last executing test programs: 10.165513268s ago: executing program 0 (id=945): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_SAVE(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="20000000080100ffffffff0009000000000000000900020073797a3200000000ddeb2b105e02f6972512341d"], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x44) r1 = accept4$llc(0xffffffffffffffff, &(0x7f0000000200), &(0x7f0000000240)=0x10, 0x80000) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x200401, &(0x7f0000000840)=ANY=[@ANYBLOB="78226e6f65786163638173733d616e792c63616368653d66736361636865"]) openat$snapshot(0xffffffffffffff9c, 0x0, 0x2, 0x0) socket$kcm(0x10, 0x0, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000) socket$packet(0x11, 0x2, 0x300) getsockopt$packet_int(0xffffffffffffffff, 0x107, 0x13, &(0x7f0000000000), &(0x7f0000000040)=0x4) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_SERVICE(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000000000000000010000001c00018006000100020000000800050000000000080006007369"], 0x30}}, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000004c0)=ANY=[], &(0x7f0000000340)='syzkaller\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r5, 0x18000000000002a0, 0xd, 0x0, &(0x7f0000000300)="b9ff03076844268cb89e14f088", 0x0, 0x2000, 0x60000009, 0x23, 0x0, 0x0, 0x0, 0x4}, 0x4c) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(0xffffffffffffffff, 0xc0045520, 0x0) r6 = socket$netlink(0x10, 0x3, 0x8000000004) close(0xffffffffffffffff) r7 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) listen(r7, 0x0) writev(r6, &(0x7f0000000280)=[{&(0x7f0000000040)="580000001400192340834b80040d8c560a067fbc45ff81054e220000000058000b480400945f64009400050038925a01000000000000008004000000ffe809000000fff5dd0000000800030006010000418e01400004fcff", 0x58}], 0x1) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000400)={{0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x4}, 0x5, 0x40, 0x1, 0x0, 0xfffffffffffffe43, 0x4, 'syz0\x00', 0x0, 0xfffffffffffffef5}) umount2(&(0x7f0000000040)='./file0\x00', 0xb) ioctl$EXT4_IOC_PRECACHE_EXTENTS(r1, 0x6612) 7.25948205s ago: executing program 0 (id=967): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x121301, 0x0) write$binfmt_aout(r2, 0x0, 0xff2e) syz_open_pts(r2, 0x0) r3 = dup(r1) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, &(0x7f00000000c0)="0f01bd00800f22a78332d8a81a0fae870000f3f00fb1020f005dd2f30fd6ffb800008ec00fae4560", 0x28}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000}) ioctl$KVM_RUN(r4, 0xae80, 0x0) syz_usb_connect(0x0, 0x147, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000d33a2f40d1121f1c4663000000010902"], 0x0) 6.583028895s ago: executing program 1 (id=975): bind$inet(0xffffffffffffffff, &(0x7f0000000240)={0x2, 0x4e20, @multicast1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x0, 0x0, 0x0, 0x4}, 0x90) socket(0x11, 0x800000003, 0x0) syz_emit_vhci(0x0, 0xd) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x19) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) fcntl$dupfd(0xffffffffffffffff, 0x0, r1) setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000080)='lp\x00', 0x3) connect$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c) r2 = syz_open_dev$video4linux(&(0x7f0000000040), 0x7fffffffffffffff, 0x0) ioctl$VIDIOC_SUBDEV_S_FMT(r2, 0xc0585605, &(0x7f0000000080)={0x1}) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) lsetxattr$security_capability(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000280), 0x0, 0x0, 0x3) syz_usb_connect(0x0, 0x2d, &(0x7f00000006c0)=ANY=[@ANYBLOB="1201000005bcca2023380100eb030102030109021b"], 0x0) r3 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, 0x0, 0x0) r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, &(0x7f00000001c0)=0xb0000) ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000140)=0xa0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000000)={@host}) ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r4, 0x7a5, &(0x7f0000000240)={{@hyper}, 0x1}) 5.424084156s ago: executing program 0 (id=979): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) socket(0x0, 0x0, 0x0) io_submit(0x0, 0x0, 0x0) unshare(0x6a040000) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) socket$inet6_udp(0xa, 0x2, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000840)=@mangle={'mangle\x00', 0x64, 0x6, 0x508, 0x100, 0x1d8, 0x100, 0x100, 0x2a8, 0x490, 0x490, 0x490, 0x490, 0x490, 0x6, 0x0, {[{{@ipv6={@empty, @loopback, [], [], 'gre0\x00', 'bond0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@CONNSECMARK={0x28}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x3c0}}, {{@ipv6={@mcast2, @private1, [], [], 'pim6reg1\x00', 'vlan1\x00'}, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4=@remote, @ipv6=@mcast1}}}, {{@ipv6={@private0, @remote, [], [], 'tunl0\x00', 'bond_slave_0\x00'}, 0x0, 0xa8, 0xd0}, @HL={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x568) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) read$msr(r2, 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000040)={0x53, 0x0, 0x6, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000380)="259374c96ee3", 0x0, 0xad, 0xb12531df61d0214, 0x0, 0x0}) syz_emit_vhci(0x0, 0x0) r3 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000040)={0x7ff, 0xef9, 0x1}) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x11, r3, 0x1000f0000) bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0x14, 0x16, 0x1e40, 0x7f}, 0x48) syz_init_net_socket$ax25(0x3, 0x5, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) write$cgroup_int(r5, 0x0, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r4, 0x0) sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x0) 4.35446039s ago: executing program 0 (id=986): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10) r1 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=@gettaction={0x18, 0x5a, 0x1, 0x0, 0x0, {}, [@action_gd=@TCA_ACT_TAB={0x4}]}, 0x18}}, 0x4000880) getpid() r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) gettid() bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x3, 0x4}, 0x48) syz_usb_connect$cdc_ecm(0x0, 0x4d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000020000402505a1a440000000010109023b00"], 0x0) socket$key(0xf, 0x3, 0x2) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = socket$nl_xfrm(0x10, 0x3, 0x6) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8) sendmsg$nl_xfrm(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000001040)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in=@multicast2, @in6=@remote, 0x0, 0x0, 0x2, 0x0, 0xa}, {@in6=@remote, 0x0, 0x32}, @in6=@mcast1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000}, {}, {}, 0x0, 0x0, 0xa, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}, 0x1, 0xe, 0x0, 0x20000000}, 0x0) sendmsg$NL80211_CMD_JOIN_IBSS(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)={0x2c, r3, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params]}, 0x2c}}, 0x0) capset(0x0, &(0x7f0000000280)) 4.018568845s ago: executing program 3 (id=988): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[], 0x0, 0x37}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0x1e, 0x0, 0x0, 0x0, 0x100, 0xffffffffffffffff, 0x0, '\x00', 0x0, r4, 0x0, 0x1}, 0x48) move_mount(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', r3, &(0x7f0000000300)='./file0\x00', 0x40) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$caif_seqpacket(0x25, 0x5, 0x0) openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) connect$netrom(r5, &(0x7f0000000080)={{0x6, @rose}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x8, 0x0}, @default, @bcast]}, 0x10) r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f0000000040)={0xc, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r6, 0x3ba0, 0x0) ioctl$IOMMU_IOAS_MAP$PAGES(r6, 0x3b85, &(0x7f0000000340)={0x28, 0x0, r7, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2000}) r8 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f00009ff000/0x600000)=nil, 0x600000, 0x0, 0x13, r8, 0x0) ioctl$IOMMU_HWPT_ALLOC$NONE(0xffffffffffffffff, 0x3b89, &(0x7f0000000380)={0x28, 0x0, 0x0, r7, 0x0, 0x0, 0x0, 0x0, 0x0}) getrlimit(0x7, &(0x7f00000003c0)) close(r6) 3.386481001s ago: executing program 1 (id=989): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) socket$kcm(0x10, 0x2, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b30, &(0x7f0000000400)={'wlan0\x00'}) r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c", 0x15) ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0) r2 = openat$userio(0xffffffffffffff9c, &(0x7f0000000000), 0x8002, 0x0) syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="04230d9238243b3c29c280c90007dd5a48b96d5917e86843d77025061b91001e"], 0x10) setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, 0x0, 0x0) syz_emit_vhci(0x0, 0x0) openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$sock_SIOCSIFVLAN_GET_VLAN_VID_CMD(r3, 0x8983, &(0x7f0000000540)) mount$9p_fd(0x0, &(0x7f00000002c0)='./file1\x00', &(0x7f0000000300), 0x0, &(0x7f0000000680)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r2}}) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r1, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) socket$nl_netfilter(0x10, 0x3, 0xc) syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="04040a00000000000054679202ce9eaa48b326b038d97544c8b681bad547412afab3663029531077c8c4fa2f7501610d4eae6214096ae92430cd63486f07b04d9c519ab15a6e842e1352398f95ff35f5115a2c6c50f63336179b5e6b1f774a63506e8cb76bba42c6bee078240ec871a2bcf7dd5691833ac53a02f3614eae3afb9549df1b77ce0baebc9f6306644f6f08bbd3ca3229d272acd3483bf3ae4228f7a2b839594856918b10ca47ad4dc249d99c244aba277d101b5ac305"], 0xd) syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0xc8}}}, 0x14) 3.238609904s ago: executing program 2 (id=991): openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x101a02, 0x0) capset(0x0, &(0x7f00000000c0)) socket$igmp(0x2, 0x3, 0x2) socket$kcm(0x10, 0x2, 0x0) epoll_create(0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) r0 = syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffff56}) io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0) 3.091621776s ago: executing program 2 (id=992): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_KEY(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x20, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_KEY={0x4}]}, 0x20}}, 0x0) 2.95061975s ago: executing program 1 (id=993): r0 = socket$kcm(0x2, 0x3, 0x84) sendmsg$inet(r0, &(0x7f0000001000)={&(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000000940)=[{&(0x7f0000001040)="5346f7f875528ef24043c68e04180a332e94ee4784fffee263c06f2d924e8699b6af71aa257b5a316af31628e5148c7012f4d55ce4c29fea9e5b0b61fdf0b2dc866fa81b4e775e235eaebe330e16114548f147b8a966bf1f1fc6c24b9d47d349c87c3f789d2ba608cd25b17b6c80a7f0ceb4a06ff270ff8c9f0d3a19133f1fdfd51b767b8cef1f36e5490c5df5fcb378a6fb6eb5d8aaf7791ce81f61a05e1ebdd1789eb70ac1f3dfed378f6f3e237120052113a75ab977796117f7e7b2d6ee499f51dc070c820d10a0eaef4fc94ddc648bafae070caf70c465267497b3de963df649e113e2060c82b057abfae0798d424c81aeb42796189eb0936a2c547a5c4d6351ed786c75beb926118fb7af49ecc00b545fe2563bd4294a982980afed3f9cf390f304611db4c6d7b64d64f38db5fde5cf7cadb29c697013b710e0218660671d0051ddd7fb7f5eb72a34f469b2e20600000091817eb5b952af43d1a40f4770e7220fcdfe25d3e9747e2af76ece5922724840afdba6f6f9e1d11db8561e8e836413ee04d6e084700ec1ac0e00569f0e4d4844f4710299aabbef615c33e276544669ce074528938ec0cc6d2af1ce7a47a64ad676f08507aa08d4210f979ef4aacfa4d524c9952d4743d65c3c527302942a8880116ce7ebc6c84778346f02c806bb466db7d313d7ebc7ea87823d4a8de0b697929fb3277012327827801f75ca3c5776d1a81acb160007f73148dfaf05ab7eed5a0e603ac468eb2bcd9de5f140758e74c20a9931187e0cbc857aa62a4cec8a62f7e31af3a78cdb8608551cdd68e83aebb3c9e05519184ff996c336553fa6bf16865cd6c4eacf1e360b029cdae41070f5fd183ea0eaae427505d56994ccfd0737aae3abbc45f56710d2e3f2662bf4514044f7fa03cde28fa1783970d3c676cb23cb1923a9feb233267ef663936ccf25f7597a2270724527bf468d22786d0548b25582180b72c51742c4e5c373a1008dd4cfba508e8f3f8ec35e6f1375a11b1fbe2dc09e9fe609e80112c8f5c895c922cd547def707b7252d7afa0030d008b1dd10fd4a56e30237a6e0229fb4562cb8df3d4e64b28e15c075e59554e9d61a6065d49c1e765a49195cf5d6b1e2b6192447817fedfe41fcdf9a4fc5af567906e4b6453da7b97eac255cc253d7bceba09f67da4815438583c6843366b76d9e9277558e48681e9cfa920b47aea0e5c46ef86ea7f1ef534cf7565b24b833ba2cbfe60e6271614850dd68f2a8a6be4f315b83abb8e2699ed8e2a4b3506f9dacbb180c4deeef7489f49faf34cdf4e91a402956564f854d71c892e4aada1c91647ce45d4834d000e8d5be1773ecae388e511228977a69d4cc67fbab60ee1555a219e41eebc31807a87d9cbe88a8b05959e1a988f6ea6ed73a6ac1ec2f3d74d73eaa91a39308e008b7fa1ecc2a020f495750f9936d9c07130d950a777c0d8d131416ef55a4ec041113df65ba4aea92fcb3e2268510f316bd17f04993b6473338fe7c08fd9874e743a31582162232c7d6c614e7b3513abcc0feb99b2c9111300004fe291f5bd682c039183e61c1fdac90b2a015939a8d10b07a05e99e5772b4b9329275cef8de2b066d4e4d421e4a0a69cdd8f674b12f5b3fa764e4b1e9f4d767e252e37477813a03f18da16d598fddcf4be590d9f65f64c647cb2f330a614fe688d3d80182ed8aa59905a1cb0d3f034d927e070d71f56ee8e5c5bdf23c4f85c7a17834467bd6cf58218868fe53e3675c130bbe44bea271fa67999a0dc3dbf7c40dbba6e7d6cc0936bd8d466a1f041883c093a3a60743d0549b1a989a2fa41ff978388014434909053e279a21e7866bd4efb4a9f46b7a8b0d1d84d83020e9e68936ca3de030269784aa29a3e25146cd5b03d21ca82f961be925c9ad487fb24b1e35c2d043ee4b6a4aaf811c4308a6ced6b4c45e7513a3f0e1421cb3b0fd8571a7085c9a4b454e4ee8b44767428666cd108b78369b871ab32f36943e24976f4bb6bd4068cc19585a2de791e3f950d220b28f4ba268d8c9dbccc1a705b1b1c30881babdbc8cc4cf97b801e4d410fd7c61b34b1f126e6df1b0e9c676d1ab5", 0x5c9}, {&(0x7f0000000200)="3001fb90647586f4601659c5ad2644b99bfd65452e947b394c96c29278d097c5f170d77283a744139d2ce2a2f4bb5bb37e7396e7bac14056f25d17145e73bc2461b20ea3fce771f1b32d1585e8a456763cfafcf7189145a6e261af6232014cbf8a0f898bf6d14136874b6a1fd7caf8ec9966b041e7dff102c6e247d1a44f038ae29eb4bc67d6a04e80dfb7715ebafaa20fcbc57ade23cba05da1fbe4bba675b742472eebaabf356adc99866930e146125a272cef5baf5dfad4a28a0120d1b4e671487a7b018d9908183ab2085a781e531f1bed4ac9c245ec19be383047656a7d857d364e6f69ecce", 0xe8}, {&(0x7f0000000100)="79dfe4263f037de282e588f3c773eca5f0c383e7425d1573aa90a44223bfeced3ff85afe9d0c0b3b5a7ed7fcdb96a3934fe7af73ee25d5d36ba42e2a858c3d134299abc0393e031db435ae156e55eb2b2b2e2300e0706dfc5c4ec73ba929ffe8a7bb7ce55d95fb6e58560c45d96a58a13aa944b98c481a82927ec071b272b4592616116116527fd2dbc0dfd58c572f714f6852063afc8358fb33ccb8a90500b32b4e26bea604e534d8983790b5e2a180fed88108b0f5a499d5f80b4e4047d9ecc03d21856a4ec0d0d41496d980ddfa9098d327d9559e82fceb2b1b1ca4b45c9e22b2de", 0xe3}, {&(0x7f0000000380)="c58cf2a0f0f863621a483b19e7ecfce0d34e53fbf2959272146847c314ac0cdfd79dc1815274c3ee57068b3793c243bc98585fab48eb353478689f452328afb023f75f93227bbe5a4aa3fea049ec0862c493e14eb44aacf27f9060bc2c826383c904750402dd05d1e8c3a549a06e280ca4eaf77b4aed57a0c5f6120d25a3d5121895638ec5e2e6", 0x87}, {&(0x7f0000000700)="15c84609b06c6d85a5ca6f3a9a242f214aee4e7093161b717090c0c852a05393abd8992d91576f57bbd3488e85d8456d6c6c09de5c5228ee18819665861f01a2823a7cfa8e9260a5fe3921638db2dc5156149f86916810f913a944e1c8cd7fccb63f37900c5b287016e512b050ca214125b2217260c9ce3019e88b80985402ff7ca34be17e0dbda4f028cec9973a2b9eed83eee86f35f2c0adf50a04296e99c0f709fb3990aa5d0e74a125971357630b6f3eb4fb4064c42c2b2519a1c77824df6f0653fb116149fcb5c7e46fce32b1de7f511951d4b1ae47781250afdb11680684c1d2854810a90dbe10016823346663fdf1df6200a0dc3cafe8ec225fda47", 0xff}, {&(0x7f0000000800)="3a0846cacd7448e2015cc9a09c5f5608265e1e0fe02aa9077d7ddd960ba112fe1c64f57cba71e7ad8bbdc06a3299398e39498fc459bc1745e3d21a7ca987a4f4b774fe331d20dab2e846a721ff43b0491dc4cb32e16330e0d7d520f4887da0d6f356f8ef230b9b2374095ca6f14a6d13e03375c7029e28592c419bfb8957ac024ba8dc90ab15427410b870f3035ff95146d6e29f9b56ac096281d2f2b249f20c9fdc3239f838acc6b3433571d3043d", 0xaf}, {&(0x7f0000000500)="8700144add194dc92e62bfdc1de91e98227f67410fae0aa2958eeb11856055f582d7ed3b9ca5bf48d2e97becf8673e1532a8", 0x32}, {&(0x7f00000008c0)}, {&(0x7f0000000dc0)="e94b02", 0x3}], 0x9, &(0x7f0000000580)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x2f}, @loopback}}}], 0x20}, 0x0) 2.950130564s ago: executing program 2 (id=994): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0x4, 0x8, 0xa}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xe, 0x4, 0x4, 0x7f, 0x0, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)={0x9}, 0x48) 2.8711998s ago: executing program 1 (id=995): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) socket(0x0, 0x0, 0x0) io_submit(0x0, 0x0, 0x0) unshare(0x6a040000) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) socket$inet6_udp(0xa, 0x2, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000840)=@mangle={'mangle\x00', 0x64, 0x6, 0x508, 0x100, 0x1d8, 0x100, 0x100, 0x2a8, 0x490, 0x490, 0x490, 0x490, 0x490, 0x6, 0x0, {[{{@ipv6={@empty, @loopback, [], [], 'gre0\x00', 'bond0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@CONNSECMARK={0x28}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x3c0}}, {{@ipv6={@mcast2, @private1, [], [], 'pim6reg1\x00', 'vlan1\x00'}, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4=@remote, @ipv6=@mcast1}}}, {{@ipv6={@private0, @remote, [], [], 'tunl0\x00', 'bond_slave_0\x00'}, 0x0, 0xa8, 0xd0}, @HL={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x568) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) read$msr(r2, 0x0, 0x0) 2.870728477s ago: executing program 2 (id=996): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) socket(0x0, 0x0, 0x0) io_submit(0x0, 0x0, 0x0) unshare(0x6a040000) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) socket$inet6_udp(0xa, 0x2, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000840)=@mangle={'mangle\x00', 0x64, 0x6, 0x508, 0x100, 0x1d8, 0x100, 0x100, 0x2a8, 0x490, 0x490, 0x490, 0x490, 0x490, 0x6, 0x0, {[{{@ipv6={@empty, @loopback, [], [], 'gre0\x00', 'bond0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@CONNSECMARK={0x28}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x3c0}}, {{@ipv6={@mcast2, @private1, [], [], 'pim6reg1\x00', 'vlan1\x00'}, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4=@remote, @ipv6=@mcast1}}}, {{@ipv6={@private0, @remote, [], [], 'tunl0\x00', 'bond_slave_0\x00'}, 0x0, 0xa8, 0xd0}, @HL={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x568) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) read$msr(r2, 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000040)={0x53, 0x0, 0x6, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000380)="259374c96ee3", 0x0, 0xad, 0xb12531df61d0214, 0x0, 0x0}) syz_emit_vhci(0x0, 0x0) r3 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000040)={0x7ff, 0xef9, 0x1}) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x11, r3, 0x1000f0000) 2.700223326s ago: executing program 3 (id=997): r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCL_PASTESEL(r0, 0x541c, &(0x7f0000000040)) 2.699693248s ago: executing program 3 (id=998): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c) socket$nl_xfrm(0x10, 0x3, 0x6) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x7, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000240)='rpcgss_svc_accept_upcall\x00'}, 0x10) r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$sock_SIOCINQ(r4, 