last executing test programs: 2.011051709s ago: executing program 1 (id=942): creat(&(0x7f0000000380)='./bus\x00', 0x0) r0 = open(&(0x7f0000000100)='./bus\x00', 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800007, 0x12, r0, 0x0) r3 = socket$rds(0x15, 0x5, 0x0) bind$rds(r3, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r3, &(0x7f0000000000)={&(0x7f0000000200)={0x2, 0x0, @private=0xa010100}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f0000000140)=[{&(0x7f0000002640)=""/102385, 0x18ff1}], 0x1}}], 0x48}, 0x0) 1.930283613s ago: executing program 1 (id=943): r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802) writev(r0, &(0x7f0000000000)=[{&(0x7f00000001c0)="aefdda9d240303005a90f57f07703aeff0f64eb9ee07962c220a2e11b44e65d76641cb010852f426072a", 0x2a}], 0x1) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) read(r0, 0x0, 0x0) 1.802629374s ago: executing program 1 (id=946): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x5, 0x6, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) io_setup(0xc2, &(0x7f0000000280)=0x0) io_submit(r2, 0x1, &(0x7f0000000c40)=[&(0x7f00000005c0)={0x0, 0x0, 0x0, 0x5, 0x2, r1, 0x0, 0x0, 0x7fff, 0x0, 0x3}]) 1.479885589s ago: executing program 1 (id=952): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r2, 0x0, r3, 0x0, 0xf3a, 0x0) write(r1, 0x0, 0x0) 1.33705189s ago: executing program 1 (id=955): mknodat(0xffffffffffffff9c, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = syz_open_dev$radio(&(0x7f00000000c0), 0x2, 0x2) preadv2(r3, &(0x7f0000000440)=[{&(0x7f0000000700)=""/4096, 0x1000}], 0x1, 0x0, 0x0, 0x0) 1.16910773s ago: executing program 3 (id=961): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) listen(r2, 0x0) shutdown(r2, 0x0) 1.116159856s ago: executing program 2 (id=964): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x6}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000200), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r2) r3 = socket$pppl2tp(0x18, 0x1, 0x1) r4 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r3, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r4, {0x2, 0x0, @multicast1}, 0x4}}, 0x2e) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$l2tp(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_GET(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="01000000000000000000020000000800090004"], 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x0) 1.115928506s ago: executing program 0 (id=965): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100000620702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000073000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f00000008c0)='kmem_cache_free\x00', r0}, 0x10) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$sock_int(r1, 0x1, 0x10, &(0x7f0000000080)=0x5, 0x4) bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) recvmmsg(r1, &(0x7f00000036c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/4, 0x4}, 0xe}], 0x1, 0x0, 0x0) 1.115776288s ago: executing program 3 (id=966): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000b2a500100000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r1}, 0x10) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'netdevsim0\x00', &(0x7f0000000180)=@ethtool_drvinfo={0x3, "3b296e12d52d00eb82cc420f61e335caec88669e42bdfb3cec880a02de9e1d73", "aa01954b50e1a7d200008f5a3995fa1e7569d25aed9768cf0c2def7d5500", "31cb053e0c8f3e81062f62e0f874b078cef598cf374e31fb58665661e850abd6", "fd1508ebd0c5b39be0c0a8f4394f9dfb56ceccf9f6f1fdfdc100", "78a85ce08babb5877c9ab49084d318f3ce181dd78515a854b784f51f55030e7f", "510f13cf0000000000010001", 0xfffffffd, 0x3ffffff, 0x120000, 0x1}}) 1.070762947s ago: executing program 0 (id=967): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x10) write(0xffffffffffffffff, 0x0, 0x0) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @private2}]}, &(0x7f0000000300)=0x5f) 1.07050435s ago: executing program 2 (id=968): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000046ffff000000000800395032303030"], 0x15) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000001340)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [], 0x6b}}) 1.070337588s ago: executing program 3 (id=969): write$USERIO_CMD_SET_PORT_TYPE(0xffffffffffffffff, 0x0, 0x0) r0 = io_uring_setup(0x17ba, &(0x7f0000000140)) openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)) close_range(r0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$cec(&(0x7f0000000340), 0x0, 0x0) ioctl$CEC_DQEVENT(r1, 0xc0506107, 0x0) ioctl$CEC_DQEVENT(r1, 0xc0506107, &(0x7f0000000200)={0x0, 0x0, 0x0, @lost_msgs}) ioctl$IOC_PR_PREEMPT(r1, 0x40046109, &(0x7f0000000040)={0xd0, 0x0, 0x0, 0x4}) 1.070172753s ago: executing program 0 (id=970): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x5, 0x6, 0x0, 0x1}, 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002300000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$PROG_BIND_MAP(0x23, &(0x7f0000000300)={r3, r2}, 0xc) 990.950253ms ago: executing program 2 (id=971): r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000040)="39000000130003474cbb65e1c3e4ffff06000d000100000007000000250000000d0016000c001400000000", 0x2b}], 0x1) r1 = open_tree(0xffffffffffffff9c, 0x0, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, 0x0, 0x0) socket(0x10, 0x3, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000500)={'syztnl0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000b00)={'syztnl0\x00', &(0x7f0000000540)={'ip6gre0\x00', 0x0, 0x4, 0x8, 0x46, 0xe2f, 0x4d, @private0, @loopback, 0x8, 0x80, 0x990a, 0x8000}}) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000c00)={'syztnl1\x00', 0x0}) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020701200000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000600)='sched_switch\x00', r5}, 0x10) r6 = socket$inet6_dccp(0xa, 0x6, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x550, 0x1c0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x480, 0xffffffff, 0xffffffff, 0x480, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x1a0, 0x1c0, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x81, 0x0, 0x24, 0x0, 'syz1\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x298, 0x2c0, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x0, 'syz0\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x1c8, 0x4, 0x0, 'syz0\x00'}}]}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0xffffffffffffffff}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5b0) sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r1, &(0x7f0000000e80)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000e40)={&(0x7f0000000c40)=ANY=[@ANYBLOB="c8010000", @ANYRES16=0x0, @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="08000300030000000800030001000000140002006c6f00000000000000000000000000003000018008000100", @ANYRES32=0x0, @ANYBLOB='\b\x00', @ANYRES32=0x0, @ANYBLOB="140002007767320000000000000000000000000008000100", @ANYRES32=r3, @ANYBLOB="800001800800030001000000080003000000000014000200776730000000000000000000000000001400020076657468305f766c616e0000000000001400020074756e6c30000000000000000000000008000300010000001400020069705f7674693000000000000000000014000200776c616e3000000000000000000000003400018008000100", @ANYRES32=0x0, @ANYBLOB="140002007465616d5f736c6176655f31000000001400020070696d726567310000000000000000004c0001801400020070696d36726567310000000000000000080003000100000008000300030000000800", @ANYRES32=r4, @ANYBLOB="140002006d6163766c616e31000000000000000008000300000000003800018014000200766572745f77696669000800030002000000080003000300", @ANYBLOB], 0x1c8}, 0x1, 0x0, 0x0, 0x200080c4}, 0x48091) fchdir(0xffffffffffffffff) setreuid(0x0, 0x0) r7 = socket$unix(0x1, 0x1, 0x0) r8 = socket$unix(0x1, 0x1, 0x0) bind$unix(r8, &(0x7f0000000300)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) listen(r8, 0x0) connect$unix(r7, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) socket$unix(0x1, 0x1, 0x0) socket$netlink(0x10, 0x3, 0x4) socket$nl_xfrm(0x10, 0x3, 0x6) r9 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x15, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa}}}, 0xb8}}, 0x0) 990.695162ms ago: executing program 0 (id=972): r0 = syz_io_uring_setup(0x64f9, &(0x7f0000000280)={0x0, 0x1217, 0x10100, 0x3}, &(0x7f0000000540)=0x0, &(0x7f00000001c0)=0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10) syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x18}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 990.393178ms ago: executing program 3 (id=973): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000007940)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x2f4}}, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = socket$pppl2tp(0x18, 0x1, 0x1) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) connect$pppl2tp(r2, &(0x7f0000000080)=@pppol2tp={0x18, 0x1, {0x0, r1, {}, 0xa}}, 0x26) sendmmsg$inet(r2, &(0x7f0000005f80)=[{{0x0, 0x0, &(0x7f0000005dc0)=[{&(0x7f00000010c0)="7d5107673289eeae3f806c5c62db497a0299399ab6101c3b", 0x1}], 0x1}}], 0x4000000000001ce, 0x8040) 930.761193ms ago: executing program 2 (id=974): bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x10) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='\x00', 0x9801) r1 = socket(0x1e, 0x1, 0x0) connect$tipc(r1, &(0x7f0000000000)=@id={0x1e, 0x3, 0x2, {0x4e20}}, 0x10) recvmmsg(r1, &(0x7f0000002300)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f00000001c0)=""/64, 0x40}], 0x1, &(0x7f0000000540)=""/19, 0x13}}], 0x1, 0x122, 0x0) fchdir(r0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca711fcc9cdfa146ec56175037958e271f60d25b7937f02c8695e5a1b2cdf41dc10d1e8bf076d83923dd29c034055b67dafe6c8dc3d5d78c07fa1f7e4d5b318e2ec0e0700897a74a0091ff110026e6d2ef831ab7ea0c34f17e3ad6ef3bb622003b538dfd8e012e79578e51bc53099e90fbdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e060e3670ef0e789f93781965f1328d6704902cbe7bc0476619f28d99cd0aa7b73340cc2160a1fe3c184b751c51160fbc0cfb91c82f4a9164dda5e67a46d8e841f8a97be6148ba532e6ea09c346dfebd31a08b32808b80200000000009dd27080e71113610e10d859e8327ef03fb6c86adac12233f9a1fb9c2aec61ce63a3462fd50117b89a9ab759b4eeb8cb000067d42b4e54861d0227dbfd2ed8576a3f7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a6ea0180aabc18cae2ed4b4390af9a9ceafd07ed0030000002cab154ad029a119ca3c972780870014605c83d7d11c3c975d5aec84222fff0d72166cb0d3a0ec4bfae563112f4b391aafe234870072858dc06e7c337642d3e5a815212f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a46939868d75211bbae0e7313bff5d4c391ddece00fc772dd6b4d4d0a917b239fe12280fc92c88c5b8dcdcc22ee1747790a8992533ac2a9f5a699593f084419cae0b4183fb01c73f99857399537f5dc2acb72c7eae993fc9eb22d130665b6341da114f08cd0509d380578673fffffff7f23877a6b24db0e067345560942fa629fbef2461c96a08707671215c302fae29187d4f5c06a960fd37c10223fdae7ed04935c3c90d3add8eebc8619d73415e6adcda2130f5011e42e50adab988dd8e12baf5cc9398c88607a08009c2977aab37d9a44cfc1c7b4000000000000fa47742f6c5b9c4b11e7d7262a1457c39495c826b956ba859adfe38f77b91bd7d5ca1664fe2f3ced8468911806e8916dc15e21644db60c2499d5d16d7d915836ab26c169482008ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aae73835d5a3cda9e90d76c1993e0799d4894ee7f8249dc1e3428d2129369ee1b85afa1a5be5f6eb2eea0d090014b315f65112412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7aded448859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b20428d6474a0a91ee90b8de802c6b538622e6bbcb80f87b415263c401e64ed69a2f75409