pid=5637 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1 [ 58.132582][ T40] audit: type=1400 audit(1771097766.543:75): avc: denied { read } for pid=5637 comm="dhcpcd" name="n102" dev="tmpfs" ino=1962 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 Setting up swapspace version 1, size = 127995904 bytes [ 58.140881][ T40] audit: type=1400 audit(1771097766.543:76): avc: denied { open } for pid=5637 comm="dhcpcd" path="/run/udev/data/n102" dev="tmpfs" ino=1962 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 58.149369][ T40] audit: type=1400 audit(1771097766.543:77): avc: denied { getattr } for pid=5637 comm="dhcpcd" path="/run/udev/data/n102" dev="tmpfs" ino=1962 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 58.822067][ T5917] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 62.908227][ T5935] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 62.911729][ T5943] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 62.914356][ T5943] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 62.915411][ T5946] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 62.916683][ T5943] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 62.920276][ T5946] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 62.921631][ T5943] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 62.922800][ T5947] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 62.923983][ T5946] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 62.924507][ T5947] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 62.925120][ T5947] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 62.926117][ T5947] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 62.926853][ T5943] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 62.927085][ T5943] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 62.928961][ T5946] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 62.934616][ T5947] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 62.935283][ T5943] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 62.935594][ T5943] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 62.941580][ T5943] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 62.957806][ T5943] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 63.197384][ T40] kauditd_printk_skb: 12 callbacks suppressed [ 63.197396][ T40] audit: type=1400 audit(1771097771.643:90): avc: denied { module_request } for pid=5930 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 63.241439][ T5930] chnl_net:caif_netlink_parms(): no params data found [ 63.252147][ T5931] chnl_net:caif_netlink_parms(): no params data found [ 63.330741][ T5940] chnl_net:caif_netlink_parms(): no params data found [ 63.394433][ T5934] chnl_net:caif_netlink_parms(): no params data found [ 63.452895][ T5930] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.456110][ T5930] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.458537][ T5930] bridge_slave_0: entered allmulticast mode [ 63.461641][ T5930] bridge_slave_0: entered promiscuous mode [ 63.476604][ T5931] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.479584][ T5931] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.482469][ T5931] bridge_slave_0: entered allmulticast mode [ 63.485921][ T5931] bridge_slave_0: entered promiscuous mode [ 63.499369][ T5930] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.501734][ T5930] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.504254][ T5930] bridge_slave_1: entered allmulticast mode [ 63.507381][ T5930] bridge_slave_1: entered promiscuous mode [ 63.517102][ T5931] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.519483][ T5931] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.521805][ T5931] bridge_slave_1: entered allmulticast mode [ 63.524971][ T5931] bridge_slave_1: entered promiscuous mode [ 63.585044][ T5930] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.588101][ T5940] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.590428][ T5940] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.592715][ T5940] bridge_slave_0: entered allmulticast mode [ 63.596073][ T5940] bridge_slave_0: entered promiscuous mode [ 63.599215][ T5940] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.601503][ T5940] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.603885][ T5940] bridge_slave_1: entered allmulticast mode [ 63.606825][ T5940] bridge_slave_1: entered promiscuous mode [ 63.615427][ T5934] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.617844][ T5934] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.620452][ T5934] bridge_slave_0: entered allmulticast mode [ 63.623375][ T5934] bridge_slave_0: entered promiscuous mode [ 63.628090][ T5931] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.632849][ T5931] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 63.638508][ T5930] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 63.647087][ T5934] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.650244][ T5934] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.653357][ T5934] bridge_slave_1: entered allmulticast mode [ 63.657728][ T5934] bridge_slave_1: entered promiscuous mode [ 63.727905][ T5931] team0: Port device team_slave_0 added [ 63.733141][ T5934] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.739584][ T5940] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.745308][ T5930] team0: Port device team_slave_0 added [ 63.748165][ T5934] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 63.752195][ T5931] team0: Port device team_slave_1 added [ 63.757001][ T5940] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 63.782891][ T5930] team0: Port device team_slave_1 added [ 63.809990][ T5934] team0: Port device team_slave_0 added [ 63.827662][ T5940] team0: Port device team_slave_0 added [ 63.841899][ T5940] team0: Port device team_slave_1 added [ 63.844806][ T5931] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 63.847000][ T5931] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 63.855596][ T5931] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 63.861727][ T5934] team0: Port device team_slave_1 added [ 63.875728][ T5930] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 63.878709][ T5930] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 63.888575][ T5930] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 63.899187][ T5931] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 63.902247][ T5931] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 63.912885][ T5931] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 63.923674][ T5930] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 63.926153][ T5930] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 63.934970][ T5930] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 63.945966][ T5940] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 63.948558][ T5940] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 63.957033][ T5940] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 63.961866][ T5934] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 63.964219][ T5934] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 63.972679][ T5934] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 63.983991][ T5934] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 63.986238][ T5934] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 63.994008][ T5934] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 64.002951][ T5940] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 64.005797][ T5940] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 64.013999][ T5940] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 64.080186][ T5931] hsr_slave_0: entered promiscuous mode [ 64.083259][ T5931] hsr_slave_1: entered promiscuous mode [ 64.098081][ T5930] hsr_slave_0: entered promiscuous mode [ 64.101361][ T5930] hsr_slave_1: entered promiscuous mode [ 64.104488][ T5930] debugfs: 'hsr0' already exists in 'hsr' [ 64.107028][ T5930] Cannot create hsr debugfs directory [ 64.146315][ T5934] hsr_slave_0: entered promiscuous mode [ 64.148518][ T5934] hsr_slave_1: entered promiscuous mode [ 64.151041][ T5934] debugfs: 'hsr0' already exists in 'hsr' [ 64.152872][ T5934] Cannot create hsr debugfs directory [ 64.158677][ T5940] hsr_slave_0: entered promiscuous mode [ 64.161016][ T5940] hsr_slave_1: entered promiscuous mode [ 64.163134][ T5940] debugfs: 'hsr0' already exists in 'hsr' [ 64.165502][ T5940] Cannot create hsr debugfs directory [ 64.450150][ T5931] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 64.457952][ T5931] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 64.463163][ T5931] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 64.475416][ T5931] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 64.507558][ T5930] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 64.512325][ T5930] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 64.517415][ T5930] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 64.522743][ T5930] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 64.587919][ T5940] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 64.597127][ T5940] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 64.603090][ T5940] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 64.607811][ T5940] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 64.687122][ T5934] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 64.693111][ T5934] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 64.700725][ T5934] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 64.705118][ T5934] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 64.742208][ T5931] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.754526][ T5931] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.768452][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.771589][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.789936][ T5930] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.798368][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.800775][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.833769][ T5940] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.839527][ T5930] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.853895][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.856978][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.869965][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.872371][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.897419][ T5940] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.908763][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.911754][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.937487][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.938193][ T40] audit: type=1400 audit(1771097773.383:91): avc: denied { sys_module } for pid=5931 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 64.940576][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.951081][ T5939] Bluetooth: hci0: command tx timeout [ 64.967606][ T5930] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 64.977332][ T5934] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.005704][ T5934] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.013858][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.017029][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.019984][ T5939] Bluetooth: hci2: command tx timeout [ 65.024573][ T5939] Bluetooth: hci3: command tx timeout [ 65.027113][ T5939] Bluetooth: hci1: command tx timeout [ 65.032650][ T1181] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.035682][ T1181] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.092730][ T5931] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.113029][ T5930] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.132618][ T5931] veth0_vlan: entered promiscuous mode [ 65.151446][ T5931] veth1_vlan: entered promiscuous mode [ 65.159051][ T5930] veth0_vlan: entered promiscuous mode [ 65.164506][ T5930] veth1_vlan: entered promiscuous mode [ 65.208990][ T5940] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.211690][ T5931] veth0_macvtap: entered promiscuous mode [ 65.219551][ T5934] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.231743][ T5930] veth0_macvtap: entered promiscuous mode [ 65.238601][ T5931] veth1_macvtap: entered promiscuous mode [ 65.247609][ T5930] veth1_macvtap: entered promiscuous mode [ 65.271977][ T5931] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.282371][ T5931] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.294492][ T112] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.297432][ T112] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.300752][ T112] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.319934][ T112] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.323504][ T5930] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.329011][ T5930] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.333596][ T5940] veth0_vlan: entered promiscuous mode [ 65.339996][ T5934] veth0_vlan: entered promiscuous mode [ 65.352790][ T112] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.356460][ T112] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.359302][ T112] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.362017][ T112] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.373274][ T5934] veth1_vlan: entered promiscuous mode [ 65.384665][ T5940] veth1_vlan: entered promiscuous mode [ 65.431741][ T112] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.435543][ T112] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.449999][ T5934] veth0_macvtap: entered promiscuous mode [ 65.468085][ T5940] veth0_macvtap: entered promiscuous mode [ 65.476298][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.479543][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.485732][ T5934] veth1_macvtap: entered promiscuous mode [ 65.502057][ T5940] veth1_macvtap: entered promiscuous mode [ 65.507873][ T40] audit: type=1400 audit(1771097773.953:92): avc: denied { mount } for pid=5931 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 65.514953][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.518372][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.523568][ T40] audit: type=1400 audit(1771097773.963:93): avc: denied { mounton } for pid=5931 comm="syz-executor" path="/syzkaller.s462sP/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 65.535399][ T5934] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.535923][ T40] audit: type=1400 audit(1771097773.963:94): avc: denied { mount } for pid=5931 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 65.546344][ T40] audit: type=1400 audit(1771097773.963:95): avc: denied { mounton } for pid=5931 comm="syz-executor" path="/syzkaller.s462sP/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 65.547896][ T5934] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.557111][ T40] audit: type=1400 audit(1771097773.963:96): avc: denied { mounton } for pid=5931 comm="syz-executor" path="/syzkaller.s462sP/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=8766 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 65.560221][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.572464][ T40] audit: type=1400 audit(1771097773.963:97): avc: denied { unmount } for pid=5931 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 65.573281][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.575741][ T5931] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 65.580580][ T40] audit: type=1400 audit(1771097773.983:98): avc: denied { mounton } for pid=5931 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=2840 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 65.586433][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.591863][ T40] audit: type=1400 audit(1771097773.983:99): avc: denied { mount } for pid=5931 comm="syz-executor" name="/" dev="gadgetfs" ino=8785 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 65.600309][ T13] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.610619][ T13] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.625006][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.628534][ T13] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.650333][ T13] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.677912][ T13] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.681692][ T13] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.696453][ T112] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.699898][ T112] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.706363][ T13] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.710017][ T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.770011][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.773165][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.784407][ T6028] 9pnet_virtio: no channels available for device syz [ 65.809574][ T1147] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.812516][ T6023] FAULT_INJECTION: forcing a failure. [ 65.812516][ T6023] name failslab, interval 1, probability 0, space 0, times 1 [ 65.813052][ T1147] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.819939][ T6023] CPU: 2 UID: 60928 PID: 6023 Comm: syz.3.4 Not tainted syzkaller #0 PREEMPT(full) [ 65.819961][ T6023] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 65.819978][ T6023] Call Trace: [ 65.819984][ T6023] [ 65.819991][ T6023] dump_stack_lvl+0x100/0x190 [ 65.820051][ T6023] should_fail_ex.cold+0x5/0xa [ 65.820072][ T6023] ? tomoyo_realpath_from_path+0xb6/0x690 [ 65.820098][ T6023] should_failslab+0xc2/0x120 [ 65.820121][ T6023] __kmalloc_noprof+0xe0/0x850 [ 65.820145][ T6023] tomoyo_realpath_from_path+0xb6/0x690 [ 65.820176][ T6023] tomoyo_path_number_perm+0x23c/0x580 [ 65.820196][ T6023] ? tomoyo_path_number_perm+0x22e/0x580 [ 65.820219][ T6023] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 65.820265][ T6023] ? find_held_lock+0x2b/0x80 [ 65.820287][ T6023] ? current_check_access_path+0x281/0x460 [ 65.820308][ T6023] ? __pfx_current_check_access_path+0x10/0x10 [ 65.820329][ T6023] ? d_alloc_parallel+0x864/0x14e0 [ 65.820356][ T6023] tomoyo_path_mknod+0x164/0x190 [ 65.820373][ T6023] ? __pfx_tomoyo_path_mknod+0x10/0x10 [ 65.820389][ T6023] ? find_held_lock+0x2b/0x80 [ 65.820410][ T6023] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 65.820435][ T6023] security_path_mknod+0x161/0x300 [ 65.820454][ T6023] may_o_create+0x30/0x3a0 [ 65.820476][ T6023] lookup_open.isra.0+0xa0d/0x11b0 [ 65.820502][ T6023] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 65.820528][ T6023] ? __pfx___might_resched+0x10/0x10 [ 65.820545][ T6023] ? mnt_get_write_access+0x52/0x2f0 [ 65.820571][ T6023] ? __pfx_down_write+0x10/0x10 [ 65.820594][ T6023] ? mnt_get_write_access+0x1e9/0x2f0 [ 65.820620][ T6023] path_openat+0x2291/0x31a0 [ 65.820652][ T6023] ? __pfx_path_openat+0x10/0x10 [ 65.820686][ T6023] do_file_open+0x20e/0x430 [ 65.820713][ T6023] ? __pfx_do_file_open+0x10/0x10 [ 65.820756][ T6023] ? alloc_fd+0x476/0x790 [ 65.820785][ T6023] ? do_getname+0x191/0x390 [ 65.820806][ T6023] do_sys_openat2+0x10d/0x1e0 [ 65.820825][ T6023] ? __pfx_do_sys_openat2+0x10/0x10 [ 65.820842][ T6023] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 65.820867][ T6023] ? __fget_files+0x21f/0x3d0 [ 65.820894][ T6023] __x64_sys_openat+0x12d/0x210 [ 65.820913][ T6023] ? __pfx___x64_sys_openat+0x10/0x10 [ 65.820929][ T6023] ? ksys_write+0x1ac/0x250 [ 65.820960][ T6023] do_syscall_64+0x106/0xf80 [ 65.820986][ T6023] ? clear_bhb_loop+0x40/0x90 [ 65.821011][ T6023] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 65.821030][ T6023] RIP: 0033:0x7f8f76b9bf79 [ 65.821044][ T6023] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 65.821058][ T6023] RSP: 002b:00007f8f77b27028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 65.821076][ T6023] RAX: ffffffffffffffda RBX: 00007f8f76e15fa0 RCX: 00007f8f76b9bf79 [ 65.821087][ T6023] RDX: 000000000000275a RSI: 0000200000000180 RDI: ffffffffffffff9c [ 65.821097][ T6023] RBP: 00007f8f77b27090 R08: 0000000000000000 R09: 0000000000000000 [ 65.821106][ T6023] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 65.821114][ T6023] R13: 00007f8f76e16038 R14: 00007f8f76e15fa0 R15: 00007ffd5a7fd088 [ 65.821132][ T6023] [ 65.821138][ T6023] ERROR: Out of memory at tomoyo_realpath_from_path. [ 65.987811][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.993727][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.998884][ T6038] capability: warning: `syz.0.10' uses deprecated v2 capabilities in a way that may be insecure [ 66.034626][ T6040] program syz.2.11 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 66.083439][ T6044] FAULT_INJECTION: forcing a failure. [ 66.083439][ T6044] name failslab, interval 1, probability 0, space 0, times 0 [ 66.089985][ T6044] CPU: 1 UID: 0 PID: 6044 Comm: syz.2.12 Not tainted syzkaller #0 PREEMPT(full) [ 66.090001][ T6044] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 66.090013][ T6044] Call Trace: [ 66.090028][ T6044] [ 66.090033][ T6044] dump_stack_lvl+0x100/0x190 [ 66.090056][ T6044] should_fail_ex.cold+0x5/0xa [ 66.090071][ T6044] ? genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290 [ 66.090089][ T6044] should_failslab+0xc2/0x120 [ 66.090106][ T6044] __kmalloc_noprof+0xe0/0x850 [ 66.090119][ T6044] ? lockdep_hardirqs_on+0x78/0x100 [ 66.090136][ T6044] genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290 [ 66.090157][ T6044] genl_family_rcv_msg_doit+0xc7/0x300 [ 66.090174][ T6044] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 66.090191][ T6044] ? genl_get_cmd+0x3ef/0x720 [ 66.090209][ T6044] ? __dev_queue_xmit+0x7fd/0x4750 [ 66.090226][ T6044] ? __radix_tree_lookup+0x217/0x2b0 [ 66.090240][ T6044] genl_rcv_msg+0x560/0x800 [ 66.090258][ T6044] ? __pfx_genl_rcv_msg+0x10/0x10 [ 66.090274][ T6044] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 66.090285][ T6044] ? __pfx_nl80211_get_station+0x10/0x10 [ 66.090298][ T6044] ? __pfx_nl80211_post_doit+0x10/0x10 [ 66.090315][ T6044] netlink_rcv_skb+0x159/0x420 [ 66.090329][ T6044] ? __pfx_genl_rcv_msg+0x10/0x10 [ 66.090346][ T6044] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 66.090366][ T6044] ? netlink_deliver_tap+0x1ae/0xcc0 [ 66.090381][ T6044] genl_rcv+0x28/0x40 [ 66.090395][ T6044] netlink_unicast+0x5aa/0x870 [ 66.090412][ T6044] ? __pfx_netlink_unicast+0x10/0x10 [ 66.090431][ T6044] netlink_sendmsg+0x8b0/0xda0 [ 66.090448][ T6044] ? __pfx_netlink_sendmsg+0x10/0x10 [ 66.090461][ T6044] ? __might_fault+0x20/0x140 [ 66.090479][ T6044] ____sys_sendmsg+0xa54/0xc30 [ 66.090497][ T6044] ? __pfx_____sys_sendmsg+0x10/0x10 [ 66.090518][ T6044] ___sys_sendmsg+0x190/0x1e0 [ 66.090536][ T6044] ? __pfx____sys_sendmsg+0x10/0x10 [ 66.090568][ T6044] __sys_sendmsg+0x170/0x220 [ 66.090581][ T6044] ? __pfx___sys_sendmsg+0x10/0x10 [ 66.090602][ T6044] do_syscall_64+0x106/0xf80 [ 66.090616][ T6044] ? clear_bhb_loop+0x40/0x90 [ 66.090629][ T6044] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 66.090640][ T6044] RIP: 0033:0x7f749a59bf79 [ 66.090650][ T6044] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 66.090660][ T6044] RSP: 002b:00007f749b3f4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 66.090671][ T6044] RAX: ffffffffffffffda RBX: 00007f749a815fa0 RCX: 00007f749a59bf79 [ 66.090678][ T6044] RDX: 0000000020040880 RSI: 0000200000001a80 RDI: 0000000000000004 [ 66.090684][ T6044] RBP: 00007f749b3f4090 R08: 0000000000000000 R09: 0000000000000000 [ 66.090690][ T6044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 66.090696][ T6044] R13: 00007f749a816038 R14: 00007f749a815fa0 R15: 00007fff7b4e3918 [ 66.090709][ T6044] [ 66.348759][ T6066] netlink: 8 bytes leftover after parsing attributes in process `syz.3.20'. [ 66.545578][ T39] IPVS: starting estimator thread 0... [ 66.634375][ T6097] FAULT_INJECTION: forcing a failure. [ 66.634375][ T6097] name failslab, interval 1, probability 0, space 0, times 0 [ 66.639440][ T6097] CPU: 2 UID: 60928 PID: 6097 Comm: syz.2.33 Not tainted syzkaller #0 PREEMPT(full) [ 66.639462][ T6097] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 66.639472][ T6097] Call Trace: [ 66.639478][ T6097] [ 66.639484][ T6097] dump_stack_lvl+0x100/0x190 [ 66.639515][ T6097] should_fail_ex.cold+0x5/0xa [ 66.639538][ T6097] should_failslab+0xc2/0x120 [ 66.639563][ T6097] __kmalloc_cache_noprof+0x7a/0x6f0 [ 66.639581][ T6097] ? p9_fid_create+0x45/0x460 [ 66.639609][ T6097] p9_fid_create+0x45/0x460 [ 66.639631][ T6097] p9_client_walk+0xc5/0x530 [ 66.639658][ T6097] ? __pfx_p9_client_walk+0x10/0x10 [ 66.639685][ T6097] ? v9fs_fid_lookup+0xec/0xec0 [ 66.639707][ T6097] v9fs_vfs_lookup+0x206/0x5b0 [ 66.639730][ T6097] ? __pfx_v9fs_vfs_lookup+0x10/0x10 [ 66.639755][ T6097] ? avc_has_perm+0x135/0x1e0 [ 66.639778][ T6097] v9fs_vfs_atomic_open_dotl+0x87e/0xd90 [ 66.639804][ T6097] ? selinux_determine_inode_label+0x1ab/0x400 [ 66.639830][ T6097] ? __pfx_v9fs_vfs_atomic_open_dotl+0x10/0x10 [ 66.639856][ T6097] ? may_create+0x285/0x440 [ 66.639882][ T6097] ? __pfx_may_create+0x10/0x10 [ 66.639905][ T6097] ? capable_wrt_inode_uidgid+0xde/0x170 [ 66.639941][ T6097] atomic_open+0x179/0x430 [ 66.639958][ T6097] ? __pfx_v9fs_vfs_atomic_open_dotl+0x10/0x10 [ 66.639985][ T6097] lookup_open.isra.0+0x46b/0x11b0 [ 66.640042][ T6097] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 66.640069][ T6097] ? __pfx___might_resched+0x10/0x10 [ 66.640087][ T6097] ? mnt_get_write_access+0x52/0x2f0 [ 66.640114][ T6097] ? __pfx_down_write+0x10/0x10 [ 66.640137][ T6097] ? mnt_get_write_access+0x1e9/0x2f0 [ 66.640162][ T6097] path_openat+0x2291/0x31a0 [ 66.640197][ T6097] ? __pfx_path_openat+0x10/0x10 [ 66.640233][ T6097] do_file_open+0x20e/0x430 [ 66.640260][ T6097] ? __pfx_do_file_open+0x10/0x10 [ 66.640304][ T6097] ? alloc_fd+0x476/0x790 [ 66.640333][ T6097] ? do_getname+0x191/0x390 [ 66.640354][ T6097] do_sys_openat2+0x10d/0x1e0 [ 66.640372][ T6097] ? __pfx_do_sys_openat2+0x10/0x10 [ 66.640389][ T6097] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 66.640414][ T6097] ? __fget_files+0x21f/0x3d0 [ 66.640443][ T6097] __x64_sys_openat+0x12d/0x210 [ 66.640462][ T6097] ? __pfx___x64_sys_openat+0x10/0x10 [ 66.640479][ T6097] ? ksys_write+0x1ac/0x250 [ 66.640511][ T6097] do_syscall_64+0x106/0xf80 [ 66.640531][ T6097] ? clear_bhb_loop+0x40/0x90 [ 66.640552][ T6097] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 66.640570][ T6097] RIP: 0033:0x7f749a59bf79 [ 66.640585][ T6097] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 66.640600][ T6097] RSP: 002b:00007f749b3f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 66.640617][ T6097] RAX: ffffffffffffffda RBX: 00007f749a815fa0 RCX: 00007f749a59bf79 [ 66.640627][ T6097] RDX: 000000000000275a RSI: 0000200000000180 RDI: ffffffffffffff9c [ 66.640637][ T6097] RBP: 00007f749b3f4090 R08: 0000000000000000 R09: 0000000000000000 [ 66.640647][ T6097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 66.640657][ T6097] R13: 00007f749a816038 R14: 00007f749a815fa0 R15: 00007fff7b4e3918 [ 66.640680][ T6097] [ 66.684496][ T6090] IPVS: using max 22 ests per chain, 52800 per kthread [ 66.791446][ T6105] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 66.870762][ T6114] Zero length message leads to an empty skb [ 66.874601][ T6116] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=16144 sclass=netlink_route_socket pid=6116 comm=syz.1.40 [ 66.907885][ T6118] netlink: 56 bytes leftover after parsing attributes in process `syz.1.41'. [ 66.911712][ T6118] netlink: 56 bytes leftover after parsing attributes in process `syz.1.41'. [ 66.915545][ T6118] netlink: 56 bytes leftover after parsing attributes in process `syz.1.41'. [ 66.919381][ T6118] netlink: 56 bytes leftover after parsing attributes in process `syz.1.41'. [ 66.976382][ T6125] random: crng reseeded on system resumption [ 67.015690][ T5943] Bluetooth: hci0: command tx timeout [ 67.106098][ T5943] Bluetooth: hci1: command tx timeout [ 67.108491][ T5943] Bluetooth: hci3: command tx timeout [ 67.110365][ T6133] netlink: 28 bytes leftover after parsing attributes in process `syz.0.46'. [ 67.110794][ T5943] Bluetooth: hci2: command tx timeout [ 67.136367][ T6133] loop6: detected capacity change from 0 to 524288000 [ 67.186625][ T5933] Buffer I/O error on dev loop6, logical block 0, async page read [ 67.286089][ T6149] netlink: 12 bytes leftover after parsing attributes in process `syz.0.52'. [ 67.334610][ T6149] bond1 (unregistering): Released all slaves [ 67.364547][ T1327] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 67.462201][ T6156] Cannot find add_set index 0 as target [ 67.486272][ T6158] FAULT_INJECTION: forcing a failure. [ 67.486272][ T6158] name failslab, interval 1, probability 0, space 0, times 0 [ 67.491570][ T6158] CPU: 3 UID: 60928 PID: 6158 Comm: syz.3.53 Not tainted syzkaller #0 PREEMPT(full) [ 67.491592][ T6158] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 67.491603][ T6158] Call Trace: [ 67.491610][ T6158] [ 67.491617][ T6158] dump_stack_lvl+0x100/0x190 [ 67.491648][ T6158] should_fail_ex.cold+0x5/0xa [ 67.491669][ T6158] should_failslab+0xc2/0x120 [ 67.491693][ T6158] __kmalloc_cache_noprof+0x7a/0x6f0 [ 67.491712][ T6158] ? p9_fid_create+0x45/0x460 [ 67.491738][ T6158] p9_fid_create+0x45/0x460 [ 67.491760][ T6158] p9_client_walk+0xc5/0x530 [ 67.491784][ T6158] ? __pfx_p9_client_walk+0x10/0x10 [ 67.491810][ T6158] ? v9fs_fid_lookup+0xec/0xec0 [ 67.491832][ T6158] v9fs_vfs_lookup+0x206/0x5b0 [ 67.491854][ T6158] ? __pfx_v9fs_vfs_lookup+0x10/0x10 [ 67.491878][ T6158] ? avc_has_perm+0x135/0x1e0 [ 67.491899][ T6158] v9fs_vfs_atomic_open_dotl+0x87e/0xd90 [ 67.491922][ T6158] ? selinux_determine_inode_label+0x1ab/0x400 [ 67.491948][ T6158] ? __pfx_v9fs_vfs_atomic_open_dotl+0x10/0x10 [ 67.491973][ T6158] ? may_create+0x285/0x440 [ 67.492016][ T6158] ? __pfx_may_create+0x10/0x10 [ 67.492040][ T6158] ? capable_wrt_inode_uidgid+0xde/0x170 [ 67.492072][ T6158] atomic_open+0x179/0x430 [ 67.492090][ T6158] ? __pfx_v9fs_vfs_atomic_open_dotl+0x10/0x10 [ 67.492116][ T6158] lookup_open.isra.0+0x46b/0x11b0 [ 67.492142][ T6158] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 67.492168][ T6158] ? __pfx___might_resched+0x10/0x10 [ 67.492184][ T6158] ? mnt_get_write_access+0x52/0x2f0 [ 67.492210][ T6158] ? __pfx_down_write+0x10/0x10 [ 67.492231][ T6158] ? mnt_get_write_access+0x1e9/0x2f0 [ 67.492260][ T6158] path_openat+0x2291/0x31a0 [ 67.492291][ T6158] ? __pfx_path_openat+0x10/0x10 [ 67.492323][ T6158] do_file_open+0x20e/0x430 [ 67.492350][ T6158] ? __pfx_do_file_open+0x10/0x10 [ 67.492392][ T6158] ? alloc_fd+0x476/0x790 [ 67.492418][ T6158] ? do_getname+0x191/0x390 [ 67.492436][ T6158] do_sys_openat2+0x10d/0x1e0 [ 67.492455][ T6158] ? __pfx_do_sys_openat2+0x10/0x10 [ 67.492471][ T6158] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 67.492495][ T6158] ? __fget_files+0x21f/0x3d0 [ 67.492523][ T6158] __x64_sys_openat+0x12d/0x210 [ 67.492541][ T6158] ? __pfx___x64_sys_openat+0x10/0x10 [ 67.492556][ T6158] ? ksys_write+0x1ac/0x250 [ 67.492586][ T6158] do_syscall_64+0x106/0xf80 [ 67.492606][ T6158] ? clear_bhb_loop+0x40/0x90 [ 67.492626][ T6158] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 67.492643][ T6158] RIP: 0033:0x7f8f76b9bf79 [ 67.492659][ T6158] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 67.492672][ T6158] RSP: 002b:00007f8f77b27028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 67.492690][ T6158] RAX: ffffffffffffffda RBX: 00007f8f76e15fa0 RCX: 