0x541b, &(0x7f0000000000)) connect$bt_sco(r4, &(0x7f0000000040), 0x8) connect$bt_sco(0xffffffffffffffff, &(0x7f0000000080)={0x1f, @none}, 0x8) shutdown(r4, 0x1) 1.769729148s ago: executing program 3 (id=999): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c) socket$nl_xfrm(0x10, 0x3, 0x6) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x7, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000240)='rpcgss_svc_accept_upcall\x00'}, 0x10) r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$sock_SIOCINQ(r4, 0x541b, &(0x7f0000000000)) connect$bt_sco(r4, &(0x7f0000000040), 0x8) 1.699031697s ago: executing program 1 (id=1000): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x20, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000010000000000000000000000791203000000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) r4 = fanotify_init(0x200, 0x0) fanotify_mark(r4, 0x1, 0x4800003e, r3, 0x0) open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r6, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f00000007c0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$NL80211_CMD_START_AP(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000740)={0xbc, r6, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x56, 0xe, {{{}, {}, @device_b, @device_b}, 0x0, @default, 0x0, @val={0x0, 0x6, @default_ap_ssid}, @val, @val={0x3, 0x1}, @void, @void, @val={0x5, 0x3}, @void, @val={0x2a, 0x1}, @void, @void, @val={0x72, 0x6}, @val={0x71, 0x7}, @val={0x76, 0x6}}}, @NL80211_ATTR_BEACON_TAIL={0x2a, 0xf, [@channel_switch={0x25, 0x3, {0x0, 0x0, 0x5}}, @prep={0x83, 0x1f, {{}, 0x0, 0x0, @device_a, 0x0, @void, 0x9, 0x5, @device_a, 0x5}}]}, @NL80211_ATTR_PROBE_RESP={0x4}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x971}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0xbc}, 0x1, 0x0, 0x0, 0x10}, 0x0) 685.778901ms ago: executing program 0 (id=1001): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) socket$kcm(0x10, 0x2, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b30, &(0x7f0000000400)={'wlan0\x00'}) r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c", 0x15) ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0) r2 = openat$userio(0xffffffffffffff9c, &(0x7f0000000000), 0x8002, 0x0) syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="04230d9238243b3c29c280c90007dd5a48b96d5917e86843d77025061b91001e"], 0x10) setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, 0x0, 0x0) syz_emit_vhci(0x0, 0x0) openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$sock_SIOCSIFVLAN_GET_VLAN_VID_CMD(r3, 0x8983, &(0x7f0000000540)) mount$9p_fd(0x0, &(0x7f00000002c0)='./file1\x00', &(0x7f0000000300), 0x0, &(0x7f0000000680)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r2}}) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r1, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) socket$nl_netfilter(0x10, 0x3, 0xc) syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="04040a00000000000054679202ce9eaa48b326b038d97544c8b681bad547412afab3663029531077c8c4fa2f7501610d4eae6214096ae92430cd63486f07b04d9c519ab15a6e842e1352398f95ff35f5115a2c6c50f63336179b5e6b1f774a63506e8cb76bba42c6bee078240ec871a2bcf7dd5691833ac53a02f3614eae3afb9549df1b77ce0baebc9f6306644f6f08bbd3ca3229d272acd3483bf3ae4228f7a2b839594856918b10ca47ad4dc249d99c244aba277d101b5ac305"], 0xd) syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x0, 0xc8}}}, 0x14) 603.23569ms ago: executing program 0 (id=1002): bind$inet(0xffffffffffffffff, &(0x7f0000000240)={0x2, 0x4e20, @multicast1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x0, 0x0, 0x0, 0x4}, 0x90) socket(0x11, 0x800000003, 0x0) syz_emit_vhci(0x0, 0xd) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x19) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) fcntl$dupfd(0xffffffffffffffff, 0x0, r1) setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000080)='lp\x00', 0x3) connect$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c) r2 = syz_open_dev$video4linux(&(0x7f0000000040), 0x7fffffffffffffff, 0x0) ioctl$VIDIOC_SUBDEV_S_FMT(r2, 0xc0585605, &(0x7f0000000080)={0x1}) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) lsetxattr$security_capability(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000280), 0x0, 0x0, 0x3) syz_usb_connect(0x0, 0x2d, &(0x7f00000006c0)=ANY=[@ANYBLOB="1201000005bcca2023380100eb030102030109021b"], 0x0) r3 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, 0x0, 0x0) r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, &(0x7f00000001c0)=0xb0000) ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000140)=0xa0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000000)={@host}) ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r4, 0x7a5, &(0x7f0000000240)={{@hyper}, 0x1}) 104.883718ms ago: executing program 1 (id=1003): syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc2(&(0x7f0000000380), 0xffffffffffffffff) socket$inet6(0xa, 0x2, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x1, &(0x7f0000000300)=0x2, 0x4) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004040}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r1 = socket(0x40000000015, 0x5, 0x0) connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) ioctl$USBDEVFS_REAPURBNDELAY(0xffffffffffffffff, 0x4008550d, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000080)=0x8, 0x4) bind$inet6(r2, &(0x7f00000000c0)={0xa, 0xe22}, 0x1c) r3 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000240)=0x9, 0x4) bind$inet6(r3, &(0x7f0000000040)={0xa, 0xe22}, 0x1c) 104.757968ms ago: executing program 3 (id=1004): r0 = socket$kcm(0x2, 0x3, 0x84) sendmsg$inet(r0, &(0x7f0000001000)={&(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000000940)=[{&(0x7f0000001040)="5346f7f875528ef24043c68e04180a332e94ee4784fffee263c06f2d924e8699b6af71aa257b5a316af31628e5148c7012f4d55ce4c29fea9e5b0b61fdf0b2dc866fa81b4e775e235eaebe330e16114548f147b8a966bf1f1fc6c24b9d47d349c87c3f789d2ba608cd25b17b6c80a7f0ceb4a06ff270ff8c9f0d3a19133f1fdfd51b767b8cef1f36e5490c5df5fcb378a6fb6eb5d8aaf7791ce81f61a05e1ebdd1789eb70ac1f3dfed378f6f3e237120052113a75ab977796117f7e7b2d6ee499f51dc070c820d10a0eaef4fc94ddc648bafae070caf70c465267497b3de963df649e113e2060c82b057abfae0798d424c81aeb42796189eb0936a2c547a5c4d6351ed786c75beb926118fb7af49ecc00b545fe2563bd4294a982980afed3f9cf390f304611db4c6d7b64d64f38db5fde5cf7cadb29c697013b710e0218660671d0051ddd7fb7f5eb72a34f469b2e20600000091817eb5b952af43d1a40f4770e7220fcdfe25d3e9747e2af76ece5922724840afdba6f6f9e1d11db8561e8e836413ee04d6e084700ec1ac0e00569f0e4d4844f4710299aabbef615c33e276544669ce074528938ec0cc6d2af1ce7a47a64ad676f08507aa08d4210f979ef4aacfa4d524c9952d4743d65c3c527302942a8880116ce7ebc6c84778346f02c806bb466db7d313d7ebc7ea87823d4a8de0b697929fb3277012327827801f75ca3c5776d1a81acb160007f73148dfaf05ab7eed5a0e603ac468eb2bcd9de5f140758e74c20a9931187e0cbc857aa62a4cec8a62f7e31af3a78cdb8608551cdd68e83aebb3c9e05519184ff996c336553fa6bf16865cd6c4eacf1e360b029cdae41070f5fd183ea0eaae427505d56994ccfd0737aae3abbc45f56710d2e3f2662bf4514044f7fa03cde28fa1783970d3c676cb23cb1923a9feb233267ef663936ccf25f7597a2270724527bf468d22786d0548b25582180b72c51742c4e5c373a1008dd4cfba508e8f3f8ec35e6f1375a11b1fbe2dc09e9fe609e80112c8f5c895c922cd547def707b7252d7afa0030d008b1dd10fd4a56e30237a6e0229fb4562cb8df3d4e64b28e15c075e59554e9d61a6065d49c1e765a49195cf5d6b1e2b6192447817fedfe41fcdf9a4fc5af567906e4b6453da7b97eac255cc253d7bceba09f67da4815438583c6843366b76d9e9277558e48681e9cfa920b47aea0e5c46ef86ea7f1ef534cf7565b24b833ba2cbfe60e6271614850dd68f2a8a6be4f315b83abb8e2699ed8e2a4b3506f9dacbb180c4deeef7489f49faf34cdf4e91a402956564f854d71c892e4aada1c91647ce45d4834d000e8d5be1773ecae388e511228977a69d4cc67fbab60ee1555a219e41eebc31807a87d9cbe88a8b05959e1a988f6ea6ed73a6ac1ec2f3d74d73eaa91a39308e008b7fa1ecc2a020f495750f9936d9c07130d950a777c0d8d131416ef55a4ec041113df65ba4aea92fcb3e2268510f316bd17f04993b6473338fe7c08fd9874e743a31582162232c7d6c614e7b3513abcc0feb99b2c9111300004fe291f5bd682c039183e61c1fdac90b2a015939a8d10b07a05e99e5772b4b9329275cef8de2b066d4e4d421e4a0a69cdd8f674b12f5b3fa764e4b1e9f4d767e252e37477813a03f18da16d598fddcf4be590d9f65f64c647cb2f330a614fe688d3d80182ed8aa59905a1cb0d3f034d927e070d71f56ee8e5c5bdf23c4f85c7a17834467bd6cf58218868fe53e3675c130bbe44bea271fa67999a0dc3dbf7c40dbba6e7d6cc0936bd8d466a1f041883c093a3a60743d0549b1a989a2fa41ff978388014434909053e279a21e7866bd4efb4a9f46b7a8b0d1d84d83020e9e68936ca3de030269784aa29a3e25146cd5b03d21ca82f961be925c9ad487fb24b1e35c2d043ee4b6a4aaf811c4308a6ced6b4c45e7513a3f0e1421cb3b0fd8571a7085c9a4b454e4ee8b44767428666cd108b78369b871ab32f36943e24976f4bb6bd4068cc19585a2de791e3f950d220b28f4ba268d8c9dbccc1a705b1b1c30881babdbc8cc4cf97b801e4d410fd7c61b34b1f126e6df1b0e9c676d1ab5", 0x5c9}, {&(0x7f0000000200)="3001fb90647586f4601659c5ad2644b99bfd65452e947b394c96c29278d097c5f170d77283a744139d2ce2a2f4bb5bb37e7396e7bac14056f25d17145e73bc2461b20ea3fce771f1b32d1585e8a456763cfafcf7189145a6e261af6232014cbf8a0f898bf6d14136874b6a1fd7caf8ec9966b041e7dff102c6e247d1a44f038ae29eb4bc67d6a04e80dfb7715ebafaa20fcbc57ade23cba05da1fbe4bba675b742472eebaabf356adc99866930e146125a272cef5baf5dfad4a28a0120d1b4e671487a7b018d9908183ab2085a781e531f1bed4ac9c245ec19be383047656a7d857d364e6f69ecce", 0xe8}, {&(0x7f0000000100)="79dfe4263f037de282e588f3c773eca5f0c383e7425d1573aa90a44223bfeced3ff85afe9d0c0b3b5a7ed7fcdb96a3934fe7af73ee25d5d36ba42e2a858c3d134299abc0393e031db435ae156e55eb2b2b2e2300e0706dfc5c4ec73ba929ffe8a7bb7ce55d95fb6e58560c45d96a58a13aa944b98c481a82927ec071b272b4592616116116527fd2dbc0dfd58c572f714f6852063afc8358fb33ccb8a90500b32b4e26bea604e534d8983790b5e2a180fed88108b0f5a499d5f80b4e4047d9ecc03d21856a4ec0d0d41496d980ddfa9098d327d9559e82fceb2b1b1ca4b45c9e22b2de", 0xe3}, {&(0x7f0000000380)="c58cf2a0f0f863621a483b19e7ecfce0d34e53fbf2959272146847c314ac0cdfd79dc1815274c3ee57068b3793c243bc98585fab48eb353478689f452328afb023f75f93227bbe5a4aa3fea049ec0862c493e14eb44aacf27f9060bc2c826383c904750402dd05d1e8c3a549a06e280ca4eaf77b4aed57a0c5f6120d25a3d5121895638ec5e2e6", 0x87}, {&(0x7f0000000700)="15c84609b06c6d85a5ca6f3a9a242f214aee4e7093161b717090c0c852a05393abd8992d91576f57bbd3488e85d8456d6c6c09de5c5228ee18819665861f01a2823a7cfa8e9260a5fe3921638db2dc5156149f86916810f913a944e1c8cd7fccb63f37900c5b287016e512b050ca214125b2217260c9ce3019e88b80985402ff7ca34be17e0dbda4f028cec9973a2b9eed83eee86f35f2c0adf50a04296e99c0f709fb3990aa5d0e74a125971357630b6f3eb4fb4064c42c2b2519a1c77824df6f0653fb116149fcb5c7e46fce32b1de7f511951d4b1ae47781250afdb11680684c1d2854810a90dbe10016823346663fdf1df6200a0dc3cafe8ec225fda47", 0xff}, {&(0x7f0000000800)="3a0846cacd7448e2015cc9a09c5f5608265e1e0fe02aa9077d7ddd960ba112fe1c64f57cba71e7ad8bbdc06a3299398e39498fc459bc1745e3d21a7ca987a4f4b774fe331d20dab2e846a721ff43b0491dc4cb32e16330e0d7d520f4887da0d6f356f8ef230b9b2374095ca6f14a6d13e03375c7029e28592c419bfb8957ac024ba8dc90ab15427410b870f3035ff95146d6e29f9b56ac096281d2f2b249f20c9fdc3239f838acc6b3433571d3043d", 0xaf}, {&(0x7f0000000500)="8700144add194dc92e62bfdc1de91e98227f67410fae0aa2958eeb11856055f582d7ed3b9ca5bf48d2e97becf8673e1532a8", 0x32}, {&(0x7f00000008c0)}, {&(0x7f0000000dc0)="e94b02", 0x3}], 0x9, &(0x7f0000000580)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x2f}, @loopback}}}], 0x20}, 0x0) 654.391µs ago: executing program 2 (id=1005): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_KEY(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x20, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_KEY={0x4}]}, 0x20}}, 0x0) 276.832µs ago: executing program 3 (id=1006): r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCL_PASTESEL(r0, 0x541c, &(0x7f0000000040)) 0s ago: executing program 2 (id=1007): openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x101a02, 0x0) capset(0x0, &(0x7f00000000c0)) socket$igmp(0x2, 0x3, 0x2) socket$kcm(0x10, 0x2, 0x0) r0 = syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffff56}) io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): 72.926584][ T5391] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 173.119813][ T5391] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 173.123991][ T5391] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 173.128127][ T5391] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 173.135230][ T5391] usb 6-1: New USB device found, idVendor=172f, idProduct=0038, bcdDevice= 0.00 [ 173.140232][ T5391] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 173.145639][ T5391] usb 6-1: config 0 descriptor?? [ 173.386597][ T9] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 173.568079][ T9] usb 7-1: Using ep0 maxpacket: 16 [ 173.575164][ T9] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 9 [ 173.592858][ T9] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 173.595625][ T5391] waltop 0003:172F:0038.0010: unknown main item tag 0xe [ 173.610127][ T5391] waltop 0003:172F:0038.0010: item fetching failed at offset 4/5 [ 173.612702][ T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 173.626507][ T5354] Bluetooth: hci2: command 0x0405 tx timeout [ 173.632924][ T5391] waltop 0003:172F:0038.0010: probe with driver waltop failed with error -22 [ 173.649036][ T9] usb 7-1: config 0 descriptor?? [ 173.654744][ T9] usbhid 7-1:0.0: couldn't find an input interrupt endpoint [ 173.808947][ T7082] netlink: 'syz.1.425': attribute type 3 has an invalid length. [ 173.812392][ T7082] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.425'. [ 173.822965][ T58] usb 6-1: USB disconnect, device number 10 [ 174.571294][ T39] audit: type=1326 audit(1725698522.321:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7108 comm="syz.1.434" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4c3ef7cef9 code=0x0 [ 174.738477][ T7112] macvlan2: entered allmulticast mode [ 174.744634][ T7112] mac80211_hwsim hwsim10 wlan0: entered promiscuous mode [ 174.753191][ T7112] mac80211_hwsim hwsim10 wlan0: entered allmulticast mode [ 174.770251][ T7112] bond0: (slave macvlan2): Enslaving as an active interface with an up link [ 174.819103][ T7112] bond0: entered promiscuous mode [ 174.821380][ T7112] bond_slave_0: entered promiscuous mode [ 174.824074][ T7112] bond_slave_1: entered promiscuous mode [ 174.827014][ T7112] macvlan2: entered promiscuous mode [ 175.133010][ T7129] FAULT_INJECTION: forcing a failure. [ 175.133010][ T7129] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 175.138642][ T7129] CPU: 3 UID: 0 PID: 7129 Comm: syz.0.436 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 175.143134][ T7129] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 175.147524][ T7129] Call Trace: [ 175.148921][ T7129] [ 175.150193][ T7129] dump_stack_lvl+0x16c/0x1f0 [ 175.152178][ T7129] should_fail_ex+0x497/0x5b0 [ 175.154183][ T7129] _copy_from_iter+0x2a1/0x1150 [ 175.156205][ T7129] ? __alloc_skb+0x1fe/0x380 [ 175.158143][ T7129] ? __pfx__copy_from_iter+0x10/0x10 [ 175.160324][ T7129] ? __virt_addr_valid+0x5e/0x590 [ 175.162417][ T7129] ? __phys_addr_symbol+0x30/0x80 [ 175.164485][ T7129] ? __check_object_size+0x497/0x720 [ 175.166600][ T7129] netlink_sendmsg+0x813/0xd70 [ 175.168594][ T7129] ? __pfx_netlink_sendmsg+0x10/0x10 [ 175.170443][ T7129] ? __import_iovec+0x1fd/0x6e0 [ 175.172052][ T7129] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 175.173864][ T7129] ____sys_sendmsg+0xab5/0xc90 [ 175.175322][ T7129] ? copy_msghdr_from_user+0x10b/0x160 [ 175.177193][ T7129] ? __pfx_____sys_sendmsg+0x10/0x10 [ 175.179954][ T7129] ? find_held_lock+0x2d/0x110 [ 175.182158][ T7129] ? __pfx___lock_acquire+0x10/0x10 [ 175.185369][ T7129] ___sys_sendmsg+0x135/0x1e0 [ 175.187784][ T7129] ? __pfx____sys_sendmsg+0x10/0x10 [ 175.190022][ T7129] ? ksys_write+0x21c/0x260 [ 175.191951][ T7129] ? __fget_light+0x173/0x210 [ 175.193916][ T7129] __sys_sendmsg+0x117/0x1f0 [ 175.195888][ T7129] ? __pfx___sys_sendmsg+0x10/0x10 [ 175.198037][ T7129] do_syscall_64+0xcd/0x250 [ 175.199939][ T7129] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 175.202499][ T7129] RIP: 0033:0x7f5b3bf7cef9 [ 175.204751][ T7129] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 175.214393][ T7129] RSP: 002b:00007f5b3cda8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 175.218203][ T7129] RAX: ffffffffffffffda RBX: 00007f5b3c135f80 RCX: 00007f5b3bf7cef9 [ 175.221964][ T7129] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000005 [ 175.225492][ T7129] RBP: 00007f5b3cda8090 R08: 0000000000000000 R09: 0000000000000000 [ 175.229089][ T7129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 175.232523][ T7129] R13: 0000000000000000 R14: 00007f5b3c135f80 R15: 00007fff2f829bf8 [ 175.236254][ T7129] [ 175.293580][ T39] audit: type=1400 audit(1725698523.041:451): avc: denied { getattr } for pid=7130 comm="syz.0.437" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=17053 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 175.429145][ T39] audit: type=1400 audit(1725698523.181:452): avc: denied { map } for pid=7136 comm="syz.1.440" path="/dev/sg0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 176.523504][ T9] usb 7-1: USB disconnect, device number 6 [ 176.591326][ T7155] FAULT_INJECTION: forcing a failure. [ 176.591326][ T7155] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 176.602422][ T7155] CPU: 0 UID: 0 PID: 7155 Comm: syz.2.446 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 176.607049][ T7155] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 176.611744][ T7155] Call Trace: [ 176.613220][ T7155] [ 176.614518][ T7155] dump_stack_lvl+0x16c/0x1f0 [ 176.616666][ T7155] should_fail_ex+0x497/0x5b0 [ 176.618728][ T7155] _copy_from_iter+0x2a1/0x1150 [ 176.620802][ T7155] ? __alloc_skb+0x1fe/0x380 [ 176.622865][ T7155] ? __pfx__copy_from_iter+0x10/0x10 [ 176.625202][ T7155] ? __virt_addr_valid+0x5e/0x590 [ 176.627421][ T7155] ? __phys_addr_symbol+0x30/0x80 [ 176.629615][ T7155] ? __check_object_size+0x497/0x720 [ 176.631938][ T7155] netlink_sendmsg+0x813/0xd70 [ 176.634069][ T7155] ? __pfx_netlink_sendmsg+0x10/0x10 [ 176.636419][ T7155] ? __import_iovec+0x1fd/0x6e0 [ 176.638578][ T7155] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 176.640927][ T7155] ____sys_sendmsg+0xab5/0xc90 [ 176.643021][ T7155] ? copy_msghdr_from_user+0x10b/0x160 [ 176.645362][ T7155] ? __pfx_____sys_sendmsg+0x10/0x10 [ 176.647679][ T7155] ? find_held_lock+0x2d/0x110 [ 176.649814][ T7155] ? __pfx___lock_acquire+0x10/0x10 [ 176.652108][ T7155] ___sys_sendmsg+0x135/0x1e0 [ 176.654226][ T7155] ? __pfx____sys_sendmsg+0x10/0x10 [ 176.656521][ T7155] ? ksys_write+0x21c/0x260 [ 176.658521][ T7155] ? __fget_light+0x173/0x210 [ 176.660604][ T7155] __sys_sendmsg+0x117/0x1f0 [ 176.662658][ T7155] ? __pfx___sys_sendmsg+0x10/0x10 [ 176.664950][ T7155] do_syscall_64+0xcd/0x250 [ 176.667013][ T7155] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 176.669618][ T7155] RIP: 0033:0x7f7fd617cef9 [ 176.671583][ T7155] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 176.679895][ T7155] RSP: 002b:00007f7fd7062038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 176.683555][ T7155] RAX: ffffffffffffffda RBX: 00007f7fd6335f80 RCX: 00007f7fd617cef9 [ 176.687006][ T7155] RDX: 0000000000000000 RSI: 0000000020001000 RDI: 0000000000000004 [ 176.690324][ T7155] RBP: 