000000000000001d695c4559b82cabac3cccadc1e1c19af4e03020abf5ff0433d660f20898d2a045d009a0ffb20a77c9af2b80c05184a66d30bbea2ca45a4d6d6d1e6e79aef42355a500587b603306a5af8d867d80a07f10d82eafb03062e95196d5e3ff010000000000000be959096ea948cfa8e7194123e918914a71ad5a8521fb9553bc60f7d9719b55b3abb6bba3d113a680a8d46fe074c83fbe378a3889e8145b2eaceab05ef932c6e4f8ef0ed0d818a7b76d839cf3c63ebb4380b168c38fa32e49563cfee3a7f0fc18bfa32c418cef875fb49e2989177a30280bc586e79a5dd8076c248e7d6e97b3ce267dd4e27b6ef206660090bb2164474cef378f97ca33fc03000000000000001547053453d0c9aec91a24079b21d52fb5516bf0c28ef37aa76442f6083dc99cd61afaf6be45d7b00d3639f2f10ac2d5c759c3e5468f5874c24411d415b6b085fb73a2c7c3852e0e658ffeb4e863428a792bee94f6cd895424360e0464f9d7ea425f2fa6aac029d15af607ad83532ff181c985f54b39370c06e63055b4d6a36fa98a44e379d28307c9912fb097601f3f88a2ca6fd1f9320cfe7fc8e9f7f15f02e177ce23f43a154b42e26f037e8a01377cbd3f509e6e540c9ba9c2a589ac5d8ad67a65e9a44c576dc24452eaa9d819e2b04bdd1c000000070000000000000000000000005333c6199c12dcd926891927a7267c47cf897853d160100b39b613faefe16bed1fc105dddd77ab929b837d54aa17eb9fbdc2bdc0e98ae2c3f23a6131e2879f04ff01000030b92dd493be66c2242f8184733b80ba28e8ffffff7f00000000bb2f89049c5f6d63d56995747639964217aacfe548bc869098aa8e07e51dbc9e2d4db3c5f79fd355222ec2a00cf7f2ccd6dd6d2dc2a815d8314221a5472f1318a9dfbec5a759579caf3262129b14e99040b5d91398e17df85c25ccae973eecc7d187168d5c9cd8f200000017587641ed01889c927da38d83314480b15e23138c5b877a72bd4cf74a299df4fbfc8e6ea96939f15d254d9033c5a45706bda78ab60200000000000000000000000000000000000000706f78f0a2ea9667fb5b951808545a46830970c2dfae01adbda7d29bf1f7abdaf52e0de6f9d7150808ed086642e64ebf98762b34338b80e41b704c3eefaf0bb5f7d895de17a10b0a0ea15ccc0d7a830b6eb33b6b61675511d693ef5e3c44bbf71cabc5175d879e7499f8baae2a1a09cf38da73297764fbc0e723e1cc3abb12e3076982ed32c94a2ce3e6f37c47e983da4ca5c96187db5a2a2e1742bc93a65d7187126126b3a80f17dd2f7dbbe82d104ede9ba6925afc2ee6cb94f56f1363cad635abf8f983292c49c0ebf5005154c7b58a3a8661264f781e3fb02d05a28f3f17b64d0258853d45cb5ebde10cd3d82eeed2f1ed925b7cf400304932c5ed0a362b235ce37e1f17700f7d1fecf8be8a2c5d25a9c60657560d05441387ff158a018d19a286c56d0886eb59d509ee89cc2df52881d005b2e5c27563ba54e4153c132d0366a9660000000000000009c1aaec93ec0f925921fb2e9eb202a29bef28224dbabe723de5c584bc398a8792e493048c87f60a51a391e959212181d4bf32ed89c96d421c8171698c49403558fd13c649f90b0911d57eeb298b590581eb00ce383b539ab80fd15445987b1bb4eb512545e1ab65fef310e10b1ee362b51c72f82edf2f502ddf52567775e34a56d1be892f1e62b08950d517fa6fb1b0ef2edf1b67f8644786116b037d4a36fdd30b000063e58c856ec44cbbc2d370553f832af9480215e09aaa3843fe360b1c293a14627f2cfbe278f31d0abc0f5aaa10926dbb1d44925ce66ea1a94e6d065c2c0fed3ab8442520ce0e0ad7d2d177377ab197ace3ef8b1c24ceb0bdee84bd6e6317633938dd19dc42de7f8f860eca6d9c74525fcd3497526df4c13e3ba5f0d75365a4542ae9440d2fede416d618cdaaf7e038879c5d177b3876fda4121e15a00adb976064a93e8d000000000000903350932d3eef7fdada20c19807066e2c72d0d816eb9fa50be213bf6bbb7ccb9f2e8a153e6ced68f192ebed6e86af0f2cec7335fa8039fd6eb025440bc2a34d071f0a0e6774308a2c5986aa9200a1306ffa5a71ca69e89a6980612b35fc858f37c2c398515a910a35e22ab0573c10b85df4c2972a2fb8b9c080fbb41a753791df727fdeadc5cf218a6eda31312256191c620cce34d1e3bf40a4a207ab1575b399eb8155781bfc7cb5920b49c039935a888d77041814f60fbbcafa487ee96b368e8769da90b44190e569fe8b1d155d0765baaca5c5548b5a78bb43e5d9e47a1d5809bb178184b5672d08e29aecf1f572ac1e6cab7e820751beed5f79de29a67a579150bfb31232d296b9d2977ed027ca90af7088d6466f1501d96a"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0x26, 0x0, &(0x7f0000000100)="b9ff030f6044238cb89e14f088a81bff88fbffff4000633a77fbac14142ce934a0a662079f4b4d2f87e56dca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c) 930.454211ms ago: executing program 0 (id=975): mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c0000006800090300000008000000009700000000000000040065be43630aa666853190bff0a6671cfc7cf3130fc07904c678a62ca97c7790986393b46ba6a3b5aee76b9ced63f9827256d9291ddef3ae67a836d356f27ff727590bba194a9aad5a"], 0x1c}}, 0x0) syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0) 830.519648ms ago: executing program 2 (id=976): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) futex_waitv(&(0x7f0000000ec0)=[{0x0, 0x0, 0x0, 0x2}], 0x1, 0x0, &(0x7f0000001000)={0x77359400}, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$SO_BINDTODEVICE_wg(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000079e02200850000006d00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4) sysinfo(&(0x7f0000000500)=""/58) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r3, 0x0, r4, 0x0, 0xf3a, 0x0) write(r2, 0x0, 0x0) 830.326324ms ago: executing program 3 (id=977): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) recvmmsg(r0, &(0x7f00000078c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=@newsa={0xf0, 0x12, 0x713, 0x0, 0x0, {{@in6=@private2, @in=@loopback, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}, {@in=@empty}, @in6=@local, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4000000000000}, {0x0, 0xfffffffffffffffc}, {0x0, 0x0, 0x7}, 0x70bd25, 0x0, 0xa}}, 0xf0}}, 0x0) 719.748025ms ago: executing program 3 (id=978): mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, 0x0, &(0x7f0000000180)}, 0x20) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c0000006800090300000008000000009700000000000000040065be43630aa666853190bff0a6671cfc7cf3130fc07904c678a62ca97c7790986393b46ba6a3b5aee76b9ced"], 0x1c}}, 0x0) syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0) 719.337228ms ago: executing program 2 (id=979): syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000180)=[@in6={0xa, 0xfffc, 0x0, @loopback}], 0x1c) sendmmsg$inet6(r3, &(0x7f000000cf00)=[{{&(0x7f00000084c0)={0xa, 0xfffc, 0x0, @loopback}, 0x1c, &(0x7f0000008900)=[{&(0x7f0000008500)="88", 0xff12}], 0x1}}], 0x1, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c0000001800dd8d000000000000000002000000000000060000000006001500040000001800168014"], 0x3c}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=ANY=[@ANYBLOB="380000001800dd8d0000000000000000020000000000000600000000"], 0x38}}, 0x0) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r5, 0x400455c8, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x24040880}, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r6, 0x800448d2, &(0x7f0000000100)) 310.651054ms ago: executing program 1 (id=980): socket(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) socket(0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xfe, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) syz_emit_ethernet(0x66, &(0x7f00000006c0)=ANY=[@ANYBLOB="ffffffffffff6487a2bed3d608004500005800000000029e907800000000000000000420880b0000000000000800000086dd080088be00100000000000000100000000000000080022eb000000"], 0x0) syz_emit_ethernet(0x32, &(0x7f00000003c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x100, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='contention_end\x00'}, 0x10) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) epoll_pwait2(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x3938700}, 0x0, 0x0) syz_emit_ethernet(0x2a, &(0x7f0000000080)={@random="39919e8b05b7", @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback, @local}, {0x0, 0x4e20, 0x8}}}}}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x5}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffff"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff0c, 0x0, 0x0, 0x0}, 0x90) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000280)=ANY=[], 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) syz_clone(0x4d900000, 0x0, 0x0, 0x0, 0x0, 0x0) 0s ago: executing program 0 (id=981): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r2}, 0x0, &(0x7f0000000540)}, 0x20) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='module_request\x00', r3}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='module_request\x00', r1}, 0x10) socketpair(0x0, 0x0, 0x0, &(0x7f00000006c0)) kernel console output (not intermixed with test programs): write } for pid=6173 comm="syz.2.223" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 121.751464][ T39] audit: type=1400 audit(1725715271.539:290): avc: denied { setopt } for pid=6173 comm="syz.2.223" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 122.427429][ T39] audit: type=1400 audit(1725715272.219:291): avc: denied { connect } for pid=6179 comm="syz.1.224" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 122.436327][ T39] audit: type=1400 audit(1725715272.219:292): avc: denied { setopt } for pid=6179 comm="syz.1.224" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 122.821606][ T39] audit: type=1400 audit(1725715272.609:293): avc: denied { map } for pid=6196 comm="syz.2.232" path="socket:[11048]" dev="sockfs" ino=11048 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 122.832485][ T39] audit: type=1400 audit(1725715272.609:294): avc: denied { accept } for pid=6196 comm="syz.2.232" path="socket:[11048]" dev="sockfs" ino=11048 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 122.845643][ T39] audit: type=1326 audit(1725715272.619:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6198 comm="syz.1.233" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f38e5f7cef9 code=0x0 [ 123.041089][ T39] audit: type=1400 audit(1725715272.839:296): avc: denied { ioctl } for pid=6203 comm="syz.3.234" path="socket:[11050]" dev="sockfs" ino=11050 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 123.123296][ T39] audit: type=1400 audit(1725715272.879:297): avc: denied { setopt } for pid=6203 comm="syz.3.234" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 123.589948][ T6218] FAULT_INJECTION: forcing a failure. [ 123.589948][ T6218] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 123.597691][ T6218] CPU: 2 UID: 0 PID: 6218 Comm: syz.3.238 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 123.602443][ T6218] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 123.607255][ T6218] Call Trace: [ 123.608804][ T6218] [ 123.610155][ T6218] dump_stack_lvl+0x16c/0x1f0 [ 123.612306][ T6218] should_fail_ex+0x497/0x5b0 [ 123.614567][ T6218] _copy_to_user+0x30/0xc0 [ 123.616596][ T6218] simple_read_from_buffer+0xd0/0x160 [ 123.618974][ T6218] proc_fail_nth_read+0x19e/0x280 [ 123.621211][ T6218] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 123.623703][ T6218] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 123.626229][ T6218] vfs_read+0x1d4/0xbd0 [ 123.628142][ T6218] ? __fdget_pos+0xeb/0x180 [ 123.630205][ T6218] ? __pfx_vfs_read+0x10/0x10 [ 123.632233][ T6218] ? __pfx___mutex_lock+0x10/0x10 [ 123.634396][ T6218] ? __fget_files+0x256/0x400 [ 123.636278][ T6218] ksys_read+0x12f/0x260 [ 123.638070][ T6218] ? __pfx_ksys_read+0x10/0x10 [ 123.640216][ T6218] do_syscall_64+0xcd/0x250 [ 123.642227][ T6218] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.644823][ T6218] RIP: 0033:0x7f308cd7b93c [ 123.646802][ T6218] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 123.655144][ T6218] RSP: 002b:00007f308dc11030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 123.658822][ T6218] RAX: ffffffffffffffda RBX: 00007f308cf35f80 RCX: 00007f308cd7b93c [ 123.662253][ T6218] RDX: 000000000000000f RSI: 00007f308dc110a0 RDI: 0000000000000005 [ 123.665544][ T6218] RBP: 00007f308dc11090 R08: 0000000000000000 R09: 0000000000000000 [ 123.668851][ T6218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 