last executing test programs: 4.296674801s ago: executing program 3 (id=2301): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x40000021}]}) 4.176107401s ago: executing program 3 (id=2305): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00'}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x3c}}, 0x10) 4.126726s ago: executing program 3 (id=2306): r0 = syz_open_dev$vim2m(&(0x7f0000000280), 0x5, 0x2) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x40002, 0x0) ioctl$SNDCTL_TMR_CONTINUE(r1, 0x5404) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1}) ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000100)=0x1) 4.075867522s ago: executing program 3 (id=2308): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x50, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x50}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_SAVE(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x14, 0x8, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x10) syz_usb_connect(0x0, 0x2d, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000091c2f20c81403006c05010203010902"], 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r3, 0xffffffffffffffff, 0x0) 4.075530466s ago: executing program 2 (id=2309): socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc) r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0) write$sysctl(r0, &(0x7f0000000580)='1\x00', 0x2) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x0) write$sysctl(r0, &(0x7f00000000c0)='2\x00', 0x2) 3.00592691s ago: executing program 1 (id=2317): r0 = socket$nl_route(0x10, 0x3, 0x0) (async) r1 = socket$netlink(0x10, 0x3, 0x9) (async) r2 = socket(0x10, 0x3, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), r2) getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) (async) sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001240)=@delchain={0x3c, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xfff3}, {0xfff3, 0xffff}, {0xa, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_FLAGS={0x8}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40044}, 0x4804) 2.946074219s ago: executing program 1 (id=2318): r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) socket$tipc(0x1e, 0x2, 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000003c0)={0x0, @in6={{0xa, 0x4e23, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x3, 0x8a}, 0x9c) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000181100", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='sctp_probe_path\x00', r3}, 0x18) bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x2e5, 0x0, 0xffffffff, 0x0, 0x54}, 0x9c) 2.942991848s ago: executing program 3 (id=2319): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4c0000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="000004001004000024001a80200002801c00018008001a00060000000800160002000000080010000004000008001b"], 0x4c}, 0x1, 0x0, 0x0, 0x1}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x11, 0x80a, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=r3, @ANYBLOB="00000000000000002400128009000100626f6e64000000001400028008000000000000000800090001"], 0x44}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x11, 0x80a, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=r6, @ANYBLOB="00000000000000001c00128009000100626f6e64000000000c0002800800070003"], 0x3c}}, 0x0) r7 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r7, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181000b00000000010000000000000e000a000f000000028002002d", 0x2d}], 0x1}, 0x0) 2.856479563s ago: executing program 3 (id=2320): madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc) r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0) write$sysctl(r0, &(0x7f0000000580)='1\x00', 0x2) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12011900000000406a056300000000000001"], 0x0) write$sysctl(r0, &(0x7f00000000c0)='2\x00', 0x2) 2.114439264s ago: executing program 1 (id=2328): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4c0000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="000004001004000024001a80200002801c00018008001a00060000000800160002000000080010000004000008001b"], 0x4c}, 0x1, 0x0, 0x0, 0x1}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x11, 0x80a, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=r3, @ANYBLOB="00000000000000002400128009000100626f6e64000000001400028008000000000000000800090001"], 0x44}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x11, 0x80a, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=r6, @ANYBLOB="00000000000000001c00128009000100626f6e64000000000c0002800800070003"], 0x3c}}, 0x0) r7 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r7, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181000b00000000010000000000000e000a000f000000028002002d", 0x2d}], 0x1}, 0x0) 2.026687267s ago: executing program 1 (id=2329): r0 = socket$kcm(0x2, 0x200000000000001, 0x106) sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={r0, 0x1, 0x3, 0x7}) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="4000000010003b1500000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="45000000015001001800128008000100677470000c00028008000100", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x40}}, 0x0) getsockopt$PNPIPE_IFINDEX(r1, 0x113, 0x2, &(0x7f00000000c0), &(0x7f0000000100)=0x4) r4 = syz_open_dev$video(&(0x7f0000000000), 0x7, 0x40440) ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r4, 0x4020565b, 0x0) syz_open_dev$video(&(0x7f0000000940), 0x120b, 0x80) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffc}, 0x39, [0x8000, 0xc95a, 0xf, 0x8, 0x83, 0x2, 0x3, 0x7f, 0xa9, 0x4d, 0x6, 0x5f, 0x9, 0x15, 0xffff2d37, 0xff7fff01, 0x6, 0x25, 0x7, 0x35, 0x6, 0x0, 0x7, 0x3c5b, 0x1, 0x24, 0x10, 0x5, 0x0, 0xffffffff, 0xe661, 0x0, 0x7, 0x20003, 0x8, 0x4c74, 0x10000, 0x242, 0x3, 0xe, 0x4, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x18e, 0x200009, 0x6, 0x454f, 0x6, 0x80004, 0x8, 0x3ff, 0x80, 0x0, 0x5, 0x0, 0x8, 0x8000, 0x1, 0x40], [0x1000000b, 0x9, 0x8000012f, 0x8004, 0x5, 0xfffffff3, 0x129432f6, 0xc8, 0xf1, 0xe, 0x2bf, 0x6c7, 0x2, 0xfffffffc, 0x5, 0x0, 0xfffffffe, 0x3, 0x2f, 0xe, 0x1, 0x66abcbd2, 0xb, 0x2, 0x4, 0x7, 0x7fff, 0xfffffffa, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0xfffff575, 0x5f31, 0x7, 0x4e0, 0x381, 0x4, 0xb, 0x1004, 0x9, 0x8, 0x5, 0x6, 0x47, 0x6, 0x1, 0xfe000000, 0x8, 0x2, 0x4, 0x9, 0x3, 0x8001, 0x4000009, 0x6, 0x0, 0x3, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x4, 0x5, 0xfffffffd, 0x4073, 0x4, 0x9, 0x5, 0x7fff, 0x0, 0x0, 0xb, 0x2, 0x6, 0x5, 0x0, 0x1ef, 0x2, 0x8, 0x86, 0x3, 0x303c, 0xfffffffa, 0xb, 0x9, 0x4a, 0x2, 0x400003, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x200, 0x2950bfaf, 0x1000, 0x8, 0x4, 0x1000, 0x5, 0xb1, 0xac8, 0xbf, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0xffffffff, 0x5, 0x1c, 0x120000, 0x200807ff, 0x2006, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x4, 0x6, 0x6, 0x81, 0xb9, 0x2, 0x1ff, 0x95f, 0x4184, 0x5, 0x3, 0x2, 0x10000, 0x4, 0x7fff, 0xffff, 0xa620, 0x1, 0x5, 0x1, 0x2000002, 0x14c, 0x60a7, 0x10006, 0xa, 0xffffffff, 0x80000000, 0x5, 0x2, 0xc8, 0x1, 0xfffff000, 0xffff, 0x0, 0x7e, 0x100, 0x9622, 0x5, 0xaf, 0x20000008, 0x101, 0x226, 0x2, 0x5, 0x0, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x530e, 0x6c1b, 0x0, 0x4, 0x5, 0x803, 0xd7, 0x200, 0xf8a4, 0xfff]}, 0x45c) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) setsockopt$sock_attach_bpf(r0, 0x6, 0xd, &(0x7f0000000000), 0x4) 1.146393848s ago: executing program 1 (id=2331): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x50, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x50}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_SAVE(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x14, 0x8, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x10) syz_usb_connect(0x0, 0x2d, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000091c2f20c81403006c05010203010902"], 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r3, 0xffffffffffffffff, 0x0) 1.011440022s ago: executing program 2 (id=2332): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, 0x0) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x65, 0x0, &(0x7f0000000180)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f00000002c0)={@fd={0x66642a85, 0x0, r2}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x1, 0x16}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x1, 0x1c}}, &(0x7f0000000240)={0x0, 0x18, 0x40}}, 0x2000}], 0x0, 0x0, 0x0}) 1.01121577s ago: executing program 0 (id=2333): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x11, 0x80a, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=r2, @ANYBLOB="00000000000000001c00128009000100626f6e64000000000c0002800800"], 0x3c}}, 0x0) 1.011058044s ago: executing program 2 (id=2334): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00'}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000800)=ANY=[], 0x3c}}, 0x10) 1.010804417s ago: executing program 0 (id=2335): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'wg0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000180)="0b03feff4f00021202004788aa96a13bb1000011000088ca1a00", 0x1fffc, 0x0, &(0x7f0000000140)={0x11, 0x0, r1}, 0x14) 966.60707ms ago: executing program 2 (id=2336): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'team_slave_0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000180)="0b03feff4f00021202004788aa96a13bb1000011000088ca1a00", 0x1fffc, 0x0, &(0x7f0000000140)={0x11, 0x0, r1}, 0x14) 864.539532ms ago: executing program 2 (id=2337): r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) socket$tipc(0x1e, 0x2, 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000003c0)={0x0, @in6={{0xa, 0x4e23, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x3, 0x8a}, 0x9c) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='sctp_probe_path\x00', r3}, 0x18) bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x2e5, 0x0, 0xffffffff, 0x0, 0x54}, 0x9c) 848.955304ms ago: executing program 0 (id=2339): r0 = socket(0x2a, 0x2, 0x0) sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newtfilter={0x44, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r1, {0xa, 0x2}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x800}, @TCA_FLOWER_KEY_IP_PROTO={0x5, 0x9, 0x84}]}}]}, 0x44}}, 0x24004000) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 775.829879ms ago: executing program 0 (id=2340): r0 = socket(0x2, 0x3, 0x6) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$xdp(0x2c, 0x3, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', 0x0}) r4 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r4, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c) setsockopt$XDP_UMEM_COMPLETION_RING(r4, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) r6 = syz_io_uring_setup(0x178b, &(0x7f0000000180)={0x0, 0x0, 0x13291}, &(0x7f0000000100), &(0x7f0000000080)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) io_uring_enter(r6, 0x0, 0x0, 0x1, 0x0, 0x0) setsockopt$XDP_RX_RING(r4, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', 0x0}) setsockopt$XDP_UMEM_FILL_RING(r4, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4) bind$xdp(r4, &(0x7f0000000100)={0x2c, 0x0, r7}, 0x10) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0xe}, {}, {0x7}}}, 0x24}}, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0xfffa, @local}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000002400)={0x2, 0x0, @multicast2}, 0x10) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) 726.661134ms ago: executing program 2 (id=2341): socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc) r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0) write$sysctl(r0, &(0x7f0000000580)='1\x00', 0x2) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x0) write$sysctl(r0, &(0x7f00000000c0)='2\x00', 0x2) 445.974825ms ago: executing program 0 (id=2342): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000580)) ioctl$PPPIOCSACTIVE(r0, 0x40107446, &(0x7f0000000000)={0x1, &(0x7f0000005700)=[{0x6, 0x0, 0x5, 0xfc}]}) r1 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2) ioctl$VIDIOC_S_EXT_CTRLS(r1, 0xc0205647, &(0x7f0000000280)={0xf000000, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x98f90b, 0xff, '\x00', @p_u8=&(0x7f0000000200)=0x3}}) r2 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r2, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e) r3 = socket(0x400000000010, 0x3, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@deltclass={0x2c, 0x29, 0x800, 0x70bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0xe, 0x8}, {0x4, 0xf}, {0xffeb, 0xe}}, [@TCA_RATE={0x6, 0x5, {0xde, 0xc}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20004880}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1c, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, '\x00', r5, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x800}, 0x94) r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$EVIOCGPROP(r6, 0x40047438, &(0x7f0000000180)=""/246) r7 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r7, 0x40085112, &(0x7f0000000080)=@e={0xff, 0x9, 0x0, 0x0, @SEQ_NOTEON=@special}) ioctl$PPPIOCSFLAGS1(r6, 0x4004743a, &(0x7f0000000300)) 356.549657ms ago: executing program 0 (id=2343): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x50, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x50}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_SAVE(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x1c, 0x8, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x10) syz_usb_connect(0x0, 0x2d, 0x0, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r3, 0xffffffffffffffff, 0x0) 0s ago: executing program 1 (id=2344): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r2, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f0000000440)={r3, 0x0, 0x0, 0x0, 0x0, [0x0]}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0xb5}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={r4, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f0000000340)={r3, 0x0, 0x0, 0x0, 0x0, [0x0], [0xffffffff], [], [0xfffffffffffffffc]}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r5}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c64d2, &(0x7f0000000040)={r6}) kernel console output (not intermixed with test programs): interval 1, probability 0, space 0, times 0 [ 180.567301][T10651] CPU: 2 UID: 0 PID: 10651 Comm: syz.0.1823 Not tainted syzkaller #0 PREEMPT(full) [ 180.567314][T10651] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 180.567320][T10651] Call Trace: [ 180.567324][T10651] [ 180.567328][T10651] dump_stack_lvl+0x16c/0x1f0 [ 180.567347][T10651] should_fail_ex+0x512/0x640 [ 180.567362][T10651] _copy_from_user+0x2e/0xd0 [ 180.567375][T10651] binder_ioctl+0x57a/0x73b0 [ 180.567397][T10651] ? tomoyo_path_number_perm+0x18d/0x580 [ 180.567411][T10651] ? __pfx_binder_ioctl+0x10/0x10 [ 180.567428][T10651] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 180.567444][T10651] ? do_vfs_ioctl+0x128/0x14f0 [ 180.567458][T10651] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 180.567474][T10651] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 180.567490][T10651] ? hook_file_ioctl_common+0x145/0x410 [ 180.567508][T10651] ? selinux_file_ioctl+0x180/0x270 [ 180.567518][T10651] ? selinux_file_ioctl+0xb4/0x270 [ 180.567530][T10651] ? __pfx_binder_ioctl+0x10/0x10 [ 180.567545][T10651] __x64_sys_ioctl+0x18e/0x210 [ 180.567560][T10651] do_syscall_64+0xcd/0xfa0 [ 180.567571][T10651] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.567581][T10651] RIP: 0033:0x7fb63bb8f6c9 [ 180.567590][T10651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 180.567600][T10651] RSP: 002b:00007fb63c9da038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 180.567610][T10651] RAX: ffffffffffffffda RBX: 00007fb63bde5fa0 RCX: 00007fb63bb8f6c9 [ 180.567616][T10651] RDX: 00002000000001c0 RSI: 00000000c0306201 RDI: 0000000000000003 [ 180.567622][T10651] RBP: 00007fb63c9da090 R08: 0000000000000000 R09: 0000000000000000 [ 180.567628][T10651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 180.567634][T10651] R13: 00007fb63bde6038 R14: 00007fb63bde5fa0 R15: 00007fff923ef868 [ 180.567647][T10651] [ 180.567651][T10651] binder: 10650:10651 ioctl c0306201 2000000001c0 returned -14 [ 180.600904][ T5975] usb 8-1: new high-speed USB device number 36 using dummy_hcd [ 180.662256][T10657] binder: 10656:10657 unknown command 0 [ 180.664043][T10657] binder: 10656:10657 ioctl c0306201 200000000080 returned -22 [ 180.668239][T10657] binder_alloc: 10656: binder_alloc_buf size 20480 failed, no address space [ 180.671494][T10657] binder_alloc: allocated: 0 (num: 0 largest: 0), free: 12288 (num: 1 largest: 12288) [ 180.791750][ T5975] usb 8-1: config index 0 descriptor too short (expected 28277, got 36) [ 180.794455][ T5975] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 180.797600][ T5975] usb 8-1: config 0 has no interfaces? [ 180.799327][ T5975] usb 8-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 180.802895][ T5975] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 180.807101][ T5975] usb 8-1: config 0 descriptor?? [ 181.011312][ T34] usb 8-1: USB disconnect, device number 36 [ 181.548058][T10667] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 181.549275][T10668] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1829'. [ 181.588115][ T40] audit: type=1400 audit(1762856131.987:354): avc: denied { connect } for pid=10669 comm="syz.2.1830" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1 [ 181.605058][T10672] netlink: 'syz.0.1831': attribute type 10 has an invalid length. [ 181.637789][T10674] binder: 10673:10674 unknown command 0 [ 181.640006][T10674] binder: 10673:10674 ioctl c0306201 200000000080 returned -22 [ 181.648660][ T40] audit: type=1326 audit(1762856132.047:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10673 comm="syz.0.1833" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb63bb8f6c9 code=0x7ffc0000 [ 181.656231][ T40] audit: type=1326 