00007f7fd7062090 R08: 0000000000000000 R09: 0000000000000000 [ 176.693859][ T7155] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 176.697334][ T7155] R13: 0000000000000000 R14: 00007f7fd6335f80 R15: 00007ffd71b9fc58 [ 176.702108][ T7155] [ 176.765444][ T39] audit: type=1400 audit(1725698524.511:453): avc: denied { bind } for pid=7158 comm="syz.1.447" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 176.770198][ T7153] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 176.811869][ T39] audit: type=1326 audit(1725698524.561:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7157 comm="syz.2.448" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7fd617cef9 code=0x0 [ 177.906577][ T57] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 178.097566][ T57] usb 8-1: Using ep0 maxpacket: 8 [ 178.101198][ T57] usb 8-1: config 0 has an invalid interface number: 1 but max is 0 [ 178.103915][ T57] usb 8-1: config 0 has no interface number 0 [ 178.106248][ T57] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 178.109963][ T57] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 178.113300][ T57] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 178.118780][ T57] usb 8-1: config 0 descriptor?? [ 178.128565][ T57] iowarrior 8-1:0.1: no interrupt-in endpoint found [ 178.384393][ T832] usb 8-1: USB disconnect, device number 10 [ 178.697609][ T39] audit: type=1400 audit(1725698526.451:455): avc: denied { create } for pid=7191 comm="syz.0.457" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 178.794250][ T7192] FAULT_INJECTION: forcing a failure. [ 178.794250][ T7192] name failslab, interval 1, probability 0, space 0, times 0 [ 178.799765][ T7192] CPU: 3 UID: 0 PID: 7192 Comm: syz.0.457 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 178.804177][ T7192] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 178.808754][ T7192] Call Trace: [ 178.810200][ T7192] [ 178.811474][ T7192] dump_stack_lvl+0x16c/0x1f0 [ 178.813527][ T7192] should_fail_ex+0x497/0x5b0 [ 178.815581][ T7192] ? fs_reclaim_acquire+0xae/0x160 [ 178.817807][ T7192] should_failslab+0xc2/0x120 [ 178.819803][ T7192] __kmalloc_noprof+0xcb/0x400 [ 178.821910][ T7192] tomoyo_encode2+0x100/0x3e0 [ 178.823886][ T7192] tomoyo_encode+0x29/0x50 [ 178.825729][ T7192] tomoyo_realpath_from_path+0x19d/0x720 [ 178.828152][ T7192] ? tomoyo_profile+0x47/0x60 [ 178.830224][ T7192] tomoyo_path_number_perm+0x245/0x590 [ 178.832229][ T7192] ? tomoyo_path_number_perm+0x232/0x590 [ 178.834314][ T7192] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 178.836897][ T7192] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 178.839601][ T7192] ? __fget_files+0x256/0x400 [ 178.841248][ T7192] security_file_ioctl+0x75/0xc0 [ 178.842952][ T7192] __x64_sys_ioctl+0xbb/0x220 [ 178.844765][ T7192] do_syscall_64+0xcd/0x250 [ 178.846496][ T7192] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 178.848960][ T7192] RIP: 0033:0x7f5b3bf7cef9 [ 178.850625][ T7192] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 178.858369][ T7192] RSP: 002b:00007f5b3cda8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 178.861641][ T7192] RAX: ffffffffffffffda RBX: 00007f5b3c135f80 RCX: 00007f5b3bf7cef9 [ 178.864635][ T7192] RDX: 00000000200002c0 RSI: 0000000000008982 RDI: 0000000000000004 [ 178.866594][ T832] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 178.867533][ T7192] RBP: 00007f5b3cda8090 R08: 0000000000000000 R09: 0000000000000000 [ 178.873865][ T7192] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 178.876969][ T7192] R13: 0000000000000000 R14: 00007f5b3c135f80 R15: 00007fff2f829bf8 [ 178.880472][ T7192] [ 178.882382][ T7192] ERROR: Out of memory at tomoyo_realpath_from_path. [ 178.885691][ T39] audit: type=1400 audit(1725698526.631:456): avc: denied { ioctl } for pid=7191 comm="syz.0.457" path="socket:[17130]" dev="sockfs" ino=17130 ioctlcmd=0x8982 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 179.066787][ T832] usb 6-1: Using ep0 maxpacket: 16 [ 179.070906][ T832] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 179.074891][ T832] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 179.080499][ T832] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 179.084183][ T832] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 179.098470][ T832] usb 6-1: config 0 descriptor?? [ 179.106848][ T832] usbhid 6-1:0.0: couldn't find an input interrupt endpoint [ 180.346628][ T57] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 180.498638][ T57] usb 8-1: device descriptor read/64, error -71 [ 180.766632][ T57] usb 8-1: new high-speed USB device number 12 using dummy_hcd [ 180.916589][ T57] usb 8-1: device descriptor read/64, error -71 [ 181.036680][ T57] usb usb8-port1: attempt power cycle [ 181.282218][ T7224] syzkaller0: entered promiscuous mode [ 181.284703][ T7224] syzkaller0: entered allmulticast mode [ 181.456601][ T57] usb 8-1: new high-speed USB device number 13 using dummy_hcd [ 181.463617][ T7225] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 181.506866][ T57] usb 8-1: device descriptor read/8, error -71 [ 181.599005][ T5388] usb 6-1: USB disconnect, device number 11 [ 181.778643][ T57] usb 8-1: new high-speed USB device number 14 using dummy_hcd [ 181.807250][ T57] usb 8-1: device descriptor read/8, error -71 [ 181.943955][ T57] usb usb8-port1: unable to enumerate USB device [ 183.006499][ T35] usb 6-1: new low-speed USB device number 12 using dummy_hcd [ 183.096095][ C2] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 183.208912][ T35] usb 6-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config [ 183.213478][ T35] usb 6-1: config 168 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 183.218873][ T35] usb 6-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 183.228258][ T35] usb 6-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config [ 183.232111][ T35] usb 6-1: config 168 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 183.236293][ T35] usb 6-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 183.244065][ T35] usb 6-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config [ 183.248876][ T35] usb 6-1: config 168 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 183.256185][ T35] usb 6-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 183.270182][ T35] usb 6-1: string descriptor 0 read error: -22 [ 183.274404][ T35] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 183.278794][ T35] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 183.289814][ T35] adutux 6-1:168.0: interrupt endpoints not found [ 183.479363][ T7249] omfs: Invalid superblock (0) [ 183.498332][ T832] usb 6-1: USB disconnect, device number 12 [ 183.507836][ T39] audit: type=1400 audit(1725698531.261:457): avc: denied { write } for pid=7247 comm="syz.2.469" name="kcm" dev="proc" ino=4026533301 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 183.536912][ T58] usb 8-1: new high-speed USB device number 15 using dummy_hcd [ 183.698074][ T39] audit: type=1400 audit(1725698531.451:458): avc: denied { map } for pid=7239 comm="syz.1.467" path="socket:[18532]" dev="sockfs" ino=18532 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 183.707918][ T39] audit: type=1400 audit(1725698531.451:459): avc: denied { read } for pid=7239 comm="syz.1.467" path="socket:[18532]" dev="sockfs" ino=18532 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 183.717496][ T58] usb 8-1: Using ep0 maxpacket: 8 [ 183.739251][ T58] usb 8-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 183.746012][ T58] usb 8-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 183.752515][ T58] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 183.758079][ T58] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 183.777815][ T58] usbtmc 8-1:16.0: bulk endpoints not found [ 184.327317][ T39] audit: type=1400 audit(1725698532.081:460): avc: denied { create } for pid=7243 comm="syz.3.468" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 184.338710][ T39] audit: type=1400 audit(1725698532.081:461): avc: denied { connect } for pid=7243 comm="syz.3.468" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 184.381084][ T39] audit: type=1400 audit(1725698532.131:462): avc: denied { ioctl } for pid=7243 comm="syz.3.468" path="/dev/ptp0" dev="devtmpfs" ino=715 ioctlcmd=0x3d0c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 184.439920][ T7251] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 184.444095][ T7251] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 184.447848][ T7251] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 184.451417][ T7251] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 185.061614][ T39] audit: type=1400 audit(1725698532.811:463): avc: denied { getopt } for pid=7260 comm="syz.0.471" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 185.826848][ T39] audit: type=1400 audit(1725698533.571:464): avc: denied { write } for pid=7268 comm="syz.2.474" name="event2" dev="devtmpfs" ino=870 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 185.862577][ T7262] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 185.865721][ T7262] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 185.910310][ T7269] hid-generic 0003:0627:0001.0001: pid 7269 passed too large report [ 186.397780][ T9] usb 8-1: USB disconnect, device number 15 [ 186.606905][ T832] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 186.777048][ T39] audit: type=1400 audit(1725698534.501:465): avc: denied { watch watch_reads } for pid=7278 comm="syz.0.476" path="/38" dev="tmpfs" ino=264 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 187.079409][ T5354] Bluetooth: hci0: command 0x040f tx timeout [ 187.096497][ T39] audit: type=1400 audit(1725698534.521:466): avc: denied { mount } for pid=7276 comm="syz.3.475" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 187.107216][ T832] usb 7-1: Using ep0 maxpacket: 8 [ 187.167044][ T832] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 187.175889][ T832] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 187.193592][ T832] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 187.219867][ T832] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 187.226563][ T832] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 187.236448][ T832] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 187.249321][ T832] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 187.257489][ T832] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 187.273058][ T832] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 187.298658][ T832] usb 7-1: string descriptor 0 read error: -22 [ 187.307463][ T832] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 187.326461][ T832] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 187.341415][ T832] adutux 7-1:168.0: interrupt endpoints not found [ 187.547285][ T832] usb 7-1: USB disconnect, device number 7 [ 187.868699][ T5354] Bluetooth: hci2: command 0x0405 tx timeout [ 188.296659][ T832] usb 7-1: new low-speed USB device number 8 using dummy_hcd [ 188.609481][ T832] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 188.614848][ T832] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 188.631230][ T832] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 188.822394][ T832] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 188.847536][ T832] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 188.865982][ T832] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 189.048044][ T7308] input: syz1 as /devices/virtual/input/input20 [ 189.151918][ T832] usb 7-1: unable to read config index 2 descriptor/start: -71 [ 189.154819][ T832] usb 7-1: can't read configurations, error -71 [ 189.245074][ T39] kauditd_printk_skb: 2 callbacks suppressed [ 189.245090][ T39] audit: type=1400 audit(1725698536.991:469): avc: denied { mount } for pid=7314 comm="syz.3.484" name="/" dev="pstore" ino=5187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1 [ 189.269768][ T39] audit: type=1400 audit(1725698537.021:470): avc: denied { unmount } for pid=6837 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1 [ 189.427936][ T7319] sctp: [Deprecated]: syz.3.485 (pid 7319) Use of struct sctp_assoc_value in delayed_ack socket option. [ 189.427936][ T7319] Use struct sctp_sack_info instead [ 190.368513][ T7325] wg2: entered promiscuous mode [ 190.377762][ T7325] wg2: entered allmulticast mode [ 190.920097][ T1115] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.061595][ T7332] netlink: 20 bytes leftover after parsing attributes in process `syz.1.489'. [ 191.153506][ T7332] netlink: 12 bytes leftover after parsing attributes in process `syz.1.489'. [ 191.181946][ T1115] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.409801][ T7337] input: syz1 as /devices/virtual/input/input21 [ 191.500441][ T1115] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.675271][ T1115] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.687033][ T5359] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 191.716197][ T5359] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 191.758039][ T5359] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 191.762895][ T5359] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 191.773934][ T5359] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 191.781951][ T5359] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 192.068746][ T7347] TCP: TCP_TX_DELAY enabled [ 192.086814][ T1115] bridge_slave_1: left allmulticast mode [ 192.088965][ T1115] bridge_slave_1: left promiscuous mode [ 192.095805][ T1115] bridge0: port 2(bridge_slave_1) entered disabled state [ 192.102595][ T1115] bridge_slave_0: left allmulticast mode [ 192.104944][ T1115] bridge_slave_0: left promiscuous mode [ 192.108734][ T1115] bridge0: port 1(bridge_slave_0) entered disabled state [ 192.635015][ T39] audit: type=1400 audit(1725698540.381:471): avc: denied { setattr } for pid=7353 comm="syz.3.496" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 192.703486][ T1115] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 192.707816][ T1115] bond_slave_0: left promiscuous mode [ 192.715611][ T1115] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 192.721715][ T1115] bond_slave_1: left promiscuous mode [ 192.729902][ T1115] bond0 (unregistering): (slave macvlan2): Releasing backup interface [ 192.734069][ T1115] macvlan2: left promiscuous mode [ 192.738291][ T39] audit: type=1400 audit(1725698540.491:472): avc: denied { write } for pid=4813 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 192.751280][ T1115] mac80211_hwsim hwsim10 wlan0: left allmulticast mode [ 192.755584][ T1115] mac80211_hwsim hwsim10 wlan0: left promiscuous mode [ 192.755928][ T39] audit: type=1400 audit(1725698540.491:473): avc: denied { remove_name } for pid=4813 comm="syslogd" name="messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 192.766290][ T39] audit: type=1400 audit(1725698540.491:474): avc: denied { add_name } for pid=4813 comm="syslogd" name="messages.0" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 192.768013][ T1115] bond0 (unregistering): Released all slaves [ 193.125272][ T39] audit: type=1400 audit(1725698540.871:475): avc: denied { write } for pid=7362 comm="syz.2.498" name="rtc0" dev="devtmpfs" ino=867 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 193.130306][ T7338] chnl_net:caif_netlink_parms(): no params data found [ 193.322423][ T7371] binder: 7358:7371 ioctl 4018620d 0 returned -22 [ 193.381096][ T39] audit: type=1400 audit(1725698541.081:476): avc: denied { map } for pid=7358 comm="syz.1.497" path="/dev/bus/usb/005/001" dev="devtmpfs" ino=741 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 193.757168][ T7338] bridge0: port 1(bridge_slave_0) entered blocking state [ 193.760075][ T7338] bridge0: port 1(bridge_slave_0) entered disabled state [ 193.763266][ T7338] bridge_slave_0: entered allmulticast mode [ 193.768710][ T7338] bridge_slave_0: entered promiscuous mode [ 193.838787][ T7338] bridge0: port 2(bridge_slave_1) entered blocking state [ 193.841676][ T7338] bridge0: port 2(bridge_slave_1) entered disabled state [ 193.844621][ T7338] bridge_slave_1: entered allmulticast mode [ 193.848461][ T7338] bridge_slave_1: entered promiscuous mode [ 193.866730][ T5359] Bluetooth: hci0: command tx timeout [ 193.927758][ T7338] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 193.964337][ T1115] hsr_slave_0: left promiscuous mode [ 193.970544][ T1115] hsr_slave_1: left promiscuous mode [ 193.980455][ T1115] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 193.985495][ T1115] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 193.986622][ T1115] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 193.991870][ T1115] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 194.027805][ T1115] veth1_macvtap: left promiscuous mode [ 194.030300][ T1115] veth0_macvtap: left promiscuous mode [ 194.036971][ T1115] veth1_vlan: left promiscuous mode [ 194.039056][ T1115] veth0_vlan: left promiscuous mode [ 194.040880][ T7378] netlink: 'syz.1.499': attribute type 1 has an invalid length. [ 194.047412][ T7378] netlink: 168864 bytes leftover after parsing attributes in process `syz.1.499'. [ 194.052064][ T7378] netlink: 1 bytes leftover after parsing attributes in process `syz.1.499'. [ 195.089979][ T1115] team0 (unregistering): Port device team_slave_1 removed [ 195.190542][ T1115] team0 (unregistering): Port device team_slave_0 removed [ 195.828439][ T39] audit: type=1400 audit(1725698543.571:477): avc: denied { mount } for pid=7379 comm="syz.2.500" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1 [ 195.960234][ T5359] Bluetooth: hci0: command tx timeout [ 196.088518][ T7338] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 196.171705][ T7338] team0: Port device team_slave_0 added [ 196.182000][ T7338] team0: Port device team_slave_1 added [ 196.269192][ T7338] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 196.272253][ T7338] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 196.296634][ T7338] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 196.305689][ T7338] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 196.312037][ T7338] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 196.331198][ T7338] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 196.530807][ T7338] hsr_slave_0: entered promiscuous mode [ 196.534322][ T7338] hsr_slave_1: entered promiscuous mode [ 196.537670][ T7338] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 196.540405][ T7338] Cannot create hsr debugfs directory [ 197.991002][ T7338] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 198.004942][ T7338] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 198.026504][ T5359] Bluetooth: hci0: command tx timeout [ 198.038055][ T7338] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 198.056228][ T7338] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 198.181219][ T7338] 8021q: adding VLAN 0 to HW filter on device bond0 [ 198.210751][ T7338] 8021q: adding VLAN 0 to HW filter on device team0 [ 198.225144][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 198.228820][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 