00007f8f76b9bf79 [ 67.492701][ T6158] RDX: 000000000000275a RSI: 0000200000000180 RDI: ffffffffffffff9c [ 67.492711][ T6158] RBP: 00007f8f77b27090 R08: 0000000000000000 R09: 0000000000000000 [ 67.492721][ T6158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 67.492731][ T6158] R13: 00007f8f76e16038 R14: 00007f8f76e15fa0 R15: 00007ffd5a7fd088 [ 67.492754][ T6158] [ 67.534230][ T1327] usb 6-1: Using ep0 maxpacket: 8 [ 67.626829][ T1327] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 67.629859][ T1327] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30 [ 67.633391][ T1327] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 67.637106][ T1327] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 67.640771][ T1327] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 67.645041][ T1327] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid wMaxPacketSize 0 [ 67.649200][ T1327] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100 [ 67.654787][ T1327] usb 6-1: config 168 interface 0 has no altsetting 0 [ 67.658519][ T1327] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 67.661209][ T1327] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30 [ 67.665631][ T1327] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 67.669429][ T1327] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 67.673044][ T1327] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 67.677919][ T1327] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid wMaxPacketSize 0 [ 67.681995][ T1327] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100 [ 67.687587][ T1327] usb 6-1: config 168 interface 0 has no altsetting 0 [ 67.691345][ T1327] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 67.693949][ T1327] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30 [ 67.697573][ T1327] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 67.701198][ T1327] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 67.705800][ T1327] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 67.709376][ T1327] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid wMaxPacketSize 0 [ 67.712556][ T1327] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100 [ 67.717545][ T1327] usb 6-1: config 168 interface 0 has no altsetting 0 [ 67.723442][ T1327] usb 6-1: string descriptor 0 read error: -22 [ 67.725829][ T1327] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 67.728637][ T1327] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 67.740476][ T1327] adutux 6-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 67.870030][ T6164] bond1 (unregistering): Released all slaves [ 67.942935][ T1327] usb 6-1: USB disconnect, device number 2 [ 68.046361][ T6170] netlink: 12 bytes leftover after parsing attributes in process `syz.3.57'. [ 68.046977][ T6169] netlink: 8 bytes leftover after parsing attributes in process `syz.2.58'. [ 68.221385][ T40] kauditd_printk_skb: 137 callbacks suppressed [ 68.221397][ T40] audit: type=1400 audit(1771097776.663:237): avc: denied { create } for pid=6177 comm="dhcpcd-run-hook" name="resolv.conf.lapb0.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 68.230585][ T40] audit: type=1400 audit(1771097776.663:238): avc: denied { write } for pid=6177 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf.lapb0.link" dev="tmpfs" ino=2207 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 68.242137][ T40] audit: type=1400 audit(1771097776.663:239): avc: denied { append } for pid=6177 comm="dhcpcd-run-hook" name="resolv.conf.lapb0.link" dev="tmpfs" ino=2207 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 68.275670][ T40] audit: type=1400 audit(1771097776.723:240): avc: denied { unlink } for pid=6181 comm="rm" name="resolv.conf.lapb0.link" dev="tmpfs" ino=2207 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 68.378797][ T6188] netlink: 12 bytes leftover after parsing attributes in process `syz.0.63'. [ 68.413259][ T6188] bond1 (unregistering): Released all slaves [ 68.485661][ T6197] tipc: Started in network mode [ 68.487381][ T6197] tipc: Node identity ac1414aa, cluster identity 4711 [ 68.506495][ T6197] tipc: Enabled bearer , priority 10 [ 68.597153][ T40] audit: type=1400 audit(1771097777.043:241): avc: denied { read write } for pid=6207 comm="syz.1.68" name="fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 68.602437][ T6210] ======================================================= [ 68.602437][ T6210] WARNING: The mand mount option has been deprecated and [ 68.602437][ T6210] and is ignored by this kernel. Remove the mand [ 68.602437][ T6210] option from the mount to silence this warning. [ 68.602437][ T6210] ======================================================= [ 68.609459][ T40] audit: type=1400 audit(1771097777.043:242): avc: denied { open } for pid=6207 comm="syz.1.68" path="/dev/fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 68.624559][ T6210] fuse: Unknown parameter 'fuse' [ 68.750259][ T6216] binder: 6215:6216 ioctl c0585609 200000000100 returned -22 [ 68.883292][ T6221] bond1 (unregistering): Released all slaves [ 68.930044][ T40] audit: type=1400 audit(1771097777.373:243): avc: denied { ioctl } for pid=6224 comm="syz.0.75" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=11306 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 69.027235][ T6235] CUSE: unknown device info "" [ 69.027251][ T6235] CUSE: zero length info key specified [ 69.032665][ T6231] FAULT_INJECTION: forcing a failure. [ 69.032665][ T6231] name failslab, interval 1, probability 0, space 0, times 0 [ 69.032704][ T6231] CPU: 3 UID: 60928 PID: 6231 Comm: syz.0.77 Not tainted syzkaller #0 PREEMPT(full) [ 69.032724][ T6231] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 69.032735][ T6231] Call Trace: [ 69.032740][ T6231] [ 69.032747][ T6231] dump_stack_lvl+0x100/0x190 [ 69.032778][ T6231] should_fail_ex.cold+0x5/0xa [ 69.032801][ T6231] ? p9_fcall_init+0x101/0x420 [ 69.032820][ T6231] should_failslab+0xc2/0x120 [ 69.032845][ T6231] __kmalloc_noprof+0xe0/0x850 [ 69.032866][ T6231] ? trace_kmem_cache_alloc+0xf3/0x120 [ 69.032890][ T6231] ? __kasan_slab_alloc+0x89/0x90 [ 69.032917][ T6231] p9_fcall_init+0x101/0x420 [ 69.032940][ T6231] p9_tag_alloc+0x16c/0x860 [ 69.032963][ T6231] ? __pfx_p9_tag_alloc+0x10/0x10 [ 69.032993][ T6231] p9_client_prepare_req+0x19b/0x500 [ 69.033016][ T6231] ? __pfx_p9_client_prepare_req+0x10/0x10 [ 69.033045][ T6231] ? __x64_sys_openat+0x12d/0x210 [ 69.033066][ T6231] ? __lock_acquire+0x4a5/0x2630 [ 69.033097][ T6231] p9_client_rpc+0x1c4/0xc80 [ 69.033122][ T6231] ? __pfx_p9_client_rpc+0x10/0x10 [ 69.033145][ T6231] ? idr_alloc_u32+0x22b/0x320 [ 69.033167][ T6231] ? __pfx_idr_alloc_u32+0x10/0x10 [ 69.033187][ T6231] ? find_held_lock+0x2b/0x80 [ 69.033207][ T6231] ? p9_fid_create+0x26d/0x460 [ 69.033231][ T6231] ? trace_9p_fid_ref+0x72/0x210 [ 69.033257][ T6231] p9_client_walk+0x1ab/0x530 [ 69.033283][ T6231] ? __pfx_p9_client_walk+0x10/0x10 [ 69.033310][ T6231] ? v9fs_fid_lookup+0xec/0xec0 [ 69.033332][ T6231] v9fs_vfs_lookup+0x206/0x5b0 [ 69.033354][ T6231] ? __pfx_v9fs_vfs_lookup+0x10/0x10 [ 69.033378][ T6231] ? avc_has_perm+0x135/0x1e0 [ 69.033400][ T6231] v9fs_vfs_atomic_open_dotl+0x87e/0xd90 [ 69.033425][ T6231] ? selinux_determine_inode_label+0x1ab/0x400 [ 69.033453][ T6231] ? __pfx_v9fs_vfs_atomic_open_dotl+0x10/0x10 [ 69.033477][ T6231] ? may_create+0x285/0x440 [ 69.033520][ T6231] ? __pfx_may_create+0x10/0x10 [ 69.033542][ T6231] ? capable_wrt_inode_uidgid+0xde/0x170 [ 69.033574][ T6231] atomic_open+0x179/0x430 [ 69.033590][ T6231] ? __pfx_v9fs_vfs_atomic_open_dotl+0x10/0x10 [ 69.033616][ T6231] lookup_open.isra.0+0x46b/0x11b0 [ 69.033644][ T6231] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 69.033671][ T6231] ? __pfx___might_resched+0x10/0x10 [ 69.033687][ T6231] ? mnt_get_write_access+0x52/0x2f0 [ 69.033714][ T6231] ? __pfx_down_write+0x10/0x10 [ 69.033736][ T6231] ? mnt_get_write_access+0x1e9/0x2f0 [ 69.033757][ T6231] path_openat+0x2291/0x31a0 [ 69.033788][ T6231] ? __pfx_path_openat+0x10/0x10 [ 69.033821][ T6231] do_file_open+0x20e/0x430 [ 69.033843][ T6231] ? __pfx_do_file_open+0x10/0x10 [ 69.033870][ T6231] ? alloc_fd+0x476/0x790 [ 69.033888][ T6231] ? do_getname+0x191/0x390 [ 69.033901][ T6231] do_sys_openat2+0x10d/0x1e0 [ 69.033913][ T6231] ? __pfx_do_sys_openat2+0x10/0x10 [ 69.033924][ T6231] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 69.033942][ T6231] ? __fget_files+0x21f/0x3d0 [ 69.033961][ T6231] __x64_sys_openat+0x12d/0x210 [ 69.033973][ T6231] ? __pfx___x64_sys_openat+0x10/0x10 [ 69.033984][ T6231] ? ksys_write+0x1ac/0x250 [ 69.034003][ T6231] do_syscall_64+0x106/0xf80 [ 69.034016][ T6231] ? clear_bhb_loop+0x40/0x90 [ 69.034036][ T6231] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 69.034047][ T6231] RIP: 0033:0x7fa97939bf79 [ 69.034057][ T6231] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 69.034067][ T6231] RSP: 002b:00007fa97a240028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 69.034078][ T6231] RAX: ffffffffffffffda RBX: 00007fa979615fa0 RCX: 00007fa97939bf79 [ 69.034084][ T6231] RDX: 000000000000275a RSI: 0000200000000180 RDI: ffffffffffffff9c [ 69.034090][ T6231] RBP: 00007fa97a240090 R08: 0000000000000000 R09: 0000000000000000 [ 69.034097][ T6231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 69.034103][ T6231] R13: 00007fa979616038 R14: 00007fa979615fa0 R15: 00007ffd75158ac8 [ 69.034116][ T6231] [ 69.062465][ T6236] random: crng reseeded on system resumption [ 69.094798][ T5943] Bluetooth: hci0: command tx timeout [ 69.175137][ T5943] Bluetooth: hci3: command tx timeout [ 69.184253][ T5943] Bluetooth: hci2: command tx timeout [ 69.184740][ T5939] Bluetooth: hci1: command tx timeout [ 69.358943][ T40] audit: type=1400 audit(1771097777.803:244): avc: denied { name_bind } for pid=6250 comm="syz.2.87" src=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1 [ 69.407046][ T6256] bond1 (unregistering): Released all slaves [ 69.444296][ T40] audit: type=1400 audit(1771097777.883:245): avc: denied { read } for pid=6266 comm="syz.2.92" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 69.456308][ T40] audit: type=1400 audit(1771097777.883:246): avc: denied { open } for pid=6266 comm="syz.2.92" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 69.546779][ T6273] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 69.566231][ T6279] random: crng reseeded on system resumption [ 69.646353][ T5937] tipc: Node number set to 2886997162 [ 69.714622][ T6290] Bluetooth: MGMT ver 