audit(1762856132.047:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10673 comm="syz.0.1833" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb63bb8f6c9 code=0x7ffc0000 [ 181.663874][ T40] audit: type=1326 audit(1762856132.047:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10673 comm="syz.0.1833" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb63bb8f6c9 code=0x7ffc0000 [ 181.671511][ T40] audit: type=1326 audit(1762856132.047:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10673 comm="syz.0.1833" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb63bb8f6c9 code=0x7ffc0000 [ 181.678593][ T40] audit: type=1326 audit(1762856132.047:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10673 comm="syz.0.1833" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb63bb8f6c9 code=0x7ffc0000 [ 181.685663][ T40] audit: type=1326 audit(1762856132.047:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10673 comm="syz.0.1833" exe="/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb63bb8f6c9 code=0x7ffc0000 [ 181.692925][ T40] audit: type=1326 audit(1762856132.047:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10673 comm="syz.0.1833" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb63bb8f6c9 code=0x7ffc0000 [ 181.700004][ T40] audit: type=1326 audit(1762856132.047:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10673 comm="syz.0.1833" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb63bb8f6c9 code=0x7ffc0000 [ 181.708621][ T40] audit: type=1326 audit(1762856132.047:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10673 comm="syz.0.1833" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb63bb8f6c9 code=0x7ffc0000 [ 181.719687][T10679] xt_hashlimit: max too large, truncated to 1048576 [ 181.800738][ T6085] usb 8-1: new high-speed USB device number 37 using dummy_hcd [ 181.804321][ T34] usb 6-1: new high-speed USB device number 44 using dummy_hcd [ 181.941258][ T34] usb 6-1: device descriptor read/64, error -71 [ 181.970559][ T6085] usb 8-1: Using ep0 maxpacket: 32 [ 181.973440][ T6085] usb 8-1: config 0 has no interfaces? [ 181.976639][ T6085] usb 8-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 181.979453][ T6085] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 181.982050][ T6085] usb 8-1: Product: syz [ 181.983429][ T6085] usb 8-1: Manufacturer: syz [ 181.984908][ T6085] usb 8-1: SerialNumber: syz [ 181.988155][ T6085] usb 8-1: config 0 descriptor?? [ 182.010623][ T1469] usb 7-1: new high-speed USB device number 44 using dummy_hcd [ 182.172532][ T1469] usb 7-1: config index 0 descriptor too short (expected 28277, got 36) [ 182.175191][ T1469] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 182.178309][ T1469] usb 7-1: config 0 has no interfaces? [ 182.180018][ T1469] usb 7-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 182.183012][ T1469] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 182.187375][ T1469] usb 7-1: config 0 descriptor?? [ 182.193407][ T7138] usb 8-1: USB disconnect, device number 37 [ 182.204060][ T34] usb 6-1: new high-speed USB device number 45 using dummy_hcd [ 182.340594][ T34] usb 6-1: device descriptor read/64, error -71 [ 182.393816][ T6016] usb 7-1: USB disconnect, device number 44 [ 182.460689][ T34] usb usb6-port1: attempt power cycle [ 182.649733][T10689] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 182.730675][T10693] netlink: 'syz.0.1843': attribute type 10 has an invalid length. [ 182.810716][ T34] usb 6-1: new high-speed USB device number 46 using dummy_hcd [ 182.832311][ T34] usb 6-1: device descriptor read/8, error -71 [ 183.033000][T10718] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1853'. [ 183.036189][T10718] netlink: 'syz.2.1853': attribute type 10 has an invalid length. [ 183.048827][T10720] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1854'. [ 183.073492][ T34] usb 6-1: new high-speed USB device number 47 using dummy_hcd [ 183.074570][T10722] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 183.098263][ T34] usb 6-1: device descriptor read/8, error -71 [ 183.210761][ T34] usb usb6-port1: unable to enumerate USB device [ 183.290624][ T1469] usb 5-1: new high-speed USB device number 42 using dummy_hcd [ 183.307348][T10732] Cannot find add_set index 46338 as target [ 183.460641][ T1469] usb 5-1: Using ep0 maxpacket: 32 [ 183.463987][ T1469] usb 5-1: config 0 has no interfaces? [ 183.467382][ T1469] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 183.470332][ T1469] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 183.473104][ T1469] usb 5-1: Product: syz [ 183.474478][ T1469] usb 5-1: Manufacturer: syz [ 183.476025][ T1469] usb 5-1: SerialNumber: syz [ 183.479472][ T1469] usb 5-1: config 0 descriptor?? [ 183.601246][ T7138] usb 7-1: new high-speed USB device number 45 using dummy_hcd [ 183.686888][ T1469] usb 5-1: USB disconnect, device number 42 [ 183.745464][T10740] FAULT_INJECTION: forcing a failure. [ 183.745464][T10740] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 183.750334][T10740] CPU: 3 UID: 0 PID: 10740 Comm: syz.3.1863 Not tainted syzkaller #0 PREEMPT(full) [ 183.750348][T10740] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 183.750354][T10740] Call Trace: [ 183.750370][T10740] [ 183.750374][T10740] dump_stack_lvl+0x16c/0x1f0 [ 183.750407][T10740] should_fail_ex+0x512/0x640 [ 183.750426][T10740] _copy_from_user+0x2e/0xd0 [ 183.750440][T10740] copy_msghdr_from_user+0x98/0x160 [ 183.750454][T10740] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 183.750473][T10740] ___sys_sendmsg+0xfe/0x1d0 [ 183.750499][T10740] ? __pfx____sys_sendmsg+0x10/0x10 [ 183.750512][T10740] ? __lock_acquire+0x622/0x1c90 [ 183.750538][T10740] __sys_sendmsg+0x16d/0x220 [ 183.750552][T10740] ? __pfx___sys_sendmsg+0x10/0x10 [ 183.750574][T10740] do_syscall_64+0xcd/0xfa0 [ 183.750584][T10740] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 183.750595][T10740] RIP: 0033:0x7f00a618f6c9 [ 183.750604][T10740] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 183.750613][T10740] RSP: 002b:00007f00a6f6a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 183.750623][T10740] RAX: ffffffffffffffda RBX: 00007f00a63e5fa0 RCX: 00007f00a618f6c9 [ 183.750629][T10740] RDX: 0000000000000800 RSI: 0000200000000100 RDI: 0000000000000003 [ 183.750635][T10740] RBP: 00007f00a6f6a090 R08: 0000000000000000 R09: 0000000000000000 [ 183.750641][T10740] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 183.750647][T10740] R13: 00007f00a63e6038 R14: 00007f00a63e5fa0 R15: 00007ffd17975538 [ 183.750660][T10740] [ 183.753331][ T7138] usb 7-1: config index 0 descriptor too short (expected 28277, got 36) [ 183.817441][ T7138] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 183.820810][ T7138] usb 7-1: config 0 has no interfaces? [ 183.822948][ T7138] usb 7-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 183.825860][ T7138] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 183.829749][ T7138] usb 7-1: config 0 descriptor?? [ 183.859768][T10742] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1864'. [ 183.863183][T10742] netlink: 'syz.3.1864': attribute type 10 has an invalid length. [ 183.898997][T10744] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 184.034903][ T5975] usb 7-1: USB disconnect, device number 45 [ 184.288077][T10761] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1873'. [ 184.291670][T10761] netlink: 'syz.0.1873': attribute type 10 has an invalid length. [ 184.582557][T10767] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 184.586355][T10765] netlink: 'syz.0.1882': attribute type 10 has an invalid length. [ 184.643841][T10771] FAULT_INJECTION: forcing a failure. [ 184.643841][T10771] name failslab, interval 1, probability 0, space 0, times 0 [ 184.648563][T10771] CPU: 1 UID: 0 PID: 10771 Comm: syz.1.1877 Not tainted syzkaller #0 PREEMPT(full) [ 184.648577][T10771] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 184.648583][T10771] Call Trace: [ 184.648600][T10771] [ 184.648605][T10771] dump_stack_lvl+0x16c/0x1f0 [ 184.648624][T10771] should_fail_ex+0x512/0x640 [ 184.648637][T10771] ? kmem_cache_alloc_node_noprof+0x65/0x770 [ 184.648655][T10771] should_failslab+0xc2/0x120 [ 184.648667][T10771] kmem_cache_alloc_node_noprof+0x78/0x770 [ 184.648682][T10771] ? copy_process+0x4b5/0x76a0 [ 184.648701][T10771] ? copy_process+0x4b5/0x76a0 [ 184.648713][T10771] copy_process+0x4b5/0x76a0 [ 184.648732][T10771] ? __pfx_copy_process+0x10/0x10 [ 184.648748][T10771] ? lockdep_init_map_type+0x5c/0x280 [ 184.648760][T10771] ? lockdep_init_map_type+0x5c/0x280 [ 184.648771][T10771] ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 184.648787][T10771] ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 184.648800][T10771] vhost_task_create+0x1d2/0x370 [ 184.648811][T10771] ? __pfx_vhost_task_create+0x10/0x10 [ 184.648825][T10771] ? __pfx_vhost_task_fn+0x10/0x10 [ 184.648842][T10771] kvm_mmu_post_init_vm+0x1b7/0x380 [ 184.648855][T10771] kvm_arch_vcpu_ioctl_run+0x66/0x1920 [ 184.648866][T10771] ? kvm_vcpu_ioctl+0x14c5/0x1690 [ 184.648884][T10771] kvm_vcpu_ioctl+0x5eb/0x1690 [ 184.648899][T10771] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 184.648913][T10771] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 184.648928][T10771] ? do_vfs_ioctl+0x128/0x14f0 [ 184.648942][T10771] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 184.648956][T10771] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 184.648974][T10771] ? hook_file_ioctl_common+0x145/0x410 [ 184.648992][T10771] ? selinux_file_ioctl+0x180/0x270 [ 184.649002][T10771] ? selinux_file_ioctl+0xb4/0x270 [ 184.649014][T10771] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 184.649028][T10771] __x64_sys_ioctl+0x18e/0x210 [ 184.649043][T10771] do_syscall_64+0xcd/0xfa0 [ 184.649054][T10771] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 184.649064][T10771] RIP: 0033:0x7fc3def8f6c9 [ 184.649073][T10771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 184.649083][T10771] RSP: 002b:00007fc3dfe64038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 184.649093][T10771] RAX: ffffffffffffffda RBX: 00007fc3df1e5fa0 RCX: 00007fc3def8f6c9 [ 184.649100][T10771] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 184.649106][T10771] RBP: 00007fc3dfe64090 R08: 0000000000000000 R09: 0000000000000000 [ 184.649112][T10771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 184.649117][T10771] R13: 00007fc3df1e6038 R14: 00007fc3df1e5fa0 R15: 00007fffdf4b32b8 [ 184.649131][T10771] [ 184.823894][T10780] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 184.827385][T10780] block device autoloading is deprecated and will be removed. [ 184.878212][ T10] usb 7-1: new high-speed USB device number 46 using dummy_hcd [ 185.050600][ T10] usb 7-1: Using ep0 maxpacket: 32 [ 185.055220][ T10] usb 7-1: config 0 has no interfaces? [ 185.060651][ T10] usb 7-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 185.064608][ T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 185.068012][ T10] usb 7-1: Product: syz [ 185.069752][ T10] usb 7-1: Manufacturer: syz [ 185.071852][ T10] usb 7-1: SerialNumber: syz [ 185.075919][ T10] usb 7-1: config 0 descriptor?? [ 185.090396][T10780] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1880'. [ 185.170623][ T6016] usb 5-1: new high-speed USB device number 43 using dummy_hcd [ 185.250618][ T7138] usb 8-1: new high-speed USB device number 38 using dummy_hcd [ 185.280120][ T10] usb 7-1: USB disconnect, device number 46 [ 185.310641][ T6016] usb 5-1: device descriptor read/64, error -71 [ 185.365905][T10795] FAULT_INJECTION: forcing a failure. [ 185.365905][T10795] name failslab, interval 1, probability 0, space 0, times 0 [ 185.369965][T10795] CPU: 0 UID: 0 PID: 10795 Comm: syz.1.1887 Not tainted syzkaller #0 PREEMPT(full) [ 185.369979][T10795] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 185.369985][T10795] Call Trace: [ 185.369988][T10795] [ 185.369992][T10795] dump_stack_lvl+0x16c/0x1f0 [ 185.370011][T10795] should_fail_ex+0x512/0x640 [ 185.370024][T10795] ? __kmalloc_cache_noprof+0x5f/0x780 [ 185.370041][T10795] should_failslab+0xc2/0x120 [ 185.370053][T10795] __kmalloc_cache_noprof+0x72/0x780 [ 185.370067][T10795] ? __pfx___might_resched+0x10/0x10 [ 185.370080][T10795] ? vhost_task_create+0xe5/0x370 [ 185.370090][T10795] ? rcu_is_watching+0x12/0xc0 [ 185.370103][T10795] ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 185.370119][T10795] ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 185.370131][T10795] ? vhost_task_create+0xe5/0x370 [ 185.370141][T10795] vhost_task_create+0xe5/0x370 [ 185.370151][T10795] ? __pfx_vhost_task_create+0x10/0x10 [ 185.370165][T10795] ? __pfx_vhost_task_fn+0x10/0x10 [ 185.370181][T10795] kvm_mmu_post_init_vm+0x1b7/0x380 [ 185.370193][T10795] kvm_arch_vcpu_ioctl_run+0x66/0x1920 [ 185.370204][T10795] ? kvm_vcpu_ioctl+0x14c5/0x1690 [ 185.370221][T10795] kvm_vcpu_ioctl+0x5eb/0x1690 [ 185.370236][T10795] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 185.370250][T10795] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 185.370264][T10795] ? do_vfs_ioctl+0x128/0x14f0 [ 185.370279][T10795] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 185.370293][T10795] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 185.370310][T10795] ? hook_file_ioctl_common+0x145/0x410 [ 185.370327][T10795] ? selinux_file_ioctl+0x180/0x270 [ 185.370337][T10795] ? selinux_file_ioctl+0xb4/0x270 [ 185.370349][T10795] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 185.370363][T10795] __x64_sys_ioctl+0x18e/0x210 [ 185.370382][T10795] do_syscall_64+0xcd/0xfa0 [ 185.370393][T10795] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 185.370403][T10795] RIP: 0033:0x7fc3def8f6c9 [ 185.370411][T10795] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 185.370421][T10795] RSP: 002b:00007fc3dfe64038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 185.370431][T10795] RAX: ffffffffffffffda RBX: 00007fc3df1e5fa0 RCX: 00007fc3def8f6c9 [ 185.370437][T10795] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 185.370443][T10795] RBP: 00007fc3dfe64090 R08: 0000000000000000 R09: 0000000000000000 [ 185.370449][T10795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 185.370455][T10795] R13: 00007fc3df1e6038 R14: 00007fc3df1e5fa0 R15: 00007fffdf4b32b8 [ 185.370469][T10795] [ 185.401827][ T7138] usb 8-1: config index 0 descriptor too short (expected 28277, got 36) [ 185.456004][ T7138] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 185.459213][ T7138] usb 8-1: config 0 has no interfaces? [ 185.461243][ T7138] usb 8-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 185.464176][ T7138] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 185.468736][ T7138] usb 8-1: config 0 descriptor?? [ 185.550571][ T6016] usb 5-1: new high-speed USB device number 44 using dummy_hcd [ 185.556079][T10798] netlink: 'syz.1.1888': attribute type 10 has an invalid length. [ 185.617987][T10802] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1890'. [ 185.627159][T10802] netlink: zone id is out of range [ 185.628841][T10802] netlink: zone id is out of range [ 185.631751][T10802] netlink: zone id is out of range [ 185.633967][T10802] netlink: zone id is out of range [ 185.635974][T10802] netlink: zone id is out of range [ 185.638014][T10802] netlink: set zone limit has 8 unknown bytes [ 185.677297][ T7138] usb 8-1: USB disconnect, device number 38 [ 185.700604][ T6016] usb 5-1: device descriptor read/64, error -71 [ 185.810803][ T6016] usb usb5-port1: attempt power cycle [ 185.878779][T10813] FAULT_INJECTION: forcing a failure. [ 185.878779][T10813] name failslab, interval 1, probability 0, space 0, times 0 [ 185.884766][T10813] CPU: 1 UID: 0 PID: 10813 Comm: syz.1.1894 Not tainted syzkaller #0 PREEMPT(full) [ 185.884780][T10813] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 185.884787][T10813] Call Trace: [ 185.884790][T10813] [ 185.884795][T10813] dump_stack_lvl+0x16c/0x1f0 [ 185.884814][T10813] should_fail_ex+0x512/0x640 [ 185.884826][T10813] ? fs_reclaim_acquire+0xae/0x150 [ 185.884839][T10813] should_failslab+0xc2/0x120 [ 185.884852][T10813] __kmalloc_noprof+0xdd/0x880 [ 185.884867][T10813] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 185.884882][T10813] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 185.884894][T10813] tomoyo_realpath_from_path+0xc2/0x6e0 [ 185.884907][T10813] ? tomoyo_profile+0x47/0x60 [ 185.884921][T10813] tomoyo_path_number_perm+0x245/0x580 [ 185.884931][T10813] ? tomoyo_path_number_perm+0x237/0x580 [ 185.884941][T10813] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 185.884952][T10813] ? find_held_lock+0x2b/0x80 [ 185.884976][T10813] ? find_held_lock+0x2b/0x80 [ 185.884988][T10813] ? hook_file_ioctl_common+0x145/0x410 [ 185.885005][T10813] ? __fget_files+0x20e/0x3c0 [ 185.885018][T10813] security_file_ioctl+0x9b/0x240 [ 185.885031][T10813] __x64_sys_ioctl+0xb7/0x210 [ 185.885126][T10813] do_syscall_64+0xcd/0xfa0 [ 185.885137][T10813] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 185.885147][T10813] RIP: 0033:0x7fc3def8f6c9 [ 185.885156][T10813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 185.885166][T10813] RSP: 002b:00007fc3dfe64038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 185.885177][T10813] RAX: ffffffffffffffda RBX: 00007fc3df1e5fa0 RCX: 00007fc3def8f6c9 [ 185.885183][T10813] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 185.885189][T10813] RBP: 00007fc3dfe64090 R08: 0000000000000000 R09: 0000000000000000 [ 185.885194][T10813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 185.885200][T10813] R13: 00007fc3df1e6038 R14: 00007fc3df1e5fa0 R15: 00007fffdf4b32b8 [ 185.885213][T10813] [ 185.885218][T10813] ERROR: Out of memory at tomoyo_realpath_from_path. [ 186.150660][ T6016] usb 5-1: new high-speed USB device number 45 using dummy_hcd [ 186.171115][ T6016] usb 5-1: device descriptor read/8, error -71 [ 186.227903][T10824] netlink: 'syz.3.1898': attribute type 10 has an invalid length. [ 