198.259938][ T1105] bridge0: port 2(bridge_slave_1) entered blocking state [ 198.264110][ T1105] bridge0: port 2(bridge_slave_1) entered forwarding state [ 198.352119][ T7430] kvm: pic: non byte write [ 198.581640][ T7338] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 198.667417][ T7338] veth0_vlan: entered promiscuous mode [ 198.675736][ T7338] veth1_vlan: entered promiscuous mode [ 198.718282][ T7338] veth0_macvtap: entered promiscuous mode [ 198.772075][ T7338] veth1_macvtap: entered promiscuous mode [ 198.783796][ T7338] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 198.790639][ T7338] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 198.795327][ T7338] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 198.799906][ T7338] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 198.803367][ T7338] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 198.807750][ T7338] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 198.813831][ T7338] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 198.823297][ T7338] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 198.828019][ T7338] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 198.831979][ T7338] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 198.835843][ T7338] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 198.840608][ T7338] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 198.852258][ T7338] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 198.858990][ T7338] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 198.870984][ T7338] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.874584][ T7338] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.878480][ T7338] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.881388][ T7338] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.949703][ T1105] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 198.953585][ T1105] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 198.992892][ T77] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 199.000529][ T77] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 199.326759][ T39] audit: type=1400 audit(1725698547.031:478): avc: denied { setopt } for pid=7453 comm="syz.2.508" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 200.110997][ T5359] Bluetooth: hci0: command tx timeout [ 200.113191][ T1383] ieee802154 phy0 wpan0: encryption failed: -22 [ 200.126062][ T1383] ieee802154 phy1 wpan1: encryption failed: -22 [ 200.307237][ T7469] wg2: entered promiscuous mode [ 200.309401][ T7469] wg2: entered allmulticast mode [ 201.019597][ T7475] netlink: 64 bytes leftover after parsing attributes in process `syz.0.513'. [ 201.027746][ T7475] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 201.166562][ T39] audit: type=1400 audit(1725698548.901:479): avc: denied { map } for pid=7476 comm="syz.3.514" path="/dev/zero" dev="devtmpfs" ino=6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1 [ 201.527518][ T35] usb 8-1: new high-speed USB device number 16 using dummy_hcd [ 201.716667][ T35] usb 8-1: Using ep0 maxpacket: 16 [ 201.729391][ T35] usb 8-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15 [ 201.733471][ T35] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 201.737121][ T35] usb 8-1: Product: syz [ 201.738706][ T35] usb 8-1: Manufacturer: syz [ 201.749434][ T35] usb 8-1: SerialNumber: syz [ 201.754591][ T35] usb 8-1: config 0 descriptor?? [ 201.759160][ T35] ssu100 8-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected [ 202.272375][ T7486] usb usb9: usbfs: process 7486 (syz.0.516) did not claim interface 0 before use [ 202.277497][ T7486] usb usb9: selecting invalid altsetting 21783 [ 202.283321][ T39] audit: type=1400 audit(1725698550.011:480): avc: denied { append } for pid=7482 comm="syz.0.516" name="001" dev="devtmpfs" ino=753 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 202.762904][ T7477] sched: RT throttling activated [ 203.099757][ T35] ssu100 8-1:0.0: probe with driver ssu100 failed with error -71 [ 203.113318][ T35] usb 8-1: USB disconnect, device number 16 [ 203.175491][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 203.657318][ T39] audit: type=1400 audit(1725698551.411:481): avc: denied { setattr } for pid=7498 comm="syz.3.520" name="PACKET" dev="sockfs" ino=19009 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 203.994355][ T7492] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 204.000639][ T7492] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 204.010465][ T7492] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 204.246003][ T7492] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 204.581694][ T7513] Device name cannot be null; rc = [-22] [ 205.228407][ T5359] Bluetooth: hci2: command 0x0405 tx timeout [ 205.287632][ T5359] Bluetooth: hci0: Malformed MSFT vendor event: 0x02 [ 205.799904][ T7532] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks [ 206.026541][ T5359] Bluetooth: hci0: command 0x0c1a tx timeout [ 207.044329][ T39] audit: type=1400 audit(1725698554.791:482): avc: denied { write } for pid=7529 comm="syz.2.530" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 207.089683][ T7538] dlm: no locking on control device [ 207.101027][ T7538] netlink: 292 bytes leftover after parsing attributes in process `syz.2.530'. [ 207.114840][ T39] audit: type=1400 audit(1725698554.861:483): avc: denied { listen } for pid=7536 comm="syz.0.532" lport=59228 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 207.210263][ T7541] netlink: 8 bytes leftover after parsing attributes in process `syz.0.532'. [ 207.760292][ T39] audit: type=1400 audit(1725698555.511:484): avc: denied { getopt } for pid=7553 comm="syz.3.538" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 207.942434][ T7559] warning: `syz.3.539' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 207.947977][ T39] audit: type=1400 audit(1725698555.691:485): avc: denied { ioctl } for pid=7558 comm="syz.3.539" path="socket:[19795]" dev="sockfs" ino=19795 ioctlcmd=0x8b30 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 208.018773][ T7559] 9pnet_fd: Insufficient options for proto=fd [ 208.107167][ T5359] Bluetooth: hci0: command 0x0c1a tx timeout [ 208.636498][ T39] audit: type=1400 audit(1725698556.301:486): avc: denied { remount } for pid=7560 comm="syz.0.540" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 208.848351][ T39] audit: type=1400 audit(1725698556.601:487): avc: denied { read write } for pid=7565 comm="syz.0.542" name="nvram" dev="devtmpfs" ino=633 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 208.894763][ T39] audit: type=1400 audit(1725698556.641:488): avc: denied { bind } for pid=7565 comm="syz.0.542" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 208.907762][ T39] audit: type=1400 audit(1725698556.641:489): avc: denied { write } for pid=7565 comm="syz.0.542" path="socket:[19808]" dev="sockfs" ino=19808 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 210.106707][ T5359] Bluetooth: hci2: command 0x0405 tx timeout [ 210.156820][ T39] audit: type=1400 audit(1725698557.911:490): avc: denied { create } for pid=7583 comm="syz.0.547" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 210.179875][ T39] audit: type=1400 audit(1725698557.921:491): avc: denied { connect } for pid=7583 comm="syz.0.547" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 210.186699][ T5359] Bluetooth: hci0: command 0x0c1a tx timeout [ 210.726821][ T5898] usb 8-1: new high-speed USB device number 17 using dummy_hcd [ 210.948913][ T5898] usb 8-1: Using ep0 maxpacket: 32 [ 211.278202][ T6035] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 211.317048][ T5898] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 211.321183][ T5898] usb 8-1: config 0 has no interfaces? [ 211.327122][ T5898] usb 8-1: New USB device found, idVendor=3823, idProduct=0001, bcdDevice= 3.eb [ 211.331068][ T5898] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 211.334326][ T5898] usb 8-1: Product: syz [ 211.336240][ T5898] usb 8-1: Manufacturer: syz [ 211.338360][ T5898] usb 8-1: SerialNumber: syz [ 211.349327][ T5898] usb 8-1: config 0 descriptor?? [ 211.469045][ T6035] usb 7-1: config index 0 descriptor too short (expected 45327, got 309) [ 211.473084][ T6035] usb 7-1: config 15 has an invalid descriptor of length 0, skipping remainder of the config [ 211.477807][ T6035] usb 7-1: config 15 has 0 interfaces, different from the descriptor's value: 2 [ 211.481400][ T6035] usb 7-1: New USB device found, idVendor=12d1, idProduct=1c1f, bcdDevice=63.46 [ 211.485653][ T6035] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 211.588227][ T7591] Failed to get privilege flags for destination (handle=0x0:0x0) [ 211.710864][ T6035] usb 7-1: USB disconnect, device number 10 [ 211.805165][ T7613] netlink: 'syz.1.556': attribute type 1 has an invalid length. [ 212.106507][ T5353] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 212.292787][ T5353] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 212.297518][ T5353] usb 6-1: config 0 has no interfaces? [ 212.301408][ T5353] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 212.305869][ T5353] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 212.309615][ T5353] usb 6-1: SerialNumber: syz [ 212.313796][ T5353] usb 6-1: config 0 descriptor?? [ 213.147913][ T7620] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 213.426810][ T39] kauditd_printk_skb: 2 callbacks suppressed [ 213.426830][ T39] audit: type=1400 audit(1725698561.181:494): avc: denied { read } for pid=7617 comm="syz.2.558" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 213.627220][ T39] audit: type=1400 audit(1725698561.381:495): avc: denied { connect } for pid=7617 comm="syz.2.558" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 214.527827][ T39] audit: type=1400 audit(1725698561.691:496): avc: denied { write } for pid=7617 comm="syz.2.558" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 214.595932][ T5388] usb 8-1: USB disconnect, device number 17 [ 214.612280][ T833] usb 6-1: USB disconnect, device number 13 [ 214.949047][ T39] audit: type=1400 audit(1725698562.701:497): avc: denied { getopt } for pid=7637 comm="syz.3.562" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 215.195455][ T39] audit: type=1400 audit(1725698562.941:498): avc: denied { map } for pid=7644 comm="syz.0.565" path="socket:[19155]" dev="sockfs" ino=19155 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1 [ 215.845596][ T7654] netlink: 20 bytes leftover after parsing attributes in process `syz.1.567'. [ 216.363331][ T7662] dlm: no locking on control device [ 216.428498][ T39] audit: type=1400 audit(1725698564.181:499): avc: denied { connect } for pid=7660 comm="syz.2.570" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 216.694580][ T39] audit: type=1400 audit(1725698564.441:500): avc: denied { mount } for pid=7666 comm="syz.1.571" name="/" dev="rpc_pipefs" ino=19174 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1 [ 219.081365][ T7718] netlink: 28 bytes leftover after parsing attributes in process `syz.0.584'. [ 219.220851][ T39] audit: type=1400 audit(1725698566.961:501): avc: denied { write } for pid=7719 comm="syz.1.587" path="socket:[19300]" dev="sockfs" ino=19300 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 219.702667][ T7709] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 219.715630][ T7709] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 219.726461][ T7709] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 220.891133][ T7735] nvme_fabrics: missing parameter 'transport=%s' [ 220.894054][ T7735] nvme_fabrics: missing parameter 'nqn=%s' [ 220.986589][ T5354] Bluetooth: hci2: command 0x0405 tx timeout [ 221.590222][ T39] audit: type=1400 audit(1725698569.341:502): avc: denied { ioctl } for pid=7748 comm="syz.3.596" path="/dev/usbmon0" dev="devtmpfs" ino=723 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 221.786928][ T5354] Bluetooth: hci0: command 0x0c1a tx timeout [ 222.540409][ T39] audit: type=1400 audit(1725698570.291:503): avc: denied { remount } for pid=7762 comm="syz.2.600" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 222.978511][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 222.981724][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 222.984970][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.006502][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.009544][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.012699][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.015292][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.036480][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.039419][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.042597][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.045750][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.066525][ T5359] Bluetooth: hci2: command 0x0405 tx timeout [ 223.068856][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.077421][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.080928][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.083810][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.110971][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.114492][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.126730][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.129458][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.132049][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.134938][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.166460][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.169934][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.173371][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.188490][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.191748][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.195159][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.211423][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.214894][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.226495][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.229141][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.231730][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.234603][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.246716][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.250240][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.253554][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.256221][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.276579][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.280087][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.283420][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.296480][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.299925][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.316488][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.319975][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.323049][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.326078][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.336549][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.339931][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.342621][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.345677][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.366590][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.370075][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.373496][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.377021][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.380434][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.383839][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.389198][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.392679][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.405966][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.416465][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.419255][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.422691][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.425738][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.432249][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.435438][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.439513][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.442963][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.450599][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.454035][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.458425][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.461847][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.464938][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.471701][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.475212][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.479082][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.482441][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.485762][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.489836][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.493415][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.497318][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.500585][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.504005][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.508611][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.512153][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.515610][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.519954][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.523458][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.530391][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.533876][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.537705][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.541290][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.566497][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.570026][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.573467][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.586466][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.590108][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.593436][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.597398][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.600701][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.604087][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.608285][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.612054][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.615475][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.619524][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.622937][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.626310][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.630458][ T35] hid-generic 0000:0001:FF097F01.0011: unknown main item tag 0x0 [ 223.635807][ T35] hid-generic 0000:0001:FF097F01.0011: hidraw1: HID v7f0202.00 Device [syz1] on syz0 [ 223.877059][ T5359] Bluetooth: hci0: command 0x0c1a tx timeout [ 225.560591][ T7831] netlink: 8 bytes leftover after parsing attributes in process `syz.0.624'. [ 226.291017][ T7844] xt_l2tp: missing protocol rule (udp|l2tpip) [ 226.329673][ T39] audit: type=1400 audit(1725698574.081:504): avc: denied { bind } for pid=7845 comm="syz.2.629" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 226.341489][ T39] audit: type=1400 audit(1725698574.091:505): avc: denied { setopt } for pid=7845 comm="syz.2.629" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 226.386717][ T7850] netlink: 20 bytes leftover after parsing attributes in process `syz.1.626'. [ 226.996535][ T39] audit: type=1400 audit(1725698574.741:506): avc: denied { bind } for pid=7859 comm="syz.3.632" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 227.010166][ T39] audit: type=1400 audit(1725698574.751:507): avc: denied { node_bind } for pid=7859 comm="syz.3.632" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 227.090508][ T7872] netlink: 60 bytes leftover after parsing attributes in process `syz.3.640'. [ 227.680195][ T7894] netlink: 12 bytes leftover after parsing attributes in process `syz.1.647'. [ 227.792867][ T7900] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check. [ 227.930528][ T39] audit: type=1400 audit(1725698575.681:508): avc: denied { ioctl } for pid=7905 comm="syz.3.653" path="socket:[18403]" dev="sockfs" ino=18403 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 227.943111][ T39] audit: type=1400 audit(1725698575.691:509): avc: denied { write } for pid=7902 comm="syz.1.652" path="socket:[21086]" dev="sockfs" ino=21086 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 227.956641][ T39] audit: type=1400 audit(1725698575.701:510): avc: denied { setopt } for pid=7902 comm="syz.1.652" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 228.890583][ T7925] netlink: 8 bytes leftover after parsing attributes in process `syz.0.661'. [ 229.594941][ T39] audit: type=1400 audit(1725698577.341:511): avc: denied { map } for pid=7958 comm="syz.3.674" path="socket:[21506]" dev="sockfs" ino=21506 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1 [ 229.946457][ T7966] netlink: 60 bytes leftover after parsing attributes in process `syz.0.676'. [ 229.996033][ T7968] Illegal XDP return value 4294966772 on prog (id 139) dev syz_tun, expect packet loss! [ 230.560532][ T7982] netlink: 56 bytes leftover after parsing attributes in process `syz.3.682'. [ 230.566260][ T7982] netlink: 56 bytes leftover after parsing attributes in process `syz.3.682'. [ 232.033890][ T8007] sit0: entered promiscuous mode [ 232.041342][ T8007] netlink: 'syz.3.691': attribute type 1 has an invalid length. [ 232.044752][ T8007] netlink: 1 bytes leftover after parsing attributes in process `syz.3.691'. [ 234.628926][ T39] audit: type=1326 audit(1725698582.381:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8045 comm="syz.2.705" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fd617cef9 code=0x7ffc0000 [ 234.638608][ T39] audit: type=1326 audit(1725698582.381:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8045 comm="syz.2.705" exe="/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f7fd617cef9 code=0x7ffc0000 [ 234.647101][ T39] audit: type=1326 audit(1725698582.381:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8045 comm="syz.2.705" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fd617cef9 code=0x7ffc0000 [ 234.655439][ T39] audit: type=1326 audit(1725698582.381:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8045 comm="syz.2.705" exe="/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f7fd617cef9 code=0x7ffc0000 [ 234.664797][ T39] audit: type=1326 audit(1725698582.391:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8045 comm="syz.2.705" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fd617cef9 code=0x7ffc0000 [ 234.674849][ T39] audit: type=1326 audit(1725698582.391:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8045 comm="syz.2.705" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fd617cef9 code=0x7ffc0000 [ 234.839330][ T39] audit: type=1326 audit(1725698582.591:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8053 comm="syz.0.708" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99c557cef9 code=0x7ffc0000 [ 234.847345][ T39] audit: type=1326 audit(1725698582.591:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8053 comm="syz.0.708" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99c557cef9 code=0x7ffc0000 [ 234.855643][ T39] audit: type=1326 audit(1725698582.601:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8053 comm="syz.0.708" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f99c557cef9 code=0x7ffc0000 [ 234.867161][ T39] audit: type=1326 audit(1725698582.601:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8053 comm="syz.0.708" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99c557cef9 code=0x7ffc0000 [ 236.481244][ T8113] netlink: 'syz.3.734': attribute type 27 has an invalid length. [ 236.514314][ T8113] sit0: left promiscuous mode [ 236.562095][ T8113] bridge0: port 2(bridge_slave_1) entered disabled state [ 236.567178][ T8113] bridge0: port 1(bridge_slave_0) entered disabled state [ 236.673445][ T8113] wg2: left promiscuous mode [ 236.675273][ T8113] wg2: left allmulticast mode [ 236.746180][ T8113] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 236.748692][ T8128] 9pnet_fd: Insufficient options for proto=fd [ 236.770291][ T8113] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 236.885365][ T8113] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 236.888809][ T8113] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 236.891782][ T8113] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 236.895032][ T8113] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 236.951420][ T8113] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 236.955310][ T8113] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 236.959966][ T8113] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 236.963676][ T8113] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 238.021092][ T5354] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 238.026558][ T5354] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 238.031481][ T5354] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 238.037838][ T5354] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 238.047259][ T5354] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 238.051076][ T5354] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 238.301015][ T8172] chnl_net:caif_netlink_parms(): no params data found [ 238.434602][ T8201] netlink: 'syz.3.768': attribute type 21 has an invalid length. [ 238.438573][ T8201] netlink: 168 bytes leftover after parsing attributes in process `syz.3.768'. [ 238.442615][ T8172] bridge0: port 1(bridge_slave_0) entered blocking state [ 238.446993][ T8172] bridge0: port 1(bridge_slave_0) entered disabled state [ 238.450234][ T8172] bridge_slave_0: entered allmulticast mode [ 238.453459][ T8172] bridge_slave_0: entered promiscuous mode [ 238.459344][ T8172] bridge0: port 2(bridge_slave_1) entered blocking state [ 238.462614][ T8172] bridge0: port 2(bridge_slave_1) entered disabled state [ 238.465651][ T8172] bridge_slave_1: entered allmulticast mode [ 238.469387][ T8172] bridge_slave_1: entered promiscuous mode [ 238.520834][ T8172] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 238.527943][ T8172] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 238.567796][ T8172] team0: Port device team_slave_0 added [ 238.571682][ T8172] team0: Port device team_slave_1 added [ 238.617964][ T8172] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 238.621114][ T8172] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 238.638312][ T8172] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 238.645635][ T8172] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 238.652785][ T8172] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 238.664834][ T8172] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 238.740167][ T8172] hsr_slave_0: entered promiscuous mode [ 238.742827][ T8172] hsr_slave_1: entered promiscuous mode [ 238.745212][ T8172] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 238.748664][ T8172] Cannot create hsr debugfs directory [ 238.778345][ T8217] netlink: 'syz.0.776': attribute type 29 has an invalid length. [ 238.811445][ T8217] netlink: 'syz.0.776': attribute type 29 has an invalid length. [ 238.818988][ T8217] netlink: 'syz.0.776': attribute type 29 has an invalid length. [ 238.826043][ T8217] netlink: 'syz.0.776': attribute type 29 has an invalid length. [ 238.833561][ T8217] netlink: 'syz.0.776': attribute type 29 has an invalid length. [ 238.837810][ T8217] netlink: 'syz.0.776': attribute type 29 has an invalid length. [ 238.925156][ T8223] xt_hashlimit: max too large, truncated to 1048576 [ 238.959319][ T8172] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 239.111729][ T8172] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 239.288387][ T8172] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 239.685307][ T8172] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 239.878254][ T8172] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 239.919671][ T8172] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 239.967304][ T8250] xt_hashlimit: max too large, truncated to 1048576 [ 239.978622][ T8172] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 239.984857][ T8172] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 239.995240][ T8248] tipc: Started in network mode [ 239.997873][ T8248] tipc: Node identity 101, cluster identity 4711 [ 240.000662][ T8248] tipc: Node number set to 257 [ 240.003406][ T8248] tipc: Cannot configure node identity twice [ 240.014617][ T39] kauditd_printk_skb: 482 callbacks suppressed [ 240.014630][ T39] audit: type=1400 audit(1725698587.761:1004): avc: denied { ioctl } for pid=8251 comm="syz.2.787" path="/dev/raw-gadget" dev="devtmpfs" ino=763 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 240.100905][ T8172] 8021q: adding VLAN 0 to HW filter on device bond0 [ 240.101233][ T39] audit: type=1400 audit(1725698587.851:1005): avc: denied { create } for pid=8259 comm="syz.3.791" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 240.110230][ T39] audit: type=1400 audit(1725698587.851:1006): avc: denied { bind } for pid=8259 comm="syz.3.791" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 240.116892][ T5354] Bluetooth: hci4: command tx timeout [ 240.117423][ T8172] 8021q: adding VLAN 0 to HW filter on device team0 [ 240.130329][ T39] audit: type=1400 audit(1725698587.881:1007): avc: denied { write } for pid=8259 comm="syz.3.791" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 240.132638][ T1111] bridge0: port 1(bridge_slave_0) entered blocking state [ 240.139983][ T1111] bridge0: port 1(bridge_slave_0) entered forwarding state [ 240.146215][ T1111] bridge0: port 2(bridge_slave_1) entered blocking state [ 240.149329][ T1111] bridge0: port 2(bridge_slave_1) entered forwarding state [ 240.232823][ T39] audit: type=1400 audit(1725698587.981:1008): avc: denied { setopt } for pid=8266 comm="syz.3.794" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 240.244626][ T39] audit: type=1400 audit(1725698587.991:1009): avc: denied { sys_module } for pid=8172 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 240.278846][ T832] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 240.336536][ T8172] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 240.386444][ T8172] veth0_vlan: entered promiscuous mode [ 240.394887][ T8172] veth1_vlan: entered promiscuous mode [ 240.421042][ T8172] veth0_macvtap: entered promiscuous mode [ 240.425589][ T8172] veth1_macvtap: entered promiscuous mode [ 240.439228][ T8172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 240.443656][ T8172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 240.448870][ T8172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 240.452886][ T8172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 240.456520][ T832] usb 7-1: Using ep0 maxpacket: 32 [ 240.456548][ T8172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 240.459445][ T39] audit: type=1400 audit(1725698844.208:1010): avc: denied { ioctl } for pid=8286 comm="syz.0.802" path="socket:[22025]" dev="sockfs" ino=22025 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 240.459963][ T832] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 240.459979][ T832] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 240.459998][ T832] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 240.460009][ T832] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 240.461523][ T832] usb 7-1: config 0 descriptor?? [ 240.461946][ T8172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 240.463590][ T8172] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 240.466654][ T832] hub 7-1:0.0: USB hub found [ 240.505383][ T8172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 240.516475][ T8172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 240.520611][ T8172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 240.524658][ T8172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 240.535774][ T8172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 240.540012][ T39] audit: type=1400 audit(1725698844.288:1011): avc: denied { read } for pid=8291 comm="syz.3.805" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 240.540809][ T8172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 240.556423][ T8172] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 240.564714][ T8172] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 240.568916][ T39] audit: type=1400 audit(1725698844.288:1012): avc: denied { open } for pid=8291 comm="syz.3.805" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 240.577708][ T8172] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 240.582363][ T8172] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 240.585233][ T8172] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 240.621072][ T39] audit: type=1400 audit(1725698844.368:1013): avc: denied { write } for pid=8291 comm="syz.3.805" name="001" dev="devtmpfs" ino=750 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 240.681087][ T1115] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 240.681932][ T832] hub 7-1:0.0: 1 port detected [ 240.684322][ T1115] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 240.722912][ T1105] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 240.726217][ T1105] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 241.284844][ T832] hub 7-1:0.0: activate --> -90 [ 241.489425][ T832] hub 7-1:0.0: hub_ext_port_status failed (err = -71) [ 241.494190][ T832] usb 7-1: USB disconnect, device number 11 [ 242.195057][ T5354] Bluetooth: hci4: command tx timeout [ 242.416580][ T832] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 242.616505][ T832] usb 7-1: Using ep0 maxpacket: 32 [ 242.649473][ T832] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 242.653757][ T832] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 242.690897][ T832] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 242.696742][ T832] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 242.704370][ T832] usb 7-1: config 0 descriptor?? [ 242.711363][ T832] hub 7-1:0.0: USB hub found [ 242.900301][ T8327] Bluetooth: MGMT ver 1.23 [ 242.958777][ T8321] syz.1.814: vmalloc error: size 3194880, failed to allocated page array size 6240, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1 [ 242.967279][ T8321] CPU: 3 UID: 0 PID: 8321 Comm: syz.1.814 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 242.971282][ T8321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 242.976115][ T8321] Call Trace: [ 242.977437][ T8321] [ 242.978747][ T8321] dump_stack_lvl+0x16c/0x1f0 [ 242.980837][ T8321] warn_alloc+0x24d/0x3a0 [ 242.982768][ T8321] ? __pfx_warn_alloc+0x10/0x10 [ 242.984948][ T8321] ? __get_vm_area_node+0x190/0x2d0 [ 242.987266][ T8321] ? __get_vm_area_node+0x1bc/0x2d0 [ 242.989589][ T8321] __vmalloc_node_range_noprof+0xfe8/0x14e0 [ 242.992214][ T8321] ? ip_set_sockfn_get+0x18f/0xd10 [ 242.994495][ T8321] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 242.997321][ T8321] ? __get_vm_area_node+0x190/0x2d0 [ 242.999579][ T8321] ? __get_vm_area_node+0x1bc/0x2d0 [ 243.001856][ T8321] __vmalloc_node_range_noprof+0xc6b/0x14e0 [ 243.004437][ T8321] ? ip_set_sockfn_get+0x18f/0xd10 [ 243.006704][ T8321] ? avc_has_perm_noaudit+0x143/0x3a0 [ 243.009132][ T8321] ? ip_set_sockfn_get+0x18f/0xd10 [ 243.011387][ T8321] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 243.014100][ T8321] ? __pfx_lock_release+0x10/0x10 [ 243.016292][ T8321] ? ip_set_sockfn_get+0x18f/0xd10 [ 243.018498][ T8321] vmalloc_noprof+0x6b/0x90 [ 243.020554][ T8321] ? ip_set_sockfn_get+0x18f/0xd10 [ 243.022840][ T8321] ip_set_sockfn_get+0x18f/0xd10 [ 243.025055][ T8321] ? __pfx_lock_release+0x10/0x10 [ 243.027281][ T8321] ? __pfx_ip_set_sockfn_get+0x10/0x10 [ 243.029625][ T8321] ? nf_sockopt_find.constprop.0+0x221/0x290 [ 243.032199][ T8321] nf_getsockopt+0x79/0xe0 [ 243.034207][ T8321] ip_getsockopt+0x18e/0x1e0 [ 243.036287][ T8321] ? __pfx_ip_getsockopt+0x10/0x10 [ 243.038550][ T8321] ? __might_fault+0x13b/0x190 [ 243.040572][ T8321] ? __pfx_lock_release+0x10/0x10 [ 243.042784][ T8321] dccp_getsockopt+0xe4/0x990 [ 243.044871][ T8321] ? __pfx_dccp_getsockopt+0x10/0x10 [ 243.047087][ T8321] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 243.049637][ T8321] do_sock_getsockopt+0x3fe/0x800 [ 243.051491][ T8321] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 243.053547][ T8321] ? __fget_files+0x256/0x400 [ 243.055545][ T8321] ? __fget_light+0x173/0x210 [ 243.057274][ T8321] __sys_getsockopt+0x1a1/0x270 [ 243.058951][ T8321] ? __pfx___sys_getsockopt+0x10/0x10 [ 243.060856][ T8321] ? xfd_validate_state+0x5d/0x180 [ 243.062622][ T8321] __x64_sys_getsockopt+0xbd/0x160 [ 243.064367][ T8321] ? do_syscall_64+0x91/0x250 [ 243.065929][ T8321] ? lockdep_hardirqs_on+0x7c/0x110 [ 243.067649][ T8321] do_syscall_64+0xcd/0x250 [ 243.069179][ T8321] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 243.071546][ T8321] RIP: 0033:0x7f160c97cef9 [ 243.073385][ T8321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 243.081389][ T8321] RSP: 002b:00007f160d706038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 243.084982][ T8321] RAX: ffffffffffffffda RBX: 00007f160cb35f80 RCX: 00007f160c97cef9 [ 243.088363][ T8321] RDX: 0000000000000053 RSI: 0000000000000000 RDI: 000000000000000a [ 243.091577][ T8321] RBP: 00007f160c9ef046 R08: 00000000200000c0 R09: 0000000000000000 [ 243.094839][ T8321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 243.098032][ T8321] R13: 0000000000000000 R14: 00007f160cb35f80 R15: 00007ffc81abe558 [ 243.101315][ T8321] [ 243.111356][ T832] hub 7-1:0.0: config failed, can't read hub descriptor (err -22) [ 243.120607][ T832] usbhid 7-1:0.0: can't add hid device: -71 [ 243.122584][ T832] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 243.136509][ T8321] Mem-Info: [ 243.137826][ T8321] active_anon:5736 inactive_anon:1 isolated_anon:31 [ 243.137826][ T8321] active_file:8497 inactive_file:40532 isolated_file:124 [ 243.137826][ T8321] unevictable:1768 dirty:212 writeback:0 [ 243.137826][ T8321] slab_reclaimable:10276 slab_unreclaimable:70458 [ 243.137826][ T8321] mapped:21941 shmem:2302 pagetables:796 [ 243.137826][ T8321] sec_pagetables:314 bounce:0 [ 243.137826][ T8321] kernel_misc_reclaimable:0 [ 243.137826][ T8321] free:400040 free_pcp:18333 free_cma:0 [ 243.153500][ T8321] Node 0 active_anon:22784kB inactive_anon:4kB active_file:33968kB inactive_file:162056kB unevictable:3536kB isolated(anon):124kB isolated(file):496kB mapped:87764kB dirty:840kB writeback:0kB shmem:5668kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11216kB pagetables:3040kB sec_pagetables:1256kB all_unreclaimable? no [ 243.165140][ T8321] Node 1 active_anon:160kB inactive_anon:0kB active_file:20kB inactive_file:72kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:8kB writeback:0kB shmem:3540kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:144kB sec_pagetables:0kB all_unreclaimable? no [ 243.178149][ T8321] Node 0 DMA free:540kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:184kB local_pcp:80kB free_cma:0kB [ 243.188350][ T832] usb 7-1: USB disconnect, device number 12 [ 243.189038][ T8321] lowmem_reserve[]: 0 1218 0 0 0 [ 243.193517][ T8321] Node 0 DMA32 free:143452kB boost:62316kB min:90012kB low:96936kB high:103860kB reserved_highatomic:0KB active_anon:22908kB inactive_anon:4kB active_file:32728kB inactive_file:162056kB unevictable:3536kB writepending:840kB present:2080628kB managed:1275300kB mlocked:0kB bounce:0kB free_pcp:19708kB local_pcp:9812kB free_cma:0kB [ 243.206663][ T8321] lowmem_reserve[]: 0 0 0 0 0 [ 243.208739][ T8321] Node 1 Normal free:1463580kB boost:0kB min:39540kB low:49424kB high:59308kB reserved_highatomic:0KB active_anon:160kB inactive_anon:0kB active_file:20kB inactive_file:72kB unevictable:3536kB writepending:8kB present:2097152kB managed:1781924kB mlocked:0kB bounce:0kB free_pcp:53960kB local_pcp:2748kB free_cma:0kB [ 243.220905][ T8321] lowmem_reserve[]: 0 0 0 0 0 [ 243.222947][ T8321] Node 0 DMA: 3*4kB (U) 0*8kB 1*16kB (U) 0*32kB 0*64kB 2*128kB (U) 1*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 540kB [ 243.228353][ T8321] Node 0 DMA32: 645*4kB (UME) 446*8kB (UM) 374*16kB (UME) 341*32kB (UME) 266*64kB (UME) 36*128kB (UM) 38*256kB (UM) 64*512kB (UM) 55*1024kB (UM) 2*2048kB (U) 1*4096kB (M) = 151684kB [ 243.235013][ T8321] Node 1 Normal: 1*4kB (M) 1*8kB (U) 1*16kB (U) 2*32kB (UM) 1*64kB (U) 3*128kB (UME) 1*256kB (U) 1*512kB (U) 0*1024kB 0*2048kB 357*4096kB (M) = 1463580kB [ 243.241456][ T8321] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 243.245367][ T8321] Node 0 hugepages_total=6 hugepages_free=0 hugepages_surp=4 hugepages_size=2048kB [ 243.253265][ T8321] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 243.257912][ T8321] Node 1 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 243.261823][ T8321] 50110 total pagecache pages [ 243.263949][ T8321] 0 pages in swap cache [ 243.266752][ T8321] Free swap = 123784kB [ 243.269308][ T8321] Total swap = 124996kB [ 243.273484][ T8321] 1048443 pages RAM [ 243.275117][ T8321] 0 pages HighMem/MovableOnly [ 243.277149][ T8321] 280297 pages reserved [ 243.278878][ T8321] 0 pages cma reserved [ 243.400612][ T8333] netlink: 120 bytes leftover after parsing attributes in process `syz.0.820'. [ 243.717053][ T8342] netlink: 'syz.1.824': attribute type 29 has an invalid length. [ 243.733139][ T8342] netlink: 'syz.1.824': attribute type 29 has an invalid length. [ 243.747557][ T8342] netlink: 'syz.1.824': attribute type 29 has an invalid length. [ 243.764075][ T8342] netlink: 'syz.1.824': attribute type 29 has an invalid length. [ 243.768921][ T8342] netlink: 'syz.1.824': attribute type 29 has an invalid length. [ 243.773365][ T8342] netlink: 'syz.1.824': attribute type 29 has an invalid length. [ 243.907262][ T8348] binder: 8346:8348 ioctl c0306201 20000540 returned -14 [ 244.276632][ T5354] Bluetooth: hci4: command tx timeout [ 245.746888][ T39] kauditd_printk_skb: 35 callbacks suppressed [ 245.746903][ T39] audit: type=1107 audit(1725698849.498:1049): pid=8339 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 245.939319][ T39] audit: type=1400 audit(1725698849.688:1050): avc: denied { write } for pid=8387 comm="syz.0.841" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 246.003972][ T8388] kvm: emulating exchange as write [ 246.050643][ T39] audit: type=1400 audit(1725698849.798:1051): avc: denied { unmount } for pid=8376 comm="syz.1.838" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 246.356767][ T5354] Bluetooth: hci4: command tx timeout [ 246.854639][ T8404] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 247.599007][ T8420] 9pnet_fd: Insufficient options for proto=fd [ 247.674652][ T39] audit: type=1400 audit(1725698851.418:1052): avc: denied { ioctl } for pid=8427 comm="syz.2.858" path="socket:[23705]" dev="sockfs" ino=23705 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 247.685356][ T39] audit: type=1400 audit(1725698851.418:1053): avc: denied { setopt } for pid=8427 comm="syz.2.858" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 247.693865][ T39] audit: type=1400 audit(1725698851.418:1054): avc: denied { write } for pid=8427 comm="syz.2.858" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 248.551570][ T39] audit: type=1400 audit(1725698852.298:1055): avc: denied { read } for pid=8433 comm="syz.2.859" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 248.572435][ T39] audit: type=1400 audit(1725698852.298:1056): avc: denied { open } for pid=8433 comm="syz.2.859" path="/dev/snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 248.632634][ T39] audit: type=1400 audit(1725698852.378:1057): avc: denied { getopt } for pid=8433 comm="syz.2.859" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 248.785191][ T39] audit: type=1400 audit(1725698852.528:1058): avc: denied { read write } for pid=8442 comm="syz.0.862" name="fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 248.850288][ T8445] fuse: Bad value for 'fd' [ 248.911739][ T8445] wg2: entered promiscuous mode [ 248.921993][ T8445] wg2: entered allmulticast mode [ 249.321820][ T8438] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 249.326023][ T8438] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 249.330093][ T8438] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 249.332530][ T8438] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 249.337485][ T8438] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 249.594576][ T8455] 9pnet_fd: Insufficient options for proto=fd [ 250.176988][ T8464] netlink: 20 bytes leftover after parsing attributes in process `syz.2.867'. [ 250.678544][ T5354] Bluetooth: hci2: command 0x0405 tx timeout [ 251.189520][ T39] kauditd_printk_skb: 1 callbacks suppressed [ 251.189534][ T39] audit: type=1400 audit(1725698854.938:1060): avc: denied { read } for pid=8471 comm="syz.0.870" name="nullb0" dev="devtmpfs" ino=693 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 251.251307][ T39] audit: type=1400 audit(1725698854.938:1061): avc: denied { open } for pid=8471 comm="syz.0.870" path="/dev/nullb0" dev="devtmpfs" ino=693 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 251.386652][ T5354] Bluetooth: hci4: command 0x0c1a tx timeout [ 251.386958][ T5359] Bluetooth: hci0: command 0x0c1a tx timeout [ 251.400223][ T8475] omfs: Invalid superblock (0) [ 251.426157][ T39] audit: type=1400 audit(1725698855.158:1062): avc: denied { write } for pid=8471 comm="syz.0.870" name="kcm" dev="proc" ino=4026533488 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 251.435998][ T39] audit: type=1400 audit(1725698855.158:1063): avc: denied { ioctl } for pid=8471 comm="syz.0.870" path="/dev/video3" dev="devtmpfs" ino=882 ioctlcmd=0x5647 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 251.680284][ T39] audit: type=1400 audit(1725698855.428:1064): avc: denied { name_connect } for pid=8474 comm="syz.3.871" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1 [ 252.087602][ T8463] netlink: 12 bytes leftover after parsing attributes in process `syz.2.867'. [ 252.646312][ T39] audit: type=1400 audit(1725698856.388:1065): avc: denied { name_bind } for pid=8490 comm="syz.3.875" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 252.663430][ T39] audit: type=1400 audit(1725698856.398:1066): avc: denied { node_bind } for pid=8490 comm="syz.3.875" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 253.267098][ T39] audit: type=1400 audit(1725698857.018:1067): avc: denied { append } for pid=8490 comm="syz.3.875" name="dlm-control" dev="devtmpfs" ino=100 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 253.396486][ T39] audit: type=1400 audit(1725698857.038:1068): avc: denied { ioctl } for pid=8500 comm="syz.1.877" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=22275 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 253.414770][ T39] audit: type=1400 audit(1725698857.048:1069): avc: denied { map } for pid=8500 comm="syz.1.877" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=22276 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 253.466521][ T5359] Bluetooth: hci4: command 0x0c1a tx timeout [ 254.335772][ T8512] 9pnet_fd: Insufficient options for proto=fd [ 254.612979][ T77] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 254.784639][ T77] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 254.921781][ T77] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 255.086652][ T5391] usb 5-1: new low-speed USB device number 12 using dummy_hcd [ 255.433629][ T77] bond0: (slave netdevsim0): Releasing backup interface [ 255.546731][ T5359] Bluetooth: hci4: command 0x0c1a tx timeout [ 255.571504][ T77] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 255.719854][ T5354] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 255.726866][ T5354] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 255.730683][ T5354] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 255.734952][ T5354] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 255.737886][ T77] team0: left allmulticast mode [ 255.740180][ T77] team_slave_0: left allmulticast mode [ 255.740581][ T5354] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 255.753382][ T5354] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 255.758836][ T77] team_slave_1: left allmulticast mode [ 255.765303][ T77] bridge0: port 3(team0) entered disabled state [ 255.781043][ T77] bridge_slave_1: left allmulticast mode [ 255.783619][ T77] bridge_slave_1: left promiscuous mode [ 255.786288][ T77] bridge0: port 2(bridge_slave_1) entered disabled state [ 255.797050][ T77] bridge_slave_0: left allmulticast mode [ 255.803678][ T77] bridge_slave_0: left promiscuous mode [ 255.806444][ T77] bridge0: port 1(bridge_slave_0) entered disabled state [ 256.448534][ T77] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 256.456854][ T77] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 256.464146][ T77] bond0 (unregistering): Released all slaves [ 256.656925][ T8525] chnl_net:caif_netlink_parms(): no params data found [ 256.947318][ T8525] bridge0: port 1(bridge_slave_0) entered blocking state [ 256.951699][ T8525] bridge0: port 1(bridge_slave_0) entered disabled state [ 256.958776][ T8525] bridge_slave_0: entered allmulticast mode [ 256.984720][ T8525] bridge_slave_0: entered promiscuous mode [ 256.987726][ T8557] binder: 8543:8557 ioctl 4018620d 0 returned -22 [ 256.998116][ T8525] bridge0: port 2(bridge_slave_1) entered blocking state [ 257.001898][ T39] kauditd_printk_skb: 23 callbacks suppressed [ 257.001910][ T39] audit: type=1400 audit(1725698860.748:1093): avc: denied { map } for pid=8543 comm="syz.0.891" path="/dev/bus/usb/005/001" dev="devtmpfs" ino=741 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 257.013566][ T8525] bridge0: port 2(bridge_slave_1) entered disabled state [ 257.016482][ T8525] bridge_slave_1: entered allmulticast mode [ 257.020304][ T8525] bridge_slave_1: entered promiscuous mode [ 257.118232][ T8525] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 257.130228][ T8525] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 257.214747][ T8525] team0: Port device team_slave_0 added [ 257.221843][ T8525] team0: Port device team_slave_1 added [ 257.318378][ T8525] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 257.329843][ T8525] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 257.352308][ T8525] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 257.387686][ T8525] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 257.390847][ T8525] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 257.410820][ T8525] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 257.573360][ T77] hsr_slave_0: left promiscuous mode [ 257.577256][ T77] hsr_slave_1: left promiscuous mode [ 257.580563][ T77] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 257.587750][ T77] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 257.593742][ T77] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 257.603730][ T39] audit: type=1400 audit(1725698861.348:1094): avc: denied { unmount } for pid=7338 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 257.606601][ T77] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 257.638253][ T5354] Bluetooth: hci4: command 0x0c1a tx timeout [ 257.724074][ T77] veth1_macvtap: left promiscuous mode [ 257.728495][ T77] veth0_macvtap: left promiscuous mode [ 257.731045][ T77] veth1_vlan: left promiscuous mode [ 257.733422][ T77] veth0_vlan: left promiscuous mode [ 257.796595][ T5354] Bluetooth: hci3: command tx timeout [ 258.861238][ T77] team_slave_1 (unregistering): left promiscuous mode [ 258.868917][ T77] team0 (unregistering): Port device team_slave_1 removed [ 258.888428][ T39] audit: type=1400 audit(1725698862.628:1095): avc: denied { execmod } for pid=8576 comm="syz.0.896" path="/dev/bus/usb/003/001" dev="devtmpfs" ino=734 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 258.898160][ T39] audit: type=1400 audit(1725698862.648:1096): avc: denied { execute } for pid=8576 comm="syz.0.896" path="/dev/bus/usb/003/001" dev="devtmpfs" ino=734 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 258.967380][ T77] team_slave_0 (unregistering): left promiscuous mode [ 258.972973][ T77] team0 (unregistering): Port device team_slave_0 removed [ 259.724978][ T8525] hsr_slave_0: entered promiscuous mode [ 259.728661][ T8525] hsr_slave_1: entered promiscuous mode [ 259.731886][ T8525] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 259.735309][ T8525] Cannot create hsr debugfs directory [ 259.844698][ T39] audit: type=1400 audit(1725698863.588:1097): avc: denied { sys_chroot } for pid=8581 comm="dhcpcd" capability=18 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1 [ 259.857721][ T39] audit: type=1400 audit(1725698863.588:1098): avc: denied { setgid } for pid=8581 comm="dhcpcd" capability=6 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1 [ 259.866785][ T5354] Bluetooth: hci3: command tx timeout [ 259.868642][ T39] audit: type=1400 audit(1725698863.588:1099): avc: denied { setrlimit } for pid=8581 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=process permissive=1 [ 260.011907][ T39] audit: type=1400 audit(1725698863.758:1100): avc: denied { getopt } for pid=8579 comm="syz.0.897" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 260.745103][ T77] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 260.874674][ T77] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 260.999910][ T77] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 261.089956][ T5359] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 261.097369][ T5359] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 261.101263][ T5359] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 261.114064][ T5359] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 261.121501][ T5359] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 261.124571][ T5359] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 261.158361][ T77] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 261.198635][ T8525] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 261.253823][ T8525] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 261.295357][ T8525] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 261.305201][ T8525] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 261.385856][ T39] audit: type=1400 audit(1725698865.128:1101): avc: denied { bind } for pid=8620 comm="syz.3.905" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 261.406880][ T39] audit: type=1400 audit(1725698865.128:1102): avc: denied { name_bind } for pid=8620 comm="syz.3.905" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 261.447583][ T77] bridge_slave_1: left allmulticast mode [ 261.449849][ T77] bridge_slave_1: left promiscuous mode [ 261.452594][ T77] bridge0: port 2(bridge_slave_1) entered disabled state [ 261.459932][ T77] bridge_slave_0: left allmulticast mode [ 261.462586][ T77] bridge_slave_0: left promiscuous mode [ 261.468064][ T77] bridge0: port 1(bridge_slave_0) entered disabled state [ 261.550878][ T1383] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.553913][ T1383] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.925795][ T77] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 261.935254][ T77] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 261.943432][ T77] bond0 (unregistering): Released all slaves [ 261.956516][ T5354] Bluetooth: hci3: command tx timeout [ 262.128077][ T8615] chnl_net:caif_netlink_parms(): no params data found [ 262.291903][ T39] kauditd_printk_skb: 1 callbacks suppressed [ 262.291970][ T39] audit: type=1400 audit(1725698866.028:1104): avc: denied { ioctl } for pid=8636 comm="syz.3.907" path="/dev/input/event2" dev="devtmpfs" ino=870 ioctlcmd=0x4593 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 262.362410][ T8637] hid-generic 0003:0627:0001.0001: pid 8637 passed too large report [ 262.460861][ T8615] bridge0: port 1(bridge_slave_0) entered blocking state [ 262.463307][ T8615] bridge0: port 1(bridge_slave_0) entered disabled state [ 262.466260][ T8615] bridge_slave_0: entered allmulticast mode [ 262.473938][ T8615] bridge_slave_0: entered promiscuous mode [ 262.516179][ T8525] 8021q: adding VLAN 0 to HW filter on device bond0 [ 262.523312][ T8615] bridge0: port 2(bridge_slave_1) entered blocking state [ 262.527020][ T8615] bridge0: port 2(bridge_slave_1) entered disabled state [ 262.530106][ T8615] bridge_slave_1: entered allmulticast mode [ 262.533908][ T8615] bridge_slave_1: entered promiscuous mode [ 262.589463][ T77] hsr_slave_0: left promiscuous mode [ 262.592421][ T77] hsr_slave_1: left promiscuous mode [ 262.595805][ T77] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 262.603455][ T77] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 262.609822][ T77] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 262.612557][ T77] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 262.646498][ T834] usb 8-1: new high-speed USB device number 18 using dummy_hcd [ 262.655722][ T77] veth1_macvtap: left promiscuous mode [ 262.658443][ T77] veth0_macvtap: left promiscuous