123.672457][ T6218] R13: 0000000000000000 R14: 00007f308cf35f80 R15: 00007fff1c186f38 [ 123.673787][ T5362] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 123.675951][ T6218] [ 123.681446][ T5362] Bluetooth: hci1: Injecting HCI hardware error event [ 123.689321][ T5362] Bluetooth: hci1: hardware error 0x00 [ 123.881974][ T39] audit: type=1400 audit(1725715273.669:298): avc: denied { create } for pid=6220 comm="syz.1.239" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 123.960334][ T6229] overlayfs: missing 'workdir' [ 123.985525][ T6230] netlink: 203516 bytes leftover after parsing attributes in process `syz.0.242'. [ 123.985942][ T6230] netlink: get zone limit has 8 unknown bytes [ 125.418551][ T6246] netlink: 12 bytes leftover after parsing attributes in process `syz.1.248'. [ 125.554785][ T6247] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6247 comm=syz.1.248 [ 125.763250][ T5362] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 125.790522][ T6250] /dev/nullb0: Can't open blockdev [ 126.231404][ T6255] openvswitch: netlink: Unknown nsh attribute 0 [ 126.480122][ T6262] overlayfs: missing 'lowerdir' [ 126.496160][ T6262] fuse: Bad value for 'fd' [ 126.507947][ T6262] netlink: 7 bytes leftover after parsing attributes in process `syz.1.251'. [ 126.512236][ T6262] netlink: 156 bytes leftover after parsing attributes in process `syz.1.251'. [ 126.889173][ T39] kauditd_printk_skb: 6 callbacks suppressed [ 126.889188][ T39] audit: type=1400 audit(1725715276.679:305): avc: denied { sys_module } for pid=6267 comm="syz.3.253" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 126.889698][ T6268] Invalid ELF header len 18 [ 126.892122][ T39] audit: type=1400 audit(1725715276.679:306): avc: denied { module_load } for pid=6267 comm="syz.3.253" path="/57/bus/bus" dev="tmpfs" ino=331 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=system permissive=1 [ 126.969679][ T6269] tipc: Started in network mode [ 126.974581][ T6269] tipc: Node identity 2007ff, cluster identity 4711 [ 126.976089][ T39] audit: type=1400 audit(1725715276.749:307): avc: denied { connect } for pid=6267 comm="syz.3.253" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 126.981178][ T6269] tipc: Node number set to 2099199 [ 126.984234][ T1212] tipc: Subscription rejected, illegal request [ 126.990046][ T39] audit: type=1400 audit(1725715276.779:308): avc: denied { write } for pid=6267 comm="syz.3.253" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 127.003925][ T39] audit: type=1400 audit(1725715276.779:309): avc: denied { read } for pid=6267 comm="syz.3.253" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 127.178101][ T39] audit: type=1400 audit(1725715276.969:310): avc: denied { create } for pid=6274 comm="syz.1.256" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 127.186715][ T6275] 9pnet_fd: Insufficient options for proto=fd [ 127.194337][ T39] audit: type=1400 audit(1725715276.969:311): avc: denied { ioctl } for pid=6274 comm="syz.1.256" path="socket:[10120]" dev="sockfs" ino=10120 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 127.210193][ T39] audit: type=1400 audit(1725715276.969:312): avc: denied { write } for pid=6274 comm="syz.1.256" name="binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 127.220848][ T39] audit: type=1400 audit(1725715276.969:313): avc: denied { read } for pid=6274 comm="syz.1.256" dev="sockfs" ino=10119 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 127.320949][ T1081] sr 2:0:0:0: [sr0] tag#6 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 127.336251][ T1081] sr 2:0:0:0: [sr0] tag#6 Sense Key : Illegal Request [current] [ 127.339822][ T1081] sr 2:0:0:0: [sr0] tag#6 Add. Sense: Invalid command operation code [ 127.344071][ T1081] sr 2:0:0:0: [sr0] tag#6 CDB: Write(10) 2a 00 00 00 00 00 00 00 04 00 [ 127.347891][ T1081] critical target error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 2 prio class 0 [ 127.353917][ T1081] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 127.358839][ T1081] Buffer I/O error on dev sr0, logical block 1, lost async page write [ 127.764148][ T6287] openvswitch: netlink: Unknown nsh attribute 0 [ 128.234036][ T39] audit: type=1400 audit(1725715278.019:314): avc: denied { getopt } for pid=6289 comm="syz.0.260" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 128.517507][ T6298] warning: `syz.1.261' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 129.685570][ T6309] FAULT_INJECTION: forcing a failure. [ 129.685570][ T6309] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 129.690862][ T6309] CPU: 3 UID: 0 PID: 6309 Comm: syz.0.265 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 129.696223][ T6309] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 129.703174][ T6309] Call Trace: [ 129.705221][ T6309] [ 129.706974][ T6309] dump_stack_lvl+0x16c/0x1f0 [ 129.709704][ T6309] should_fail_ex+0x497/0x5b0 [ 129.712377][ T6309] _copy_from_user+0x30/0xf0 [ 129.715016][ T6309] i2cdev_ioctl+0x110/0x820 [ 129.717639][ T6309] ? __pfx_i2cdev_ioctl+0x10/0x10 [ 129.720415][ T6309] ? selinux_file_ioctl+0x180/0x270 [ 129.722933][ T6309] ? selinux_file_ioctl+0xb4/0x270 [ 129.725044][ T6309] ? bpf_lsm_file_ioctl+0x9/0x10 [ 129.727217][ T6309] ? __pfx_i2cdev_ioctl+0x10/0x10 [ 129.729719][ T6309] __x64_sys_ioctl+0x193/0x220 [ 129.731889][ T6309] do_syscall_64+0xcd/0x250 [ 129.734179][ T6309] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.737218][ T6309] RIP: 0033:0x7f9df477cef9 [ 129.738921][ T6309] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 129.747119][ T6309] RSP: 002b:00007f9df54c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 129.751084][ T6309] RAX: ffffffffffffffda RBX: 00007f9df4936058 RCX: 00007f9df477cef9 [ 129.754983][ T6309] RDX: 0000000020000500 RSI: 0000000000000720 RDI: 0000000000000006 [ 129.758992][ T6309] RBP: 00007f9df54c3090 R08: 0000000000000000 R09: 0000000000000000 [ 129.762910][ T6309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 129.766676][ T6309] R13: 0000000000000000 R14: 00007f9df4936058 R15: 00007ffc09548fe8 [ 129.770455][ T6309] [ 130.168065][ T6315] openvswitch: netlink: Unknown nsh attribute 0 [ 130.257692][ T6317] netlink: 4 bytes leftover after parsing attributes in process `syz.1.269'. [ 130.439460][ T6323] overlay: Unknown parameter 'measure' [ 130.446331][ T6323] fuse: Bad value for 'fd' [ 130.450816][ T6323] netlink: 7 bytes leftover after parsing attributes in process `syz.2.271'. [ 130.454834][ T6323] netlink: 156 bytes leftover after parsing attributes in process `syz.2.271'. [ 130.815678][ T6327] syz.2.272[6327] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 130.815767][ T6327] syz.2.272[6327] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 131.411968][ T6335] netlink: 9412 bytes leftover after parsing attributes in process `syz.2.274'. [ 134.081735][ T6380] netlink: 9412 bytes leftover after parsing attributes in process `syz.3.288'. [ 134.664826][ T6387] /dev/nullb0: Can't open blockdev [ 134.942010][ T6392] netlink: 203516 bytes leftover after parsing attributes in process `syz.0.291'. [ 134.953570][ T6392] netlink: get zone limit has 8 unknown bytes [ 135.721234][ T6399] netlink: 76 bytes leftover after parsing attributes in process `syz.1.292'. [ 136.903529][ T6414] overlayfs: workdir and upperdir must be separate subtrees [ 136.965992][ T6413] overlayfs: missing 'workdir' [ 138.283962][ T6431] overlayfs: missing 'lowerdir' [ 138.289925][ T6431] fuse: Bad value for 'fd' [ 138.304795][ T6431] netlink: 7 bytes leftover after parsing attributes in process `syz.2.302'. [ 138.313966][ T6431] netlink: 156 bytes leftover after parsing attributes in process `syz.2.302'. [ 138.353255][ T6432] netlink: 203516 bytes leftover after parsing attributes in process `syz.3.303'. [ 138.357831][ T6432] netlink: get zone limit has 8 unknown bytes [ 138.493850][ T6435] overlayfs: missing 'lowerdir' [ 138.558332][ T1380] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.561478][ T1380] ieee802154 phy1 wpan1: encryption failed: -22 [ 139.609652][ T39] kauditd_printk_skb: 20 callbacks suppressed [ 139.609667][ T39] audit: type=1400 audit(1725715289.399:335): avc: denied { execute } for pid=6446 comm="syz.1.308" path="/72/blkio.bfq.io_wait_time" dev="tmpfs" ino=420 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 139.764393][ T39] audit: type=1400 audit(1725715289.559:336): avc: denied { read } for pid=6448 comm="syz.1.309" name="ptp0" dev="devtmpfs" ino=715 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 139.779129][ T39] audit: type=1400 audit(1725715289.559:337): avc: denied { open } for pid=6448 comm="syz.1.309" path="/dev/ptp0" dev="devtmpfs" ino=715 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 140.813364][ T6462] netlink: 203516 bytes leftover after parsing attributes in process `syz.2.313'. [ 140.817115][ T6462] netlink: get zone limit has 8 unknown bytes [ 140.847300][ T6464] FAULT_INJECTION: forcing a failure. [ 140.847300][ T6464] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 140.852477][ T6464] CPU: 1 UID: 0 PID: 6464 Comm: syz.0.312 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 140.862207][ T6464] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 140.866647][ T6464] Call Trace: [ 140.868042][ T6464] [ 140.869298][ T6464] dump_stack_lvl+0x16c/0x1f0 [ 140.871250][ T6464] should_fail_ex+0x497/0x5b0 [ 140.873241][ T6464] _copy_to_user+0x30/0xc0 [ 140.874941][ T6464] simple_read_from_buffer+0xd0/0x160 [ 140.877018][ T6464] proc_fail_nth_read+0x19e/0x280 [ 140.878861][ T6464] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 140.881499][ T6464] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 140.883549][ T6464] vfs_read+0x1d4/0xbd0 [ 140.885191][ T6464] ? __fdget_pos+0xeb/0x180 [ 140.886893][ T6464] ? __pfx_vfs_read+0x10/0x10 [ 140.888843][ T6464] ? __pfx___mutex_lock+0x10/0x10 [ 140.890916][ T6464] ? __fget_files+0x256/0x400 [ 140.892669][ T6464] ksys_read+0x12f/0x260 [ 140.894221][ T6464] ? __pfx_ksys_read+0x10/0x10 [ 140.895600][ T6464] do_syscall_64+0xcd/0x250 [ 140.897167][ T6464] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 140.899489][ T6464] RIP: 0033:0x7f9df477b93c [ 140.901769][ T6464] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 140.909517][ T6464] RSP: 002b:00007f9df54e4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 140.912754][ T6464] RAX: ffffffffffffffda RBX: 00007f9df4935f80 RCX: 00007f9df477b93c [ 140.916495][ T6464] RDX: 000000000000000f RSI: 00007f9df54e40a0 RDI: 0000000000000004 [ 140.919602][ T6464] RBP: 00007f9df54e4090 R08: 0000000000000000 R09: 0000000000000000 [ 140.922590][ T6464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 140.925929][ T6464] R13: 0000000000000000 R14: 00007f9df4935f80 R15: 00007ffc09548fe8 [ 140.928851][ T6464] [ 142.934461][ T39] audit: type=1400 audit(1725715292.729:338): avc: denied { create } for pid=6481 comm="syz.0.319" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 142.976674][ T39] audit: type=1400 audit(1725715292.769:339): avc: denied { mounton } for pid=6481 comm="syz.0.319" path="/80/file0" dev="tmpfs" ino=445 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1 [ 142.977283][ T6482] ======================================================= [ 142.977283][ T6482] WARNING: The mand mount option has been deprecated and [ 