186.293928][T10830] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1900'. [ 186.430642][ T6016] usb 5-1: new high-speed USB device number 46 using dummy_hcd [ 186.460971][ T6016] usb 5-1: device descriptor read/8, error -71 [ 186.520559][ T34] usb 6-1: new high-speed USB device number 48 using dummy_hcd [ 186.540613][ T7138] usb 8-1: new high-speed USB device number 39 using dummy_hcd [ 186.580783][ T6016] usb usb5-port1: unable to enumerate USB device [ 186.682006][ T34] usb 6-1: config index 0 descriptor too short (expected 28277, got 36) [ 186.685313][ T34] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 186.689424][ T34] usb 6-1: config 0 has no interfaces? [ 186.691745][ T34] usb 6-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 186.695345][ T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 186.699744][ T34] usb 6-1: config 0 descriptor?? [ 186.710955][ T7138] usb 8-1: Using ep0 maxpacket: 32 [ 186.714262][ T7138] usb 8-1: config 0 has no interfaces? [ 186.722109][ T7138] usb 8-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 186.724966][ T7138] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 186.727398][ T7138] usb 8-1: Product: syz [ 186.728711][ T7138] usb 8-1: Manufacturer: syz [ 186.730136][ T7138] usb 8-1: SerialNumber: syz [ 186.738268][ T7138] usb 8-1: config 0 descriptor?? [ 186.909091][ T34] usb 6-1: USB disconnect, device number 48 [ 186.945674][ T7138] usb 8-1: USB disconnect, device number 39 [ 187.256715][T10847] netlink: 'syz.2.1909': attribute type 10 has an invalid length. [ 187.510006][T10854] picdev_read: 17 callbacks suppressed [ 187.510023][T10854] kvm: pic: non byte read [ 187.517042][T10854] kvm: pic: non byte read [ 187.521675][T10854] pic_ioport_write: 2 callbacks suppressed [ 187.521688][T10854] kvm: pic: single mode not supported [ 187.523605][T10856] FAULT_INJECTION: forcing a failure. [ 187.523605][T10856] name failslab, interval 1, probability 0, space 0, times 0 [ 187.524113][T10854] kvm: pic: level sensitive irq not supported [ 187.525837][T10856] CPU: 2 UID: 0 PID: 10856 Comm: syz.1.1913 Not tainted syzkaller #0 PREEMPT(full) [ 187.525850][T10856] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 187.525857][T10856] Call Trace: [ 187.525869][T10856] [ 187.525874][T10856] dump_stack_lvl+0x16c/0x1f0 [ 187.525913][T10856] should_fail_ex+0x512/0x640 [ 187.525931][T10856] ? fs_reclaim_acquire+0xae/0x150 [ 187.525944][T10856] should_failslab+0xc2/0x120 [ 187.525956][T10856] __kmalloc_noprof+0xdd/0x880 [ 187.525970][T10856] ? tomoyo_encode2+0x100/0x3e0 [ 187.525985][T10856] ? tomoyo_encode2+0x100/0x3e0 [ 187.525996][T10856] tomoyo_encode2+0x100/0x3e0 [ 187.526008][T10856] tomoyo_encode+0x29/0x50 [ 187.526019][T10856] tomoyo_realpath_from_path+0x18f/0x6e0 [ 187.526032][T10856] ? tomoyo_profile+0x47/0x60 [ 187.526046][T10856] tomoyo_path_number_perm+0x245/0x580 [ 187.526055][T10856] ? tomoyo_path_number_perm+0x237/0x580 [ 187.526066][T10856] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 187.526077][T10856] ? find_held_lock+0x2b/0x80 [ 187.526101][T10856] ? find_held_lock+0x2b/0x80 [ 187.526113][T10856] ? hook_file_ioctl_common+0x145/0x410 [ 187.526129][T10856] ? __fget_files+0x20e/0x3c0 [ 187.526142][T10856] security_file_ioctl+0x9b/0x240 [ 187.526155][T10856] __x64_sys_ioctl+0xb7/0x210 [ 187.526171][T10856] do_syscall_64+0xcd/0xfa0 [ 187.526182][T10856] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 187.526192][T10856] RIP: 0033:0x7fc3def8f6c9 [ 187.526201][T10856] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 187.526212][T10856] RSP: 002b:00007fc3dfe64038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 187.526227][T10856] RAX: ffffffffffffffda RBX: 00007fc3df1e5fa0 RCX: 00007fc3def8f6c9 [ 187.526236][T10856] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 187.526245][T10856] RBP: 00007fc3dfe64090 R08: 0000000000000000 R09: 0000000000000000 [ 187.526254][T10856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 187.526264][T10856] R13: 00007fc3df1e6038 R14: 00007fc3df1e5fa0 R15: 00007fffdf4b32b8 [ 187.526278][T10856] [ 187.526288][T10856] ERROR: Out of memory at tomoyo_realpath_from_path. [ 187.531494][T10854] kvm: pic: non byte read [ 187.537752][T10856] kvm: pic: non byte read [ 187.540231][T10854] kvm: pic: single mode not supported [ 187.544728][T10856] kvm: pic: non byte read [ 187.546520][T10854] kvm: pic: non byte read [ 187.548305][T10856] kvm: pic: single mode not supported [ 187.551223][T10854] kvm: pic: non byte read [ 187.552220][T10856] kvm: pic: level sensitive irq not supported [ 187.556384][T10854] kvm: pic: non byte read [ 187.557664][T10856] kvm: pic: non byte read [ 187.561375][T10854] kvm: pic: single mode not supported [ 187.564489][T10856] kvm: pic: single mode not supported [ 187.564953][T10854] kvm: pic: level sensitive irq not supported [ 187.567186][T10856] kvm: pic: non byte read [ 187.571746][T10854] kvm: pic: single mode not supported [ 187.577410][T10856] kvm: pic: single mode not supported [ 187.637351][T10856] kvm: pic: level sensitive irq not supported [ 187.641408][T10856] kvm: pic: single mode not supported [ 187.779197][T10862] netlink: 'syz.3.1915': attribute type 4 has an invalid length. [ 187.879393][T10868] netlink: 'syz.3.1918': attribute type 10 has an invalid length. [ 187.920064][ T40] kauditd_printk_skb: 10 callbacks suppressed [ 187.920079][ T40] audit: type=1400 audit(1762856138.317:374): avc: denied { write } for pid=10871 comm="syz.3.1920" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 187.947745][T10874] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1921'. [ 187.963826][T10872] kvm: pic: single mode not supported [ 187.963843][T10872] kvm: pic: level sensitive irq not supported [ 187.968241][T10872] kvm: pic: single mode not supported [ 187.977340][T10872] kvm: pic: level sensitive irq not supported [ 188.110691][ T40] audit: type=1400 audit(1762856138.517:375): avc: denied { ioctl } for pid=10878 comm="syz.3.1923" path="socket:[48671]" dev="sockfs" ino=48671 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 188.140612][ T7138] usb 6-1: new high-speed USB device number 49 using dummy_hcd [ 188.177112][ T40] audit: type=1400 audit(1762856138.577:376): avc: denied { create } for pid=10882 comm="syz.2.1924" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 188.184633][ T40] audit: type=1400 audit(1762856138.577:377): avc: denied { read } for pid=10882 comm="syz.2.1924" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 188.239512][ T40] audit: type=1400 audit(1762856138.637:378): avc: denied { create } for pid=10885 comm="syz.2.1925" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 188.242933][T10886] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1925'. [ 188.246808][ T40] audit: type=1400 audit(1762856138.637:379): avc: denied { ioctl } for pid=10885 comm="syz.2.1925" path="socket:[49488]" dev="sockfs" ino=49488 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 188.283748][T10886] team0: Port device team_slave_1 removed [ 188.303329][ T7138] usb 6-1: config index 0 descriptor too short (expected 28277, got 36) [ 188.305984][ T7138] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 188.309220][ T7138] usb 6-1: config 0 has no interfaces? [ 188.311123][ T7138] usb 6-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 188.314272][ T7138] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 188.318362][ T7138] usb 6-1: config 0 descriptor?? [ 188.320588][ T842] usb 5-1: new high-speed USB device number 47 using dummy_hcd [ 188.480906][ T842] usb 5-1: Using ep0 maxpacket: 32 [ 188.484997][ T842] usb 5-1: config 0 has no interfaces? [ 188.488238][ T842] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 188.492028][ T842] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 188.494675][ T842] usb 5-1: Product: syz [ 188.496054][ T842] usb 5-1: Manufacturer: syz [ 188.497648][ T842] usb 5-1: SerialNumber: syz [ 188.500635][ T842] usb 5-1: config 0 descriptor?? [ 188.519099][T10895] netlink: 'syz.3.1929': attribute type 10 has an invalid length. [ 188.523576][ T842] usb 6-1: USB disconnect, device number 49 [ 188.705160][ T34] usb 5-1: USB disconnect, device number 47 [ 188.822891][ T6016] usb 8-1: new high-speed USB device number 40 using dummy_hcd [ 188.950587][ T6016] usb 8-1: device descriptor read/64, error -71 [ 189.075922][T10906] loop3: detected capacity change from 0 to 7 [ 189.080051][T10906] loop3: [POWERTEC] p1 p2 p3 p4 p5 [ 189.082878][T10906] loop3: p1 start 1664050286 is beyond EOD, truncated [ 189.085676][T10906] loop3: p2 start 3953065984 is beyond EOD, truncated [ 189.088465][T10906] loop3: p3 size 134656 extends beyond EOD, truncated [ 189.093031][T10906] loop3: p4 start 196608 is beyond EOD, truncated [ 189.095752][T10906] loop3: p5 size 131072 extends beyond EOD, truncated [ 189.118102][ T9013] udevd[9013]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 189.123547][ T6017] udevd[6017]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory [ 189.138501][T10908] FAULT_INJECTION: forcing a failure. [ 189.138501][T10908] name failslab, interval 1, probability 0, space 0, times 0 [ 189.142529][T10908] CPU: 3 UID: 0 PID: 10908 Comm: syz.1.1935 Not tainted syzkaller #0 PREEMPT(full) [ 189.142542][T10908] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 189.142549][T10908] Call Trace: [ 189.142553][T10908] [ 189.142557][T10908] dump_stack_lvl+0x16c/0x1f0 [ 189.142576][T10908] should_fail_ex+0x512/0x640 [ 189.142588][T10908] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 189.142606][T10908] should_failslab+0xc2/0x120 [ 189.142618][T10908] kmem_cache_alloc_noprof+0x75/0x6e0 [ 189.142633][T10908] ? __kvm_mmu_topup_memory_cache+0x455/0x600 [ 189.142648][T10908] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 189.142665][T10908] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 189.142679][T10908] __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 189.142697][T10908] mmu_topup_memory_caches+0x25/0x170 [ 189.142709][T10908] kvm_mmu_load+0xd6/0x23c0 [ 189.142725][T10908] ? kvm_apic_has_interrupt+0x106/0x1f0 [ 189.142738][T10908] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 189.142753][T10908] ? __pfx_kvm_mmu_load+0x10/0x10 [ 189.142768][T10908] ? kvm_cpu_has_injectable_intr+0x9c/0x1a0 [ 189.142783][T10908] ? kvm_check_and_inject_events+0x71c/0x1310 [ 189.142796][T10908] vcpu_run+0x3779/0x54d0 [ 189.142808][T10908] ? __lock_acquire+0xb8a/0x1c90 [ 189.142821][T10908] ? __pfx_vcpu_run+0x10/0x10 [ 189.142834][T10908] ? rcu_is_watching+0x12/0xc0 [ 189.142850][T10908] ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1920 [ 189.142860][T10908] kvm_arch_vcpu_ioctl_run+0xfd3/0x1920 [ 189.142874][T10908] kvm_vcpu_ioctl+0x5eb/0x1690 [ 189.142889][T10908] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 189.142903][T10908] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 189.142917][T10908] ? do_vfs_ioctl+0x128/0x14f0 [ 189.142932][T10908] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 189.142946][T10908] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 189.142963][T10908] ? hook_file_ioctl_common+0x145/0x410 [ 189.142980][T10908] ? selinux_file_ioctl+0x180/0x270 [ 189.142990][T10908] ? selinux_file_ioctl+0xb4/0x270 [ 189.143002][T10908] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 189.143016][T10908] __x64_sys_ioctl+0x18e/0x210 [ 189.143031][T10908] do_syscall_64+0xcd/0xfa0 [ 189.143042][T10908] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 189.143052][T10908] RIP: 0033:0x7fc3def8f6c9 [ 189.143060][T10908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 189.143070][T10908] RSP: 002b:00007fc3dfe64038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 189.143080][T10908] RAX: ffffffffffffffda RBX: 00007fc3df1e5fa0 RCX: 00007fc3def8f6c9 [ 189.143086][T10908] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 189.143092][T10908] RBP: 00007fc3dfe64090 R08: 0000000000000000 R09: 0000000000000000 [ 189.143098][T10908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 189.143103][T10908] R13: 00007fc3df1e6038 R14: 00007fc3df1e5fa0 R15: 00007fffdf4b32b8 [ 189.143117][T10908] [ 189.190838][ T6016] usb 8-1: new high-speed USB device number 41 using dummy_hcd [ 189.249285][T10911] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 189.313523][T10915] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1938'. [ 189.316871][T10915] netlink: 'syz.1.1938': attribute type 10 has an invalid length. [ 189.358951][T10919] FAULT_INJECTION: forcing a failure. [ 189.358951][T10919] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 189.364580][T10919] CPU: 0 UID: 0 PID: 10919 Comm: syz.1.1940 Not tainted syzkaller #0 PREEMPT(full) [ 189.364594][T10919] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 189.364601][T10919] Call Trace: [ 189.364605][T10919] [ 189.364609][T10919] dump_stack_lvl+0x16c/0x1f0 [ 189.364629][T10919] should_fail_ex+0x512/0x640 [ 189.364643][T10919] _copy_to_user+0x32/0xd0 [ 189.364658][T10919] simple_read_from_buffer+0xcb/0x170 [ 189.364678][T10919] proc_fail_nth_read+0x197/0x240 [ 189.364691][T10919] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 189.364703][T10919] ? rw_verify_area+0xcf/0x6c0 [ 189.364718][T10919] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 189.364729][T10919] vfs_read+0x1e4/0xcf0 [ 189.364740][T10919] ? __pfx___mutex_lock+0x10/0x10 [ 189.364751][T10919] ? __pfx_vfs_read+0x10/0x10 [ 189.364764][T10919] ? __fget_files+0x20e/0x3c0 [ 189.364778][T10919] ksys_read+0x12a/0x250 [ 189.364787][T10919] ? __pfx_ksys_read+0x10/0x10 [ 189.364800][T10919] do_syscall_64+0xcd/0xfa0 [ 189.364811][T10919] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 189.364821][T10919] RIP: 0033:0x7fc3def8e0dc [ 189.364830][T10919] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 189.364840][T10919] RSP: 002b:00007fc3dfe64030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 189.364850][T10919] RAX: ffffffffffffffda RBX: 00007fc3df1e5fa0 RCX: 00007fc3def8e0dc [ 189.364856][T10919] RDX: 000000000000000f RSI: 00007fc3dfe640a0 RDI: 0000000000000003 [ 189.364862][T10919] RBP: 00007fc3dfe64090 R08: 0000000000000000 R09: 0000000000000000 [ 189.364868][T10919] R10: 000000000000002a R11: 0000000000000246 R12: 0000000000000001 [ 189.364874][T10919] R13: 00007fc3df1e6038 R14: 00007fc3df1e5fa0 R15: 00007fffdf4b32b8 [ 189.364887][T10919] [ 189.420667][ T6016] usb 8-1: device descriptor read/64, error -71 [ 189.483238][T10923] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1949'. [ 189.487033][T10923] netlink: 'syz.0.1949': attribute type 10 has an invalid length. [ 189.509753][T10921] kvm: pic: level sensitive irq not supported [ 189.517584][T10921] kvm: pic: level sensitive irq not supported [ 189.525460][T10928] binder: 10927:10928 unknown command 0 [ 189.529126][T10928] binder: 10927:10928 ioctl c0306201 200000000080 returned -22 [ 189.541573][ T6016] usb usb8-port1: attempt power cycle [ 189.637508][T10933] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 189.844206][T10946] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1950'. [ 189.870603][ T10] usb 7-1: new high-speed USB device number 47 using dummy_hcd [ 189.901439][ T6016] usb 8-1: new high-speed USB device number 42 using dummy_hcd [ 189.920972][ T6016] usb 8-1: device descriptor read/8, error -71 [ 190.032025][ T10] usb 7-1: config index 0 descriptor too short (expected 28277, got 36) [ 190.034626][ T10] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 190.037709][ T10] usb 7-1: config 0 has no interfaces? [ 190.039368][ T10] usb 7-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 190.042219][ T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 190.045820][ T10] usb 7-1: config 0 descriptor?? [ 190.120582][ T7138] usb 6-1: new high-speed USB device number 50 using dummy_hcd [ 190.180666][ T6016] usb 8-1: new high-speed USB device number 43 using dummy_hcd [ 190.200963][ T6016] usb 8-1: device descriptor read/8, error -71 [ 190.280548][ T7138] usb 6-1: Using ep0 maxpacket: 32 [ 190.283782][ T7138] usb 6-1: config 0 has no interfaces? [ 190.287384][ T7138] usb 6-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 190.290321][ T7138] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 190.292970][ T7138] usb 6-1: Product: syz [ 190.294363][ T7138] usb 6-1: Manufacturer: syz [ 190.295880][ T7138] usb 6-1: SerialNumber: syz [ 190.299257][ T7138] usb 6-1: config 0 descriptor?? [ 190.310921][ T6016] usb usb8-port1: unable to enumerate USB device [ 190.503807][ T7138] usb 6-1: USB disconnect, device number 50 [ 191.010713][ T7138] usb 5-1: new high-speed USB device number 48 using dummy_hcd [ 191.058735][T10953] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1953'. [ 191.065301][T10953] netlink: 'syz.1.1953': attribute type 10 has an invalid length. [ 191.133553][T10957] binder: 10956:10957 unknown command 0 [ 191.135314][T10957] binder: 10956:10957 ioctl c0306201 200000000080 returned -22 [ 191.171816][ T7138] usb 5-1: config index 0 descriptor too short (expected 28277, got 36) [ 191.174505][ T7138] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 191.177631][ T7138] usb 5-1: config 0 has no interfaces? [ 191.179373][ T7138] usb 5-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 191.182573][ T7138] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 191.186317][ T7138] usb 5-1: config 0 descriptor?? [ 191.418079][ T7138] usb 5-1: USB disconnect, device number 48 [ 191.992079][T10960] kvm: pic: level sensitive irq not supported [ 191.998771][T10960] kvm: pic: level sensitive irq not supported [ 192.180915][ T6016] usb 6-1: new high-speed USB device number 51 using dummy_hcd [ 192.248625][T10974] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1961'. [ 192.311199][ T6016] usb 6-1: device descriptor read/64, error -71 [ 192.490699][ T10] usb 5-1: new high-speed USB device number 49 using dummy_hcd [ 192.503994][ T7138] usb 7-1: USB disconnect, device number 47 [ 192.550641][ T6016] usb 6-1: new high-speed