mode [ 262.661086][ T77] veth1_vlan: left promiscuous mode [ 262.663703][ T77] veth0_vlan: left promiscuous mode [ 262.876578][ T834] usb 8-1: Using ep0 maxpacket: 8 [ 262.880952][ T834] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 262.884245][ T834] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 262.889143][ T834] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 262.896579][ T834] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 262.899829][ T834] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 262.904932][ T834] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 262.911106][ T834] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 262.914469][ T834] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 262.919586][ T834] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 262.933781][ T834] usb 8-1: string descriptor 0 read error: -22 [ 262.936807][ T834] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 262.940860][ T834] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 262.949687][ T834] adutux 8-1:168.0: interrupt endpoints not found [ 263.168734][ T30] usb 8-1: USB disconnect, device number 18 [ 263.228759][ T5354] Bluetooth: hci4: command tx timeout [ 263.629541][ T77] team0 (unregistering): Port device team_slave_1 removed [ 263.747141][ T77] team0 (unregistering): Port device team_slave_0 removed [ 263.766564][ T30] usb 8-1: new low-speed USB device number 19 using dummy_hcd [ 263.948388][ T39] audit: type=1400 audit(1725698867.688:1105): avc: denied { remount } for pid=8653 comm="syz.0.909" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 263.949430][ T8659] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 263.965455][ T30] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 263.968443][ T30] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 263.972376][ T30] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 263.977193][ T30] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 263.979720][ T30] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 263.983201][ T30] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 263.987620][ T30] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 263.990153][ T30] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 263.993701][ T30] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 264.036615][ T5354] Bluetooth: hci3: command tx timeout [ 264.441348][ T8615] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 264.449223][ T8615] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 264.525846][ T8615] team0: Port device team_slave_0 added [ 264.554140][ T8615] team0: Port device team_slave_1 added [ 264.562584][ T39] audit: type=1400 audit(1725698868.308:1106): avc: denied { unmount } for pid=7338 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 264.627831][ T8525] 8021q: adding VLAN 0 to HW filter on device team0 [ 264.661373][ T8615] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 264.664446][ T8615] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 264.678497][ T8615] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 264.683863][ T8615] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 264.689175][ T8615] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 264.698763][ T8615] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 264.774254][ T8615] hsr_slave_0: entered promiscuous mode [ 264.778054][ T8615] hsr_slave_1: entered promiscuous mode [ 264.782185][ T8615] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 264.785195][ T8615] Cannot create hsr debugfs directory [ 264.794931][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 264.797549][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 264.867253][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 264.869817][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 265.316584][ T5354] Bluetooth: hci4: command tx timeout [ 265.341261][ T8525] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 265.501899][ T8525] veth0_vlan: entered promiscuous mode [ 265.511347][ T8525] veth1_vlan: entered promiscuous mode [ 265.548611][ T30] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 265.552341][ T30] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 265.552664][ T8525] veth0_macvtap: entered promiscuous mode [ 265.563397][ T8525] veth1_macvtap: entered promiscuous mode [ 265.567236][ T30] usb 8-1: can't set config #168, error -71 [ 265.578465][ T30] usb 8-1: USB disconnect, device number 19 [ 265.583175][ T8525] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 265.588413][ T8525] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 265.593051][ T8525] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 265.600729][ T8525] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 265.607158][ T8525] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 265.659000][ T8525] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 265.663384][ T8525] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 265.667517][ T8525] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 265.671744][ T8525] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 265.680098][ T8525] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 265.698724][ T8525] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.704874][ T8525] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.717686][ T8525] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.729454][ T8525] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.911791][ T1105] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 265.915347][ T1105] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 265.988860][ T8615] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 265.995311][ T8615] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 265.999214][ T1105] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 266.002708][ T1105] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 266.017805][ T8615] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 266.024160][ T8615] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 266.161776][ T8615] 8021q: adding VLAN 0 to HW filter on device bond0 [ 266.180577][ T8615] 8021q: adding VLAN 0 to HW filter on device team0 [ 266.191280][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 266.194644][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 266.205819][ T1105] bridge0: port 2(bridge_slave_1) entered blocking state [ 266.209013][ T1105] bridge0: port 2(bridge_slave_1) entered forwarding state [ 266.405251][ T8615] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 266.443476][ T8615] veth0_vlan: entered promiscuous mode [ 266.454348][ T8615] veth1_vlan: entered promiscuous mode [ 266.481694][ T8615] veth0_macvtap: entered promiscuous mode [ 266.508592][ T8615] veth1_macvtap: entered promiscuous mode [ 266.528618][ T39] audit: type=1400 audit(1725698870.278:1107): avc: denied { connect } for pid=8720 comm="syz.2.885" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 266.532757][ T8615] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 266.541568][ T8615] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.545927][ T8615] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 266.551596][ T8615] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.556015][ T8615] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 266.561108][ T8615] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.567377][ T8615] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 266.571746][ T8615] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 266.575935][ T8615] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.588377][ T8615] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 266.597188][ T8615] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.601468][ T8615] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 266.605988][ T8615] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.612279][ T8615] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 266.635814][ T8615] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 266.643127][ T8723] sctp: [Deprecated]: syz.2.885 (pid 8723) Use of struct sctp_assoc_value in delayed_ack socket option. [ 266.643127][ T8723] Use struct sctp_sack_info instead [ 266.648797][ T8615] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 266.657932][ T8615] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 266.667043][ T8615] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 266.830335][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 266.841860][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 266.931503][ T1111] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 266.955916][ T1111] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 267.171613][ T8736] 9pnet_fd: Insufficient options for proto=fd [ 267.187074][ T5354] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:200' [ 267.190773][ T5354] CPU: 2 UID: 0 PID: 5354 Comm: kworker/u33:4 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 267.194611][ T5354] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 267.198224][ T5354] Workqueue: hci3 hci_rx_work [ 267.199935][ T5354] Call Trace: [ 267.201096][ T5354] [ 267.202109][ T5354] dump_stack_lvl+0x16c/0x1f0 [ 267.203748][ T5354] sysfs_warn_dup+0x7f/0xa0 [ 267.205297][ T5354] sysfs_create_dir_ns+0x24d/0x2b0 [ 267.207160][ T5354] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 267.209175][ T5354] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 267.211155][ T5354] ? do_raw_spin_unlock+0x172/0x230 [ 267.213362][ T5354] kobject_add_internal+0x2c8/0x990 [ 267.215741][ T5354] kobject_add+0x16f/0x240 [ 267.217783][ T5354] ? __pfx_kobject_add+0x10/0x10 [ 267.219443][ T5354] ? do_raw_spin_unlock+0x172/0x230 [ 267.221132][ T5354] ? kobject_put+0xab/0x5a0 [ 267.222835][ T5354] device_add+0x289/0x1a70 [ 267.224667][ T5354] ? __pfx_dev_set_name+0x10/0x10 [ 267.226526][ T5354] ? __pfx_device_add+0x10/0x10 [ 267.228661][ T5354] hci_conn_add_sysfs+0x17e/0x230 [ 267.230619][ T5354] hci_sync_conn_complete_evt+0x900/0xa10 [ 267.232787][ T5354] hci_event_packet+0x9eb/0x1180 [ 267.234638][ T5354] ? __pfx_hci_sync_conn_complete_evt+0x10/0x10 [ 267.237045][ T5354] ? __pfx_hci_event_packet+0x10/0x10 [ 267.239455][ T5354] ? mark_held_locks+0x9f/0xe0 [ 267.241642][ T5354] ? kcov_remote_start+0x3cf/0x6e0 [ 267.243908][ T5354] ? lockdep_hardirqs_on+0x7c/0x110 [ 267.246185][ T5354] hci_rx_work+0x2c6/0x1610 [ 267.248258][ T5354] process_one_work+0x9c5/0x1b40 [ 267.250490][ T5354] ? __pfx_lock_acquire+0x10/0x10 [ 267.252739][ T5354] ? __pfx_process_one_work+0x10/0x10 [ 267.255170][ T5354] ? assign_work+0x1a0/0x250 [ 267.257238][ T5354] worker_thread+0x6c8/0xed0 [ 267.258993][ T5354] ? __pfx_worker_thread+0x10/0x10 [ 267.260880][ T5354] kthread+0x2c1/0x3a0 [ 267.262305][ T5354] ? _raw_spin_unlock_irq+0x23/0x50 [ 267.264324][ T5354] ? __pfx_kthread+0x10/0x10 [ 267.266103][ T5354] ret_from_fork+0x45/0x80 [ 267.267936][ T5354] ? __pfx_kthread+0x10/0x10 [ 267.270006][ T5354] ret_from_fork_asm+0x1a/0x30 [ 267.272148][ T5354] [ 267.274639][ T5354] kobject: kobject_add_internal failed for hci3:200 with -EEXIST, don't try to register things with the same name in the same directory. [ 267.279747][ T5354] Bluetooth: hci3: failed to register connection device [ 267.386769][ T5354] Bluetooth: hci4: command tx timeout [ 268.603996][ T39] audit: type=1400 audit(1725698872.348:1108): avc: denied { setattr } for pid=8754 comm="syz.1.925" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 268.620486][ T39] audit: type=1400 audit(1725698872.368:1109): avc: denied { write } for pid=8754 comm="syz.1.925" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 268.632420][ T39] audit: type=1400 audit(1725698872.368:1110): avc: denied { open } for pid=8754 comm="syz.1.925" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 268.646969][ T39] audit: type=1400 audit(1725698872.388:1111): avc: denied { read } for pid=8754 comm="syz.1.925" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 268.994617][ T5354] Bluetooth: hci3: Malformed MSFT vendor event: 0x02 [ 269.226561][ T5354] Bluetooth: hci3: command tx timeout [ 269.274947][ T8764] sctp: [Deprecated]: syz.0.927 (pid 8764) Use of struct sctp_assoc_value in delayed_ack socket option. [ 269.274947][ T8764] Use struct sctp_sack_info instead [ 269.466850][ T5354] Bluetooth: hci4: command tx timeout [ 270.891680][ T8776] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks [ 271.520989][ T39] audit: type=1400 audit(1725698874.628:1112): avc: denied { mounton } for pid=8769 comm="syz.1.931" path="/proc/14/task" dev="proc" ino=26667 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 271.562943][ T8777] netlink: 'syz.0.930': attribute type 1 has an invalid length. [ 271.566253][ T8777] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.930'. [ 271.570451][ T8777] netlink: 1 bytes leftover after parsing attributes in process `syz.0.930'. [ 271.586904][ T39] audit: type=1400 audit(1725698875.338:1113): avc: denied { append } for pid=8765 comm="syz.2.929" name="001" dev="devtmpfs" ino=753 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 271.588589][ T8768] usb usb9: usbfs: process 8768 (syz.2.929) did not claim interface 0 before use [ 271.600007][ T8768] usb usb9: selecting invalid altsetting 21783 [ 272.777845][ T39] audit: type=1400 audit(1725698876.528:1114): avc: denied { connect } for pid=8795 comm="syz.2.940" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 273.362291][ T8803] 9pnet_fd: Insufficient options for proto=fd [ 273.370165][ T5354] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:200' [ 273.374234][ T5354] CPU: 3 UID: 0 PID: 5354 Comm: kworker/u33:4 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 273.378259][ T5354] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 273.381766][ T5354] Workqueue: hci4 hci_rx_work [ 273.383374][ T5354] Call Trace: [ 273.384521][ T5354] [ 273.385522][ T5354] dump_stack_lvl+0x16c/0x1f0 [ 273.387326][ T5354] sysfs_warn_dup+0x7f/0xa0 [ 273.389224][ T5354] sysfs_create_dir_ns+0x24d/0x2b0 [ 273.391238][ T5354] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 273.393426][ T5354] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 273.395508][ T5354] ? do_raw_spin_unlock+0x172/0x230 [ 273.397542][ T5354] kobject_add_internal+0x2c8/0x990 [ 273.399554][ T5354] kobject_add+0x16f/0x240 [ 273.401401][ T5354] ? __pfx_kobject_add+0x10/0x10 [ 273.403369][ T5354] ? do_raw_spin_unlock+0x172/0x230 [ 273.405437][ T5354] ? kobject_put+0xab/0x5a0 [ 273.407232][ T5354] device_add+0x289/0x1a70 [ 273.408981][ T5354] ? __pfx_dev_set_name+0x10/0x10 [ 273.410933][ T5354] ? __pfx_device_add+0x10/0x10 [ 273.412847][ T5354] hci_conn_add_sysfs+0x17e/0x230 [ 273.414812][ T5354] hci_sync_conn_complete_evt+0x900/0xa10 [ 273.417029][ T5354] hci_event_packet+0x9eb/0x1180 [ 273.418961][ T5354] ? __pfx_hci_sync_conn_complete_evt+0x10/0x10 [ 273.421381][ T5354] ? __pfx_hci_event_packet+0x10/0x10 [ 273.423465][ T5354] ? mark_held_locks+0x9f/0xe0 [ 273.425384][ T5354] ? kcov_remote_start+0x3cf/0x6e0 [ 273.427400][ T5354] ? lockdep_hardirqs_on+0x7c/0x110 [ 273.429630][ T5354] hci_rx_work+0x2c6/0x1610 [ 273.431492][ T5354] process_one_work+0x9c5/0x1b40 [ 273.433493][ T5354] ? __pfx_lock_acquire+0x10/0x10 [ 273.435502][ T5354] ? __pfx_process_one_work+0x10/0x10 [ 273.437594][ T5354] ? assign_work+0x1a0/0x250 [ 273.439412][ T5354] worker_thread+0x6c8/0xed0 [ 273.441278][ T5354] ? __pfx_worker_thread+0x10/0x10 [ 273.443309][ T5354] kthread+0x2c1/0x3a0 [ 273.444947][ T5354] ? _raw_spin_unlock_irq+0x23/0x50 [ 273.446990][ T5354] ? __pfx_kthread+0x10/0x10 [ 273.448855][ T5354] ret_from_fork+0x45/0x80 [ 273.450643][ T5354] ? __pfx_kthread+0x10/0x10 [ 273.452486][ T5354] ret_from_fork_asm+0x1a/0x30 [ 273.454417][ T5354] [ 273.459075][ T5354] kobject: kobject_add_internal failed for hci4:200 with -EEXIST, don't try to register things with the same name in the same directory. [ 273.464221][ T5354] Bluetooth: hci4: failed to register connection device [ 273.910725][ T39] audit: type=1400 audit(1725698877.648:1115): avc: denied { bind } for pid=8805 comm="syz.0.942" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 273.931420][ T39] audit: type=1400 audit(1725698877.668:1116): avc: denied { connect } for pid=8805 comm="syz.0.942" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 274.635563][ T39] audit: type=1400 audit(1725698878.378:1117): avc: denied { create } for pid=8812 comm="syz.3.944" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 274.665469][ T39] audit: type=1400 audit(1725698878.408:1118): avc: denied { setopt } for pid=8812 comm="syz.3.944" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 274.705438][ T39] audit: type=1400 audit(1725698878.448:1119): avc: denied { read write } for pid=8814 comm="syz.3.946" name="nvram" dev="devtmpfs" ino=633 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 274.720062][ T39] audit: type=1400 audit(1725698878.468:1120): avc: denied { open } for pid=8814 comm="syz.3.946" path="/dev/nvram" dev="devtmpfs" ino=633 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 274.737737][ T39] audit: type=1400 audit(1725698878.488:1121): avc: denied { create } for pid=8814 comm="syz.3.946" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 275.546559][ T5354] Bluetooth: hci4: command tx timeout [ 277.042726][ T8868] netlink: 'syz.2.964': attribute type 1 has an invalid length. [ 277.336595][ T9] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 277.532881][ T9] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 277.539210][ T9] usb 7-1: config 0 has no interfaces? [ 277.545992][ T9] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 277.557141][ T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 277.560239][ T9] usb 7-1: SerialNumber: syz [ 277.564600][ T9] usb 7-1: config 0 descriptor?? [ 278.132790][ T8882] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check. [ 278.183749][ T39] audit: type=1400 audit(1725698881.928:1122): avc: denied { write } for pid=8867 comm="syz.2.964" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 278.193124][ T39] audit: type=1400 audit(1725698881.928:1123): avc: denied { nlmsg_write } for pid=8867 comm="syz.2.964" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 278.193345][ T832] usb 7-1: USB disconnect, device number 13 [ 278.358775][ T834] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 278.544459][ T834] usb 5-1: config index 0 descriptor too short (expected 45327, got 309) [ 278.548292][ T834] usb 5-1: config 15 has an invalid descriptor of length 0, skipping remainder of the config [ 278.552624][ T834] usb 5-1: config 15 has 0 interfaces, different from the descriptor's value: 2 [ 278.557837][ T834] usb 5-1: New USB device found, idVendor=12d1, idProduct=1c1f, bcdDevice=63.46 [ 278.562013][ T834] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 278.641771][ T39] audit: type=1400 audit(1725698882.378:1124): avc: denied { connect } for pid=8891 comm="syz.3.974" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 278.696503][ T30] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 278.821574][ T834] usb 5-1: USB