1.23 [ 69.751290][ T6292] program syz.1.100 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 69.889959][ T6304] 0·: renamed from hsr0 (while UP) [ 69.895288][ T6304] A link change request failed with some changes committed already. Interface 70· may have been left with an inconsistent configuration, please check. [ 69.905492][ T6304] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 70.281662][ T6312] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 70.390283][ T5943] Bluetooth: hci1: unexpected subevent 0x19 length: 24 < 28 [ 71.184412][ T5943] Bluetooth: hci0: command tx timeout [ 71.254380][ T5943] Bluetooth: hci2: command tx timeout [ 71.256431][ T5943] Bluetooth: hci1: command tx timeout [ 71.258434][ T5943] Bluetooth: hci3: command tx timeout [ 72.666459][ T6286] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 72.727661][ T6336] netlink: 'syz.3.117': attribute type 10 has an invalid length. [ 72.742998][ T6336] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 72.755233][ T6336] bridge_slave_0: left allmulticast mode [ 72.757550][ T6336] bridge_slave_0: left promiscuous mode [ 72.761015][ T6336] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.774423][ T6336] bridge_slave_1: left allmulticast mode [ 72.785311][ T6336] bridge_slave_1: left promiscuous mode [ 72.787846][ T6336] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.820316][ T6336] bond0: (slave bond_slave_0): Releasing backup interface [ 72.825024][ T6347] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 72.833097][ T6339] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 72.841263][ T6336] bond0: (slave bond_slave_1): Releasing backup interface [ 72.852385][ T6336] team0: Port device team_slave_0 removed [ 72.859431][ T6336] team0: Port device team_slave_1 removed [ 72.863468][ T6336] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 72.866507][ T6352] __nla_validate_parse: 2 callbacks suppressed [ 72.866521][ T6352] netlink: 14 bytes leftover after parsing attributes in process `syz.3.117'. [ 72.868020][ T6336] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 72.879087][ T6336] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 72.882301][ T6336] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 72.888008][ T6336] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 72.895386][ T6345] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported [ 72.914279][ T6352] bond0 (unregistering): (slave netdevsim0): Releasing backup interface [ 72.924501][ T6352] bond0 (unregistering): Released all slaves [ 72.978535][ T6359] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains [ 73.012356][ T6363] netlink: 40 bytes leftover after parsing attributes in process `syz.2.122'. [ 73.012704][ T6363] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.019885][ T6363] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.036226][ T6361] netlink: 'syz.0.121': attribute type 1 has an invalid length. [ 73.058067][ T6361] 8021q: adding VLAN 0 to HW filter on device bond1 [ 73.283474][ T40] kauditd_printk_skb: 20 callbacks suppressed [ 73.283493][ T40] audit: type=1400 audit(1771097781.723:267): avc: denied { mounton } for pid=6371 comm="syz.2.124" path="/26/file0" dev="tmpfs" ino=153 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 73.415122][ T40] audit: type=1400 audit(1771097781.863:268): avc: denied { create } for pid=6378 comm="syz.0.128" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 73.423288][ T40] audit: type=1400 audit(1771097781.863:269): avc: denied { ioctl } for pid=6378 comm="syz.0.128" path="socket:[10947]" dev="sockfs" ino=10947 ioctlcmd=0x89e4 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 73.599916][ T6389] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 73.624831][ T6391] netlink: 9 bytes leftover after parsing attributes in process `syz.0.134'. [ 73.628582][ T6391] 1·: renamed from 70· (while UP) [ 73.632735][ T6391] A link change request failed with some changes committed already. Interface 71· may have been left with an inconsistent configuration, please check. [ 73.643185][ T6391] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 73.817504][ T40] audit: type=1400 audit(1771097782.263:270): avc: denied { create } for pid=6396 comm="syz.0.136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 73.911981][ T6409] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 73.979708][ T6416] bridge0: vlan filtering disabled, automatically disabling multicast vlan snooping [ 74.005186][ T6417] No control pipe specified [ 74.019657][ T40] audit: type=1400 audit(1771097782.463:271): avc: denied { shutdown } for pid=6418 comm="syz.3.143" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 74.029428][ T40] audit: type=1400 audit(1771097782.473:272): avc: denied { ioctl } for pid=6418 comm="syz.3.143" path="socket:[13379]" dev="sockfs" ino=13379 ioctlcmd=0x8922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 74.047242][ T6419] sctp: [Deprecated]: syz.3.143 (pid 6419) Use of struct sctp_assoc_value in delayed_ack socket option. [ 74.047242][ T6419] Use struct sctp_sack_info instead [ 74.165437][ T6426] loop2: detected capacity change from 0 to 7 [ 74.170111][ T6426] Dev loop2: unable to read RDB block 7 [ 74.172801][ T6426] loop2: AHDI p1 p4 [ 74.174755][ T6426] loop2: partition table partially beyond EOD, truncated [ 74.178975][ T6426] loop2: p1 start 1835335680 is beyond EOD, truncated [ 74.186085][ T6426] process 'syz.0.146' launched './file0' with NULL argv: empty string added [ 74.189522][ T40] audit: type=1400 audit(1771097782.633:273): avc: denied { execute } for pid=6425 comm="syz.0.146" name="file0" dev="tmpfs" ino=311 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 74.197299][ T40] audit: type=1400 audit(1771097782.633:274): avc: denied { execute_no_trans } for pid=6425 comm="syz.0.146" path="/55/file0" dev="tmpfs" ino=311 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 74.204813][ T40] audit: type=1400 audit(1771097782.633:275): avc: denied { remount } for pid=6425 comm="syz.0.146" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 74.256155][ T6428] netlink: 12 bytes leftover after parsing attributes in process `syz.0.147'. [ 74.347139][ T6435] netlink: 9 bytes leftover after parsing attributes in process `syz.0.149'. [ 74.350901][ T6435] 0·: renamed from 71· (while UP) [ 74.355045][ T6435] 0·: entered allmulticast mode [ 74.357113][ T6435] hsr_slave_0: entered allmulticast mode [ 74.359364][ T6435] hsr_slave_1: entered allmulticast mode [ 74.362176][ T6435] A link change request failed with some changes committed already. Interface 70· may have been left with an inconsistent configuration, please check. [ 74.372453][ T6435] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 74.923247][ T6439] netlink: 'syz.3.150': attribute type 1 has an invalid length. [ 74.952722][ T6439] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.953578][ T6446] /dev/sg0: Can't lookup blockdev [ 74.978983][ T6446] overlayfs: failed to resolve './file0': -2 [ 74.988806][ T6445] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 75.089421][ T40] audit: type=1400 audit(1771097783.533:276): avc: denied { setopt } for pid=6451 comm="syz.1.156" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 75.326385][ T6459] sctp: [Deprecated]: syz.1.159 (pid 6459) Use of struct sctp_assoc_value in delayed_ack socket option. [ 75.326385][ T6459] Use struct sctp_sack_info instead [ 75.823179][ T6470] random: crng reseeded on system resumption [ 75.909868][ T6477] MTD: Attempt to mount non-MTD device "/dev/sr0" [ 75.917375][ T6477] romfs: unable to set blocksize [ 75.917375][ T6477] [ 76.012637][ T6482] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 76.210381][ T6371] [U]  [ 76.309905][ T6509] tipc: Started in network mode [ 76.312053][ T6509] tipc: Node identity ac1414aa, cluster identity 4711 [ 76.320307][ T6512] netlink: 20 bytes leftover after parsing attributes in process `syz.0.174'. [ 76.321084][ T6509] tipc: Enabled bearer , priority 10 [ 76.373533][ T6515] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains [ 76.388732][ T1418] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.390958][ T1418] ieee802154 phy1 wpan1: encryption failed: -22 [ 76.398956][ T6517] sctp: [Deprecated]: syz.0.183 (pid 6517) Use of struct sctp_assoc_value in delayed_ack socket option. [ 76.398956][ T6517] Use struct sctp_sack_info instead [ 76.437232][ T6526] PKCS7: Unknown OID: [4] 5.25.43204.122 [ 76.439148][ T6526] PKCS7: Only support pkcs7_signedData type [ 76.456195][ T6523] overlay: ./bus is not a directory [ 76.464736][ T6523] overlay: ./bus is not a directory [ 76.696222][ T6545] 9pnet_virtio: no channels available for device syz [ 77.079551][ T6563] netlink: 32 bytes leftover after parsing attributes in process `syz.1.201'. [ 77.079604][ T6562] netlink: 32 bytes leftover after parsing attributes in process `syz.1.201'. [ 77.250650][ T6567] tipc: Started in network mode [ 77.253038][ T6567] tipc: Node identity ac1414aa, cluster identity 4711 [ 77.256411][ T6567] tipc: Enabled bearer , priority 10 [ 77.301985][ T6571] random: crng reseeded on system resumption [ 77.324276][ T5937] tipc: Node number set to 2886997162 [ 77.347568][ T6573] random: crng reseeded on system resumption [ 78.156306][ T6592] netlink: 56 bytes leftover after parsing attributes in process `syz.1.213'. [ 78.159157][ T6594] openvswitch: netlink: Duplicate key (type 6). [ 78.224934][ T6598] tmpfs: Bad value for 'mpol' [ 78.394314][ T1026] tipc: Node number set to 2886997162 [ 78.506214][ T6616] FAULT_INJECTION: forcing a failure. [ 78.506214][ T6616] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 78.511548][ T6616] CPU: 3 UID: 0 PID: 6616 Comm: syz.0.224 Tainted: G L syzkaller #0 PREEMPT(full) [ 78.511576][ T6616] Tainted: [L]=SOFTLOCKUP [ 78.511582][ T6616] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 78.511592][ T6616] Call Trace: [ 78.511599][ T6616] [ 78.511605][ T6616] dump_stack_lvl+0x100/0x190 [ 78.511637][ T6616] should_fail_ex.cold+0x5/0xa [ 78.511676][ T6616] _copy_from_user+0x2e/0xd0 [ 78.511697][ T6616] copy_msghdr_from_user+0x9f/0x4f0 [ 78.511724][ T6616] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 78.511762][ T6616] ___sys_sendmsg+0x106/0x1e0 [ 78.511789][ T6616] ? __pfx____sys_sendmsg+0x10/0x10 [ 78.511835][ T6616] __sys_sendmsg+0x170/0x220 [ 78.511852][ T6616] ? __pfx___sys_sendmsg+0x10/0x10 [ 78.511909][ T6616] do_syscall_64+0x106/0xf80 [ 78.511932][ T6616] ? clear_bhb_loop+0x40/0x90 [ 78.511957][ T6616] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.511974][ T6616] RIP: 0033:0x7fa97939bf79 [ 78.511988][ T6616] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 78.512003][ T6616] RSP: 002b:00007fa97a240028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 78.512020][ T6616] RAX: ffffffffffffffda RBX: 00007fa979615fa0 RCX: 00007fa97939bf79 [ 78.512031][ T6616] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000003 [ 78.512040][ T6616] RBP: 00007fa97a240090 R08: 0000000000000000 R09: 0000000000000000 [ 78.512050][ T6616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 78.512059][ T6616] R13: 00007fa979616038 R14: 00007fa979615fa0 R15: 00007ffd75158ac8 [ 78.512083][ T6616] [ 78.627049][ T40] kauditd_printk_skb: 17 callbacks suppressed [ 78.627060][ T40] audit: type=1400 audit(1771097787.063:294): avc: denied { create } for pid=6618 comm="syz.3.228" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1 [ 78.636934][ T40] audit: type=1400 audit(1771097787.073:295): avc: denied { ioctl } for pid=6618 comm="syz.3.228" path="socket:[12131]" dev="sockfs" ino=12131 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1 [ 78.671067][ T6619] netlink: 'syz.3.228': attribute type 3 has an invalid length. [ 78.692498][ T6627] random: crng reseeded on system resumption [ 78.824064][ T6641] overlay: Bad value for 'workdir' [ 78.863484][ T6643] 9pnet_virtio: no channels available for device syz [ 79.281632][ T6654] MTD: Attempt to mount non-MTD device "/dev/sr0" [ 79.291011][ T6654] romfs: unable to set blocksize [ 79.291011][ T6654] [ 79.365400][ T6662] random: crng reseeded on system resumption [ 79.487858][ T40] audit: type=1400 audit(1771097787.933:296): avc: denied { connect } for pid=6676 comm="syz.2.253" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 79.488635][ T6677] futex_wake_op: syz.2.253 tries to shift op by -1; fix this program [ 79.523486][ T6679] random: crng reseeded on system resumption [ 79.548177][ T40] audit: type=1400 audit(1771097787.993:297): avc: denied { bind } for pid=6680 comm="syz.1.246" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 79.610808][ T6689] tipc: Enabling of bearer rejected, already enabled [ 79.655687][ T40] audit: type=1400 audit(1771097788.103:298): avc: denied { create } for pid=6691 comm="syz.0.259" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 79.656385][ T6693] netlink: 108 bytes leftover after parsing attributes in process `syz.0.259'. [ 79.671003][ T40] audit: type=1400 audit(1771097788.103:299): avc: denied { write } for pid=6691 comm="syz.0.259" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 79.695366][ T40] audit: type=1400 audit(1771097788.103:300): avc: denied { nlmsg_write } for pid=6691 comm="syz.0.259" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 79.702894][ T40] audit: type=1400 audit(1771097788.113:301): avc: denied { ioctl } for pid=6691 comm="syz.0.259" path="/dev/ptyq4" dev="devtmpfs" ino=131 ioctlcmd=0x5423 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 79.766486][ T6707] futex_wake_op: syz.1.265 tries to shift op by -1; fix this program [ 79.810709][ T6710] program syz.1.267 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 79.993844][ T6726] netlink: 9 bytes leftover after parsing attributes in process `syz.1.273'. [ 79.999646][ T6726] 0·: renamed from hsr0 (while UP) [ 80.004199][ T40] audit: type=1400 audit(1771097788.443:302): avc: denied { unmount } for pid=5930 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 80.004780][ T6726] 0·: entered allmulticast mode [ 80.013273][ T6726] hsr_slave_0: entered allmulticast mode [ 80.018653][ T6726] hsr_slave_1: entered allmulticast mode [ 80.021388][ T6726] A link change request failed with some changes committed already. Interface 70· may have been left with an inconsistent configuration, please check. [ 80.043649][ T6726] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 80.060669][ T6733] bond1 (unregistering): Released all slaves [ 80.249072][ T40] audit: type=1400 audit(1771097788.693:303): avc: denied { getopt } for pid=6752 comm="syz.1.283" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 80.258217][ T6755] random: crng reseeded on system resumption [ 80.285270][ T6758] bridge0: vlan filtering disabled, automatically disabling multicast vlan snooping [ 80.307391][ T6760] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 80.312795][ T6760] program syz.3.285 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 80.402795][ T6772] MTD: Attempt to mount non-MTD device "/dev/sr0" [ 80.408049][ T6772] romfs: unable to set blocksize [ 80.408049][ T6772] [ 81.081783][ T6780] netlink: 12 bytes leftover after parsing attributes in process `syz.2.298'. [ 81.232815][ T6795] netlink: 'syz.1.305': attribute type 1 has an invalid length. [ 81.237964][ T6795] netlink: 20 bytes leftover after parsing attributes in process `syz.1.305'. [ 81.271456][ T6797] futex_wake_op: syz.1.306 tries to shift op by -1; fix this program [ 81.275978][ T6798] netlink: 16 bytes leftover after parsing attributes in process `syz.0.304'. [ 81.311606][ T6800] MTD: Attempt to mount non-MTD device "/dev/sr0" [ 81.317550][ T6800] romfs: unable to set blocksize [ 81.317550][ T6800] [ 81.321966][ T6802] netlink: 24 bytes leftover after parsing attributes in process `syz.3.295'. [ 81.367906][ T6804] IPv6: syztnl0: Disabled Multicast RS [ 81.378360][ T6804] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 81.465144][ T6815] FAULT_INJECTION: forcing a failure. [ 81.465144][ T6815] name failslab, interval 1, probability 0, space 0, times 0 [ 81.470384][ T6815] CPU: 3 UID: 0 PID: 6815 Comm: syz.1.311 Tainted: G L syzkaller #0 PREEMPT(full) [ 81.470412][ T6815] Tainted: [L]=SOFTLOCKUP [ 81.470418][ T6815] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 81.470428][ T6815] Call Trace: [ 81.470434][ T6815] [ 81.470441][ T6815] dump_stack_lvl+0x100/0x190 [ 81.470472][ T6815] should_fail_ex.cold+0x5/0xa [ 81.470496][ T6815] should_failslab+0xc2/0x120 [ 81.470521][ T6815] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 81.470542][ T6815] ? skb_clone+0x190/0x400 [ 81.470567][ T6815] skb_clone+0x190/0x400 [ 81.470588][ T6815] netlink_deliver_tap+0xaed/0xcc0 [ 81.470616][ T6815] netlink_unicast+0x650/0x870 [ 81.470642][ T6815] ? __pfx_netlink_unicast+0x10/0x10 [ 81.470674][ T6815] netlink_sendmsg+0x8b0/0xda0 [ 81.470701][ T6815] ? __pfx_netlink_sendmsg+0x10/0x10 [ 81.470733][ T6815] __sys_sendto+0x4aa/0x520 [ 81.470753][ T6815] ? __pfx___sys_sendto+0x10/0x10 [ 81.470793][ T6815] ? ksys_write+0x1ac/0x250 [ 81.470816][ T6815] ? __pfx_ksys_write+0x10/0x10 [ 81.470842][ T6815] __x64_sys_sendto+0xe0/0x1c0 [ 81.470859][ T6815] ? do_syscall_64+0x95/0xf80 [ 81.470881][ T6815] ? lockdep_hardirqs_on+0x78/0x100 [ 81.470901][ T6815] do_syscall_64+0x106/0xf80 [ 81.470920][ T6815] ? clear_bhb_loop+0x40/0x90 [ 81.470941][ T6815] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.470959][ T6815] RIP: 0033:0x7f12daf5c84e [ 81.470973][ T6815] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 81.470989][ T6815] RSP: 002b:00007f12dbefce88 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 81.471006][ T6815] RAX: ffffffffffffffda RBX: 00007f12dbefe6c0 RCX: 00007f12daf5c84e [ 81.471018][ T6815] RDX: 0000000000000020 RSI: 00007f12dbefd000 RDI: 0000000000000003 [ 81.471028][ T6815] RBP: 0000000000000000 R08: 00007f12dbefcf04 R09: 000000000000000c [ 81.471038][ T6815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 81.471048][ T6815] R13: 00007f12dbefcf58 R14: 00007f12dbefd000 R15: 0000000000000000 [ 81.471072][ T6815] [ 81.561956][ T6823] random: crng reseeded on system resumption [ 81.606560][ T6821] MTD: Attempt to mount non-MTD device "/dev/sr0" [ 81.611599][ T6821] romfs: unable to set blocksize [ 81.611599][ T6821] [ 81.660641][ T6827] netlink: 24 bytes leftover after parsing attributes in process `syz.3.316'. [ 81.668212][ T6827] netlink: 24 bytes leftover after parsing attributes in process `syz.3.316'. [ 81.716936][ T5932] IPVS: starting estimator thread 0... [ 81.783959][ T6838] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 81.805362][ T6832] IPVS: using max 39 ests per chain, 93600 per kthread [ 82.761202][ T6863] netlink: 28 bytes leftover after parsing attributes in process `syz.1.333'. [ 82.782823][ T6866] futex_wake_op: syz.3.335 tries to shift op by -1; fix this program [ 82.796453][ T6863] bond1 (unregistering): Released all slaves [ 82.832042][ T6868] BFS-fs: bfs_fill_super(): No BFS filesystem on nullb0 (magic=00000000) [ 82.910591][ T6877] futex_wake_op: syz.0.339 tries to shift op by -1; fix this program [ 83.025901][ T6880] bond2 (unregistering): Released all slaves [ 83.059115][ T6886] overlayfs: workdir and upperdir must reside under the same mount [ 83.103208][ T6891] 0·: renamed from hsr0 (while UP) [ 83.107252][ T6891] 0·: entered allmulticast mode [ 83.108940][ T6891] hsr_slave_0: entered allmulticast mode [ 83.111064][ T6891] hsr_slave_1: entered allmulticast mode [ 83.113243][ T6891] A link change request failed with some changes committed already. Interface 70· may have been left with an inconsistent configuration, please check. [ 83.120033][ T6891] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 83.270069][ T6902] FAULT_INJECTION: forcing a failure. [ 83.270069][ T6902] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 83.278139][ T6902] CPU: 2 UID: 0 PID: 6902 Comm: syz.3.347 Tainted: G L syzkaller #0 PREEMPT(full) [ 83.278160][ T6902] Tainted: [L]=SOFTLOCKUP [ 83.278163][ T6902] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 83.278170][ T6902] Call Trace: [ 83.278174][ T6902] [ 83.278179][ T6902] dump_stack_lvl+0x100/0x190 [ 83.278201][ T6902] should_fail_ex.cold+0x5/0xa [ 83.278216][ T6902] _copy_from_iter+0x1f4/0x1690 [ 83.278232][ T6902] ? __pfx__copy_from_iter+0x10/0x10 [ 83.278246][ T6902] ? __pfx___might_resched+0x10/0x10 [ 83.278262][ T6902] file_tty_write.isra.0+0x45b/0x890 [ 83.278281][ T6902] vfs_write+0x6ac/0x1070 [ 83.278298][ T6902] ? __pfx_tty_write+0x10/0x10 [ 83.278315][ T6902] ? __pfx_vfs_write+0x10/0x10 [ 83.278328][ T6902] ? find_held_lock+0x2b/0x80 [ 83.278351][ T6902] ksys_write+0x12a/0x250 [ 83.278366][ T6902] ? __pfx_ksys_write+0x10/0x10 [ 83.278384][ T6902] do_syscall_64+0x106/0xf80 [ 83.278398][ T6902] ? clear_bhb_loop+0x40/0x90 [ 83.278411][ T6902] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.278424][ T6902] RIP: 0033:0x7f8f76b9bf79 [ 83.278439][ T6902] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 83.278452][ T6902] RSP: 002b:00007f8f77b27028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 83.278467][ T6902] RAX: ffffffffffffffda RBX: 00007f8f76e15fa0 RCX: 00007f8f76b9bf79 [ 83.278476][ T6902] RDX: 0000000000001006 RSI: 0000200000001040 RDI: 0000000000000004 [ 83.278485][ T6902] RBP: 00007f8f77b27090 R08: 0000000000000000 R09: 0000000000000000 [ 83.278494][ T6902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 83.278503][ T6902] R13: 00007f8f76e16038 R14: 00007f8f76e15fa0 R15: 00007ffd5a7fd088 [ 83.278524][ T6902] [ 84.080242][ T6914] random: crng reseeded on system resumption [ 84.088560][ T6916] __nla_validate_parse: 3 callbacks suppressed [ 84.088570][ T6916] netlink: 28 bytes leftover after parsing attributes in process `syz.1.354'. [ 84.106340][ T40] kauditd_printk_skb: 13 callbacks suppressed [ 84.106355][ T40] audit: type=1400 audit(1771097792.543:317): avc: denied { getopt } for pid=6917 comm="syz.2.357" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 84.118249][ T6916] bond1 (unregistering): Released all slaves [ 84.150614][ T6925] random: crng reseeded on system resumption [ 84.209232][ T40] audit: type=1400 audit(1771097792.653:318): avc: denied { ioctl } for pid=6922 comm="syz.0.359" path="socket:[13276]" dev="sockfs" ino=13276 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 84.209685][ T6928] loop2: detected capacity change from 0 to 7 [ 84.222741][ T6928] Dev loop2: unable to read RDB block 7 [ 84.225225][ T6928] loop2: unable to read partition table [ 84.227741][ T6928] loop2: partition table beyond EOD, truncated [ 84.229589][ T40] audit: type=1400 audit(1771097792.673:319): avc: denied { ioctl } for pid=6930 comm="syz.3.361" path="socket:[13280]" dev="sockfs" ino=13280 ioctlcmd=0x7201 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 84.230452][ T6928] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 84.245233][ T40] audit: type=1400 audit(1771097792.673:320): avc: denied { read } for pid=6930 comm="syz.3.361" name="ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 84.272392][ T40] audit: type=1400 audit(1771097792.673:321): avc: denied { open } for pid=6930 comm="syz.3.361" path="/dev/ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 84.301425][ T6939] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=45596 sclass=netlink_route_socket pid=6939 comm=syz.1.363 [ 84.312624][ T40] audit: type=1400 audit(1771097792.753:322): avc: denied { setopt } for pid=6938 comm="syz.2.365" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 84.427741][ T6954] netlink: 28 bytes leftover after parsing attributes in process `syz.2.372'. [ 84.443581][ T6954] bond1 (unregistering): Released all slaves [ 84.445213][ T40] audit: type=1400 audit(1771097792.883:323): avc: denied { associate } for pid=6943 comm="syz.1.368" name="3" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 84.547790][ T6963] FAULT_INJECTION: forcing a failure. [ 84.547790][ T6963] name failslab, interval 1, probability 0, space 0, times 0 [ 84.553857][ T6963] CPU: 0 UID: 0 PID: 6963 Comm: syz.1.375 Tainted: G L syzkaller #0 PREEMPT(full) [ 84.553887][ T6963] Tainted: [L]=SOFTLOCKUP [ 84.553906][ T6963] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 84.553916][ T6963] Call Trace: [ 84.553923][ T6963] [ 84.553930][ T6963] dump_stack_lvl+0x100/0x190 [ 84.553964][ T6963] should_fail_ex.cold+0x5/0xa [ 84.553986][ T6963] ? tomoyo_realpath_from_path+0xb6/0x690 [ 84.554013][ T6963] should_failslab+0xc2/0x120 [ 84.554039][ T6963] __kmalloc_noprof+0xe0/0x850 [ 84.554066][ T6963] tomoyo_realpath_from_path+0xb6/0x690 [ 84.554097][ T6963] tomoyo_path_number_perm+0x23c/0x580 [ 84.554119][ T6963] ? tomoyo_path_number_perm+0x22e/0x580 [ 84.554161][ T6963] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 84.554212][ T6963] ? find_held_lock+0x2b/0x80 [ 84.554232][ T6963] ? __fget_files+0x215/0x3d0 [ 84.554257][ T6963] ? hook_file_ioctl_common+0x146/0x410 [ 84.554280][ T6963] ? __fget_files+0x21f/0x3d0 [ 84.554309][ T6963] security_file_ioctl+0xd3/0x230 [ 84.554351][ T6963] __x64_sys_ioctl+0xb7/0x210 [ 84.554376][ T6963] do_syscall_64+0x106/0xf80 [ 84.554397][ T6963] ? clear_bhb_loop+0x40/0x90 [ 84.554418][ T6963] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.554435][ T6963] RIP: 0033:0x7f12daf9bf79 [ 84.554450][ T6963] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 84.554465][ T6963] RSP: 002b:00007f12dbefe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 84.554482][ T6963] RAX: ffffffffffffffda RBX: 00007f12db215fa0 RCX: 00007f12daf9bf79 [ 84.554493][ T6963] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 84.554504][ T6963] RBP: 00007f12dbefe090 R08: 0000000000000000 R09: 0000000000000000 [ 84.554514][ T6963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 84.554524][ T6963] R13: 00007f12db216038 R14: 00007f12db215fa0 R15: 00007ffe21c73608 [ 84.554548][ T6963] [ 84.564346][ T40] audit: type=1400 audit(1771097793.003:324): avc: denied { bind } for pid=6967 comm="syz.2.377" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 84.565536][ T6963] ERROR: Out of memory at tomoyo_realpath_from_path. [ 84.566849][ T40] audit: type=1400 audit(1771097793.003:325): avc: denied { block_suspend } for pid=6967 comm="syz.2.377" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 84.571496][ T6963] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 84.706136][ T6973] bond1: (slave bond_slave_1): Device is not bonding slave [ 84.709206][ T6973] bond1: option active_slave: invalid value (bond_slave_1) [ 84.713871][ T6973] bond1 (unregistering): Released all slaves [ 84.820223][ T6982] tipc: Enabling of bearer rejected, already enabled [ 84.860396][ T6988] warning: `syz.2.383' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 84.881117][ T6988] netlink: 16 bytes leftover after parsing attributes in process `syz.2.383'. [ 85.114281][ T29] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 85.286048][ T29] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 85.290660][ T29] usb 6-1: config 0 has no interfaces? [ 85.293064][ T29] usb 6-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00 [ 85.296683][ T29] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 85.304454][ T29] usb 6-1: config 0 descriptor?? [ 85.509217][ T5932] usb 6-1: USB disconnect, device number 3 [ 85.547893][ T6998] netlink: 212304 bytes leftover after parsing attributes in process `syz.3.386'. [ 85.551740][ T6998] openvswitch: netlink: Message has 6 unknown bytes. [ 85.837552][ T40] audit: type=1400 audit(1771097794.283:326): avc: denied { getopt } for pid=7000 comm="syz.2.387" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 85.838083][ T7001] random: crng reseeded on system resumption [ 86.239927][ T7040] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 86.350196][ T7053] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer. [ 86.515790][ T7060] MTD: Attempt to mount non-MTD device "/dev/sr0" [ 86.521976][ T7060] romfs: unable to set blocksize [ 86.521976][ T7060] [ 86.568041][ T7059] FAULT_INJECTION: forcing a failure. [ 86.568041][ T7059] name failslab, interval 1, probability 0, space 0, times 0 [ 86.573503][ T7059] CPU: 3 UID: 0 PID: 7059 Comm: syz.2.413 Tainted: G L syzkaller #0 PREEMPT(full) [ 86.573530][ T7059] Tainted: [L]=SOFTLOCKUP [ 86.573536][ T7059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 86.573546][ T7059] Call Trace: [ 86.573552][ T7059] [ 86.573559][ T7059] dump_stack_lvl+0x100/0x190 [ 86.573591][ T7059] should_fail_ex.cold+0x5/0xa [ 86.573614][ T7059] should_failslab+0xc2/0x120 [ 86.573640][ T7059] __kmalloc_cache_noprof+0x7a/0x6f0 [ 86.573659][ T7059] ? vhost_task_create+0xee/0x370 [ 86.573680][ T7059] ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 86.573704][ T7059] ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 86.573728][ T7059] vhost_task_create+0xee/0x370 [ 86.573746][ T7059] ? __pfx_vhost_task_create+0x10/0x10 [ 86.573762][ T7059] ? trace_contention_end+0x140/0x180 [ 86.573785][ T7059] ? __pfx_vhost_task_fn+0x10/0x10 [ 86.573805][ T7059] ? __pfx___mutex_lock+0x10/0x10 [ 86.573825][ T7059] ? kasan_quarantine_put+0x104/0x240 [ 86.573845][ T7059] ? lockdep_hardirqs_on+0x78/0x100 [ 86.573871][ T7059] kvm_mmu_post_init_vm+0x1b3/0x370 [ 86.573900][ T7059] kvm_arch_vcpu_ioctl_run+0x66/0x1830 [ 86.573919][ T7059] ? kvm_vcpu_ioctl+0x155c/0x1730 [ 86.573949][ T7059] kvm_vcpu_ioctl+0x730/0x1730 [ 86.573976][ T7059] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 86.574000][ T7059] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 86.574024][ T7059] ? do_vfs_ioctl+0x226/0x13e0 [ 86.574046][ T7059] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 86.574067][ T7059] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 86.574103][ T7059] ? __fget_files+0x215/0x3d0 [ 86.574127][ T7059] ? hook_file_ioctl_common+0x146/0x410 [ 86.574169][ T7059] ? selinux_file_ioctl+0x139/0x290 [ 86.574194][ T7059] ? selinux_file_ioctl+0xb4/0x290 [ 86.574220][ T7059] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 86.574246][ T7059] __x64_sys_ioctl+0x18e/0x210 [ 86.574271][ T7059] do_syscall_64+0x106/0xf80 [ 86.574291][ T7059] ? clear_bhb_loop+0x40/0x90 [ 86.574313][ T7059] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.574331][ T7059] RIP: 0033:0x7f749a59bf79 [ 86.574347][ T7059] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 86.574363][ T7059] RSP: 002b:00007f749b3f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 86.574380][ T7059] RAX: ffffffffffffffda RBX: 00007f749a815fa0 RCX: 00007f749a59bf79 [ 86.574390][ T7059] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 86.574400][ T7059] RBP: 00007f749b3f4090 R08: 0000000000000000 R09: 0000000000000000 [ 86.574409][ T7059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 86.574419][ T7059] R13: 00007f749a816038 R14: 00007f749a815fa0 R15: 00007fff7b4e3918 [ 86.574444][ T7059] [ 86.619341][ T7071] futex_wake_op: syz.3.416 tries to shift op by -1; fix this program [ 86.674101][ T830] cfg80211: failed to load regulatory.db [ 86.750521][ T7070] loop6: detected capacity change from 0 to 2640 [ 86.753520][ T7070] Buffer I/O error on dev loop6, logical block 0, async page read [ 86.756964][ T7070] Buffer I/O error on dev loop6, logical block 0, async page read [ 86.759939][ T7070] Buffer I/O error on dev loop6, logical block 0, async page read [ 86.763011][ T7070] Buffer I/O error on dev loop6, logical block 0, async page read [ 