142.977283][ T6482] and is ignored by this kernel. Remove the mand [ 142.977283][ T6482] option from the mount to silence this warning. [ 142.977283][ T6482] ======================================================= [ 143.034083][ T39] audit: type=1400 audit(1725715292.829:340): avc: denied { unmount } for pid=5350 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 143.175845][ T6490] netlink: 12 bytes leftover after parsing attributes in process `syz.3.322'. [ 143.200094][ T39] audit: type=1400 audit(1725715292.989:341): avc: denied { view } for pid=6486 comm="syz.0.321" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 143.207453][ T6492] fuse: Unknown parameter 'group_i00000000000000000000' [ 143.403336][ T6497] Failed to initialize the IGMP autojoin socket (err -2) [ 143.413403][ T39] audit: type=1400 audit(1725715293.209:342): avc: denied { create } for pid=6493 comm="syz.2.324" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 143.866739][ T6506] overlay: Unknown parameter 'measure' [ 143.881283][ T6506] fuse: Bad value for 'fd' [ 143.965552][ T6506] netlink: 7 bytes leftover after parsing attributes in process `syz.3.327'. [ 143.969401][ T6506] netlink: 156 bytes leftover after parsing attributes in process `syz.3.327'. [ 144.388065][ T39] audit: type=1400 audit(1725715294.179:343): avc: denied { read write } for pid=6507 comm="syz.2.328" name="rdma_cm" dev="devtmpfs" ino=1111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 144.429592][ T39] audit: type=1400 audit(1725715294.189:344): avc: denied { open } for pid=6507 comm="syz.2.328" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=1111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 144.655477][ T6512] overlay: Unknown parameter 'measure' [ 144.672756][ T6512] fuse: Bad value for 'fd' [ 144.680441][ T6512] netlink: 7 bytes leftover after parsing attributes in process `syz.0.329'. [ 144.684973][ T6512] netlink: 156 bytes leftover after parsing attributes in process `syz.0.329'. [ 145.046999][ T6516] netlink: 76 bytes leftover after parsing attributes in process `syz.3.330'. [ 146.349795][ T6538] netlink: 203516 bytes leftover after parsing attributes in process `syz.2.338'. [ 146.354086][ T6538] netlink: get zone limit has 8 unknown bytes [ 146.525240][ T6541] openvswitch: netlink: Unknown nsh attribute 0 [ 147.092648][ T39] audit: type=1400 audit(1725715296.879:345): avc: denied { write } for pid=6549 comm="syz.1.342" name="001" dev="devtmpfs" ino=750 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 147.119345][ T39] audit: type=1400 audit(1725715296.889:346): avc: denied { create } for pid=6549 comm="syz.1.342" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1 [ 147.129455][ T39] audit: type=1400 audit(1725715296.889:347): avc: denied { bind } for pid=6549 comm="syz.1.342" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1 [ 147.140649][ T39] audit: type=1400 audit(1725715296.909:348): avc: denied { setopt } for pid=6546 comm="syz.2.341" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 147.151045][ T39] audit: type=1400 audit(1725715296.929:349): avc: denied { append } for pid=6546 comm="syz.2.341" name="card0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 147.168509][ T39] audit: type=1400 audit(1725715296.959:350): avc: denied { rename } for pid=4815 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 147.179253][ T39] audit: type=1400 audit(1725715296.959:351): avc: denied { unlink } for pid=4815 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 147.190094][ T39] audit: type=1400 audit(1725715296.959:352): avc: denied { create } for pid=4815 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 147.356424][ T6550] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 148.062287][ T39] audit: type=1400 audit(1725715297.849:353): avc: denied { create } for pid=6568 comm="syz.1.346" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 148.268942][ T39] audit: type=1400 audit(1725715298.059:354): avc: denied { ioctl } for pid=6568 comm="syz.1.346" path="socket:[11575]" dev="sockfs" ino=11575 ioctlcmd=0x8922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 148.298062][ T6575] openvswitch: netlink: Unknown nsh attribute 0 [ 148.799805][ T6598] netlink: 203516 bytes leftover after parsing attributes in process `syz.3.349'. [ 148.804486][ T6598] netlink: get zone limit has 8 unknown bytes [ 149.903100][ T6613] netlink: 'syz.1.355': attribute type 3 has an invalid length. [ 149.906475][ T6613] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.355'. [ 150.559623][ T6608] /dev/nullb0: Can't open blockdev [ 150.971113][ T6628] openvswitch: netlink: Unknown nsh attribute 0 [ 152.680125][ T39] kauditd_printk_skb: 1 callbacks suppressed [ 152.680140][ T39] audit: type=1400 audit(1725715302.469:356): avc: denied { create } for pid=6649 comm="syz.0.365" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 152.709642][ T39] audit: type=1400 audit(1725715302.489:357): avc: denied { write } for pid=6649 comm="syz.0.365" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 152.718485][ T39] audit: type=1400 audit(1725715302.489:358): avc: denied { nlmsg_read } for pid=6649 comm="syz.0.365" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 154.255802][ T39] audit: type=1400 audit(1725715304.049:359): avc: denied { setopt } for pid=6683 comm="syz.3.373" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 154.547621][ T6686] netlink: 8 bytes leftover after parsing attributes in process `syz.3.375'. [ 155.696625][ T39] audit: type=1400 audit(1725715305.489:360): avc: denied { connect } for pid=6708 comm="syz.0.384" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 155.727006][ T39] audit: type=1400 audit(1725715305.519:361): avc: denied { write } for pid=6708 comm="syz.0.384" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 156.504009][ T6742] netlink: 203516 bytes leftover after parsing attributes in process `syz.0.393'. [ 156.508121][ T6742] netlink: get zone limit has 8 unknown bytes [ 156.520124][ T6735] netlink: 8 bytes leftover after parsing attributes in process `syz.1.391'. [ 156.825055][ T6745] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns [ 156.829418][ T6745] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 157.252865][ T39] audit: type=1400 audit(1725715307.049:362): avc: denied { bind } for pid=6753 comm="syz.1.398" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 157.269811][ T39] audit: type=1400 audit(1725715307.049:363): avc: denied { listen } for pid=6753 comm="syz.1.398" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 157.655289][ T39] audit: type=1400 audit(1725715307.449:364): avc: denied { block_suspend } for pid=6752 comm="syz.2.397" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 157.694906][ T39] audit: type=1400 audit(1725715307.489:365): avc: denied { read } for pid=6752 comm="syz.2.397" dev="sockfs" ino=12628 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 157.711956][ T39] audit: type=1400 audit(1725715307.489:366): avc: denied { name_bind 0x1000000 } for pid=6752 comm="syz.2.397" path="socket:[12628]" dev="sockfs" ino=12628 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 157.863339][ T6769] openvswitch: netlink: Unknown nsh attribute 0 [ 157.966783][ T6773] overlay: Unknown parameter 'measure' [ 157.981650][ T6773] netlink: 7 bytes leftover after parsing attributes in process `syz.2.404'. [ 157.987978][ T6773] netlink: 156 bytes leftover after parsing attributes in process `syz.2.404'. [ 158.452258][ T39] audit: type=1400 audit(1725715308.249:367): avc: denied { create } for pid=6780 comm="syz.2.406" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 158.846121][ T39] audit: type=1400 audit(1725715308.629:368): avc: denied { create } for pid=6787 comm="syz.3.408" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 159.054481][ T6797] openvswitch: netlink: Unknown nsh attribute 0 [ 159.124627][ T39] audit: type=1400 audit(1725715308.919:369): avc: denied { bind } for pid=6787 comm="syz.3.408" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 159.135306][ T39] audit: type=1400 audit(1725715308.919:370): avc: denied { ioctl } for pid=6787 comm="syz.3.408" path="/dev/raw-gadget" dev="devtmpfs" ino=763 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 159.199353][ T6807] netlink: 203516 bytes leftover after parsing attributes in process `syz.1.414'. [ 159.210111][ T6807] netlink: get zone limit has 8 unknown bytes [ 159.412016][ T58] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 159.540640][ T6811] futex_wake_op: syz.2.416 tries to shift op by 32; fix this program [ 159.599528][ T58] usb 8-1: unable to get BOS descriptor or descriptor too short [ 159.606166][ T58] usb 8-1: config 7 has an invalid interface number: 163 but max is 0 [ 159.609055][ T58] usb 8-1: config 7 has an invalid descriptor of length 117, skipping remainder of the config [ 159.624044][ T58] usb 8-1: config 7 has no interface number 0 [ 159.627155][ T58] usb 8-1: config 7 interface 163 altsetting 4 bulk endpoint 0x2 has invalid maxpacket 1023 [ 159.631504][ T58] usb 8-1: config 7 interface 163 altsetting 4 has an invalid descriptor for endpoint zero, skipping [ 159.639520][ T58] usb 8-1: config 7 interface 163 altsetting 4 has an invalid descriptor for endpoint zero, skipping [ 159.645969][ T58] usb 8-1: config 7 interface 163 altsetting 4 has 6 endpoint descriptors, different from the interface descriptor's value: 12 [ 159.653852][ T58] usb 8-1: config 7 interface 163 has no altsetting 0 [ 159.660015][ T58] usb 8-1: New USB device found, idVendor=19d2, idProduct=0050, bcdDevice= 2.12 [ 159.666536][ T58] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 159.669836][ T58] usb 8-1: Product: syz [ 159.671724][ T58] usb 8-1: Manufacturer: syz [ 159.674008][ T58] usb 8-1: SerialNumber: syz [ 159.679511][ T6802] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 159.795604][ T6818] input: syz1 as /devices/virtual/input/input7 [ 159.956265][ T39] audit: type=1400 audit(1725715309.749:371): avc: denied { setopt } for pid=6820 comm="syz.2.420" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 161.341688][ T6842] FAULT_INJECTION: forcing a failure. [ 161.341688][ T6842] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 161.357842][ T6842] CPU: 0 UID: 0 PID: 6842 Comm: syz.1.425 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 161.363980][ T6842] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 161.368472][ T6842] Call Trace: [ 161.370139][ T6842] [ 161.371492][ T6842] dump_stack_lvl+0x16c/0x1f0 [ 161.373601][ T6842] should_fail_ex+0x497/0x5b0 [ 161.375608][ T6842] _copy_from_user+0x30/0xf0 [ 161.377423][ T6842] cec_ioctl+0x6c4/0x2930 [ 161.379007][ T6842] ? __pfx_cec_ioctl+0x10/0x10 [ 161.380867][ T6842] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 161.383399][ T6842] ? do_vfs_ioctl+0x515/0x1ad0 [ 161.385464][ T6842] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 161.387581][ T6842] ? ioctl_has_perm.constprop.0.isra.0+0x2f0/0x470 [ 161.390368][ T6842] ? ioctl_has_perm.constprop.0.isra.0+0x2f9/0x470 [ 161.393335][ T6842] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 161.396349][ T6842] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 161.399095][ T6842] ? selinux_file_ioctl+0x180/0x270 [ 161.401486][ T6842] ? selinux_file_ioctl+0xb4/0x270 [ 161.403833][ T6842] ? bpf_lsm_file_ioctl+0x9/0x10 [ 161.406310][ T6842] ? __pfx_cec_ioctl+0x10/0x10 [ 161.408340][ T6842] __x64_sys_ioctl+0x193/0x220 [ 161.410463][ T6842] do_syscall_64+0xcd/0x250 [ 161.412606][ T6842] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.415532][ T6842] RIP: 0033:0x7f38e5f7cef9 [ 161.417505][ T6842] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 161.426431][ T6842] RSP: 002b:00007f38e6e3f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 161.430097][ T6842] RAX: ffffffffffffffda RBX: 00007f38e6136058 RCX: 00007f38e5f7cef9 [ 161.433672][ T6842] RDX: 0000000020000100 RSI: 0000000040046109 RDI: 0000000000000007 [ 161.437239][ T6842] RBP: 00007f38e6e3f090 R08: 0000000000000000 R09: 0000000000000000 [ 161.440667][ T6842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 161.443825][ T6842] R13: 0000000000000000 R14: 00007f38e6136058 R15: 00007ffd15b70728 [ 161.446819][ T6842] [ 161.579138][ T6844] FAULT_INJECTION: forcing a failure. [ 161.579138][ T6844] name failslab, interval 1, probability 0, space 0, times 0 [ 161.585990][ T6844] CPU: 3 UID: 0 PID: 6844 Comm: syz.0.426 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 161.590738][ T6844] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 161.595645][ T6844] Call Trace: [ 161.597302][ T6844] [ 161.598946][ T6844] dump_stack_lvl+0x16c/0x1f0 [ 161.601531][ T6844] should_fail_ex+0x497/0x5b0 [ 161.603991][ T6844] ? fs_reclaim_acquire+0xae/0x160 [ 161.606888][ T6844] should_failslab+0xc2/0x120 [ 161.609665][ T6844] __kmalloc_noprof+0xcb/0x400 [ 161.612402][ T6844] sock_kmalloc+0x111/0x170 [ 161.615213][ T6844] af_alg_sendmsg+0x14a4/0x2a70 [ 161.617885][ T6844] ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10 [ 161.620878][ T6844] ? __pfx_af_alg_sendmsg+0x10/0x10 [ 161.623491][ T6844] ? __might_fault+0xe3/0x190 [ 161.625911][ T6844] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 161.628751][ T6844] __sys_sendto+0x47f/0x4e0 [ 161.631081][ T6844] ? __pfx___sys_sendto+0x10/0x10 [ 161.633424][ T6844] ? reacquire_held_locks+0x20b/0x4c0 [ 161.636092][ T6844] ? do_user_addr_fault+0xdc7/0x13f0 [ 161.638685][ T6844] __x64_sys_sendto+0xe0/0x1c0 [ 161.641059][ T6844] ? do_syscall_64+0x91/0x250 [ 161.643714][ T6844] ? lockdep_hardirqs_on+0x7c/0x110 [ 161.646597][ T6844] do_syscall_64+0xcd/0x250 [ 161.649122][ T6844] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.651858][ T6844] RIP: 0033:0x7f9df477ed8c [ 161.653874][ T6844] Code: 2a 5a 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5a 02 00 48 8b [ 161.663512][ T6844] RSP: 002b:00007f9df54e2ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 161.667453][ T6844] RAX: ffffffffffffffda RBX: 00007f9df54e2fc0 RCX: 00007f9df477ed8c [ 161.671610][ T6844] RDX: 0000000000000020 RSI: 00007f9df54e3010 RDI: 0000000000000004 [ 161.675888][ T6844] RBP: 0000000000000000 R08: 00007f9df54e2f14 R09: 000000000000000c [ 161.679628][ T6844] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 161.683141][ T6844] R13: 00007f9df54e2f68 R14: 00007f9df54e3010 R15: 0000000000000000 [ 161.686971][ T6844] [ 161.698118][ T6846] trusted_key: syz.0.426 sent an empty control message without MSG_MORE. [ 161.843842][ T58] option 8-1:7.163: GSM modem (1-port) converter detected [ 161.874477][ T58] usb 8-1: USB disconnect, device number 2 [ 161.890917][ T58] option 8-1:7.163: device disconnected [ 162.081550][ T5362] Bluetooth: hci3: command tx timeout [ 162.141026][ T6857] netlink: 4 bytes leftover after parsing attributes in process `syz.3.429'. [ 162.272047][ T39] audit: type=1400 audit(1725715312.049:372): avc: denied { watch watch_reads } for pid=6856 comm="syz.3.429" path="pipe:[686]" dev="pipefs" ino=686 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 163.170153][ T6868] netlink: 203516 bytes leftover after parsing attributes in process `syz.0.430'. [ 163.191373][ T6868] netlink: get zone limit has 8 unknown bytes [ 163.559885][ T6878] 9pnet_virtio: no channels available for device syz [ 163.958464][ T6880] FAULT_INJECTION: forcing a failure. [ 163.958464][ T6880] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 163.967900][ T6880] CPU: 0 UID: 0 PID: 6880 Comm: syz.0.435 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 163.972385][ T6880] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 163.976931][ T6880] Call Trace: [ 163.978365][ T6880] [ 163.979727][ T6880] dump_stack_lvl+0x16c/0x1f0 [ 163.981839][ T6880] should_fail_ex+0x497/0x5b0 [ 163.983940][ T6880] _copy_to_user+0x30/0xc0 [ 163.985806][ T6880] simple_read_from_buffer+0xd0/0x160 [ 163.987950][ T6880] proc_fail_nth_read+0x19e/0x280 [ 163.990021][ T6880] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 163.992364][ T6880] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 163.994543][ T6880] vfs_read+0x1d4/0xbd0 [ 163.996189][ T6880] ? __fdget_pos+0xeb/0x180 [ 163.997971][ T6880] ? __pfx_vfs_read+0x10/0x10 [ 163.999944][ T6880] ? __pfx___mutex_lock+0x10/0x10 [ 164.001993][ T6880] ? __fget_files+0x256/0x400 [ 164.004149][ T6880] ksys_read+0x12f/0x260 [ 164.005887][ T6880] ? __pfx_ksys_read+0x10/0x10 [ 164.008080][ T6880] do_syscall_64+0xcd/0x250 [ 164.009954][ T6880] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 164.012569][ T6880] RIP: 0033:0x7f9df477b93c [ 164.014510][ T6880] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 164.022433][ T6880] RSP: 002b:00007f9df54e4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 164.025927][ T6880] RAX: ffffffffffffffda RBX: 00007f9df4935f80 RCX: 00007f9df477b93c [ 164.029072][ T6880] RDX: 000000000000000f RSI: 00007f9df54e40a0 RDI: 0000000000000005 [ 164.031988][ T6880] RBP: 00007f9df54e4090 R08: 0000000000000000 R09: 0000000000000000 [ 164.034937][ T6880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 164.037887][ T6880] R13: 0000000000000000 R14: 00007f9df4935f80 R15: 00007ffc09548fe8 [ 164.041048][ T6880] [ 164.219840][ T6887] overlay: Unknown parameter 'measure' [ 164.309331][ T6887] netlink: 7 bytes leftover after parsing attributes in process `syz.0.437'. [ 164.313881][ T6887] netlink: 156 bytes leftover after parsing attributes in process `syz.0.437'. [ 164.357746][ T6894] input: syz1 as /devices/virtual/input/input8 [ 164.408486][ T6894] FAULT_INJECTION: forcing a failure. [ 164.408486][ T6894] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 164.413917][ T6894] CPU: 0 UID: 0 PID: 6894 Comm: syz.3.439 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 164.418053][ T6894] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 164.424522][ T6894] Call Trace: [ 164.426062][ T6894] [ 164.427130][ T6894] dump_stack_lvl+0x16c/0x1f0 [ 164.432954][ T6894] should_fail_ex+0x497/0x5b0 [ 164.435049][ T6894] _copy_from_user+0x30/0xf0 [ 164.436934][ T6894] input_event_from_user+0x134/0x3b0 [ 164.438991][ T6894] ? __pfx_input_event_from_user+0x10/0x10 [ 164.441502][ T6894] ? __pfx___might_resched+0x10/0x10 [ 164.443878][ T6894] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 164.446470][ T6894] ? input_event+0x8e/0xa0 [ 164.448542][ T6894] uinput_write+0xbc2/0x12c0 [ 164.450671][ T6894] ? avc_policy_seqno+0x9/0x20 [ 164.452791][ T6894] ? __pfx_uinput_write+0x10/0x10 [ 164.454999][ T6894] ? bpf_lsm_file_permission+0x9/0x10 [ 164.457368][ T6894] ? security_file_permission+0x98/0xc0 [ 164.459768][ T6894] ? __pfx_uinput_write+0x10/0x10 [ 164.462007][ T6894] vfs_write+0x29a/0x1140 [ 164.463795][ T6894] ? __pfx_vfs_write+0x10/0x10 [ 164.465954][ T6894] ? __fget_files+0x256/0x400 [ 164.468215][ T6894] ? __fget_light+0x173/0x210 [ 164.470278][ T6894] ksys_write+0x1f8/0x260 [ 164.471937][ T6894] ? __pfx_ksys_write+0x10/0x10 [ 164.474136][ T6894] do_syscall_64+0xcd/0x250 [ 164.476408][ T6894] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 164.479019][ T6894] RIP: 0033:0x7f308cd7cef9 [ 164.481024][ T6894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 164.488948][ T6894] RSP: 002b:00007f308dc11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 164.492415][ T6894] RAX: ffffffffffffffda RBX: 00007f308cf35f80 RCX: 00007f308cd7cef9 [ 164.495761][ T6894] RDX: 00000000200005d8 RSI: 00000000200005c0 RDI: 0000000000000003 [ 164.499179][ T6894] RBP: 00007f308dc11090 R08: 0000000000000000 R09: 0000000000000000 [ 164.502630][ T6894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 164.506516][ T6894] R13: 0000000000000000 R14: 00007f308cf35f80 R15: 00007fff1c186f38 [ 164.510033][ T6894] [ 164.568678][ T6899] netlink: 12 bytes leftover after parsing attributes in process `syz.3.442'. [ 164.712747][ T6905] netlink: 60 bytes leftover after parsing attributes in process `syz.3.443'. [ 164.766406][ T6905] netlink: 'syz.3.443': attribute type 10 has an invalid length. [ 164.779985][ T6905] team0: Device hsr_slave_0 failed to register rx_handler [ 164.852008][ T830] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 164.861803][ T39] audit: type=1400 audit(1725715314.649:373): avc: denied { bind } for pid=6906 comm="syz.2.445" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 164.874460][ T39] audit: type=1400 audit(1725715314.649:374): avc: denied { write } for pid=6906 comm="syz.2.445" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 165.054404][ T830] usb 6-1: Using ep0 maxpacket: 8 [ 165.063132][ T830] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 165.066585][ T830] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 165.080138][ T830] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 165.096288][ T830] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 165.102303][ T830] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 165.108987][ T830] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 165.112776][ T830] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 165.355179][ T830] usb 6-1: GET_CAPABILITIES returned 0 [ 165.357886][ T830] usbtmc 6-1:16.0: can't read capabilities [ 165.560521][ T6900] usbtmc 6-1:16.0: send_request_dev_dep_msg_in returned -90 [ 165.585899][ T6918] netlink: 203516 bytes leftover after parsing attributes in process `syz.3.448'. [ 165.590743][ T6918] netlink: get zone limit has 8 unknown bytes [ 165.778013][ T6900] usbtmc 6-1:16.0: stb usb_control_msg returned -32 [ 165.782398][ T6923] usbtmc 6-1:16.0: send_request_dev_dep_msg_in returned -90 [ 165.799039][ T56] usb 6-1: USB disconnect, device number 3 [ 166.439421][ T6936] netlink: 12 bytes leftover after parsing attributes in process `syz.1.451'. [ 167.100114][ T39] audit: type=1400 audit(1725715316.859:375): avc: denied { unlink } for pid=6945 comm="syz.2.454" name="nullb0" dev="devtmpfs" ino=693 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 167.329520][ T6956] overlay: Unknown parameter 'measure' [ 167.456510][ T6956] netlink: 7 bytes leftover after parsing attributes in process `syz.3.455'. [ 167.465995][ T6956] netlink: 156 bytes leftover after parsing attributes in process `syz.3.455'. [ 167.834996][ T6963] netlink: 203516 bytes leftover after parsing attributes in process `syz.1.457'. [ 167.845181][ T6963] netlink: get zone limit has 8 unknown bytes [ 168.287169][ T39] audit: type=1400 audit(1725715318.079:376): avc: denied { create } for pid=6969 comm="syz.3.460" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 168.885778][ T6981] netlink: 12 bytes leftover after parsing attributes in process `syz.0.462'. [ 169.918183][ T6995] netlink: 203516 bytes leftover