disconnect, device number 13 [ 278.896615][ T30] usb 6-1: Using ep0 maxpacket: 32 [ 278.903250][ T30] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 278.908988][ T30] usb 6-1: config 0 has no interfaces? [ 278.915800][ T30] usb 6-1: New USB device found, idVendor=3823, idProduct=0001, bcdDevice= 3.eb [ 278.920689][ T30] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 278.924441][ T30] usb 6-1: Product: syz [ 278.926339][ T30] usb 6-1: Manufacturer: syz [ 278.934195][ T30] usb 6-1: SerialNumber: syz [ 278.940646][ T30] usb 6-1: config 0 descriptor?? [ 279.620611][ T39] kauditd_printk_skb: 1 callbacks suppressed [ 279.620627][ T39] audit: type=1400 audit(1725698883.368:1126): avc: denied { connect } for pid=8901 comm="syz.3.977" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 279.635298][ T39] audit: type=1400 audit(1725698883.368:1127): avc: denied { name_bind } for pid=8901 comm="syz.3.977" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 280.044776][ T39] audit: type=1400 audit(1725698883.788:1128): avc: denied { read } for pid=8909 comm="syz.0.979" name="sg0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 280.063647][ T39] audit: type=1400 audit(1725698883.788:1129): avc: denied { open } for pid=8909 comm="syz.0.979" path="/dev/sg0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 280.091154][ T8918] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check. [ 280.115613][ T39] audit: type=1400 audit(1725698883.858:1130): avc: denied { ioctl } for pid=8909 comm="syz.0.979" path="/dev/sg0" dev="devtmpfs" ino=707 ioctlcmd=0x2285 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 280.156747][ T39] audit: type=1400 audit(1725698883.878:1131): avc: denied { read } for pid=8909 comm="syz.0.979" name="card0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 280.202128][ T39] audit: type=1400 audit(1725698883.878:1132): avc: denied { open } for pid=8909 comm="syz.0.979" path="/dev/dri/card0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 280.216549][ T39] audit: type=1400 audit(1725698883.898:1133): avc: denied { ioctl } for pid=8909 comm="syz.0.979" path="/dev/dri/card0" dev="devtmpfs" ino=637 ioctlcmd=0x64b2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 280.225228][ T39] audit: type=1400 audit(1725698883.898:1134): avc: denied { map } for pid=8909 comm="syz.0.979" path="/dev/dri/card0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 280.233825][ T39] audit: type=1400 audit(1725698883.928:1135): avc: denied { create } for pid=8909 comm="syz.0.979" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 280.527832][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 280.625961][ T8930] netlink: 'syz.0.986': attribute type 1 has an invalid length. [ 280.668320][ T5359] Bluetooth: hci4: command 0x0405 tx timeout [ 280.926485][ T58] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 281.108801][ T58] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 281.112565][ T58] usb 5-1: config 0 has no interfaces? [ 281.121451][ T58] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 281.126129][ T58] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 281.132823][ T58] usb 5-1: SerialNumber: syz [ 281.136494][ T58] usb 5-1: config 0 descriptor?? [ 281.485827][ T35] usb 6-1: USB disconnect, device number 14 [ 281.607481][ T8939] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check. [ 281.713452][ T5359] Bluetooth: hci4: Ignoring HCI_Sync_Conn_Complete event for existing connection [ 282.746763][ T5359] Bluetooth: hci4: command 0x0405 tx timeout [ 283.142708][ T35] usb 5-1: USB disconnect, device number 14 [ 284.716649][ T57] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 284.836563][ T5354] Bluetooth: hci4: command 0x0405 tx timeout [ 284.916468][ T57] usb 5-1: Using ep0 maxpacket: 32 [ 284.922754][ T57] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 284.929240][ T57] usb 5-1: config 0 has no interfaces? [ 284.947014][ T57] usb 5-1: New USB device found, idVendor=3823, idProduct=0001, bcdDevice= 3.eb [ 284.952225][ T57] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 284.955843][ T57] usb 5-1: Product: syz [ 284.968678][ T57] usb 5-1: Manufacturer: syz [ 284.974670][ T57] usb 5-1: SerialNumber: syz [ 284.982262][ T57] usb 5-1: config 0 descriptor?? [ 285.068730][ T30] ================================================================== [ 285.072070][ T30] BUG: KASAN: slab-use-after-free in sco_sock_timeout+0x97/0x2c0 [ 285.077703][ T30] Write of size 4 at addr ffff888040b66080 by task kworker/1:0/30 [ 285.083881][ T30] [ 285.084891][ T30] CPU: 1 UID: 0 PID: 30 Comm: kworker/1:0 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 285.089133][ T30] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 285.092860][ T5354] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 285.093431][ T30] Workqueue: events sco_sock_timeout [ 285.098990][ T30] Call Trace: [ 285.100338][ T30] [ 285.101391][ T30] dump_stack_lvl+0x116/0x1f0 [ 285.103368][ T30] print_report+0xc3/0x620 [ 285.105413][ T30] ? __virt_addr_valid+0x5e/0x590 [ 285.107478][ T30] ? __phys_addr+0xc6/0x150 [ 285.109122][ T30] kasan_report+0xd9/0x110 [ 285.110434][ T30] ? sco_sock_timeout+0x97/0x2c0 [ 285.112056][ T30] ? sco_sock_timeout+0x97/0x2c0 [ 285.113698][ T30] kasan_check_range+0xef/0x1a0 [ 285.115389][ T30] sco_sock_timeout+0x97/0x2c0 [ 285.117077][ T30] process_one_work+0x9c5/0x1b40 [ 285.119018][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 285.121034][ T30] ? __pfx_process_one_work+0x10/0x10 [ 285.123096][ T30] ? assign_work+0x1a0/0x250 [ 285.125039][ T30] worker_thread+0x6c8/0xed0 [ 285.126704][ T30] ? __pfx_worker_thread+0x10/0x10 [ 285.128767][ T30] kthread+0x2c1/0x3a0 [ 285.130541][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 285.132766][ T30] ? __pfx_kthread+0x10/0x10 [ 285.134797][ T30] ret_from_fork+0x45/0x80 [ 285.136665][ T30] ? __pfx_kthread+0x10/0x10 [ 285.138483][ T30] ret_from_fork_asm+0x1a/0x30 [ 285.140208][ T30] [ 285.141128][ T30] [ 285.142004][ T30] Allocated by task 8965: [ 285.143766][ T30] kasan_save_stack+0x33/0x60 [ 285.145242][ T30] kasan_save_track+0x14/0x30 [ 285.147259][ T30] __kasan_kmalloc+0xaa/0xb0 [ 285.149176][ T30] __kmalloc_noprof+0x1e8/0x400 [ 285.151098][ T30] sk_prot_alloc+0x1a8/0x2a0 [ 285.153059][ T30] sk_alloc+0x36/0xb90 [ 285.154786][ T30] bt_sock_alloc+0x3b/0x3a0 [ 285.156464][ T30] sco_sock_create+0xe3/0x3c0 [ 285.158053][ T30] bt_sock_create+0x182/0x350 [ 285.159795][ T30] __sock_create+0x32e/0x800 [ 285.161606][ T30] __sys_socket+0x14f/0x260 [ 285.163544][ T30] __x64_sys_socket+0x72/0xb0 [ 285.165367][ T30] do_syscall_64+0xcd/0x250 [ 285.167189][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 285.169508][ T30] [ 285.170352][ T30] Freed by task 8958: [ 285.171776][ T30] kasan_save_stack+0x33/0x60 [ 285.173923][ T30] kasan_save_track+0x14/0x30 [ 285.175939][ T30] kasan_save_free_info+0x3b/0x60 [ 285.177872][ T30] poison_slab_object+0xf7/0x160 [ 285.179877][ T30] __kasan_slab_free+0x32/0x50 [ 285.181737][ T30] kfree+0x12a/0x3b0 [ 285.183464][ T30] __sk_destruct+0x5eb/0x720 [ 285.185476][ T30] sk_destruct+0xc2/0xf0 [ 285.187048][ T30] __sk_free+0xf4/0x3e0 [ 285.188720][ T30] sk_free+0x6a/0x90 [ 285.190269][ T30] sco_sock_kill+0x11a/0x1c0 [ 285.192178][ T30] sco_sock_release+0x154/0x2d0 [ 285.193790][ T30] __sock_release+0xb0/0x270 [ 285.195522][ T30] sock_close+0x1c/0x30 [ 285.197331][ T30] __fput+0x408/0xbb0 [ 285.199047][ T30] task_work_run+0x14e/0x250 [ 285.200700][ T30] syscall_exit_to_user_mode+0x27b/0x2a0 [ 285.202653][ T30] do_syscall_64+0xda/0x250 [ 285.204502][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 285.206617][ T30] [ 285.207399][ T30] The buggy address belongs to the object at ffff888040b66000 [ 285.207399][ T30] which belongs to the cache kmalloc-2k of size 2048 [ 285.212395][ T30] The buggy address is located 128 bytes inside of [ 285.212395][ T30] freed 2048-byte region [ffff888040b66000, ffff888040b66800) [ 285.217582][ T30] [ 285.218612][ T30] The buggy address belongs to the physical page: [ 285.221062][ T30] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x40b60 [ 285.224393][ T30] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 285.227332][ T30] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 285.230229][ T30] page_type: 0xfdffffff(slab) [ 285.232143][ T30] raw: 00fff00000000040 ffff88801ac42f00 dead000000000100 dead000000000122 [ 285.235277][ T30] raw: 0000000000000000 0000000000080008 00000001fdffffff 0000000000000000 [ 285.238721][ T30] head: 00fff00000000040 ffff88801ac42f00 dead000000000100 dead000000000122 [ 285.242219][ T30] head: 0000000000000000 0000000000080008 00000001fdffffff 0000000000000000 [ 285.245731][ T30] head: 00fff00000000003 ffffea000102d801 ffffffffffffffff 0000000000000000 [ 285.248812][ T30] head: 0000000700000008 0000000000000000 00000000ffffffff 0000000000000000 [ 285.251583][ T30] page dumped because: kasan: bad access detected [ 285.253950][ T30] page_owner tracks the page as allocated [ 285.256309][ T30] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 6837, tgid 6837 (syz-executor), ts 157274984000, free_ts 155771023147 [ 285.265735][ T30] post_alloc_hook+0x2d1/0x350 [ 285.267814][ T30] get_page_from_freelist+0x1351/0x2e50 [ 285.270197][ T30] __alloc_pages_noprof+0x22b/0x2460 [ 285.272436][ T30] alloc_slab_page+0x4e/0xf0 [ 285.274383][ T30] new_slab+0x84/0x260 [ 285.276071][ T30] ___slab_alloc+0xdac/0x1870 [ 285.277947][ T30] __slab_alloc.constprop.0+0x56/0xb0 [ 285.279857][ T30] __kmalloc_cache_noprof+0x2b4/0x300 [ 285.281763][ T30] nbp_vlan_add+0x1f4/0x410 [ 285.283401][ T30] nbp_vlan_init+0x375/0x500 [ 285.285152][ T30] br_add_if+0xfdf/0x1b80 [ 285.286748][ T30] do_set_master+0x1bc/0x230 [ 285.288556][ T30] do_setlink+0xd24/0x4190 [ 285.290256][ T30] __rtnl_newlink+0xc35/0x1920 [ 285.292049][ T30] rtnl_newlink+0x67/0xa0 [ 285.293746][ T30] rtnetlink_rcv_msg+0x3c7/0xea0 [ 285.295644][ T30] page last free pid 5343 tgid 5343 stack trace: [ 285.298053][ T30] free_unref_page+0x64a/0xe40 [ 285.299791][ T30] vfree+0x181/0x7a0 [ 285.301306][ T30] kcov_put+0x2a/0x40 [ 285.302894][ T30] kcov_close+0x10/0x20 [ 285.304612][ T30] __fput+0x408/0xbb0 [ 285.306322][ T30] task_work_run+0x14e/0x250 [ 285.308390][ T30] do_exit+0xaa3/0x2bb0 [ 285.310109][ T30] do_group_exit+0xd3/0x2a0 [ 285.311737][ T30] __x64_sys_exit_group+0x3e/0x50 [ 285.313664][ T30] x64_sys_call+0x14a9/0x16a0 [ 285.315446][ T30] do_syscall_64+0xcd/0x250 [ 285.317173][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 285.319382][ T30] [ 285.320343][ T30] Memory state around the buggy address: [ 285.322281][ T30] ffff888040b65f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 285.325108][ T30] ffff888040b66000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 285.328172][ T30] >ffff888040b66080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 285.331149][ T30] ^ [ 285.332712][ T30] ffff888040b66100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 285.335757][ T30] ffff888040b66180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 285.338908][ T30] ================================================================== [ 285.342846][ T30] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 285.346002][ T30] CPU: 1 UID: 0 PID: 30 Comm: kworker/1:0 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 285.350551][ T30] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 285.355118][ T30] Workqueue: events sco_sock_timeout [ 285.357421][ T30] Call Trace: [ 285.358870][ T30] [ 285.360155][ T30] dump_stack_lvl+0x3d/0x1f0 [ 285.362081][ T30] panic+0x6dc/0x7c0 [ 285.363588][ T30] ? mark_held_locks+0x9f/0xe0 [ 285.365484][ T30] ? __pfx_panic+0x10/0x10 [ 285.367240][ T30] ? irqentry_exit+0x3b/0x90 [ 285.369012][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 285.371049][ T30] ? check_panic_on_warn+0x1f/0xb0 [ 285.373068][ T30] check_panic_on_warn+0xab/0xb0 [ 285.375075][ T30] end_report+0x117/0x180 [ 285.376949][ T30] kasan_report+0xe9/0x110 [ 285.378786][ T30] ? sco_sock_timeout+0x97/0x2c0 [ 285.380749][ T30] ? sco_sock_timeout+0x97/0x2c0 [ 285.382700][ T30] kasan_check_range+0xef/0x1a0 [ 285.384604][ T30] sco_sock_timeout+0x97/0x2c0 [ 285.386553][ T30] process_one_work+0x9c5/0x1b40 [ 285.388517][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 285.390417][ T30] ? __pfx_process_one_work+0x10/0x10 [ 285.392453][ T30] ? assign_work+0x1a0/0x250 [ 285.394243][ T30] worker_thread+0x6c8/0xed0 [ 285.396153][ T30] ? __pfx_worker_thread+0x10/0x10 [ 285.398359][ T30] kthread+0x2c1/0x3a0 [ 285.400091][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 285.402228][ T30] ? __pfx_kthread+0x10/0x10 [ 285.403959][ T30] ret_from_fork+0x45/0x80 [ 285.405496][ T30] ? __pfx_kthread+0x10/0x10 [ 285.407457][ T30] ret_from_fork_asm+0x1a/0x30 [ 285.409371][ T30] [ 285.411137][ T30] Kernel Offset: disabled [ 285.412431][ T30] Rebooting in 86400 seconds.. VM DIAGNOSIS: 08:43:53 Registers: info registers vcpu 0 CPU#0 RAX=000000000063840f RBX=0000000000000000 RCX=ffffffff8b16fad9 RDX=0000000000000000 RSI=ffffffff8b4cd740 RDI=ffffffff8bb0fb40 RBP=fffffbfff1b52af8 RSP=ffffffff8da07e20 R8 =0000000000000001 R9 =ffffed100d4c6fd9 R10=ffff88806a637ecb R11=0000000000000000 R12=0000000000000000 R13=ffffffff8da957c0 R14=ffffffff90144c58 R15=0000000000000000 RIP=ffffffff8b170ecf RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f3bfd8656c0 CR3=0000000031a2a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fec0ffd0 Opmask01=0000000000004211 Opmask02=000000000000ffdf Opmask03=0000000000000000 Opmask04=00000000ffffffff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff617c3a20 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff0000ff000000 ffff000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 ffff000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6464319fb02b8834 6464319fb02b8a84 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6464319fb02b8a8c 6464319fb02b8a8c ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 656c696620732520 6465746165726300 0a73253a47000a73 253d73253a45000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 40494c4305560005 4140514440574600 0a56001f47000a56 001856001f45000a ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000211 0000000000000000 32706f6f6c2f6b63 6f6c622f6c617574 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 68636163627c2a64 76787c2a64767c2a 72737c2a64737c2a 656d766e7c00312d ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 64002f656c75646f 6d2f2682a763479f 73733497b7621769 732f55d4a738997f ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 777f7ffdff7ffeff 7f7f7ebfffef7fff 7f7b77fff77f7f7f 7f6f7ffff77fff7f ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a3a263e383a3a26 39383a3a2638383a 3a263b383a3a263a 383a3a26493b3a3a ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000004d 000053591b421b30 0000000000000021 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000053591b421b30 0000000000000010 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 info registers vcpu 1 CPU#1 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff85030b00 RDI=ffffffff9a5b4f60 RBP=ffffffff9a5b4f20 RSP=ffffc900008976e8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=666f206574697257 R12=0000000000000000 R13=0000000000000020 R14=fffffbfff34b6a3e R15=dffffc0000000000 RIP=ffffffff85030b27 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f4d92332f9b CR3=000000004d8b2000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000044000001 Opmask01=0000000000000000 Opmask02=000000007ffeffff Opmask03=0000000000000000 Opmask04=00000000ffffffff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4b5f5455504e495f 4449006b636f6c62 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff617c4000 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff617c3990 0000003000000010 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000ff00000000 00ff000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffff0000 ffff0000000000ff ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a0d2b8296e439010 7373268df883723d ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 73737373737371d2 7373425e455c4573 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6d25203a7325206b 6e696c6d79732065 7461657263206f74 2064656c69614600 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4800051f5600054e 4b4c49485c560540 5144405746054a51 054140494c444600 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000091 0000000000000000 32706f6f6c2f6b63 6f6c622f6c617574 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055fbd44a9520 000055fbd44ab030 0000000000000041 0000000000000030 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 69305f474f5b647c 6930382432273f39 7b27697a787c7a30 23333a3a38263342 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a3a263e383a3a26 39383a3a2638383a 3a263b383a3a263a 383a3a26493b3a3a ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 info registers vcpu 2 CPU#2 RAX=0000000000000002 RBX=ffffed100957aa6b RCX=0000000000000003 RDX=fffffbfff2d248e8 RSI=0000000000000000 RDI=ffff88804abd5360 RBP=00000000000001c8 RSP=ffffc900043a74c0 R8 =0000000000000000 R9 =0000000000000006 R10=ffffffff9692473f R11=0000000000000002 R12=dffffc0000000000 R13=0000000000000002 R14=0000000000000003 R15=ffff88804abd4880 RIP=ffffffff81698531 RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000555582968500 ffffffff 00c00000 GS =0000 ffff88806a800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fa1856656c0 CR3=0000000034822000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffde220e3e0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa3155efe6a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa3155efe77 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa3155efe71 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa3155efe85 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa3155eff0b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa3155effe9 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000050 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=00000000004ab63b RBX=0000000000000003 RCX=ffffffff8b16fad9 RDX=0000000000000000 RSI=ffffffff8b4cd740 RDI=ffffffff8bb0fb40 RBP=ffffed1003adb488 RSP=ffffc900001a7e08 R8 =0000000000000001 R9 =ffffed100d526fd9 R10=ffff88806a937ecb R11=0000000000000000 R12=0000000000000003 R13=ffff88801d6da440 R14=ffffffff90144c58 R15=0000000000000000 RIP=ffffffff8b170ecf RFL=00000242 [---Z---] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a900000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002005e000 CR3=0000000032b6e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd1890c6b0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f99c55efe6a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f99c55efe77 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f99c55efe71 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f99c55efe85 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f99c55eff0b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f99c55effe9 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000050 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000