USB device number 52 using dummy_hcd [ 192.640585][ T10] usb 5-1: Using ep0 maxpacket: 32 [ 192.643753][ T10] usb 5-1: config 0 has no interfaces? [ 192.647446][ T10] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 192.650657][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 192.653496][ T10] usb 5-1: Product: syz [ 192.655147][ T10] usb 5-1: Manufacturer: syz [ 192.656889][ T10] usb 5-1: SerialNumber: syz [ 192.660055][ T10] usb 5-1: config 0 descriptor?? [ 192.680583][ T6016] usb 6-1: device descriptor read/64, error -71 [ 192.709824][T10976] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1962'. [ 192.714881][T10976] netlink: 'syz.2.1962': attribute type 10 has an invalid length. [ 192.791702][ T6016] usb usb6-port1: attempt power cycle [ 192.798289][T10978] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 192.864720][ T29] usb 5-1: USB disconnect, device number 49 [ 192.983050][T10984] binder: 10983:10984 unknown command 0 [ 192.985732][T10984] binder: 10983:10984 ioctl c0306201 200000000080 returned -22 [ 193.133988][T10992] picdev_read: 35 callbacks suppressed [ 193.134004][T10992] kvm: pic: non byte read [ 193.141046][ T6016] usb 6-1: new high-speed USB device number 53 using dummy_hcd [ 193.141299][T10992] kvm: pic: non byte read [ 193.146453][T10992] pic_ioport_write: 10 callbacks suppressed [ 193.146462][T10992] kvm: pic: single mode not supported [ 193.148341][T10992] kvm: pic: level sensitive irq not supported [ 193.150450][T10992] kvm: pic: non byte read [ 193.155138][T10992] kvm: pic: single mode not supported [ 193.155441][T10992] kvm: pic: non byte read [ 193.160151][T10992] kvm: pic: non byte read [ 193.161363][ T6016] usb 6-1: device descriptor read/8, error -71 [ 193.163224][T10992] kvm: pic: non byte read [ 193.166085][T10992] kvm: pic: single mode not supported [ 193.166092][T10992] kvm: pic: level sensitive irq not supported [ 193.168113][T10992] kvm: pic: non byte read [ 193.172816][T10992] kvm: pic: single mode not supported [ 193.173114][T10992] kvm: pic: non byte read [ 193.177974][T10992] kvm: pic: non byte read [ 193.280661][ T7138] usb 8-1: new high-speed USB device number 44 using dummy_hcd [ 193.400766][ T6016] usb 6-1: new high-speed USB device number 54 using dummy_hcd [ 193.421216][ T6016] usb 6-1: device descriptor read/8, error -71 [ 193.452755][ T7138] usb 8-1: config index 0 descriptor too short (expected 28277, got 36) [ 193.456462][ T7138] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 193.461749][ T7138] usb 8-1: config 0 has no interfaces? [ 193.464080][ T7138] usb 8-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 193.467724][ T7138] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 193.473270][ T7138] usb 8-1: config 0 descriptor?? [ 193.531199][ T6016] usb usb6-port1: unable to enumerate USB device [ 193.679800][ T7138] usb 8-1: USB disconnect, device number 44 [ 193.943895][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.946109][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.218967][T10996] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1972'. [ 194.223478][T10996] netlink: 'syz.2.1972': attribute type 10 has an invalid length. [ 194.363637][T11004] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1982'. [ 194.366831][T11004] netlink: 'syz.2.1982': attribute type 10 has an invalid length. [ 194.480946][ T6016] usb 5-1: new high-speed USB device number 50 using dummy_hcd [ 194.556213][T11014] binder: 11013:11014 unknown command 0 [ 194.558574][T11014] binder: 11013:11014 ioctl c0306201 200000000080 returned -22 [ 194.650912][ T6016] usb 5-1: Using ep0 maxpacket: 32 [ 194.653695][ T6016] usb 5-1: config 0 has no interfaces? [ 194.656880][ T6016] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 194.659650][ T6016] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 194.662357][ T6016] usb 5-1: Product: syz [ 194.663676][ T6016] usb 5-1: Manufacturer: syz [ 194.665122][ T6016] usb 5-1: SerialNumber: syz [ 194.667781][ T6016] usb 5-1: config 0 descriptor?? [ 194.710722][ T29] usb 8-1: new high-speed USB device number 45 using dummy_hcd [ 194.874101][ T7138] usb 5-1: USB disconnect, device number 50 [ 194.874248][ T29] usb 8-1: config index 0 descriptor too short (expected 28277, got 36) [ 194.879360][ T29] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 194.883614][ T29] usb 8-1: config 0 has no interfaces? [ 194.885880][ T29] usb 8-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 194.889572][ T29] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 194.895343][ T29] usb 8-1: config 0 descriptor?? [ 195.063287][T11023] kvm: pic: non byte read [ 195.067797][T11023] kvm: pic: single mode not supported [ 195.067805][T11023] kvm: pic: level sensitive irq not supported [ 195.071541][T11023] kvm: pic: single mode not supported [ 195.078603][T11023] kvm: pic: single mode not supported [ 195.080207][T11023] kvm: pic: level sensitive irq not supported [ 195.083765][T11023] kvm: pic: single mode not supported [ 195.385552][T11029] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1984'. [ 195.390349][T11029] netlink: 'syz.1.1984': attribute type 10 has an invalid length. [ 195.526451][T11040] binder: 11039:11040 unknown command 0 [ 195.528400][T11040] binder: 11039:11040 ioctl c0306201 200000000080 returned -22 [ 195.660584][ T29] usb 6-1: new high-speed USB device number 55 using dummy_hcd [ 195.730593][ T7138] usb 7-1: new high-speed USB device number 48 using dummy_hcd [ 195.812226][ T29] usb 6-1: config index 0 descriptor too short (expected 28277, got 36) [ 195.814815][ T29] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 195.817947][ T29] usb 6-1: config 0 has no interfaces? [ 195.819673][ T29] usb 6-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 195.822851][ T29] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 195.826597][ T29] usb 6-1: config 0 descriptor?? [ 195.880570][ T5975] usb 5-1: new high-speed USB device number 51 using dummy_hcd [ 195.880994][ T7138] usb 7-1: too many configurations: 109, using maximum allowed: 8 [ 195.887331][ T7138] usb 7-1: unable to read config index 0 descriptor/start: -61 [ 195.890002][ T7138] usb 7-1: can't read configurations, error -61 [ 196.030613][ T7138] usb 7-1: new high-speed USB device number 49 using dummy_hcd [ 196.030624][ T5975] usb 5-1: Using ep0 maxpacket: 32 [ 196.032437][ T5975] usb 5-1: config 0 has no interfaces? [ 196.038826][ T5975] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 196.042125][ T5975] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 196.044622][ T5975] usb 5-1: Product: syz [ 196.045980][ T5975] usb 5-1: Manufacturer: syz [ 196.047461][ T5975] usb 5-1: SerialNumber: syz [ 196.050062][ T5975] usb 5-1: config 0 descriptor?? [ 196.057001][ T29] usb 6-1: USB disconnect, device number 55 [ 196.191063][ T7138] usb 7-1: too many configurations: 109, using maximum allowed: 8 [ 196.195094][ T7138] usb 7-1: unable to read config index 0 descriptor/start: -61 [ 196.197483][ T7138] usb 7-1: can't read configurations, error -61 [ 196.199611][ T7138] usb usb7-port1: attempt power cycle [ 196.254281][ T34] usb 5-1: USB disconnect, device number 51 [ 196.540609][ T7138] usb 7-1: new high-speed USB device number 50 using dummy_hcd [ 196.561553][ T7138] usb 7-1: too many configurations: 109, using maximum allowed: 8 [ 196.565188][ T7138] usb 7-1: unable to read config index 0 descriptor/start: -61 [ 196.567457][ T7138] usb 7-1: can't read configurations, error -61 [ 196.645549][T11052] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1995'. [ 196.649695][T11052] netlink: 'syz.1.1995': attribute type 10 has an invalid length. [ 196.700611][ T7138] usb 7-1: new high-speed USB device number 51 using dummy_hcd [ 196.722458][ T7138] usb 7-1: too many configurations: 109, using maximum allowed: 8 [ 196.725826][ T7138] usb 7-1: unable to read config index 0 descriptor/start: -61 [ 196.727892][ T7138] usb 7-1: can't read configurations, error -61 [ 196.729707][ T7138] usb usb7-port1: unable to enumerate USB device [ 196.932734][T11064] binder: 11063:11064 unknown command 0 [ 196.934911][T11064] binder: 11063:11064 ioctl c0306201 200000000080 returned -22 [ 197.240563][ T5975] usb 5-1: new high-speed USB device number 52 using dummy_hcd [ 197.362757][ T34] usb 8-1: USB disconnect, device number 45 [ 197.395677][ T5975] usb 5-1: config 0 has no interfaces? [ 197.397762][ T5975] usb 5-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 197.400421][ T5975] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 197.404730][ T5975] usb 5-1: config 0 descriptor?? [ 197.561608][T11070] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2004'. [ 197.565548][T11070] netlink: 'syz.1.2004': attribute type 10 has an invalid length. [ 197.608461][ T29] usb 5-1: USB disconnect, device number 52 [ 197.808968][T11085] binder: 11084:11085 unknown command 0 [ 197.811416][T11085] binder: 11084:11085 ioctl c0306201 200000000080 returned -22 [ 197.841507][ T10] usb 8-1: new high-speed USB device number 46 using dummy_hcd [ 197.990602][ T10] usb 8-1: Using ep0 maxpacket: 32 [ 197.993489][ T10] usb 8-1: config 0 has no interfaces? [ 197.996802][ T10] usb 8-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 197.999605][ T10] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 198.002398][ T10] usb 8-1: Product: syz [ 198.003922][ T10] usb 8-1: Manufacturer: syz [ 198.005571][ T10] usb 8-1: SerialNumber: syz [ 198.008683][ T10] usb 8-1: config 0 descriptor?? [ 198.212902][ T10] usb 8-1: USB disconnect, device number 46 [ 198.767894][T11096] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2015'. [ 198.771961][T11096] netlink: 'syz.3.2015': attribute type 10 has an invalid length. [ 198.846246][T11108] binder: 11107:11108 unknown command 0 [ 198.848363][T11108] binder: 11107:11108 ioctl c0306201 200000000080 returned -22 [ 199.000672][ T34] usb 5-1: new high-speed USB device number 53 using dummy_hcd [ 199.120622][ T7138] usb 7-1: new high-speed USB device number 52 using dummy_hcd [ 199.140677][ T10] usb 6-1: new high-speed USB device number 56 using dummy_hcd [ 199.171066][ T34] usb 5-1: too many configurations: 109, using maximum allowed: 8 [ 199.174771][ T34] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 199.177180][ T34] usb 5-1: can't read configurations, error -61 [ 199.270580][ T7138] usb 7-1: Using ep0 maxpacket: 32 [ 199.273395][ T7138] usb 7-1: config 0 has no interfaces? [ 199.276722][ T7138] usb 7-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 199.279592][ T7138] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 199.282492][ T7138] usb 7-1: Product: syz [ 199.283758][ T7138] usb 7-1: Manufacturer: syz [ 199.285310][ T7138] usb 7-1: SerialNumber: syz [ 199.289183][ T7138] usb 7-1: config 0 descriptor?? [ 199.300636][ T34] usb 5-1: new high-speed USB device number 54 using dummy_hcd [ 199.312275][ T10] usb 6-1: config index 0 descriptor too short (expected 28277, got 36) [ 199.315679][ T10] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 199.319691][ T10] usb 6-1: config 0 has no interfaces? [ 199.322107][ T10] usb 6-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 199.325811][ T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 199.330935][ T10] usb 6-1: config 0 descriptor?? [ 199.462552][ T34] usb 5-1: too many configurations: 109, using maximum allowed: 8 [ 199.466125][ T34] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 199.468550][ T34] usb 5-1: can't read configurations, error -61 [ 199.470674][ T34] usb usb5-port1: attempt power cycle [ 199.494762][ T7138] usb 7-1: USB disconnect, device number 52 [ 199.810643][ T34] usb 5-1: new high-speed USB device number 55 using dummy_hcd [ 199.831706][ T34] usb 5-1: too many configurations: 109, using maximum allowed: 8 [ 199.836516][ T34] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 199.839666][ T34] usb 5-1: can't read configurations, error -61 [ 199.970664][ T34] usb 5-1: new high-speed USB device number 56 using dummy_hcd [ 199.991856][ T34] usb 5-1: too many configurations: 109, using maximum allowed: 8 [ 199.995295][ T34] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 199.997633][ T34] usb 5-1: can't read configurations, error -61 [ 199.999655][ T34] usb usb5-port1: unable to enumerate USB device [ 200.000644][ T10] usb 8-1: new high-speed USB device number 47 using dummy_hcd [ 200.116945][T11127] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2028'. [ 200.120065][T11127] netlink: 'syz.2.2028': attribute type 10 has an invalid length. [ 200.151746][ T10] usb 8-1: config 0 has no interfaces? [ 200.153650][ T10] usb 8-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 200.156544][ T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 200.160045][ T10] usb 8-1: config 0 descriptor?? [ 200.364167][ T29] usb 8-1: USB disconnect, device number 47 [ 201.139350][T11143] binder: 11142:11143 unknown command 0 [ 201.140847][ T7138] usb 8-1: new high-speed USB device number 48 using dummy_hcd [ 201.141444][T11143] binder: 11142:11143 ioctl c0306201 200000000080 returned -22 [ 201.217569][T11147] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2037'. [ 201.222046][T11147] netlink: 'syz.2.2037': attribute type 10 has an invalid length. [ 201.310800][ T7138] usb 8-1: Using ep0 maxpacket: 32 [ 201.314614][ T7138] usb 8-1: config 0 has no interfaces? [ 201.318180][ T7138] usb 8-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 201.321245][ T7138] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 201.324042][ T7138] usb 8-1: Product: syz [ 201.325600][ T7138] usb 8-1: Manufacturer: syz [ 201.327282][ T7138] usb 8-1: SerialNumber: syz [ 201.330267][ T7138] usb 8-1: config 0 descriptor?? [ 201.536904][ T34] usb 8-1: USB disconnect, device number 48 [ 201.775300][ T7138] usb 6-1: USB disconnect, device number 56 [ 202.033386][T11165] binder: 11164:11165 unknown command 0 [ 202.035149][T11165] binder: 11164:11165 ioctl c0306201 200000000080 returned -22 [ 202.069544][T11169] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 202.071983][T11169] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 202.190687][ T29] usb 5-1: new high-speed USB device number 57 using dummy_hcd [ 202.237120][T11186] binder: 11185:11186 unknown command 0 [ 202.238910][T11186] binder: 11185:11186 ioctl c0306201 200000000080 returned -22 [ 202.267176][T11190] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 202.269237][T11190] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 202.352323][ T29] usb 5-1: config 0 has no interfaces? [ 202.354706][ T29] usb 5-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 202.358455][ T29] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 202.364323][ T29] usb 5-1: config 0 descriptor?? [ 202.390928][ T10] usb 6-1: new high-speed USB device number 57 using dummy_hcd [ 202.500727][ T5975] usb 8-1: new high-speed USB device number 49 using dummy_hcd [ 202.540630][ T842] usb 7-1: new high-speed USB device number 53 using dummy_hcd [ 202.541418][ T10] usb 6-1: too many configurations: 109, using maximum allowed: 8 [ 202.547332][ T10] usb 6-1: unable to read config index 0 descriptor/start: -61 [ 202.549771][ T10] usb 6-1: can't read configurations, error -61 [ 202.568784][ T34] usb 5-1: USB disconnect, device number 57 [ 202.660841][ T5975] usb 8-1: Using ep0 maxpacket: 32 [ 202.664784][ T5975] usb 8-1: config 0 has no interfaces? [ 202.669040][ T5975] usb 8-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 202.673154][ T5975] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 202.676623][ T5975] usb 8-1: Product: syz [ 202.678386][ T5975] usb 8-1: Manufacturer: syz [ 202.680348][ T5975] usb 8-1: SerialNumber: syz [ 202.681945][ T10] usb 6-1: new high-speed USB device number 58 using dummy_hcd [ 202.686331][ T5975] usb 8-1: config 0 descriptor?? [ 202.722173][ T842] usb 7-1: config index 0 descriptor too short (expected 28277, got 36) [ 202.725482][ T842] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 202.729242][ T842] usb 7-1: config 0 has no interfaces? [ 202.731883][ T842] usb 7-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 202.735470][ T842] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 202.739957][ T842] usb 7-1: config 0 descriptor?? [ 202.831381][ T10] usb 6-1: too many configurations: 109, using maximum allowed: 8 [ 202.835939][ T10] usb 6-1: unable to read config index 0 descriptor/start: -61 [ 202.839038][ T10] usb 6-1: can't read configurations, error -61 [ 202.841552][ T10] usb usb6-port1: attempt power cycle [ 202.890813][ T842] usb 8-1: USB disconnect, device number 49 [ 202.955569][ T5975] usb 7-1: USB disconnect, device number 53 [ 203.180634][ T10] usb 6-1: new high-speed USB device number 59 using dummy_hcd [ 203.201744][ T10] usb 6-1: too many configurations: 109, using maximum allowed: 8 [ 203.206516][ T10] usb 6-1: unable to read config index 0 descriptor/start: -61 [ 203.209792][ T10] usb 6-1: can't read configurations, error -61 [ 203.340647][ T10] usb 6-1: new high-speed USB device number 60 using dummy_hcd [ 203.361913][ T10] usb 6-1: too many configurations: 109, using maximum allowed: 8 [ 203.365771][ T10] usb 6-1: unable to read config index 0 descriptor/start: -61 [ 203.368182][ T10] usb 6-1: can't read configurations, error -61 [ 203.370402][ T10] usb usb6-port1: unable to enumerate USB device [ 203.424560][T11210] binder: 11209:11210 unknown command 0 [ 203.426412][T11210] binder: 11209:11210 ioctl c0306201 200000000080 returned -22 [ 203.431185][T11210] binder_alloc: 11209: binder_alloc_buf, no vma [ 203.536709][T11216] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 203.539110][T11216] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 203.732094][ T842] usb 8-1: new high-speed USB device number 50 using dummy_hcd [ 203.892620][ T842] usb 8-1: config index 0 descriptor too short (expected 28277, got 36) [ 203.896094][ T842] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 203.900711][ T842] usb 8-1: config 0 has no interfaces? [ 203.903028][ T842] usb 8-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 203.906788][ T842] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 203.912178][ T842] usb 8-1: config 0 descriptor?? [ 203.941921][ T34] usb 7-1: new high-speed USB device number 54 using dummy_hcd [ 204.090571][ T34] usb 7-1: Using ep0 maxpacket: 32 [ 204.093546][ T34] usb 7-1: config 0 has no interfaces? [ 204.097482][ T34] usb 7-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 204.101429][ T34] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 204.104759][ T34] usb 7-1: Product: syz [ 204.106436][ T34] usb 7-1: Manufacturer: syz [ 204.107900][ T34] usb 7-1: SerialNumber: syz [ 204.110586][ T34] usb 7-1: config 0 descriptor?? [ 204.116942][ T842] usb 8-1: USB disconnect, device number 50 [ 204.216577][T11231] binder: 11230:11231 unknown command 0 [ 204.218468][T11231] binder: 11230:11231 ioctl c0306201 200000000080 returned -22 [ 204.223957][T11231] binder_alloc: 11230: binder_alloc_buf, no vma [ 204.316099][ T842] usb 7-1: USB disconnect, device number 54 [ 204.677324][T11250] binder: 11249:11250 unknown command 0 [ 204.679692][T11250] binder: 11249:11250 ioctl c0306201 200000000080 returned -22 [ 204.686138][T11250] binder_alloc: 11249: binder_alloc_buf, no vma [ 204.997047][T11270] binder: 11269:11270 unknown command 0 [ 204.998830][T11270] binder: 11269:11270 ioctl c0306201 200000000080 returned -22 [ 205.140794][ T842] usb 7-1: new high-speed USB device number 55 using dummy_hcd [ 205.292527][ T842] usb 7-1: config index 0 descriptor too short (expected 28277, got 36) [ 205.296092][ T842] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 205.300240][ T842] usb 7-1: config 0 has no interfaces? [ 205.302826][ T842] usb 7-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 205.306711][ T842] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 205.312066][ T842] usb 7-1: config 0 descriptor?? [ 205.370661][ T34] usb 8-1: new high-speed USB device number 51 using dummy_hcd [ 205.517796][ T6016] usb 7-1: USB disconnect, device number 55 [ 205.522766][ T34] usb 8-1: config index 0 descriptor too short (expected 28277, got 36) [ 205.525389][ T34] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 205.528546][ T34] usb 8-1: config 0 has no interfaces? [ 205.530255][ T34] usb 8-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 205.533806][ T34] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 205.537779][ T34] usb 8-1: config 0 descriptor?? [ 205.573472][ T10] usb 6-1: new high-speed USB device number 61 using dummy_hcd [ 205.622450][T11292] binder: 11291:11292 unknown command 0 [ 205.624329][T11292] binder: 11291:11292 ioctl c0306201 200000000080 returned -22 [ 205.730791][ T10] usb 6-1: Using ep0 maxpacket: 32 [ 205.734434][ T10] usb 6-1: config 0 has no interfaces? [ 205.737681][ T10] usb 6-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 205.740623][ T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 205.743107][ T10] usb 6-1: Product: syz [ 205.744866][ T10] usb 6-1: Manufacturer: syz [ 205.746730][ T10] usb 6-1: SerialNumber: syz [ 205.749329][ T842] usb 8-1: USB disconnect, device number 51 [ 205.749638][ T10] usb 6-1: config 0 descriptor?? [ 205.890622][ T34] usb 5-1: new high-speed USB device number 58 using dummy_hcd [ 205.956728][ T6016] usb 6-1: USB disconnect, device number 61 [ 206.061175][ T34] usb 5-1: too many configurations: 109, using maximum allowed: 8 [ 206.064743][ T34] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 206.067149][ T34] usb 5-1: can't read configurations, error -61 [ 206.200621][ T34] usb 5-1: new high-speed USB device number 59 using dummy_hcd [ 206.351746][ T34] usb 5-1: too many configurations: 109, using maximum allowed: 8 [ 206.355659][ T34] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 206.358963][ T34] usb 5-1: can't read configurations, error -61 [ 206.362298][ T34] usb usb5-port1: attempt power cycle [ 206.486505][T11313] binder: 11312:11313 unknown command 0 [ 206.488302][T11313] binder: 11312:11313 ioctl c0306201 200000000080 returned -22 [ 206.730558][ T34] usb 5-1: new high-speed USB device number 60 using dummy_hcd [ 206.760676][ T10] usb 8-1: new high-speed USB device number 52 using dummy_hcd [ 206.763683][ T34] usb 5-1: too many configurations: 109, using maximum allowed: 8 [ 206.768733][ T34] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 206.770628][ T6016] usb 6-1: new high-speed USB device number 62 using dummy_hcd [ 206.771954][ T34] usb 5-1: can't read configurations, error -61 [ 206.910614][ T34] usb 5-1: new high-speed USB device number 61 using dummy_hcd [ 206.914397][ T10] usb 8-1: config index 0 descriptor too short (expected 28277, got 36) [ 206.917920][ T10] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 206.922331][ T10] usb 8-1: config 0 has no interfaces? [ 206.924635][ T10] usb 8-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 206.928400][ T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 206.934301][ T10] usb 8-1: config 0 descriptor?? [ 206.935017][ T6016] usb 6-1: config index 0 descriptor too short (expected 28277, got 36) [ 206.939119][ T6016] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 206.942889][ T6016] usb 6-1: config 0 has no interfaces? [ 206.944324][ T34] usb 5-1: too many configurations: 109, using maximum allowed: 8 [ 206.947927][ T6016] usb 6-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 206.952054][ T6016] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 206.953746][ T34] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 206.957330][ T6016] usb 6-1: config 0 descriptor?? [ 206.960976][ T34] usb 5-1: can't read configurations, error -61 [ 206.964481][ T34] usb usb5-port1: unable to enumerate USB device [ 207.100191][ T40] audit: type=1400 audit(1762856157.497:380): avc: denied { execute } for pid=11326 comm="syz-executor" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 207.108893][ T40] audit: type=1400 audit(1762856157.497:381): avc: denied { execute_no_trans } for pid=11326 comm="syz-executor" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 207.143348][ T34] usb 8-1: USB disconnect, device number 52 [ 207.166880][ T6016] usb 6-1: USB disconnect, device number 62 [ 207.217153][ T5938] bond0: (slave syz_tun): Releasing backup interface [ 207.283850][ T64] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 207.287067][ T64] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 207.289893][ T64] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 207.293186][ T64] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 207.297581][ T64] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 207.319328][ T199] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.387444][ T199] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.461359][ T199] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.469996][T11327] chnl_net:caif_netlink_parms(): no params data found [ 207.536803][T11327] bridge0: port 1(bridge_slave_0) entered blocking state [ 207.539232][T11327] bridge0: port 1(bridge_slave_0) entered disabled state [ 207.541896][T11327] bridge_slave_0: entered allmulticast mode [ 207.544750][T11327] bridge_slave_0: entered promiscuous mode [ 207.547809][T11327] bridge0: port 2(bridge_slave_1) entered blocking state [ 207.550157][T11327] bridge0: port 2(bridge_slave_1) entered disabled state [ 207.552781][T11327] bridge_slave_1: entered allmulticast mode [ 207.556675][T11327] bridge_slave_1: entered promiscuous mode [ 207.586676][ T199] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.608985][T11327] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 207.613936][T11327] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 207.644901][T11327] team0: Port device team_slave_0 added [ 207.648125][T11327] team0: Port device team_slave_1 added [ 207.720346][T11327] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 207.723897][T11327] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 207.733225][T11327] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 207.749995][T11327] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 207.752627][T11327] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 207.763015][T11327] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 207.829811][T11327] hsr_slave_0: entered promiscuous mode [ 207.834204][T11327] hsr_slave_1: entered promiscuous mode [ 207.837079][T11327] debugfs: 'hsr0' already exists in 'hsr' [ 207.839362][T11327] Cannot create hsr debugfs directory [ 207.873318][T11343] binder: 11342:11343 unknown command 0 [ 207.875479][T11343] binder: 11342:11343 ioctl c0306201 200000000080 returned -22 [ 207.878610][T11343] binder: BINDER_SET_CONTEXT_MGR already set [ 207.880686][T11343] binder: 11342:11343 ioctl 4018620d 200000000040 returned -16 [ 207.927174][ T199] bridge_slave_1: left allmulticast mode [ 207.929745][ T199] bridge_slave_1: left promiscuous mode [ 207.934111][ T199] bridge0: port 2(bridge_slave_1) entered disabled state [ 207.942585][ T199] bridge_slave_0: left allmulticast mode [ 207.947484][ T199] bridge_slave_0: left promiscuous mode [ 207.949344][ T199] bridge0: port 1(bridge_slave_0) entered disabled state [ 207.950639][ T34] usb 6-1: new high-speed USB device number 63 using dummy_hcd [ 208.110611][ T34] usb 6-1: Using ep0 maxpacket: 32 [ 208.114594][ T34] usb 6-1: config 0 has no interfaces? [ 208.119153][ T34] usb 6-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 208.123079][ T34] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 208.126446][ T34] usb 6-1: Product: syz [ 208.128327][ T34] usb 6-1: Manufacturer: syz [ 208.130333][ T34] usb 6-1: SerialNumber: syz [ 208.134652][ T34] usb 6-1: config 0 descriptor?? [ 208.212992][ T199] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 208.216974][ T199] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 208.220703][ T199] bond0 (unregistering): Released all slaves [ 208.342582][ T1469] usb 6-1: USB disconnect, device number 63 [ 208.528763][ T199] hsr_slave_0: left promiscuous mode [ 208.532559][ T199] hsr_slave_1: left promiscuous mode [ 208.534775][ T199] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 208.537134][ T199] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 208.539967][ T199] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 208.543156][ T199] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 208.563004][ T199] veth1_macvtap: left promiscuous mode [ 208.565366][ T199] veth0_macvtap: left promiscuous mode [ 208.567720][ T199] veth1_vlan: left promiscuous mode [ 208.569474][ T199] veth0_vlan: left promiscuous mode [ 208.636328][ T199] pimreg (unregistering): left allmulticast mode [ 209.143304][ T199] team0 (unregistering): Port device team_slave_0 removed [ 209.390793][ T64] Bluetooth: hci2: command tx timeout [ 209.563936][T11382] binder: 11381:11382 unknown command 0 [ 209.565751][T11382] binder: 11381:11382 ioctl c0306201 200000000080 returned -22 [ 209.569235][T11382] binder: BINDER_SET_CONTEXT_MGR already set [ 209.571974][T11382] binder: 11381:11382 ioctl 4018620d 200000000040 returned -16 [ 209.620646][ T7138] usb 8-1: new high-speed USB device number 53 using dummy_hcd [ 209.670887][T11327] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 209.675497][T11327] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 209.679846][T11327] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 209.685105][T11327] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 209.735782][T11327] 8021q: adding VLAN 0 to HW filter on device bond0 [ 209.746159][T11327] 8021q: adding VLAN 0 to HW filter on device team0 [ 209.752074][ T1148] bridge0: port 1(bridge_slave_0) entered blocking state [ 209.754967][ T1148] bridge0: port 1(bridge_slave_0) entered forwarding state [ 209.763857][ T1148] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.766115][ T1148] bridge0: port 2(bridge_slave_1) entered forwarding state [ 209.784209][ T7138] usb 8-1: too many configurations: 109, using maximum allowed: 8 [ 209.789690][ T7138] usb 8-1: unable to read config index 0 descriptor/start: -61 [ 209.791365][T11327] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 209.792431][ T7138] usb 8-1: can't read configurations, error -61 [ 209.878045][T11327] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 209.900422][T11327] veth0_vlan: entered promiscuous mode [ 209.905660][T11327] veth1_vlan: entered promiscuous mode [ 209.919413][T11327] veth0_macvtap: entered promiscuous mode [ 209.923721][T11327] veth1_macvtap: entered promiscuous mode [ 209.932231][T11327] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 209.937905][T11327] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 209.939462][ T199] IPVS: stop unused estimator thread 0... [ 209.940702][ T7138] usb 8-1: new high-speed USB device number 54 using dummy_hcd [ 209.943745][ T1202] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.949041][ T1202] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.954383][ T1202] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.958078][ T1202] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.988574][ T1148] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 209.993431][ T1148] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 210.006170][ T1152] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 210.009207][ T1152] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 210.016596][ T40] audit: type=1400 audit(1762856160.417:382): avc: denied { mounton } for pid=11327 comm="syz-executor" path="/syzkaller.2N9o3O/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 210.092338][ T7138] usb 8-1: too many configurations: 109, using maximum allowed: 8 [ 210.096231][ T7138] usb 8-1: unable to read config index 0 descriptor/start: -61 [ 210.099053][ T7138] usb 8-1: can't read configurations, error -61 [ 210.101806][ T7138] usb usb8-port1: attempt power cycle [ 210.110954][ T6016] usb 5-1: new high-speed USB device number 62 using dummy_hcd [ 210.270808][ T6016] usb 5-1: Using ep0 maxpacket: 32 [ 210.273704][ T6016] usb 5-1: config 0 has no interfaces? [ 210.276955][ T6016] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 210.279859][ T6016] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 210.282675][ T6016] usb 5-1: Product: syz [ 210.284004][ T6016] usb 5-1: Manufacturer: syz [ 210.285476][ T6016] usb 5-1: SerialNumber: syz [ 210.288377][ T6016] usb 5-1: config 0 descriptor?? [ 210.451108][ T7138] usb 8-1: new high-speed USB device number 55 using dummy_hcd [ 210.472444][ T7138] usb 8-1: too many configurations: 109, using maximum allowed: 8 [ 210.477319][ T7138] usb 8-1: unable to read config index 0 descriptor/start: -61 [ 210.480586][ T7138] usb 8-1: can't read configurations, error -61 [ 210.492915][ T60] usb 5-1: USB disconnect, device number 62 [ 210.549723][T11423] binder: 11422:11423 unknown command 0 [ 210.552904][T11423] binder: 11422:11423 ioctl c0306201 200000000080 returned -22 [ 210.556359][T11423] binder: BINDER_SET_CONTEXT_MGR already set [ 210.558608][T11423] binder: 11422:11423 ioctl 4018620d 200000000040 returned -16 [ 210.610568][ T7138] usb 8-1: new high-speed USB device number 56 using dummy_hcd [ 210.631364][ T7138] usb 8-1: too many configurations: 109, using maximum allowed: 8 [ 210.634914][ T7138] usb 8-1: unable to read config index 0 descriptor/start: -61 [ 210.637245][ T7138] usb 8-1: can't read configurations, error -61 [ 210.639283][ T7138] usb usb8-port1: unable to enumerate USB device [ 210.798534][ T1152] bond0: (slave bond_slave_0): interface is now down [ 210.802387][ T1152] bond0: (slave bond_slave_1): interface is now down [ 210.807411][ T1152] bond0: now running without any active interface! [ 211.099935][ T40] audit: type=1400 audit(1762856161.497:383): avc: denied { mount } for pid=11457 comm="syz.0.2163" name="/" dev="ramfs" ino=52921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 211.104821][T11458] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 211.107170][ T40] audit: type=1400 audit(1762856161.497:384): avc: denied { mounton } for pid=11457 comm="syz.0.2163" path="/file0" dev="ramfs" ino=52922 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1 [ 211.109364][T11458] overlayfs: failed to set xattr on upper [ 211.109372][T11458] overlayfs: ...falling back to redirect_dir=nofollow. [ 211.109377][T11458] overlayfs: ...falling back to index=off. [ 211.109381][T11458] overlayfs: ...falling back to uuid=null. [ 211.127468][T11458] overlay: Unknown parameter 'dont_measure' [ 211.460659][ T64] Bluetooth: hci2: command tx timeout [ 211.543293][ T60] usb 5-1: new high-speed USB device number 63 using dummy_hcd [ 211.551703][T11478] FAULT_INJECTION: forcing a failure. [ 211.551703][T11478] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 211.556918][T11478] CPU: 1 UID: 0 PID: 11478 Comm: syz.2.2173 Not tainted syzkaller #0 PREEMPT(full) [ 211.556940][T11478] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 211.556952][T11478] Call Trace: [ 211.556959][T11478] [ 211.556966][T11478] dump_stack_lvl+0x16c/0x1f0 [ 211.556999][T11478] should_fail_ex+0x512/0x640 [ 211.557024][T11478] _copy_to_user+0x32/0xd0 [ 211.557048][T11478] simple_read_from_buffer+0xcb/0x170 [ 211.557078][T11478] proc_fail_nth_read+0x197/0x240 [ 211.557099][T11478] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 211.557122][T11478] ? rw_verify_area+0xcf/0x6c0 [ 211.557147][T11478] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 211.557167][T11478] vfs_read+0x1e4/0xcf0 [ 211.557193][T11478] ? __pfx___mutex_lock+0x10/0x10 [ 211.557212][T11478] ? __pfx_vfs_read+0x10/0x10 [ 211.557235][T11478] ? __fget_files+0x20e/0x3c0 [ 211.557261][T11478] ksys_read+0x12a/0x250 [ 211.557277][T11478] ? __pfx_ksys_read+0x10/0x10 [ 211.557301][T11478] do_syscall_64+0xcd/0xfa0 [ 211.557320][T11478] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 211.557338][T11478] RIP: 