86.765835][ T7070] Buffer I/O error on dev loop6, logical block 0, async page read [ 86.768450][ T7070] Buffer I/O error on dev loop6, logical block 0, async page read [ 86.770946][ T7070] Buffer I/O error on dev loop6, logical block 0, async page read [ 86.773456][ T7070] Buffer I/O error on dev loop6, logical block 0, async page read [ 86.777727][ T7070] ldm_validate_partition_table(): Disk read failed. [ 86.780116][ T7070] Buffer I/O error on dev loop6, logical block 0, async page read [ 86.782655][ T7070] Buffer I/O error on dev loop6, logical block 0, async page read [ 86.785977][ T7070] Dev loop6: unable to read RDB block 0 [ 86.787918][ T7070] loop6: unable to read partition table [ 86.790265][ T7070] loop_reread_partitions: partition scan of loop6 (3Ÿ ¾‚³˜) failed (rc=-5) [ 86.833623][ T7070] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 86.835653][ T7080] random: crng reseeded on system resumption [ 86.908250][ T7088] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains [ 86.933321][ T7091] tipc: Enabling of bearer rejected, already enabled [ 86.988155][ T7099] futex_wake_op: syz.1.425 tries to shift op by -1; fix this program [ 87.366338][ T7120] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 87.441984][ T7119] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 87.564710][ C2] ------------[ cut here ]------------ [ 87.566685][ C2] sk->sk_forward_alloc [ 87.566693][ C2] WARNING: net/ipv4/af_inet.c:157 at inet_sock_destruct+0x653/0x800, CPU#2: syz-executor/5940 [ 87.571231][ C2] Modules linked in: [ 87.572827][ C2] CPU: 2 UID: 0 PID: 5940 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT(full) [ 87.576296][ C2] Tainted: [L]=SOFTLOCKUP [ 87.577660][ C2] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 87.580847][ C2] RIP: 0010:inet_sock_destruct+0x653/0x800 [ 87.582706][ C2] Code: c9 4e ff e9 06 fd ff ff e8 2a af 01 f8 90 0f 0b 90 e9 35 fe ff ff e8 1c af 01 f8 90 0f 0b 90 e9 c5 fe ff ff e8 0e af 01 f8 90 <0f> 0b 90 e9 04 ff ff ff e8 00 af 01 f8 90 0f 0b 90 e9 65 fe ff ff [ 87.588775][ C2] RSP: 0018:ffffc90000648d98 EFLAGS: 00010246 [ 87.590720][ C2] RAX: 0000000000000000 RBX: ffff88805834ee80 RCX: ffffffff8a06e8b7 [ 87.593190][ C2] RDX: ffff88802f654900 RSI: ffffffff8a06e9b2 RDI: ffff88802f654900 [ 87.596431][ C2] RBP: 0000000000000090 R08: 0000000000000005 R09: 0000000000000000 [ 87.599552][ C2] R10: 0000000000000090 R11: 0000000000000000 R12: ffff88805834ee80 [ 87.602688][ C2] R13: ffff88805834ef10 R14: ffffffff81ee5bad R15: 0000000000000005 [ 87.605872][ C2] FS: 0000555573b93500(0000) GS:ffff8880d6552000(0000) knlGS:0000000000000000 [ 87.609216][ C2] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.611289][ C2] CR2: 00007ffe21c72fc0 CR3: 000000003de49000 CR4: 0000000000352ef0 [ 87.613769][ C2] Call Trace: [ 87.614893][ C2] [ 87.615852][ C2] ? __pfx_udp_destruct_sock+0x10/0x10 [ 87.617578][ C2] ? rcu_core+0x59d/0x10d0 [ 87.619017][ C2] __sk_destruct+0x85/0xbb0 [ 87.620478][ C2] ? rcu_core+0x59d/0x10d0 [ 87.621915][ C2] rcu_core+0x5a2/0x10d0 [ 87.623240][ C2] ? __pfx_rcu_core+0x10/0x10 [ 87.624777][ C2] ? run_timer_base+0x121/0x190 [ 87.626287][ C2] ? __pfx_run_timer_base+0x10/0x10 [ 87.627917][ C2] handle_softirqs+0x1eb/0x9e0 [ 87.629460][ C2] ? __pfx_handle_softirqs+0x10/0x10 [ 87.631100][ C2] __irq_exit_rcu+0xef/0x150 [ 87.632570][ C2] irq_exit_rcu+0x9/0x30 [ 87.633870][ C2] sysvec_apic_timer_interrupt+0xa3/0xc0 [ 87.635635][ C2] [ 87.636579][ C2] [ 87.637521][ C2] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 87.639506][ C2] RIP: 0010:do_sigaltstack.constprop.0+0x23d/0x670 [ 87.641580][ C2] Code: 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 0f b6 04 02 84 c0 74 08 3c 03 0f 8e 56 03 00 00 44 8b b3 98 09 00 00 31 ff 44 89 f6 6e e0 3d 00 45 85 f6 78 42 e8 b4 e5 3d 00 48 8d bb 88 09 00 00 [ 87.647599][ C2] RSP: 0018:ffffc90005807d78 EFLAGS: 00000246 [ 87.649556][ C2] RAX: 0000000000000000 RBX: ffff88802f654900 RCX: ffffffff81ccab05 [ 87.652545][ C2] RDX: 1ffff11005ecaa53 RSI: 0000000000000002 RDI: 0000000000000000 [ 87.655710][ C2] RBP: 00007ffe21c72c00 R08: 0000000000000007 R09: 0000000000000000 [ 87.658828][ C2] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 87.661990][ C2] R13: ffffc90005807de8 R14: 0000000000000002 R15: 0000000000000002 [ 87.665305][ C2] ? restore_altstack+0xa5/0x170 [ 87.667378][ C2] ? do_sigaltstack.constprop.0+0x1db/0x670 [ 87.669751][ C2] restore_altstack+0x10d/0x170 [ 87.671704][ C2] ? __pfx_restore_altstack+0x10/0x10 [ 87.673891][ C2] ? _raw_spin_unlock_irq+0x23/0x50 [ 87.676025][ C2] ? lockdep_hardirqs_on+0x78/0x100 [ 87.678091][ C2] ? _raw_spin_unlock_irq+0x2e/0x50 [ 87.680190][ C2] __do_sys_rt_sigreturn+0x1ab/0x2c0 [ 87.682280][ C2] ? __pfx___do_sys_rt_sigreturn+0x10/0x10 [ 87.684669][ C2] do_syscall_64+0x106/0xf80 [ 87.686522][ C2] ? clear_bhb_loop+0x40/0x90 [ 87.688408][ C2] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.690442][ C2] RIP: 0033:0x7f12daf3d399 [ 87.691890][ C2] Code: 11 06 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 0c 25 [ 87.697916][ C2] RSP: 002b:00007ffe21c72c00 EFLAGS: 00000246 ORIG_RAX: 000000000000000f [ 87.700565][ C2] RAX: ffffffffffffffda RBX: 0000555573b93500 RCX: 00007f12daf3d399 [ 87.703052][ C2] RDX: 00007ffe21c72c00 RSI: 00007ffe21c72d30 RDI: 0000000000000011 [ 87.705605][ C2] RBP: 00007ffe21c739ac R08: 0000000000000000 R09: 0000000000000000 [ 87.708087][ C2] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000001388 [ 87.710564][ C2] R13: 00000000000927c0 R14: 000000000001559c R15: 00007ffe21c73a00 [ 87.713098][ C2] [ 87.714100][ C2] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 87.716397][ C2] CPU: 2 UID: 0 PID: 5940 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT(full) [ 87.719826][ C2] Tainted: [L]=SOFTLOCKUP [ 87.721196][ C2] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 87.724291][ C2] Call Trace: [ 87.725357][ C2] [ 87.726280][ C2] dump_stack_lvl+0x100/0x190 [ 87.727775][ C2] vpanic+0x552/0x970 [ 87.729095][ C2] ? __pfx_vpanic+0x10/0x10 [ 87.730658][ C2] panic+0xd1/0xe0 [ 87.731980][ C2] ? __pfx_panic+0x10/0x10 [ 87.733475][ C2] ? check_panic_on_warn+0x1f/0x90 [ 87.735089][ C2] check_panic_on_warn.cold+0x19/0x34 [ 87.736788][ C2] ? inet_sock_destruct+0x653/0x800 [ 87.738489][ C2] __warn.cold+0x191/0x348 [ 87.740080][ C2] __report_bug+0x296/0x3d0 [ 87.741624][ C2] ? inet_sock_destruct+0x653/0x800 [ 87.743414][ C2] ? __pfx___report_bug+0x10/0x10 [ 87.745127][ C2] ? inet_sock_destruct+0x653/0x800 [ 87.746793][ C2] report_bug+0xb2/0x220 [ 87.748196][ C2] ? inet_sock_destruct+0x653/0x800 [ 87.749907][ C2] handle_bug+0x166/0x2a0 [ 87.751298][ C2] exc_invalid_op+0x17/0x50 [ 87.752873][ C2] asm_exc_invalid_op+0x1a/0x20 [ 87.754639][ C2] RIP: 0010:inet_sock_destruct+0x653/0x800 [ 87.756536][ C2] Code: c9 4e ff e9 06 fd ff ff e8 2a af 01 f8 90 0f 0b 90 e9 35 fe ff ff e8 1c af 01 f8 90 0f 0b 90 e9 c5 fe ff ff e8 0e af 01 f8 90 <0f> 0b 90 e9 04 ff ff ff e8 00 af 01 f8 90 0f 0b 90 e9 65 fe ff ff [ 87.762595][ C2] RSP: 0018:ffffc90000648d98 EFLAGS: 00010246 [ 87.764671][ C2] RAX: 0000000000000000 RBX: ffff88805834ee80 RCX: ffffffff8a06e8b7 [ 87.767135][ C2] RDX: ffff88802f654900 RSI: ffffffff8a06e9b2 RDI: ffff88802f654900 [ 87.769699][ C2] RBP: 0000000000000090 R08: 0000000000000005 R09: 0000000000000000 [ 87.772252][ C2] R10: 0000000000000090 R11: 0000000000000000 R12: ffff88805834ee80 [ 87.774737][ C2] R13: ffff88805834ef10 R14: ffffffff81ee5bad R15: 0000000000000005 [ 87.777159][ C2] ? rcu_core+0x59d/0x10d0 [ 87.778569][ C2] ? inet_sock_destruct+0x557/0x800 [ 87.780320][ C2] ? inet_sock_destruct+0x652/0x800 [ 87.781974][ C2] ? inet_sock_destruct+0x652/0x800 [ 87.783710][ C2] ? __pfx_udp_destruct_sock+0x10/0x10 [ 87.785456][ C2] ? rcu_core+0x59d/0x10d0 [ 87.786876][ C2] __sk_destruct+0x85/0xbb0 [ 87.788334][ C2] ? rcu_core+0x59d/0x10d0 [ 87.789773][ C2] rcu_core+0x5a2/0x10d0 [ 87.791123][ C2] ? __pfx_rcu_core+0x10/0x10 [ 87.792663][ C2] ? run_timer_base+0x121/0x190 [ 87.794275][ C2] ? __pfx_run_timer_base+0x10/0x10 [ 87.796033][ C2] handle_softirqs+0x1eb/0x9e0 [ 87.797577][ C2] ? __pfx_handle_softirqs+0x10/0x10 [ 87.799270][ C2] __irq_exit_rcu+0xef/0x150 [ 87.800857][ C2] irq_exit_rcu+0x9/0x30 [ 87.802213][ C2] sysvec_apic_timer_interrupt+0xa3/0xc0 [ 87.804093][ C2] [ 87.805038][ C2] [ 87.805982][ C2] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 87.807879][ C2] RIP: 0010:do_sigaltstack.constprop.0+0x23d/0x670 [ 87.809908][ C2] Code: 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 0f b6 04 02 84 c0 74 08 3c 03 0f 8e 56 03 00 00 44 8b b3 98 09 00 00 31 ff 44 89 f6 6e e0 3d 00 45 85 f6 78 42 e8 b4 e5 3d 00 48 8d bb 88 09 00 00 [ 87.816929][ C2] RSP: 0018:ffffc90005807d78 EFLAGS: 00000246 [ 87.819282][ C2] RAX: 0000000000000000 RBX: ffff88802f654900 RCX: ffffffff81ccab05 [ 87.821794][ C2] RDX: 1ffff11005ecaa53 RSI: 0000000000000002 RDI: 0000000000000000 [ 87.824298][ C2] RBP: 00007ffe21c72c00 R08: 0000000000000007 R09: 0000000000000000 [ 87.826692][ C2] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 87.829217][ C2] R13: ffffc90005807de8 R14: 0000000000000002 R15: 0000000000000002 [ 87.831690][ C2] ? restore_altstack+0xa5/0x170 [ 87.833383][ C2] ? do_sigaltstack.constprop.0+0x1db/0x670 [ 87.835265][ C2] restore_altstack+0x10d/0x170 [ 87.836845][ C2] ? __pfx_restore_altstack+0x10/0x10 [ 87.839073][ C2] ? _raw_spin_unlock_irq+0x23/0x50 [ 87.841119][ C2] ? lockdep_hardirqs_on+0x78/0x100 [ 87.842965][ C2] ? _raw_spin_unlock_irq+0x2e/0x50 [ 87.845208][ C2] __do_sys_rt_sigreturn+0x1ab/0x2c0 [ 87.847233][ C2] ? __pfx___do_sys_rt_sigreturn+0x10/0x10 [ 87.849508][ C2] do_syscall_64+0x106/0xf80 [ 87.851255][ C2] ? clear_bhb_loop+0x40/0x90 [ 87.853167][ C2] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.855433][ C2] RIP: 0033:0x7f12daf3d399 [ 87.857118][ C2] Code: 11 06 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 0c 25 [ 87.864230][ C2] RSP: 002b:00007ffe21c72c00 EFLAGS: 00000246 ORIG_RAX: 000000000000000f [ 87.866822][ C2] RAX: ffffffffffffffda RBX: 0000555573b93500 RCX: 00007f12daf3d399 [ 87.869325][ C2] RDX: 00007ffe21c72c00 RSI: 00007ffe21c72d30 RDI: 0000000000000011 [ 87.871926][ C2] RBP: 00007ffe21c739ac R08: 0000000000000000 R09: 0000000000000000 [ 87.874438][ C2] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000001388 [ 87.876905][ C2] R13: 00000000000927c0 R14: 000000000001559c R15: 00007ffe21c73a00 [ 87.879409][ C2] [ 87.881132][ C2] Kernel Offset: disabled [ 87.882625][ C2] Rebooting in 86400 seconds..