0033:0x7f510678e0dc [ 211.557352][T11478] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 211.557369][T11478] RSP: 002b:00007f5107668030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 211.557387][T11478] RAX: ffffffffffffffda RBX: 00007f51069e5fa0 RCX: 00007f510678e0dc [ 211.557398][T11478] RDX: 000000000000000f RSI: 00007f51076680a0 RDI: 0000000000000003 [ 211.557409][T11478] RBP: 00007f5107668090 R08: 0000000000000000 R09: 0000000000000000 [ 211.557420][T11478] R10: 000000000000004a R11: 0000000000000246 R12: 0000000000000001 [ 211.557431][T11478] R13: 00007f51069e6038 R14: 00007f51069e5fa0 R15: 00007ffd447bef28 [ 211.557456][T11478] [ 211.690804][ T60] usb 5-1: Using ep0 maxpacket: 32 [ 211.696286][ T60] usb 5-1: config 0 has no interfaces? [ 211.699618][ T60] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 211.710577][ T60] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 211.714155][ T60] usb 5-1: Product: syz [ 211.715812][ T60] usb 5-1: Manufacturer: syz [ 211.717707][ T60] usb 5-1: SerialNumber: syz [ 211.723163][ T60] usb 5-1: config 0 descriptor?? [ 211.733150][T11488] binder: 11487:11488 unknown command 0 [ 211.734972][T11488] binder: 11487:11488 ioctl c0306201 200000000080 returned -22 [ 211.742259][T11489] IPVS: sync thread started: state = BACKUP, mcast_ifn = bridge_slave_0, syncid = 0, id = 0 [ 211.767983][T11491] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2179'. [ 211.927745][ T843] usb 5-1: USB disconnect, device number 63 [ 211.950628][ T5975] usb 7-1: new high-speed USB device number 56 using dummy_hcd [ 212.080733][ T5975] usb 7-1: device descriptor read/64, error -71 [ 212.320651][ T5975] usb 7-1: new high-speed USB device number 57 using dummy_hcd [ 212.451284][ T5975] usb 7-1: device descriptor read/64, error -71 [ 212.511600][T11509] binder: BINDER_SET_CONTEXT_MGR already set [ 212.513553][T11509] binder: 11508:11509 ioctl 4018620d 200000000040 returned -16 [ 212.517399][T11511] FAULT_INJECTION: forcing a failure. [ 212.517399][T11511] name failslab, interval 1, probability 0, space 0, times 0 [ 212.522961][T11511] CPU: 1 UID: 0 PID: 11511 Comm: syz.0.2188 Not tainted syzkaller #0 PREEMPT(full) [ 212.522975][T11511] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 212.522982][T11511] Call Trace: [ 212.522986][T11511] [ 212.522990][T11511] dump_stack_lvl+0x16c/0x1f0 [ 212.523010][T11511] should_fail_ex+0x512/0x640 [ 212.523022][T11511] ? __kmalloc_cache_noprof+0x5f/0x780 [ 212.523039][T11511] should_failslab+0xc2/0x120 [ 212.523051][T11511] __kmalloc_cache_noprof+0x72/0x780 [ 212.523066][T11511] ? snd_mixer_oss_get_volume1_sw.constprop.0.isra.0+0xdc/0x580 [ 212.523087][T11511] ? snd_mixer_oss_get_volume1_sw.constprop.0.isra.0+0xdc/0x580 [ 212.523105][T11511] snd_mixer_oss_get_volume1_sw.constprop.0.isra.0+0xdc/0x580 [ 212.523124][T11511] snd_mixer_oss_get_volume1+0x36b/0x610 [ 212.523142][T11511] snd_mixer_oss_ioctl1+0x28b/0x1e40 [ 212.523156][T11511] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 212.523170][T11511] ? __pfx_snd_mixer_oss_get_volume1+0x10/0x10 [ 212.523190][T11511] ? __pfx_snd_mixer_oss_ioctl1+0x10/0x10 [ 212.523215][T11511] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 212.523237][T11511] ? hook_file_ioctl_common+0x145/0x410 [ 212.523255][T11511] ? selinux_file_ioctl+0x180/0x270 [ 212.523269][T11511] snd_mixer_oss_ioctl+0x3e/0x50 [ 212.523283][T11511] ? __pfx_snd_mixer_oss_ioctl+0x10/0x10 [ 212.523298][T11511] __x64_sys_ioctl+0x18e/0x210 [ 212.523313][T11511] do_syscall_64+0xcd/0xfa0 [ 212.523324][T11511] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 212.523335][T11511] RIP: 0033:0x7fb63bb8f6c9 [ 212.523344][T11511] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 212.523354][T11511] RSP: 002b:00007fb63c9da038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 212.523363][T11511] RAX: ffffffffffffffda RBX: 00007fb63bde5fa0 RCX: 00007fb63bb8f6c9 [ 212.523370][T11511] RDX: 0000200000000040 RSI: 0000000080044d03 RDI: 0000000000000003 [ 212.523377][T11511] RBP: 00007fb63c9da090 R08: 0000000000000000 R09: 0000000000000000 [ 212.523383][T11511] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 212.523389][T11511] R13: 00007fb63bde6038 R14: 00007fb63bde5fa0 R15: 00007fff923ef868 [ 212.523403][T11511] [ 212.552401][T11513] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2189'. [ 212.562280][ T5975] usb usb7-port1: attempt power cycle [ 212.857953][T11531] binder: BINDER_SET_CONTEXT_MGR already set [ 212.860571][ T7138] usb 5-1: new high-speed USB device number 64 using dummy_hcd [ 212.860583][T11531] binder: 11530:11531 ioctl 4018620d 200000000040 returned -16 [ 212.960649][ T5975] usb 7-1: new high-speed USB device number 58 using dummy_hcd [ 212.980933][ T1469] usb 8-1: new high-speed USB device number 57 using dummy_hcd [ 212.983336][ T5975] usb 7-1: device descriptor read/8, error -71 [ 213.022724][ T7138] usb 5-1: too many configurations: 109, using maximum allowed: 8 [ 213.027401][ T7138] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 213.031027][ T7138] usb 5-1: can't read configurations, error -61 [ 213.150621][ T1469] usb 8-1: Using ep0 maxpacket: 32 [ 213.153780][ T1469] usb 8-1: config 0 has no interfaces? [ 213.157070][ T1469] usb 8-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 213.159951][ T1469] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 213.160621][ T7138] usb 5-1: new high-speed USB device number 65 using dummy_hcd [ 213.162505][ T1469] usb 8-1: Product: syz [ 213.166576][ T1469] usb 8-1: Manufacturer: syz [ 213.168036][ T1469] usb 8-1: SerialNumber: syz [ 213.171292][ T1469] usb 8-1: config 0 descriptor?? [ 213.220908][ T5975] usb 7-1: new high-speed USB device number 59 using dummy_hcd [ 213.241633][ T5975] usb 7-1: device descriptor read/8, error -71 [ 213.321739][ T7138] usb 5-1: too many configurations: 109, using maximum allowed: 8 [ 213.326174][ T7138] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 213.329300][ T7138] usb 5-1: can't read configurations, error -61 [ 213.332123][ T7138] usb usb5-port1: attempt power cycle [ 213.351273][ T5975] usb usb7-port1: unable to enumerate USB device [ 213.378896][ T60] usb 8-1: USB disconnect, device number 57 [ 213.540684][ T64] Bluetooth: hci2: command tx timeout [ 213.680854][ T7138] usb 5-1: new high-speed USB device number 66 using dummy_hcd [ 213.706689][ T7138] usb 5-1: too many configurations: 109, using maximum allowed: 8 [ 213.711499][ T7138] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 213.714461][ T7138] usb 5-1: can't read configurations, error -61 [ 213.834946][T11540] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2202'. [ 213.850591][ T7138] usb 5-1: new high-speed USB device number 67 using dummy_hcd [ 213.871939][ T7138] usb 5-1: too many configurations: 109, using maximum allowed: 8 [ 213.875809][ T7138] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 213.878367][ T7138] usb 5-1: can't read configurations, error -61 [ 213.880568][ T7138] usb usb5-port1: unable to enumerate USB device [ 213.972812][T11552] binder: BINDER_SET_CONTEXT_MGR already set [ 213.975275][T11552] binder: 11551:11552 ioctl 4018620d 200000000040 returned -16 [ 214.028421][T11558] syzkaller0: entered promiscuous mode [ 214.030283][T11558] syzkaller0: entered allmulticast mode [ 214.146244][T11561] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2212'. [ 214.229331][ T40] audit: type=1400 audit(1762856164.627:385): avc: denied { shutdown } for pid=11562 comm="syz.3.2213" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 214.236421][T11563] xt_cgroup: xt_cgroup: no path or classid specified [ 214.510568][ T1469] usb 8-1: new high-speed USB device number 58 using dummy_hcd [ 214.680548][ T1469] usb 8-1: Using ep0 maxpacket: 32 [ 214.683750][ T1469] usb 8-1: config 0 has no interfaces? [ 214.687336][ T1469] usb 8-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 214.690937][ T1469] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 214.693503][ T1469] usb 8-1: Product: syz [ 214.694814][ T1469] usb 8-1: Manufacturer: syz [ 214.696335][ T1469] usb 8-1: SerialNumber: syz [ 214.699020][ T1469] usb 8-1: config 0 descriptor?? [ 214.872766][T11576] syzkaller0: entered promiscuous mode [ 214.874609][T11576] syzkaller0: entered allmulticast mode [ 214.883639][T11576] FAULT_INJECTION: forcing a failure. [ 214.883639][T11576] name failslab, interval 1, probability 0, space 0, times 0 [ 214.887042][T11578] binder: 11577:11578 unknown command 0 [ 214.888257][T11576] CPU: 3 UID: 0 PID: 11576 Comm: syz.1.2219 Not tainted syzkaller #0 PREEMPT(full) [ 214.888279][T11576] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 214.888290][T11576] Call Trace: [ 214.888297][T11576] [ 214.888304][T11576] dump_stack_lvl+0x16c/0x1f0 [ 214.888335][T11576] should_fail_ex+0x512/0x640 [ 214.888355][T11576] ? kmem_cache_alloc_node_noprof+0x65/0x770 [ 214.888390][T11576] should_failslab+0xc2/0x120 [ 214.888410][T11576] kmem_cache_alloc_node_noprof+0x78/0x770 [ 214.888435][T11576] ? __lock_acquire+0x622/0x1c90 [ 214.888451][T11576] ? __alloc_skb+0x2b2/0x380 [ 214.888476][T11576] ? __alloc_skb+0x2b2/0x380 [ 214.888494][T11576] __alloc_skb+0x2b2/0x380 [ 214.888513][T11576] ? __pfx___alloc_skb+0x10/0x10 [ 214.888533][T11576] ? find_held_lock+0x2b/0x80 [ 214.888555][T11576] ? is_bpf_text_address+0x8a/0x1a0 [ 214.888579][T11576] alloc_skb_with_frags+0xe0/0x860 [ 214.888602][T11576] ? is_bpf_text_address+0x94/0x1a0 [ 214.888628][T11576] sock_alloc_send_pskb+0x7f9/0x980 [ 214.888651][T11576] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 214.888679][T11576] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 214.888698][T11576] ? find_held_lock+0x2b/0x80 [ 214.888720][T11576] ? dev_get_by_index+0x17c/0x380 [ 214.888748][T11576] packet_sendmsg+0x2054/0x5850 [ 214.888785][T11576] ? sock_has_perm+0x259/0x2f0 [ 214.888812][T11576] ? __pfx_sock_has_perm+0x10/0x10 [ 214.888840][T11576] ? __pfx_packet_sendmsg+0x10/0x10 [ 214.888875][T11576] __sys_sendto+0x4a3/0x520 [ 214.888897][T11576] ? __pfx___sys_sendto+0x10/0x10 [ 214.888937][T11576] ? ksys_write+0x1ac/0x250 [ 214.888954][T11576] ? __pfx_ksys_write+0x10/0x10 [ 214.888972][T11576] __x64_sys_sendto+0xe0/0x1c0 [ 214.888992][T11576] ? do_syscall_64+0x91/0xfa0 [ 214.889008][T11576] ? lockdep_hardirqs_on+0x7c/0x110 [ 214.889030][T11576] do_syscall_64+0xcd/0xfa0 [ 214.889045][T11576] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 214.889062][T11576] RIP: 0033:0x7fc3def8f6c9 [ 214.889075][T11576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 214.889092][T11576] RSP: 002b:00007fc3dfe64038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 214.889107][T11576] RAX: ffffffffffffffda RBX: 00007fc3df1e5fa0 RCX: 00007fc3def8f6c9 [ 214.889118][T11576] RDX: 000000000000000e RSI: 0000200000000140 RDI: 0000000000000008 [ 214.889129][T11576] RBP: 00007fc3dfe64090 R08: 00002000000001c0 R09: 0000000000000014 [ 214.889140][T11576] R10: 0000000000000040 R11: 0000000000000246 R12: 0000000000000001 [ 214.889151][T11576] R13: 00007fc3df1e6038 R14: 00007fc3df1e5fa0 R15: 00007fffdf4b32b8 [ 214.889176][T11576] [ 214.903782][ T7138] usb 8-1: USB disconnect, device number 58 [ 214.905554][T11578] binder: 11577:11578 ioctl c0306201 200000000080 returned -22 [ 215.011390][T11581] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2221'. [ 215.073195][T11587] FAULT_INJECTION: forcing a failure. [ 215.073195][T11587] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 215.077441][T11587] CPU: 1 UID: 0 PID: 11587 Comm: syz.1.2224 Not tainted syzkaller #0 PREEMPT(full) [ 215.077455][T11587] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 215.077462][T11587] Call Trace: [ 215.077466][T11587] [ 215.077471][T11587] dump_stack_lvl+0x16c/0x1f0 [ 215.077491][T11587] should_fail_ex+0x512/0x640 [ 215.077506][T11587] _copy_from_iter+0x29f/0x1720 [ 215.077521][T11587] ? __alloc_skb+0x200/0x380 [ 215.077534][T11587] ? __pfx__copy_from_iter+0x10/0x10 [ 215.077547][T11587] ? netlink_autobind.isra.0+0x158/0x370 [ 215.077566][T11587] netlink_sendmsg+0x820/0xdd0 [ 215.077583][T11587] ? __pfx_netlink_sendmsg+0x10/0x10 [ 215.077603][T11587] ____sys_sendmsg+0xa98/0xc70 [ 215.077614][T11587] ? copy_msghdr_from_user+0x10a/0x160 [ 215.077628][T11587] ? __pfx_____sys_sendmsg+0x10/0x10 [ 215.077643][T11587] ___sys_sendmsg+0x134/0x1d0 [ 215.077657][T11587] ? __pfx____sys_sendmsg+0x10/0x10 [ 215.077669][T11587] ? __lock_acquire+0x622/0x1c90 [ 215.077694][T11587] __sys_sendmsg+0x16d/0x220 [ 215.077708][T11587] ? __pfx___sys_sendmsg+0x10/0x10 [ 215.077729][T11587] do_syscall_64+0xcd/0xfa0 [ 215.077740][T11587] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 215.077750][T11587] RIP: 0033:0x7fc3def8f6c9 [ 215.077759][T11587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 215.077769][T11587] RSP: 002b:00007fc3dfe64038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 215.077780][T11587] RAX: ffffffffffffffda RBX: 00007fc3df1e5fa0 RCX: 00007fc3def8f6c9 [ 215.077788][T11587] RDX: 0000000000000010 RSI: 0000200000000200 RDI: 0000000000000004 [ 215.077798][T11587] RBP: 00007fc3dfe64090 R08: 0000000000000000 R09: 0000000000000000 [ 215.077807][T11587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 215.077817][T11587] R13: 00007fc3df1e6038 R14: 00007fc3df1e5fa0 R15: 00007fffdf4b32b8 [ 215.077843][T11587] [ 215.320580][ T34] usb 7-1: new high-speed USB device number 60 using dummy_hcd [ 215.450637][ T34] usb 7-1: device descriptor read/64, error -71 [ 215.525445][T11600] binder: 11599:11600 unknown command 0 [ 215.527244][T11600] binder: 11599:11600 ioctl c0306201 200000000080 returned -22 [ 215.565083][T11602] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2231'. [ 215.620591][ T64] Bluetooth: hci2: command tx timeout [ 215.687827][T11613] syzkaller0: entered promiscuous mode [ 215.689650][T11613] syzkaller0: entered allmulticast mode [ 215.712768][ T34] usb 7-1: new high-speed USB device number 61 using dummy_hcd [ 215.850587][ T34] usb 7-1: device descriptor read/64, error -71 [ 215.921755][T11623] binder: 11622:11623 unknown command 0 [ 215.923628][T11623] binder: 11622:11623 ioctl c0306201 200000000080 returned -22 [ 215.956139][T11625] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2241'. [ 215.960809][ T34] usb usb7-port1: attempt power cycle [ 216.040634][ T7138] usb 5-1: new high-speed USB device number 68 using dummy_hcd [ 216.210715][ T7138] usb 5-1: Using ep0 maxpacket: 32 [ 216.215410][ T7138] usb 5-1: config 0 has no interfaces? [ 216.218591][ T7138] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 216.221707][ T7138] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 216.224205][ T7138] usb 5-1: Product: syz [ 216.225536][ T7138] usb 5-1: Manufacturer: syz [ 216.227446][ T7138] usb 5-1: SerialNumber: syz [ 216.230149][ T7138] usb 5-1: config 0 descriptor?? [ 216.240686][ T29] usb 8-1: new high-speed USB device number 59 using dummy_hcd [ 216.284434][ T40] audit: type=1400 audit(1762856166.687:386): avc: denied { read } for pid=11639 comm="syz.1.2248" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 216.300955][ T34] usb 7-1: new high-speed USB device number 62 using dummy_hcd [ 216.320949][ T34] usb 7-1: device descriptor read/8, error -71 [ 216.412954][ T29] usb 8-1: unable to read config index 0 descriptor/start: -61 [ 216.416204][ T29] usb 8-1: can't read configurations, error -61 [ 216.434556][ T7138] usb 5-1: USB disconnect, device number 68 [ 216.476935][T11646] binder: 11645:11646 unknown command 0 [ 216.478910][T11646] binder: 11645:11646 ioctl c0306201 200000000080 returned -22 [ 216.540627][ T29] usb 8-1: new high-speed USB device number 60 using dummy_hcd [ 216.581371][ T34] usb 7-1: new high-speed USB device number 63 using dummy_hcd [ 216.611556][ T34] usb 7-1: device descriptor read/8, error -71 [ 216.702417][ T29] usb 8-1: unable to read config index 0 descriptor/start: -61 [ 216.704999][ T29] usb 8-1: can't read configurations, error -61 [ 216.707289][ T29] usb usb8-port1: attempt power cycle [ 216.720771][ T34] usb usb7-port1: unable to enumerate USB device [ 216.971407][T11651] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2252'. [ 217.041203][ T29] usb 8-1: new high-speed USB device number 61 using dummy_hcd [ 217.066878][ T29] usb 8-1: unable to read config index 0 descriptor/start: -61 [ 217.069303][ T29] usb 8-1: can't read configurations, error -61 [ 217.210576][ T29] usb 8-1: new high-speed USB device number 62 using dummy_hcd [ 217.248359][T11663] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2257'. [ 217.263106][ T29] usb 8-1: unable to read config index 0 descriptor/start: -61 [ 217.265561][ T29] usb 8-1: can't read configurations, error -61 [ 217.267667][ T29] usb usb8-port1: unable to enumerate USB device [ 217.304557][T11664] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2257'. [ 217.610621][ T7138] usb 5-1: new low-speed USB device number 69 using dummy_hcd [ 217.660697][ T34] usb 6-1: new high-speed USB device number 64 using dummy_hcd [ 217.761812][ T7138] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 217.764189][ T7138] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 217.767571][ T7138] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 217.771240][ T7138] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 217.774698][ T7138] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 217.778966][ T7138] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 217.781973][ T7138] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 217.785290][ T7138] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 217.788925][ T7138] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 217.792397][ T7138] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 217.796794][ T7138] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 217.799135][ T7138] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 217.802477][ T7138] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 217.806095][ T7138] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 217.809506][ T7138] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 217.810573][ T34] usb 6-1: Using ep0 maxpacket: 32 [ 217.815098][ T7138] usb 5-1: string descriptor 0 read error: -22 [ 217.815728][ T34] usb 6-1: config 0 has no interfaces? [ 217.817134][ T7138] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 217.820904][ T34] usb 6-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 217.821626][ T7138] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 217.824320][ T34] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 217.829564][ T34] usb 6-1: Product: syz [ 217.832198][ T34] usb 6-1: Manufacturer: syz [ 217.833680][ T34] usb 6-1: SerialNumber: syz [ 217.837352][ T7138] adutux 5-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 217.837485][ T34] usb 6-1: config 0 descriptor?? [ 218.035390][ T34] usb 5-1: USB disconnect, device number 69 [ 218.044299][ T7138] usb 6-1: USB disconnect, device number 64 [ 218.100877][T11674] binder: 11673:11674 unknown command 0 [ 218.102978][T11674] binder: 11673:11674 ioctl c0306201 200000000080 returned -22 [ 218.186822][T11678] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2263'. [ 218.422478][T11690] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7) [ 218.425271][T11690] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 218.429735][T11690] vhci_hcd vhci_hcd.0: Device attached [ 218.436639][ T40] audit: type=1400 audit(1762856168.837:387): avc: denied { nlmsg_read } for pid=11689 comm="syz.2.2267" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1 [ 218.441743][T11691] vhci_hcd: connection closed [ 218.444051][ T1152] vhci_hcd: stop threads [ 218.447482][ T1152] vhci_hcd: release socket [ 218.448942][ T1152] vhci_hcd: disconnect device [ 218.830528][T11699] binder: 11698:11699 unknown command 0 [ 218.832409][T11699] binder: 11698:11699 ioctl c0306201 200000000080 returned -22 [ 218.973413][T11705] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2273'. [ 219.161156][ T6016] usb 5-1: new high-speed USB device number 70 using dummy_hcd [ 219.350581][ T6016] usb 5-1: device descriptor read/64, error -71 [ 219.410661][ T7138] usb 8-1: new high-speed USB device number 63 using dummy_hcd [ 219.460665][ T60] usb 7-1: new high-speed USB device number 64 using dummy_hcd [ 219.580669][ T7138] usb 8-1: Using ep0 maxpacket: 32 [ 219.585724][ T7138] usb 8-1: config 0 has no interfaces? [ 219.589984][ T7138] usb 8-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 219.594022][ T7138] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 219.597521][ T7138] usb 8-1: Product: syz [ 219.599304][ T7138] usb 8-1: Manufacturer: syz [ 219.600589][ T6016] usb 5-1: new high-speed USB device number 71 using dummy_hcd [ 219.601443][ T7138] usb 8-1: SerialNumber: syz [ 219.607595][ T7138] usb 8-1: config 0 descriptor?? [ 219.610592][ T60] usb 7-1: Using ep0 maxpacket: 8 [ 219.620597][ T60] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 219.622945][ T60] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 219.626443][ T60] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 219.630205][ T60] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 219.632645][ T60] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 219.636094][ T60] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 219.639832][ T60] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 219.642303][ T60] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 219.645764][ T60] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 219.650951][ T60] usb 7-1: string descriptor 0 read error: -22 [ 219.652953][ T60] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 219.655762][ T60] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 219.661217][ T60] adutux 7-1:168.0: interrupt endpoints not found [ 219.740639][ T6016] usb 5-1: device descriptor read/64, error -71 [ 219.813196][ T34] usb 8-1: USB disconnect, device number 63 [ 219.851609][ T6016] usb usb5-port1: attempt power cycle [ 219.864400][ T60] usb 7-1: USB disconnect, device number 64 [ 220.191326][ T6016] usb 5-1: new high-speed USB device number 72 using dummy_hcd [ 220.212914][ T6016] usb 5-1: device descriptor read/8, error -71 [ 220.348311][T11727] binder: 11726:11727 unknown command 0 [ 220.350892][T11727] binder: 11726:11727 ioctl c0306201 200000000080 returned -22 [ 220.404831][T11733] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2283'. [ 220.425071][T11731] FAULT_INJECTION: forcing a failure. [ 220.425071][T11731] name failslab, interval 1, probability 0, space 0, times 0 [ 220.430044][T11731] CPU: 0 UID: 0 PID: 11731 Comm: syz.3.2282 Not tainted syzkaller #0 PREEMPT(full) [ 220.430060][T11731] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 220.430067][T11731] Call Trace: [ 220.430071][T11731] [ 220.430076][T11731] dump_stack_lvl+0x16c/0x1f0 [ 220.430095][T11731] should_fail_ex+0x512/0x640 [ 220.430109][T11731] ? fs_reclaim_acquire+0xae/0x150 [ 220.430122][T11731] should_failslab+0xc2/0x120 [ 220.430135][T11731] __kmalloc_noprof+0xdd/0x880 [ 220.430149][T11731] ? tomoyo_encode2+0x100/0x3e0 [ 220.430164][T11731] ? tomoyo_encode2+0x100/0x3e0 [ 220.430174][T11731] tomoyo_encode2+0x100/0x3e0 [ 220.430188][T11731] tomoyo_encode+0x29/0x50 [ 220.430199][T11731] tomoyo_realpath_from_path+0x18f/0x6e0 [ 220.430212][T11731] ? tomoyo_profile+0x47/0x60 [ 220.430227][T11731] tomoyo_path_number_perm+0x245/0x580 [ 220.430237][T11731] ? tomoyo_path_number_perm+0x237/0x580 [ 220.430248][T11731] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 220.430259][T11731] ? find_held_lock+0x2b/0x80 [ 220.430284][T11731] ? find_held_lock+0x2b/0x80 [ 220.430296][T11731] ? hook_file_ioctl_common+0x145/0x410 [ 220.430317][T11731] ? __fget_files+0x20e/0x3c0 [ 220.430330][T11731] security_file_ioctl+0x9b/0x240 [ 220.430343][T11731] __x64_sys_ioctl+0xb7/0x210 [ 220.430359][T11731] do_syscall_64+0xcd/0xfa0 [ 220.430370][T11731] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 220.430381][T11731] RIP: 0033:0x7f00a618f6c9 [ 220.430389][T11731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 220.430400][T11731] RSP: 002b:00007f00a6f6a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 220.430410][T11731] RAX: ffffffffffffffda RBX: 00007f00a63e5fa0 RCX: 00007f00a618f6c9 [ 220.430416][T11731] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 220.430422][T11731] RBP: 00007f00a6f6a090 R08: 0000000000000000 R09: 0000000000000000 [ 220.430429][T11731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 220.430434][T11731] R13: 00007f00a63e6038 R14: 00007f00a63e5fa0 R15: 00007ffd17975538 [ 220.430448][T11731] [ 220.430458][T11731] ERROR: Out of memory at tomoyo_realpath_from_path. [ 220.470770][ T6016] usb 5-1: new high-speed USB device number 73 using dummy_hcd [ 220.541516][ T6016] usb 5-1: device descriptor read/8, error -71 [ 220.652703][ T6016] usb usb5-port1: unable to enumerate USB device [ 220.680608][ T34] usb 6-1: new high-speed USB device number 65 using dummy_hcd [ 220.832985][ T34] usb 6-1: unable to read config index 0 descriptor/start: -61 [ 220.835494][ T34] usb 6-1: can't read configurations, error -61 [ 220.960564][ T34] usb 6-1: new high-speed USB device number 66 using dummy_hcd [ 221.113975][ T34] usb 6-1: unable to read config index 0 descriptor/start: -61 [ 221.117297][ T34] usb 6-1: can't read configurations, error -61 [ 221.120321][ T34] usb usb6-port1: attempt power cycle [ 221.360573][ T1469] usb 7-1: new high-speed USB device number 65 using dummy_hcd [ 221.480594][ T34] usb 6-1: new high-speed USB device number 67 using dummy_hcd [ 221.503435][ T34] usb 6-1: unable to read config index 0 descriptor/start: -61 [ 221.505850][ T34] usb 6-1: can't read configurations, error -61 [ 221.520696][ T1469] usb 7-1: Using ep0 maxpacket: 32 [ 221.523819][ T1469] usb 7-1: config 0 has no interfaces? [ 221.527267][ T1469] usb 7-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 221.532082][ T1469] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 221.534607][ T1469] usb 7-1: Product: syz [ 221.535924][ T1469] usb 7-1: Manufacturer: syz [ 221.537436][ T1469] usb 7-1: SerialNumber: syz [ 221.545341][ T1469] usb 7-1: config 0 descriptor?? [ 221.602533][T11756] binder: 11755:11756 unknown command 0 [ 221.604308][T11756] binder: 11755:11756 ioctl c0306201 200000000080 returned -22 [ 221.630754][ T34] usb 6-1: new high-speed USB device number 68 using dummy_hcd [ 221.637958][T11758] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2293'. [ 221.652908][ T34] usb 6-1: unable to read config index 0 descriptor/start: -61 [ 221.655287][ T34] usb 6-1: can't read configurations, error -61 [ 221.657455][ T34] usb usb6-port1: unable to enumerate USB device [ 221.682876][T11760] FAULT_INJECTION: forcing a failure. [ 221.682876][T11760] name failslab, interval 1, probability 0, space 0, times 0 [ 221.686804][T11760] CPU: 3 UID: 0 PID: 11760 Comm: syz.3.2294 Not tainted syzkaller #0 PREEMPT(full) [ 221.686818][T11760] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 221.686825][T11760] Call Trace: [ 221.686829][T11760] [ 221.686833][T11760] dump_stack_lvl+0x16c/0x1f0 [ 221.686853][T11760] should_fail_ex+0x512/0x640 [ 221.686866][T11760] ? __kmalloc_cache_noprof+0x5f/0x780 [ 221.686882][T11760] should_failslab+0xc2/0x120 [ 221.686895][T11760] __kmalloc_cache_noprof+0x72/0x780 [ 221.686909][T11760] ? __pfx___might_resched+0x10/0x10 [ 221.686923][T11760] ? vhost_task_create+0xe5/0x370 [ 221.686933][T11760] ? rcu_is_watching+0x12/0xc0 [ 221.686946][T11760] ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 221.686962][T11760] ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 221.686975][T11760] ? vhost_task_create+0xe5/0x370 [ 221.686985][T11760] vhost_task_create+0xe5/0x370 [ 221.686995][T11760] ? __pfx_vhost_task_create+0x10/0x10 [ 221.687010][T11760] ? __pfx_vhost_task_fn+0x10/0x10 [ 221.687027][T11760] kvm_mmu_post_init_vm+0x1b7/0x380 [ 221.687039][T11760] kvm_arch_vcpu_ioctl_run+0x66/0x1920 [ 221.687051][T11760] ? kvm_vcpu_ioctl+0x14c5/0x1690 [ 221.687068][T11760] kvm_vcpu_ioctl+0x5eb/0x1690 [ 221.687084][T11760] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 221.687098][T11760] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 221.687113][T11760] ? do_vfs_ioctl+0x128/0x14f0 [ 221.687128][T11760] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 221.687142][T11760] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 221.687160][T11760] ? hook_file_ioctl_common+0x145/0x410 [ 221.687177][T11760] ? selinux_file_ioctl+0x180/0x270 [ 221.687188][T11760] ? selinux_file_ioctl+0xb4/0x270 [ 221.687200][T11760] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 221.687214][T11760] __x64_sys_ioctl+0x18e/0x210 [ 221.687230][T11760] do_syscall_64+0xcd/0xfa0 [ 221.687241][T11760] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.687251][T11760] RIP: 0033:0x7f00a618f6c9 [ 221.687260][T11760] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 221.687271][T11760] RSP: 002b:00007f00a6f6a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 221.687281][T11760] RAX: ffffffffffffffda RBX: 00007f00a63e5fa0 RCX: 00007f00a618f6c9 [ 221.687288][T11760] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 221.687294][T11760] RBP: 00007f00a6f6a090 R08: 0000000000000000 R09: 0000000000000000 [ 221.687300][T11760] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 221.687307][T11760] R13: 00007f00a63e6038 R14: 00007f00a63e5fa0 R15: 00007ffd17975538 [ 221.687321][T11760] [ 221.783672][ T7138] usb 7-1: USB disconnect, device number 65 [ 221.877149][T11764] FAULT_INJECTION: forcing a failure. [ 221.877149][T11764] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 221.881831][T11764] CPU: 1 UID: 0 PID: 11764 Comm: syz.3.2296 Not tainted syzkaller #0 PREEMPT(full) [ 221.881854][T11764] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 221.881866][T11764] Call Trace: [ 221.881872][T11764] [ 221.881878][T11764] dump_stack_lvl+0x16c/0x1f0 [ 221.881910][T11764] should_fail_ex+0x512/0x640 [ 221.881936][T11764] _copy_from_iter+0x29f/0x1720 [ 221.881962][T11764] ? __alloc_skb+0x200/0x380 [ 221.881985][T11764] ? __pfx__copy_from_iter+0x10/0x10 [ 221.882023][T11764] ? netlink_autobind.isra.0+0x158/0x370 [ 221.882056][T11764] netlink_sendmsg+0x820/0xdd0 [ 221.882087][T11764] ? __pfx_netlink_sendmsg+0x10/0x10 [ 221.882128][T11764] ____sys_sendmsg+0xa98/0xc70 [ 221.882147][T11764] ? copy_msghdr_from_user+0x10a/0x160 [ 221.882171][T11764] ? __pfx_____sys_sendmsg+0x10/0x10 [ 221.882198][T11764] ___sys_sendmsg+0x134/0x1d0 [ 221.882223][T11764] ? __pfx____sys_sendmsg+0x10/0x10 [ 221.882245][T11764] ? __lock_acquire+0x622/0x1c90 [ 221.882293][T11764] __sys_sendmsg+0x16d/0x220 [ 221.882317][T11764] ? __pfx___sys_sendmsg+0x10/0x10 [ 221.882355][T11764] do_syscall_64+0xcd/0xfa0 [ 221.882376][T11764] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.882394][T11764] RIP: 0033:0x7f00a618f6c9 [ 221.882410][T11764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 221.882426][T11764] RSP: 002b:00007f00a6f6a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 221.882444][T11764] RAX: ffffffffffffffda RBX: 00007f00a63e5fa0 RCX: 00007f00a618f6c9 [ 221.882457][T11764] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003 [ 221.882467][T11764] RBP: 00007f00a6f6a090 R08: 0000000000000000 R09: 0000000000000000 [ 221.882479][T11764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 221.882490][T11764] R13: 00007f00a63e6038 R14: 00007f00a63e5fa0 R15: 00007ffd17975538 [ 221.882513][T11764] [ 222.360481][T11781] binder: 11780:11781 unknown command 0 [ 222.362341][T11781] binder: 11780:11781 ioctl c0306201 200000000080 returned -22 [ 222.390029][T11783] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2303'. [ 222.492723][T11789] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 222.770605][ T34] usb 8-1: new high-speed USB device number 64 using dummy_hcd [ 222.790605][ T10] usb 7-1: new high-speed USB device number 66 using dummy_hcd [ 222.921342][ T10] usb 7-1: device descriptor read/64, error -71 [ 222.941089][ T34] usb 8-1: Using ep0 maxpacket: 32 [ 222.944711][ T34] usb 8-1: config 0 has no interfaces? [ 222.948577][ T34] usb 8-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 222.952750][ T34] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 222.955950][ T34] usb 8-1: Product: syz [ 222.957589][ T34] usb 8-1: Manufacturer: syz [ 222.959258][ T34] usb 8-1: SerialNumber: syz [ 222.962341][ T34] usb 8-1: config 0 descriptor?? [ 223.160913][ T10] usb 7-1: new high-speed USB device number 67 using dummy_hcd [ 223.166363][ T34] usb 8-1: USB disconnect, device number 64 [ 223.170618][ T29] usb 5-1: new high-speed USB device number 74 using dummy_hcd [ 223.290628][ T10] usb 7-1: device descriptor read/64, error -71 [ 223.340687][ T29] usb 5-1: Using ep0 maxpacket: 32 [ 223.343542][ T29] usb 5-1: config 0 has no interfaces? [ 223.346764][ T29] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 223.349640][ T29] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 223.352696][ T29] usb 5-1: Product: syz [ 223.354039][ T29] usb 5-1: Manufacturer: syz [ 223.355508][ T29] usb 5-1: SerialNumber: syz [ 223.358638][ T29] usb 5-1: config 0 descriptor?? [ 223.401447][ T10] usb usb7-port1: attempt power cycle [ 223.467255][T11801] binder: 11800:11801 ioctl 4018620d 0 returned -22 [ 223.469900][T11801] binder: 11800:11801 unknown command 0 [ 223.471752][T11801] binder: 11800:11801 ioctl c0306201 200000000080 returned -22 [ 223.499828][T11804] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2313'. [ 223.565954][ T60] usb 5-1: USB disconnect, device number 74 [ 223.613916][T11812] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=11812 comm=syz.1.2317 [ 223.613961][T11813] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=36 sclass=netlink_audit_socket pid=11813 comm=syz.1.2317 [ 223.740640][ T10] usb 7-1: new high-speed USB device number 68 using dummy_hcd [ 223.762744][ T10] usb 7-1: device descriptor read/8, error -71 [ 224.000612][ T34] usb 8-1: new high-speed USB device number 65 using dummy_hcd [ 224.000673][ T10] usb 7-1: new high-speed USB device number 69 using dummy_hcd [ 224.021016][ T10] usb 7-1: device descriptor read/8, error -71 [ 224.120875][T11825] binder: 11824:11825 ioctl 4018620d 0 returned -22 [ 224.123418][T11825] binder: 11824:11825 unknown command 0 [ 224.125017][T11825] binder: 11824:11825 ioctl c0306201 200000000080 returned -22 [ 224.131137][ T10] usb usb7-port1: unable to enumerate USB device [ 224.152305][T11827] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2323'. [ 224.153908][ T34] usb 8-1: unable to read config index 0 descriptor/start: -61 [ 224.158897][ T34] usb 8-1: can't read configurations, error -61 [ 224.235071][T11831] FAULT_INJECTION: forcing a failure. [ 224.235071][T11831] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 224.240907][T11831] CPU: 3 UID: 0 PID: 11831 Comm: syz.0.2325 Not tainted syzkaller #0 PREEMPT(full) [ 224.240930][T11831] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 224.240940][T11831] Call Trace: [ 224.240945][T11831] [ 224.240952][T11831] dump_stack_lvl+0x16c/0x1f0 [ 224.240988][T11831] should_fail_ex+0x512/0x640 [ 224.241012][T11831] _copy_from_user+0x2e/0xd0 [ 224.241041][T11831] kstrtouint_from_user+0xd6/0x1d0 [ 224.241065][T11831] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 224.241089][T11831] ? __lock_acquire+0xb8a/0x1c90 [ 224.241117][T11831] proc_fail_nth_write+0x83/0x220 [ 224.241139][T11831] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 224.241162][T11831] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 224.241179][T11831] vfs_write+0x2a0/0x11d0 [ 224.241200][T11831] ? __pfx___mutex_lock+0x10/0x10 [ 224.241218][T11831] ? __pfx_vfs_write+0x10/0x10 [ 224.241242][T11831] ? __fget_files+0x20e/0x3c0 [ 224.241267][T11831] ksys_write+0x12a/0x250 [ 224.241280][T11831] ? __pfx_ksys_write+0x10/0x10 [ 224.241295][T11831] ? fput+0x9b/0xd0 [ 224.241320][T11831] do_syscall_64+0xcd/0xfa0 [ 224.241339][T11831] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 224.241356][T11831] RIP: 0033:0x7fb63bb8e17f [ 224.241371][T11831] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 224.241387][T11831] RSP: 002b:00007fb63c9da030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 224.241401][T11831] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fb63bb8e17f [ 224.241411][T11831] RDX: 0000000000000001 RSI: 00007fb63c9da0a0 RDI: 0000000000000007 [ 224.241421][T11831] RBP: 00007fb63c9da090 R08: 0000000000000000 R09: 0000000000000000 [ 224.241431][T11831] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 224.241441][T11831] R13: 00007fb63bde6038 R14: 00007fb63bde5fa0 R15: 00007fff923ef868 [ 224.241467][T11831] [ 224.327604][ T34] usb 8-1: new high-speed USB device number 66 using dummy_hcd [ 224.369076][T11833] FAULT_INJECTION: forcing a failure. [ 224.369076][T11833] name failslab, interval 1, probability 0, space 0, times 0 [ 224.374160][T11833] CPU: 0 UID: 0 PID: 11833 Comm: syz.0.2326 Not tainted syzkaller #0 PREEMPT(full) [ 224.374181][T11833] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 224.374191][T11833] Call Trace: [ 224.374197][T11833] [ 224.374204][T11833] dump_stack_lvl+0x16c/0x1f0 [ 224.374232][T11833] should_fail_ex+0x512/0x640 [ 224.374250][T11833] ? kmem_cache_alloc_node_noprof+0x65/0x770 [ 224.374278][T11833] should_failslab+0xc2/0x120 [ 224.374298][T11833] kmem_cache_alloc_node_noprof+0x78/0x770 [ 224.374326][T11833] ? __lock_acquire+0x622/0x1c90 [ 224.374341][T11833] ? __alloc_skb+0x2b2/0x380 [ 224.374364][T11833] ? __alloc_skb+0x2b2/0x380 [ 224.374381][T11833] __alloc_skb+0x2b2/0x380 [ 224.374400][T11833] ? __pfx___alloc_skb+0x10/0x10 [ 224.374428][T11833] alloc_skb_with_frags+0xe0/0x860 [ 224.374449][T11833] ? __might_fault+0xe3/0x190 [ 224.374470][T11833] ? __might_fault+0x13b/0x190 [ 224.374497][T11833] sock_alloc_send_pskb+0x7f9/0x980 [ 224.374517][T11833] ? _copy_from_iter+0x15d/0x1720 [ 224.374542][T11833] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 224.374561][T11833] ? find_held_lock+0x2b/0x80 [ 224.374581][T11833] ? dev_get_by_index+0x17c/0x380 [ 224.374606][T11833] packet_sendmsg+0x2054/0x5850 [ 224.374642][T11833] ? sock_has_perm+0x259/0x2f0 [ 224.374667][T11833] ? __pfx_sock_has_perm+0x10/0x10 [ 224.374693][T11833] ? __pfx_packet_sendmsg+0x10/0x10 [ 224.374726][T11833] __sys_sendto+0x4a3/0x520 [ 224.374745][T11833] ? __pfx___sys_sendto+0x10/0x10 [ 224.374782][T11833] ? ksys_write+0x1ac/0x250 [ 224.374798][T11833] ? __pfx_ksys_write+0x10/0x10 [ 224.374815][T11833] __x64_sys_sendto+0xe0/0x1c0 [ 224.374833][T11833] ? do_syscall_64+0x91/0xfa0 [ 224.374847][T11833] ? lockdep_hardirqs_on+0x7c/0x110 [ 224.374870][T11833] do_syscall_64+0xcd/0xfa0 [ 224.374886][T11833] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 224.374902][T11833] RIP: 0033:0x7fb63bb8f6c9 [ 224.374916][T11833] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 224.374930][T11833] RSP: 002b:00007fb63c9da038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 224.374947][T11833] RAX: ffffffffffffffda RBX: 00007fb63bde5fa0 RCX: 00007fb63bb8f6c9 [ 224.374957][T11833] RDX: 000000000001fffc RSI: 0000200000000180 RDI: 0000000000000003 [ 224.374967][T11833] RBP: 00007fb63c9da090 R08: 0000200000000140 R09: 0000000000000014 [ 224.374977][T11833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 224.374986][T11833] R13: 00007fb63bde6038 R14: 00007fb63bde5fa0 R15: 00007fff923ef868 [ 224.375008][T11833] [ 224.493090][ T34] usb 8-1: unable to read config index 0 descriptor/start: -61 [ 224.495673][ T34] usb 8-1: can't read configurations, error -61 [ 224.497854][ T34] usb usb8-port1: attempt power cycle [ 224.850613][ T34] usb 8-1: new high-speed USB device number 67 using dummy_hcd [ 224.873089][ T34] usb 8-1: unable to read config index 0 descriptor/start: -61 [ 224.876199][ T34] usb 8-1: can't read configurations, error -61 [ 225.020624][ T34] usb 8-1: new high-speed USB device number 68 using dummy_hcd [ 225.042543][ T34] usb 8-1: unable to read config index 0 descriptor/start: -61 [ 225.045313][ T34] usb 8-1: can't read configurations, error -61 [ 225.047504][ T34] usb usb8-port1: unable to enumerate USB device [ 225.572593][T11850] binder: 11849:11850 ioctl 4018620d 0 returned -22 [ 225.575108][T11850] binder: 11849:11850 unknown command 0 [ 225.576916][T11850] binder: 11849:11850 ioctl c0306201 200000000080 returned -22 [ 225.711577][ T6016] usb 6-1: new high-speed USB device number 69 using dummy_hcd [ 225.870927][ T6016] usb 6-1: Using ep0 maxpacket: 32 [ 225.875646][ T6016] usb 6-1: config 0 has no interfaces? [ 225.878918][ T6016] usb 6-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 225.882154][ T6016] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 225.884640][ T6016] usb 6-1: Product: syz [ 225.885954][ T6016] usb 6-1: Manufacturer: syz [ 225.887416][ T6016] usb 6-1: SerialNumber: syz [ 225.890079][ T6016] usb 6-1: config 0 descriptor?? [ 225.936684][ T40] audit: type=1400 audit(1762856176.337:388): avc: denied { bind } for pid=11864 comm="syz.0.2340" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 225.937236][T11865] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2340'. [ 225.945612][T11865] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 225.983499][T11865] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 225.988010][ T40] audit: type=1400 audit(1762856176.387:389): avc: denied { name_bind } for pid=11864 comm="syz.0.2340" src=65530 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=rawip_socket permissive=1 [ 226.099691][ T1469] usb 6-1: USB disconnect, device number 69 [ 226.110638][ T34] usb 7-1: new high-speed USB device number 70 using dummy_hcd [ 226.240592][ T34] usb 7-1: device descriptor read/64, error -71 [ 226.490591][ T34] usb 7-1: new high-speed USB device number 71 using dummy_hcd [ 226.620581][ T34] usb 7-1: device descriptor read/64, error -71 [ 226.682104][T11873] ------------[ cut here ]------------ [ 226.684005][T11873] WARNING: CPU: 2 PID: 11873 at drivers/gpu/drm/drm_prime.c:223 drm_prime_destroy_file_private+0x43/0x60 [ 226.688359][T11873] Modules linked in: [ 226.690116][T11873] CPU: 2 UID: 0 PID: 11873 Comm: syz.1.2344 Not tainted syzkaller #0 PREEMPT(full) SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 226.695153][T11873] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 226.698945][T11873] RIP: 0010:drm_prime_destroy_file_private+0x43/0x60 [ 226.701315][T11873] Code: 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 21 48 8b 83 90 00 00 00 48 85 c0 75 06 5b e9 63 2d 74 fc e8 5e 2d 74 fc 90 <0f> 0b 90 5b e9 54 2d 74 fc e8 2f bc dc fc eb d8 66 66 2e 0f 1f 84 [ 226.707794][T11873] RSP: 0018:ffffc90006c17cc8 EFLAGS: 00010293 [ 226.709755][T11873] RAX: 0000000000000000 RBX: ffff888053a37380 RCX: ffffffff8b61db01 [ 226.712382][T11873] RDX: ffff888022a92480 RSI: ffffffff8548bb72 RDI: ffff888053a37410 [ 226.715030][T11873] RBP: ffff888053a37000 R08: 0000000000000001 R09: fffff52000d82f79 [ 226.717553][T11873] R10: ffffc90006c17bcf R11: 0000000000000000 R12: ffff8880263ae000 [ 226.720020][T11873] R13: ffff888053a372b0 R14: 0000000000000000 R15: ffff888053a372d8 [ 226.722596][T11873] FS: 000055555d298500(0000) GS:ffff8880d6c08000(0000) knlGS:0000000000000000 [ 226.726152][T11873] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.728723][T11873] CR2: 000000110c2ab8fe CR3: 0000000051c64000 CR4: 0000000000352ef0 [ 226.731938][T11873] Call Trace: [ 226.733277][T11873] [ 226.734451][T11873] drm_file_free.part.0+0x7ee/0xcd0 [ 226.736674][T11873] drm_close_helper.isra.0+0x186/0x1f0 [ 226.738778][T11873] drm_release+0x1ab/0x360 [ 226.740606][T11873] ? __pfx_drm_release+0x10/0x10 [ 226.742555][T11873] __fput+0x402/0xb70 [ 226.744171][T11873] task_work_run+0x150/0x240 [ 226.746017][T11873] ? __pfx_task_work_run+0x10/0x10 [ 226.748029][T11873] ? __pfx___do_sys_close_range+0x10/0x10 [ 226.750317][T11873] exit_to_user_mode_loop+0xec/0x130 [ 226.752433][T11873] do_syscall_64+0x426/0xfa0 [ 226.754273][T11873] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 226.756618][T11873] RIP: 0033:0x7fc3def8f6c9 [ 226.758377][T11873] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 226.760103][ T34] usb usb7-port1: attempt power cycle [ 226.765917][T11873] RSP: 002b:00007fffdf4b3418 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 226.770571][T11873] RAX: 0000000000000000 RBX: 00000000000374e1 RCX: 00007fc3def8f6c9 [ 226.773259][T11873] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 226.775989][T11873] RBP: 00007fc3df1e7da0 R08: 0000000000000001 R09: 0000000adf4b370f [ 226.778490][T11873] R10: 0000001b2e620000 R11: 0000000000000246 R12: 00007fc3df1e5fac [ 226.781170][T11873] R13: 00007fc3df1e5fa0 R14: ffffffffffffffff R15: 00007fffdf4b3530 [ 226.783643][T11873] [ 226.784659][T11873] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 226.786939][T11873] CPU: 2 UID: 0 PID: 11873 Comm: syz.1.2344 Not tainted syzkaller #0 PREEMPT(full) [ 226.789835][T11873] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 226.793202][T11873] Call Trace: [ 226.794493][T11873] [ 226.795661][T11873] dump_stack_lvl+0x3d/0x1f0 [ 226.797528][T11873] vpanic+0x640/0x6f0 [ 226.799113][T11873] ? drm_prime_destroy_file_private+0x43/0x60 [ 226.801482][T11873] panic+0xca/0xd0 [ 226.802966][T11873] ? __pfx_panic+0x10/0x10 [ 226.804747][T11873] ? check_panic_on_warn+0x1f/0xb0 [ 226.806754][T11873] check_panic_on_warn+0xab/0xb0 [ 226.808701][T11873] __warn+0xf6/0x3c0 [ 226.810252][T11873] ? drm_prime_destroy_file_private+0x43/0x60 [ 226.812643][T11873] report_bug+0x3c3/0x580 [ 226.814368][T11873] ? drm_prime_destroy_file_private+0x43/0x60 [ 226.816767][T11873] handle_bug+0x184/0x210 [ 226.818469][T11873] exc_invalid_op+0x17/0x50 [ 226.820275][T11873] asm_exc_invalid_op+0x1a/0x20 [ 226.822181][T11873] RIP: 0010:drm_prime_destroy_file_private+0x43/0x60 [ 226.824766][T11873] Code: 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 21 48 8b 83 90 00 00 00 48 85 c0 75 06 5b e9 63 2d 74 fc e8 5e 2d 74 fc 90 <0f> 0b 90 5b e9 54 2d 74 fc e8 2f bc dc fc eb d8 66 66 2e 0f 1f 84 [ 226.832223][T11873] RSP: 0018:ffffc90006c17cc8 EFLAGS: 00010293 [ 226.834591][T11873] RAX: 0000000000000000 RBX: ffff888053a37380 RCX: ffffffff8b61db01 [ 226.837689][T11873] RDX: ffff888022a92480 RSI: ffffffff8548bb72 RDI: ffff888053a37410 [ 226.840803][T11873] RBP: ffff888053a37000 R08: 0000000000000001 R09: fffff52000d82f79 [ 226.843814][T11873] R10: ffffc90006c17bcf R11: 0000000000000000 R12: ffff8880263ae000 [ 226.846937][T11873] R13: ffff888053a372b0 R14: 0000000000000000 R15: ffff888053a372d8 [ 226.850056][T11873] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 226.852263][T11873] ? drm_prime_destroy_file_private+0x42/0x60 [ 226.854654][T11873] ? drm_prime_destroy_file_private+0x42/0x60 [ 226.857048][T11873] drm_file_free.part.0+0x7ee/0xcd0 [ 226.859089][T11873] drm_close_helper.isra.0+0x186/0x1f0 [ 226.861140][T11873] drm_release+0x1ab/0x360 [ 226.862901][T11873] ? __pfx_drm_release+0x10/0x10 [ 226.864735][T11873] __fput+0x402/0xb70 [ 226.866309][T11873] task_work_run+0x150/0x240 [ 226.868029][T11873] ? __pfx_task_work_run+0x10/0x10 [ 226.870070][T11873] ? __pfx___do_sys_close_range+0x10/0x10 [ 226.872309][T11873] exit_to_user_mode_loop+0xec/0x130 [ 226.874381][T11873] do_syscall_64+0x426/0xfa0 [ 226.876215][T11873] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 226.878519][T11873] RIP: 0033:0x7fc3def8f6c9 [ 226.880290][T11873] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 226.887729][T11873] RSP: 002b:00007fffdf4b3418 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 226.890966][T11873] RAX: 0000000000000000 RBX: 00000000000374e1 RCX: 00007fc3def8f6c9 [ 226.894055][T11873] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 226.897134][T11873] RBP: 00007fc3df1e7da0 R08: 0000000000000001 R09: 0000000adf4b370f [ 226.899722][T11873] R10: 0000001b2e620000 R11: 0000000000000246 R12: 00007fc3df1e5fac [ 226.902205][T11873] R13: 00007fc3df1e5fa0 R14: ffffffffffffffff R15: 00007fffdf4b3530 [ 226.904694][T11873] [ 226.906331][T11873] Kernel Offset: disabled [ 226.907693][T11873] Rebooting in 86400 seconds.. VM DIAGNOSIS: 10:16:17 Registers: info registers vcpu 0 CPU#0 RAX=000000000023541d RBX=0000000000000000 RCX=ffffffff8b6092a9 RDX=0000000000000000 RSI=ffffffff8da2b720 RDI=ffffffff8bf070c0 RBP=fffffbfff1c12f40 RSP=ffffffff8e007df8 R8 =0000000000000001 R9 =ffffed100d486655 R10=ffff88806a4332ab R11=0000000000000001 R12=0000000000000000 R13=ffffffff8e097a00 R14=ffffffff90820cd0 R15=0000000000000000 RIP=ffffffff8b607d5f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6a08000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055555d298808 CR3=000000004acc3000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001000000 Opmask01=0000000001000003 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffdf4b3640 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3df013050 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3df01305d ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3df013057 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3df01306b ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3df0130f1 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3df0131cf ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000007 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000368 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000007 0000000000000000 0000000000000000 0000000000000368 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000007 RBX=ffff8880267fc900 RCX=ffffc90003cc7034 RDX=0000000000000000 RSI=ffffffff81f9dbae RDI=ffff8880267fcd84 RBP=ffff8880267fc900 RSP=ffffc90003cc7058 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000011795 R12=ffffffff81a7e320 R13=ffffc90003cc70e0 R14=0000000000000000 R15=ffff8880267fc900 RIP=ffffffff81a1a5a4 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6b08000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fab01b17d60 CR3=000000002a279000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000002020004 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fab00fb76c3 00007fab00fb76c3 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdc3b94520 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055555694b3d8 000055555694af70 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055555694138c 00005555569410f0 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555569460c8 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 80030008000df803 0008000df0030008 000de8030008000d e0030008000dd803 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 010180041880e393 a408000100000208 06060114b8000800 0188030000000c08 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 060180030c800418 80e390dc08000100 00020806060114b6 0100000a08060c90 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 030008000c880308 0da80c050d800418 86c3939c08000100 00020806060113f6 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0010000ec0030010 000eb0030010000e a0030710000e9003 0008000e80030008 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000034 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85295335 RDI=ffffffff9add8780 RBP=ffffffff9add8740 RSP=ffffc90006c17630 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=0000000000000034 R14=ffffffff9add8740 R15=ffffffff852952d0 RIP=ffffffff8529535f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 000055555d298500 ffffffff 00c00000 GS =0000 ffff8880d6c08000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c2ab8fe CR3=0000000051c64000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3df013050 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3df01305d ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3df013057 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3df01306b ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3df0130f1 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3df0131cf ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3df1b74a8 00007fc3df1b74a0 00007fc3df1b7498 00007fc3df1b7470 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3dfd1d100 00007fc3df1b7460 00007fc3df1b0004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3df1b74b8 00007fc3df1b74b0 00007fc3df1b74a8 00007fc3df1b74a0 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000007 0000000000000000 0000000000000000 0000000000000368 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=00000000001b489f RBX=0000000000000003 RCX=ffffffff8b6092a9 RDX=0000000000000000 RSI=ffffffff8da2b720 RDI=ffffffff8bf070c0 RBP=ffffed1003bd6000 RSP=ffffc90000197de8 R8 =0000000000000001 R9 =ffffed100d4e6655 R10=ffff88806a7332ab R11=0000000000000001 R12=0000000000000003 R13=ffff88801deb0000 R14=ffffffff90820cd0 R15=0000000000000000 RIP=ffffffff8b607d5f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6d08000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fc3df1d2000 CR3=0000000051c64000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000001000003 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3df013050 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3df01305d ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3df013057 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3df01306b ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3df0130f1 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3df0131cf ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3df1b74a8 00007fc3df1b74a0 00007fc3df1b7498 00007fc3df1b7470 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3dfd1d100 00007fc3df1b7460 00007fc3df1b7478 00007fc3df1b74c0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3df1b74b8 00007fc3df1b74b0 00007fc3df1b74a8 00007fc3df1b74a0 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000007 0000000000000000 0000000000000000 0000000000000368 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000