after parsing attributes in process `syz.3.467'. [ 169.925450][ T6995] netlink: get zone limit has 8 unknown bytes [ 170.153025][ T7006] overlay: Unknown parameter 'measure' [ 170.264572][ T7006] netlink: 7 bytes leftover after parsing attributes in process `syz.2.468'. [ 170.268696][ T7006] netlink: 156 bytes leftover after parsing attributes in process `syz.2.468'. [ 170.406534][ T7002] netlink: 8 bytes leftover after parsing attributes in process `syz.3.469'. [ 171.292734][ T7024] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 171.350859][ T39] audit: type=1400 audit(1725715321.139:377): avc: denied { getopt } for pid=7022 comm="syz.2.474" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 171.365192][ T7026] input: syz0 as /devices/virtual/input/input9 [ 171.722978][ T7030] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.476'. [ 172.002226][ T5394] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 172.169505][ T39] audit: type=1400 audit(1725715321.959:378): avc: denied { getopt } for pid=7037 comm="syz.2.478" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 172.200765][ T7040] bond0: entered promiscuous mode [ 172.212009][ T7040] bond_slave_0: entered promiscuous mode [ 172.214687][ T7040] bond_slave_1: entered promiscuous mode [ 172.217684][ T5394] usb 5-1: Using ep0 maxpacket: 8 [ 172.227445][ T5394] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 172.230961][ T5394] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 172.236110][ T5394] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 172.240447][ T5394] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 172.246520][ T5394] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 172.253870][ T5394] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 172.268200][ T5394] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 172.486681][ T5394] usb 5-1: GET_CAPABILITIES returned 0 [ 172.489455][ T5394] usbtmc 5-1:16.0: can't read capabilities [ 172.750673][ T7051] FAULT_INJECTION: forcing a failure. [ 172.750673][ T7051] name failslab, interval 1, probability 0, space 0, times 0 [ 172.756086][ T7051] CPU: 0 UID: 0 PID: 7051 Comm: syz.0.475 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 172.761914][ T7051] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 172.767008][ T7051] Call Trace: [ 172.768466][ T7051] [ 172.769699][ T7051] dump_stack_lvl+0x16c/0x1f0 [ 172.771725][ T7051] should_fail_ex+0x497/0x5b0 [ 172.773966][ T7051] ? fs_reclaim_acquire+0xae/0x160 [ 172.776858][ T7051] should_failslab+0xc2/0x120 [ 172.778892][ T7051] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 172.781896][ T7051] ? alloc_empty_file+0x73/0x1e0 [ 172.784011][ T7051] ? __lock_acquire+0xbdd/0x3cb0 [ 172.786133][ T7051] alloc_empty_file+0x73/0x1e0 [ 172.788298][ T7051] path_openat+0xe0/0x2d20 [ 172.790308][ T7051] ? hlock_class+0x4e/0x130 [ 172.792257][ T7051] ? __lock_acquire+0x1620/0x3cb0 [ 172.794179][ T7051] ? __pfx_path_openat+0x10/0x10 [ 172.812380][ T7051] ? __pfx___lock_acquire+0x10/0x10 [ 172.818605][ T7051] ? find_held_lock+0x2d/0x110 [ 172.820656][ T7051] do_filp_open+0x1dc/0x430 [ 172.822494][ T7051] ? __pfx_do_filp_open+0x10/0x10 [ 172.824513][ T7051] ? find_held_lock+0x2d/0x110 [ 172.826435][ T7051] ? _raw_spin_unlock+0x28/0x50 [ 172.828379][ T7051] ? alloc_fd+0x2d7/0x6c0 [ 172.830089][ T7051] do_sys_openat2+0x17a/0x1e0 [ 172.831990][ T7051] ? __pfx_do_sys_openat2+0x10/0x10 [ 172.834348][ T7051] __x64_sys_openat+0x175/0x210 [ 172.836487][ T7051] ? __pfx___x64_sys_openat+0x10/0x10 [ 172.838790][ T7051] ? ksys_write+0x1ab/0x260 [ 172.840807][ T7051] do_syscall_64+0xcd/0x250 [ 172.842805][ T7051] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 172.845219][ T7051] RIP: 0033:0x7f9df477b890 [ 172.847086][ T7051] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 19 8f 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 6c 8f 02 00 8b 44 [ 172.855523][ T7051] RSP: 002b:00007f9df54c2b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 172.859044][ T7051] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f9df477b890 [ 172.862040][ T7051] RDX: 0000000000000002 RSI: 00007f9df54c2c10 RDI: 00000000ffffff9c [ 172.865692][ T7051] RBP: 00007f9df54c2c10 R08: 0000000000000000 R09: 00007f9df54c2987 [ 172.869273][ T7051] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 172.872763][ T7051] R13: 0000000000000001 R14: 00007f9df4936058 R15: 00007ffc09548fe8 [ 172.876290][ T7051] [ 172.945192][ T7031] usbtmc 5-1:16.0: stb usb_control_msg returned -32 [ 172.948301][ T7051] usbtmc 5-1:16.0: send_request_dev_dep_msg_in returned -90 [ 172.954668][ T1421] usb 5-1: USB disconnect, device number 3 [ 172.978401][ T7055] netlink: 12 bytes leftover after parsing attributes in process `syz.1.482'. [ 173.583075][ T39] audit: type=1400 audit(1725715323.379:379): avc: denied { setopt } for pid=7057 comm="syz.1.483" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 173.743595][ T7060] netlink: 8 bytes leftover after parsing attributes in process `syz.0.484'. [ 173.801104][ T39] audit: type=1400 audit(1725715323.589:380): avc: denied { setopt } for pid=7067 comm="syz.3.486" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 173.809878][ T39] audit: type=1400 audit(1725715323.599:381): avc: denied { write } for pid=7067 comm="syz.3.486" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 173.818584][ T39] audit: type=1400 audit(1725715323.599:382): avc: denied { read } for pid=7067 comm="syz.3.486" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 174.296682][ T7075] overlay: Unknown parameter 'measure' [ 174.438678][ T7078] overlay: Unknown parameter 'measure' [ 174.467173][ T7075] netlink: 7 bytes leftover after parsing attributes in process `syz.1.488'. [ 174.471075][ T7075] netlink: 156 bytes leftover after parsing attributes in process `syz.1.488'. [ 174.484848][ T7078] netlink: 7 bytes leftover after parsing attributes in process `syz.0.489'. [ 174.488473][ T7078] netlink: 156 bytes leftover after parsing attributes in process `syz.0.489'. [ 175.393190][ T7082] openvswitch: netlink: Unknown nsh attribute 0 [ 175.415447][ T7086] 9pnet_virtio: no channels available for device syz [ 175.540933][ T39] audit: type=1400 audit(1725715325.329:383): avc: denied { append } for pid=7083 comm="syz.1.492" name="file0" dev="9p" ino=36575590 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 175.551325][ T39] audit: type=1400 audit(1725715325.329:384): avc: denied { open } for pid=7083 comm="syz.1.492" path="/115/file0/file0" dev="9p" ino=36575590 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 175.842453][ T7094] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 176.220750][ T7093] input: syz0 as /devices/virtual/input/input10 [ 176.591255][ T7098] netlink: 8 bytes leftover after parsing attributes in process `syz.2.497'. [ 176.919010][ T39] audit: type=1400 audit(1725715326.709:385): avc: denied { ioctl } for pid=7118 comm="syz.1.503" path="/dev/rtc0" dev="devtmpfs" ino=867 ioctlcmd=0x7014 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 176.936227][ T39] audit: type=1400 audit(1725715326.729:386): avc: denied { watch_mount } for pid=7118 comm="syz.1.503" path="/119" dev="tmpfs" ino=671 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 177.379252][ T7126] 9pnet_virtio: no channels available for device syz [ 177.553533][ T7128] netlink: 'syz.0.506': attribute type 1 has an invalid length. [ 177.556828][ T7128] netlink: 112860 bytes leftover after parsing attributes in process `syz.0.506'. [ 177.560808][ T7128] netlink: 5 bytes leftover after parsing attributes in process `syz.0.506'. [ 177.626015][ T7131] openvswitch: netlink: Unknown nsh attribute 0 [ 177.996117][ T39] audit: type=1400 audit(1725715327.789:387): avc: denied { execute_no_trans } for pid=7135 comm="syz.2.509" path="/136/file1" dev="tmpfs" ino=754 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 178.112831][ T39] audit: type=1400 audit(1725715327.909:388): avc: denied { append } for pid=7139 comm="syz.0.510" name="001" dev="devtmpfs" ino=750 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 179.046298][ T7158] overlay: Unknown parameter 'measure' [ 179.050664][ T39] audit: type=1400 audit(1725715328.839:389): avc: denied { search } for pid=4815 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 179.073632][ T7158] fuse: Unknown parameter '€„' [ 179.089466][ T7158] netlink: 7 bytes leftover after parsing attributes in process `syz.0.515'. [ 179.093920][ T7158] netlink: 156 bytes leftover after parsing attributes in process `syz.0.515'. [ 179.648293][ T7164] openvswitch: netlink: Unknown nsh attribute 0 [ 179.737623][ T7167] FAULT_INJECTION: forcing a failure. [ 179.737623][ T7167] name failslab, interval 1, probability 0, space 0, times 0 [ 179.744294][ T7167] CPU: 2 UID: 0 PID: 7167 Comm: syz.0.519 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 179.748672][ T7167] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 179.753522][ T7167] Call Trace: [ 179.754848][ T7167] [ 179.756186][ T7167] dump_stack_lvl+0x16c/0x1f0 [ 179.758055][ T7167] should_fail_ex+0x497/0x5b0 [ 179.759660][ T7167] ? fs_reclaim_acquire+0xae/0x160 [ 179.761675][ T7167] should_failslab+0xc2/0x120 [ 179.763663][ T7167] __kmalloc_noprof+0xcb/0x400 [ 179.765880][ T7167] ? _raw_spin_unlock_irq+0x23/0x50 [ 179.768189][ T7167] usb_hcd_submit_urb+0x6b6/0x2090 [ 179.770963][ T7167] ? __slab_free+0x200/0x4d0 [ 179.773467][ T7167] ? usb_alloc_urb+0x69/0xa0 [ 179.775681][ T7167] ? __pfx_usb_hcd_submit_urb+0x10/0x10 [ 179.778102][ T7167] ? hub_resume+0xaa/0x3f0 [ 179.779931][ T7167] ? usb_resume_interface.constprop.0.isra.0+0x2c8/0x3e0 [ 179.782560][ T7167] ? usb_resume_both+0x274/0x800 [ 179.785121][ T7167] ? __rpm_callback+0xc5/0x4c0 [ 179.787256][ T7167] ? rpm_callback+0x192/0x1d0 [ 179.789264][ T7167] ? rpm_resume+0xd2c/0x1330 [ 179.791422][ T7167] ? __pm_runtime_resume+0xb6/0x170 [ 179.793791][ T7167] ? usb_autoresume_device+0x23/0xe0 [ 179.796146][ T7167] ? usbdev_ioctl+0x2b82/0x4010 [ 179.798321][ T7167] ? __x64_sys_ioctl+0x193/0x220 [ 179.800493][ T7167] ? do_syscall_64+0xcd/0x250 [ 179.802456][ T7167] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 179.804918][ T7167] usb_submit_urb+0x87c/0x1730 [ 179.807071][ T7167] ? __init_swait_queue_head+0xca/0x150 [ 179.810180][ T7167] usb_start_wait_urb+0x103/0x4c0 [ 179.812573][ T7167] ? __pfx_usb_start_wait_urb+0x10/0x10 [ 179.814768][ T7167] ? __asan_memset+0x23/0x50 [ 179.816562][ T7167] usb_control_msg+0x327/0x4b0 [ 179.818599][ T7167] ? __pfx_usb_control_msg+0x10/0x10 [ 179.821178][ T7167] ? select_task_rq_fair+0x4b9/0x44b0 [ 179.823464][ T7167] hub_ext_port_status+0x14e/0x670 [ 179.825396][ T7167] hub_activate+0x6e6/0x1be0 [ 179.827258][ T7167] ? __pfx_hub_activate+0x10/0x10 [ 179.829428][ T7167] ? find_held_lock+0x2d/0x110 [ 179.831518][ T7167] hub_resume+0xaa/0x3f0 [ 179.833347][ T7167] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 179.835907][ T7167] ? __pfx_hub_resume+0x10/0x10 [ 179.837982][ T7167] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 179.840421][ T7167] ? lockdep_hardirqs_on+0x7c/0x110 [ 179.842620][ T7167] usb_resume_interface.constprop.0.isra.0+0x2c8/0x3e0 [ 179.845690][ T7167] usb_resume_both+0x274/0x800 [ 179.848147][ T7167] ? __pfx_usb_resume_both+0x10/0x10 [ 179.850487][ T7167] ? __pfx_usb_runtime_resume+0x10/0x10 [ 179.852903][ T7167] __rpm_callback+0xc5/0x4c0 [ 179.854848][ T7167] ? __pfx_usb_runtime_resume+0x10/0x10 [ 179.857233][ T7167] rpm_callback+0x192/0x1d0 [ 179.859162][ T7167] ? __pfx_usb_runtime_resume+0x10/0x10 [ 179.861563][ T7167] rpm_resume+0xd2c/0x1330 [ 179.863389][ T7167] ? __pfx_rpm_resume+0x10/0x10 [ 179.865437][ T7167] ? do_raw_spin_lock+0x12d/0x2c0 [ 179.867446][ T7167] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 179.869908][ T7167] ? __pfx___mutex_lock+0x10/0x10 [ 179.871942][ T7167] __pm_runtime_resume+0xb6/0x170 [ 179.874951][ T7167] usb_autoresume_device+0x23/0xe0 [ 179.877638][ T7167] usbdev_ioctl+0x2b82/0x4010 [ 179.879837][ T7167] ? __pfx_usbdev_ioctl+0x10/0x10 [ 179.882047][ T7167] ? do_vfs_ioctl+0x515/0x1ad0 [ 179.884394][ T7167] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 179.886750][ T7167] ? ioctl_has_perm.constprop.0.isra.0+0x2f0/0x470 [ 179.889489][ T7167] ? ioctl_has_perm.constprop.0.isra.0+0x2f9/0x470 [ 179.892141][ T7167] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 179.895421][ T7167] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 179.897854][ T7167] ? selinux_file_ioctl+0x180/0x270 [ 179.900139][ T7167] ? selinux_file_ioctl+0xb4/0x270 [ 179.902554][ T7167] ? bpf_lsm_file_ioctl+0x9/0x10 [ 179.904649][ T7167] ? __pfx_usbdev_ioctl+0x10/0x10 [ 179.906577][ T7167] __x64_sys_ioctl+0x193/0x220 [ 179.908703][ T7167] do_syscall_64+0xcd/0x250 [ 179.910794][ T7167] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 179.913800][ T7167] RIP: 0033:0x7f9df477cef9 [ 179.916120][ T7167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 179.925004][ T7167] RSP: 002b:00007f9df54c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 179.928590][ T7167] RAX: ffffffffffffffda RBX: 00007f9df4936058 RCX: 00007f9df477cef9 [ 179.932292][ T7167] RDX: 0000000000000000 RSI: 0000000000005521 RDI: 0000000000000003 [ 179.935415][ T7167] RBP: 00007f9df54c3090 R08: 0000000000000000 R09: 0000000000000000 [ 179.938745][ T7167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 179.942119][ T7167] R13: 0000000000000001 R14: 00007f9df4936058 R15: 00007ffc09548fe8 [ 179.947160][ T7167] [ 179.964076][ T7167] hub 8-0:1.0: hub_ext_port_status failed (err = -12) [ 180.144072][ T7173] netlink: 28 bytes leftover after parsing attributes in process `syz.0.521'. [ 180.258058][ T39] audit: type=1400 audit(1725715330.049:390): avc: denied { map } for pid=7175 comm="syz.3.522" path="socket:[15450]" dev="sockfs" ino=15450 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 180.266988][ T7176] Bluetooth: MGMT ver 1.23 [ 180.290694][ T39] audit: type=1400 audit(1725715330.049:391): avc: denied { read } for pid=7175 comm="syz.3.522" path="socket:[15450]" dev="sockfs" ino=15450 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 180.336248][ T39] audit: type=1400 audit(1725715330.059:392): avc: denied { write } for pid=7175 comm="syz.3.522" path="socket:[15457]" dev="sockfs" ino=15457 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 181.594410][ T5361] Bluetooth: hci2: command 0x0406 tx timeout [ 181.602654][ T5361] Bluetooth: hci3: command 0x0406 tx timeout [ 181.602792][ T5359] Bluetooth: hci0: command 0x0406 tx timeout [ 183.112112][ T6563] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 183.340010][ T6563] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 183.358567][ T6563] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 183.373174][ T6563] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 183.388981][ T6563] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 183.422130][ T7209] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 183.440501][ T6563] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 183.673786][ T7209] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 183.690386][ T7209] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 183.741739][ T39] audit: type=1400 audit(1725715333.529:393): avc: denied { connect } for pid=7226 comm="syz.3.538" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 184.227264][ T39] audit: type=1400 audit(1725715334.019:394): avc: denied { setattr } for pid=7206 comm="syz.2.532" name="gid_map" dev="proc" ino=15525 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1 [ 184.761422][ T7239] mkiss: ax0: crc mode is auto. [ 184.875211][ T7240] netlink: 211388 bytes leftover after parsing attributes in process `syz.1.540'. [ 186.974197][ T25] usb 7-1: USB disconnect, device number 3 [ 187.452717][ T25] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 187.628768][ T25] usb 7-1: device descriptor read/64, error -71 [ 187.902372][ T25] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 188.051999][ T25] usb 7-1: device descriptor read/64, error -71 [ 188.172503][ T25] usb usb7-port1: attempt power cycle [ 188.481544][ T39] audit: type=1400 audit(1725715338.269:395): avc: denied { map } for pid=7262 comm="syz.0.545" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 188.583230][ T25] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 188.615508][ T25] usb 7-1: device descriptor read/8, error -71 [ 188.689787][ T39] audit: type=1400 audit(1725715338.479:396): avc: denied { bind } for pid=7270 comm="syz.0.547" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 188.697997][ T39] audit: type=1400 audit(1725715338.489:397): avc: denied { getopt } for pid=7270 comm="syz.0.547" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 188.759458][ T39] audit: type=1400 audit(1725715338.549:398): avc: denied { mount } for pid=7270 comm="syz.0.547" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 188.883330][ T25] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 188.912863][ T25] usb 7-1: device descriptor read/8, error -71 [ 189.032593][ T25] usb usb7-port1: unable to enumerate USB device [ 190.138735][ T7276] tipc: Started in network mode [ 190.141008][ T7276] tipc: Node identity 7f000001, cluster identity 4711 [ 190.144985][ T7276] tipc: Enabling of bearer rejected, failed to enable media [ 190.149561][ T7276] netlink: 16 bytes leftover after parsing attributes in process `syz.0.557'. [ 190.255728][ T7280] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.550'. [ 190.418531][ T7283] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 190.435631][ T7283] netlink: 'syz.3.551': attribute type 4 has an invalid length. [ 191.125072][ T7291] openvswitch: netlink: Unknown nsh attribute 0 [ 191.973085][ T39] audit: type=1400 audit(1725715341.759:399): avc: denied { ioctl } for pid=7304 comm="syz.1.558" path="socket:[13202]" dev="sockfs" ino=13202 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 192.202714][ T7316] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.562'. [ 192.210493][ T7315] tipc: Enabling of bearer rejected, failed to enable media [ 192.222608][ T7315] FAULT_INJECTION: forcing a failure. [ 192.222608][ T7315] name failslab, interval 1, probability 0, space 0, times 0 [ 192.242097][ T7315] CPU: 2 UID: 0 PID: 7315 Comm: syz.0.563 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 192.248696][ T7315] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 192.253190][ T7315] Call Trace: [ 192.254562][ T7315] [ 192.255803][ T7315] dump_stack_lvl+0x16c/0x1f0 [ 192.268063][ T7315] should_fail_ex+0x497/0x5b0 [ 192.270856][ T7315] should_failslab+0xc2/0x120 [ 192.273224][ T7315] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 192.275766][ T7315] ? skb_clone+0x190/0x3f0 [ 192.277902][ T7315] skb_clone+0x190/0x3f0 [ 192.280687][ T7315] netlink_deliver_tap+0xab3/0xd90 [ 192.283965][ T7315] netlink_unicast+0x5e1/0x7f0 [ 192.286608][ T7315] ? __pfx_netlink_unicast+0x10/0x10 [ 192.289758][ T7315] netlink_sendmsg+0x8b8/0xd70 [ 192.292078][ T7315] ? __pfx_netlink_sendmsg+0x10/0x10 [ 192.294608][ T7315] ? __import_iovec+0x1fd/0x6e0 [ 192.296890][ T7315] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 192.299398][ T7315] ____sys_sendmsg+0xab5/0xc90 [ 192.302020][ T7315] ? copy_msghdr_from_user+0x10b/0x160 [ 192.304617][ T7315] ? __pfx_____sys_sendmsg+0x10/0x10 [ 192.307127][ T7315] ? find_held_lock+0x2d/0x110 [ 192.309279][ T7315] ? __pfx___lock_acquire+0x10/0x10 [ 192.311657][ T7315] ___sys_sendmsg+0x135/0x1e0 [ 192.313859][ T7315] ? __pfx____sys_sendmsg+0x10/0x10 [ 192.316657][ T7315] ? ksys_write+0x21c/0x260 [ 192.318955][ T7315] ? __fget_light+0x173/0x210 [ 192.321349][ T7315] __sys_sendmsg+0x117/0x1f0 [ 192.323866][ T7315] ? __pfx___sys_sendmsg+0x10/0x10 [ 192.326701][ T7315] ? __pfx___seccomp_filter+0x10/0x10 [ 192.329564][ T7315] ? __secure_computing+0x273/0x3f0 [ 192.332298][ T7315] do_syscall_64+0xcd/0x250 [ 192.334709][ T7315] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 192.338314][ T7315] RIP: 0033:0x7f9df477cef9 [ 192.340426][ T7315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 192.348791][ T7315] RSP: 002b:00007f9df54e4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 192.352683][ T7315] RAX: ffffffffffffffda RBX: 00007f9df4935f80 RCX: 00007f9df477cef9 [ 192.356201][ T7315] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000005 [ 192.359648][ T7315] RBP: 00007f9df54e4090 R08: 0000000000000000 R09: 0000000000000000 [ 192.363096][ T7315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 192.367075][ T7315] R13: 0000000000000000 R14: 00007f9df4935f80 R15: 00007ffc09548fe8 [ 192.370880][ T7315] [ 192.608639][ T39] audit: type=1400 audit(1725715342.389:400): avc: denied { append } for pid=7308 comm="syz.2.560" name="nvram" dev="devtmpfs" ino=633 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 192.725503][ T39] audit: type=1400 audit(1725715342.519:401): avc: denied { append } for pid=7325 comm="syz.0.567" name="nvme-fabrics" dev="devtmpfs" ino=700 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 193.012600][ T7331] openvswitch: netlink: Unknown nsh attribute 0 [ 193.306470][ T39] audit: type=1400 audit(1725715343.099:402): avc: denied { getopt } for pid=7333 comm="syz.2.569" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 193.356494][ T39] audit: type=1400 audit(1725715343.149:403): avc: denied { read } for pid=7333 comm="syz.2.569" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 193.369912][ T39] audit: type=1400 audit(1725715343.149:404): avc: denied { open } for pid=7333 comm="syz.2.569" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 193.558477][ T39] audit: type=1400 audit(1725715343.349:405): avc: denied { map } for pid=7340 comm="syz.0.570" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=744 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 193.568670][ T39] audit: type=1400 audit(1725715343.349:406): avc: denied { execute } for pid=7340 comm="syz.0.570" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=744 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 194.015969][ T39] audit: type=1400 audit(1725715343.809:407): avc: denied { mounton } for pid=7344 comm="syz.1.571" path="/136/file0/file0" dev="9p" ino=36575590 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 195.652784][ T7377] openvswitch: netlink: Unknown nsh attribute 0 [ 196.713403][ T39] audit: type=1400 audit(1725715346.509:408): avc: denied { ioctl } for pid=7396 comm="syz.2.586" path="socket:[12121]" dev="sockfs" ino=12121 ioctlcmd=0x8982 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 196.746395][ T7407] overlay: Unknown parameter 'measure' [ 196.767238][ T7407] fuse: Bad value for 'fd' [ 196.779673][ T7407] netlink: 7 bytes leftover after parsing attributes in process `syz.0.589'. [ 196.785172][ T7407] netlink: 156 bytes leftover after parsing attributes in process `syz.0.589'. [ 196.904737][ T5392] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 197.102061][ T5392] usb 8-1: Using ep0 maxpacket: 32 [ 197.106835][ T5392] usb 8-1: config index 0 descriptor too short (expected 156, got 27) [ 197.110090][ T5392] usb 8-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 197.126675][ T5392] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 197.131061][ T5392] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 197.150343][ T5392] usb 8-1: config 0 interface 0 has no altsetting 0 [ 197.156082][ T5392] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 197.160191][ T5392] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 197.163870][ T5392] usb 8-1: Product: syz [ 197.165644][ T5392] usb 8-1: Manufacturer: syz [ 197.167695][ T5392] usb 8-1: SerialNumber: syz [ 197.174521][ T5392] usb 8-1: config 0 descriptor?? [ 197.178940][ T5392] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 197.195417][ T5392] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 197.660236][ T5392] usb 8-1: USB disconnect, device number 3 [ 197.671602][ T5392] ldusb 8-1:0.0: LD USB Device #0 now disconnected [ 197.918364][ T7424] befs: Unrecognized mount option "ß²*—å9ÃNœvš}¯¸|YÞµžð^’Œ" or missing value [ 197.922947][ T7424] befs: (nbd1): cannot parse mount options [ 198.260722][ T7431] openvswitch: netlink: Unknown nsh attribute 0 [ 198.415050][ T7428] befs: Unrecognized mount option "ß" or missing value [ 198.417960][ T7428] befs: (nbd1): cannot parse mount options [ 198.783832][ T7443] overlay: Unknown parameter 'measure' [ 198.787901][ T7443] fuse: Bad value for 'fd' [ 198.792902][ T7443] netlink: 7 bytes leftover after parsing attributes in process `syz.1.599'. [ 198.796341][ T7443] netlink: 156 bytes leftover after parsing attributes in process `syz.1.599'. [ 199.380758][ T39] audit: type=1400 audit(1725715349.169:409): avc: denied { read write } for pid=7448 comm="syz.1.603" name="uhid" dev="devtmpfs" ino=1113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 199.392715][ T39] audit: type=1400 audit(1725715349.169:410): avc: denied { open } for pid=7448 comm="syz.1.603" path="/dev/uhid" dev="devtmpfs" ino=1113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 200.013305][ T1380] ieee802154 phy0 wpan0: encryption failed: -22 [ 200.016435][ T1380] ieee802154 phy1 wpan1: encryption failed: -22 [ 200.091685][ T39] audit: type=1400 audit(1725715349.879:411): avc: denied { write } for pid=7458 comm="syz.0.606" name="sg0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 200.109630][ T39] audit: type=1400 audit(1725715349.879:412): avc: denied { open } for pid=7458 comm="syz.0.606" path="/dev/sg0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 200.609638][ T7467] overlay: Unknown parameter 'measure' [ 200.631506][ T7467] fuse: Bad value for 'fd' [ 200.721620][ T7467] netlink: 7 bytes leftover after parsing attributes in process `syz.2.609'. [ 200.742070][ T7467] netlink: 156 bytes leftover after parsing attributes in process `syz.2.609'. [ 201.370584][ T7478] openvswitch: netlink: Unknown nsh attribute 0 [ 201.723534][ T5362] Bluetooth: hci3: unexpected event for opcode 0x0c03 [ 202.182915][ T39] audit: type=1400 audit(1725715351.969:413): avc: denied { read } for pid=7488 comm="syz.0.616" name="usbmon8" dev="devtmpfs" ino=748 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 202.263759][ T39] audit: type=1400 audit(1725715351.969:414): avc: denied { open } for pid=7488 comm="syz.0.616" path="/dev/usbmon8" dev="devtmpfs" ino=748 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 202.274759][ T7489] Driver unsupported XDP return value 0 on prog (id 175) dev N/A, expect packet loss! [ 202.302239][ T7491] vivid-000: ================= START STATUS ================= [ 202.305674][ T7491] vivid-000: Test Pattern: 75% Colorbar [ 202.308156][ T7491] vivid-000: Fill Percentage of Frame: 100 [ 202.310581][ T7491] vivid-000: Horizontal Movement: No Movement [ 202.313936][ T7491] vivid-000: Vertical Movement: No Movement [ 202.316437][ T7491] vivid-000: OSD Text Mode: All [ 202.318476][ T7491] vivid-000: Show Border: false [ 202.320585][ T7491] vivid-000: Show Square: false [ 202.323506][ T7491] vivid-000: Sensor Flipped Horizontally: false [ 202.326189][ T7491] vivid-000: Sensor Flipped Vertically: false [ 202.328799][ T7491] vivid-000: Insert SAV Code in Image: false [ 202.331374][ T7491] vivid-000: Insert EAV Code in Image: false [ 202.334542][ T7491] vivid-000: Insert Video Guard Band: false [ 202.337151][ T7491] vivid-000: Reduced Framerate: false [ 202.339437][ T7491] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator [ 202.343587][ T7491] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator [ 202.346973][ T7491] vivid-000: Enable Capture Cropping: true [ 202.349632][ T7491] vivid-000: Enable Capture Composing: true [ 202.358016][ T7491] vivid-000: Enable Capture Scaler: true [ 202.360554][ T7491] vivid-000: Timestamp Source: End of Frame [ 202.363701][ T7491] vivid-000: Colorspace: sRGB [ 202.365909][ T7491] vivid-000: Transfer Function: Default [ 202.368386][ T7491] vivid-000: Y'CbCr Encoding: Default [ 202.370797][ T7491] vivid-000: HSV Encoding: Hue 0-179 [ 202.374174][ T7491] vivid-000: Quantization: Default [ 202.376642][ T7491] vivid-000: Apply Alpha To Red Only: false [ 202.379308][ T7491] vivid-000: Standard Aspect Ratio: 4x3 [ 202.381612][ T7491] vivid-000: DV Timings Signal Mode: Current DV Timings inactive [ 202.385217][ T7491] vivid-000: DV Timings: 640x480p59 inactive [ 202.387484][ T7491] vivid-000: DV Timings Aspect Ratio: Source Width x Height [ 202.390287][ T7491] vivid-000: Maximum EDID Blocks: 2 [ 202.393093][ T7491] vivid-000: Limited RGB Range (16-235): false [ 202.395756][ T7491] vivid-000: Rx RGB Quantization Range: Automatic [ 202.398436][ T7491] vivid-000: Power Present: 0x00000001 [ 202.400759][ T7491] tpg source WxH: 320x180 (R'G'B) [ 202.403817][ T7491] tpg field: 1 [ 202.405409][ T7491] tpg crop: 320x180@0x0 [ 202.407134][ T7491] tpg compose: 320x180@0x0 [ 202.408876][ T7491] tpg colorspace: 8 [ 202.410514][ T7491] tpg transfer function: 0/0 [ 202.413382][ T7491] tpg quantization: 0/0 [ 202.415313][ T7491] tpg RGB range: 0/2 [ 202.416983][ T7491] vivid-000: ================== END STATUS ================== [ 202.480068][ T7493] vivid-000: ================= START STATUS ================= [ 202.484582][ T7493] vivid-000: Test Pattern: 75% Colorbar [ 202.487224][ T7493] vivid-000: Fill Percentage of Frame: 100 [ 202.489713][ T7493] vivid-000: Horizontal Movement: No Movement [ 202.494106][ T7493] vivid-000: Vertical Movement: No Movement [ 202.496792][ T7493] vivid-000: OSD Text Mode: All [ 202.498717][ T7493] vivid-000: Show Border: false [ 202.500851][ T7493] vivid-000: Show Square: false [ 202.503230][ T7493] vivid-000: Sensor Flipped Horizontally: false [ 202.505809][ T7493] vivid-000: Sensor Flipped Vertically: false [ 202.508395][ T7493] vivid-000: Insert SAV Code in Image: false [ 202.511680][ T7493] vivid-000: Insert EAV Code in Image: false [ 202.514454][ T7493] vivid-000: Insert Video Guard Band: false [ 202.516742][ T7493] vivid-000: Reduced Framerate: false [ 202.518812][ T7493] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator [ 202.522867][ T7493] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator [ 202.526287][ T7493] vivid-000: Enable Capture Cropping: true [ 202.528871][ T7493] vivid-000: Enable Capture Composing: true [ 202.531460][ T7493] vivid-000: Enable Capture Scaler: true [ 202.535112][ T7493] vivid-000: Timestamp Source: End of Frame [ 202.538029][ T7493] vivid-000: Colorspace: sRGB [ 202.540255][ T7493] vivid-000: Transfer Function: Default [ 202.543290][ T7493] vivid-000: Y'CbCr Encoding: Default [ 202.545808][ T7493] vivid-000: HSV Encoding: Hue 0-179 [ 202.548156][ T7493] vivid-000: Quantization: Default [ 202.550385][ T7493] vivid-000: Apply Alpha To Red Only: false [ 202.555679][ T7493] vivid-000: Standard Aspect Ratio: 4x3 [ 202.558268][ T7493] vivid-000: DV Timings Signal Mode: Current DV Timings inactive [ 202.561475][ T7493] vivid-000: DV Timings: 640x480p59 inactive [ 202.564899][ T7493] vivid-000: DV Timings Aspect Ratio: Source Width x Height [ 202.568889][ T7493] vivid-000: Maximum EDID Blocks: 2 [ 202.571736][ T7493] vivid-000: Limited RGB Range (16-235): false [ 202.575006][ T7493] vivid-000: Rx RGB Quantization Range: Automatic [ 202.578582][ T7493] vivid-000: Power Present: 0x00000001 [ 202.581589][ T7493] tpg source WxH: 320x180 (R'G'B) [ 202.585002][ T7493] tpg field: 1 [ 202.586687][ T7493] tpg crop: 320x180@0x0 [ 202.588817][ T7493] tpg compose: 320x180@0x0 [ 202.590889][ T7493] tpg colorspace: 8 [ 202.598900][ T7493] tpg transfer function: 0/0 [ 202.600948][ T7493] tpg quantization: 0/0 [ 202.603216][ T7493] tpg RGB range: 0/2 [ 202.604876][ T7493] vivid-000: ================== END STATUS ================== [ 202.856786][ T39] audit: type=1400 audit(1725715352.649:415): avc: denied { create } for pid=7496 comm="syz.0.619" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 202.905772][ T7504] FAULT_INJECTION: forcing a failure. [ 202.905772][ T7504] name failslab, interval 1, probability 0, space 0, times 0 [ 202.911796][ T7504] CPU: 3 UID: 0 PID: 7504 Comm: syz.2.621 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 202.916171][ T7504] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 202.920575][ T7504] Call Trace: [ 202.922048][ T7504] [ 202.923434][ T7504] dump_stack_lvl+0x16c/0x1f0 [ 202.925338][ T7504] should_fail_ex+0x497/0x5b0 [ 202.927297][ T7504] ? fs_reclaim_acquire+0xae/0x160 [ 202.929475][ T7504] should_failslab+0xc2/0x120 [ 202.931427][ T7504] __kmalloc_noprof+0xcb/0x400 [ 202.932892][ T7504] ? d_absolute_path+0x137/0x1b0 [ 202.934739][ T7504] tomoyo_encode2+0x100/0x3e0 [ 202.936547][ T7504] tomoyo_encode+0x29/0x50 [ 202.938137][ T7504] tomoyo_realpath_from_path+0x19d/0x720 [ 202.940176][ T7504] tomoyo_path_number_perm+0x245/0x590 [ 202.942439][ T7504] ? tomoyo_path_number_perm+0x232/0x590 [ 202.944574][ T7504] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 202.947086][ T7504] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 202.949308][ T7504] ? __fget_files+0x256/0x400 [ 202.950954][ T7504] security_file_ioctl+0x75/0xc0 [ 202.953303][ T7504] __x64_sys_ioctl+0xbb/0x220 [ 202.961367][ T7504] do_syscall_64+0xcd/0x250 [ 202.963511][ T7504] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 202.966154][ T7504] RIP: 0033:0x7faf1db7cef9 [ 202.968042][ T7504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 202.976974][ T7504] RSP: 002b:00007faf1ea44038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 202.980441][ T7504] RAX: ffffffffffffffda RBX: 00007faf1dd35f80 RCX: 00007faf1db7cef9 [ 202.984129][ T7504] RDX: 0000000000000000 RSI: 0000000000005646 RDI: 0000000000000003 [ 202.988463][ T7504] RBP: 00007faf1ea44090 R08: 0000000000000000 R09: 0000000000000000 [ 202.992233][ T7504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 202.995589][ T7504] R13: 0000000000000000 R14: 00007faf1dd35f80 R15: 00007ffde079d5c8 [ 202.999211][ T7504] [ 203.001798][ C3] vkms_vblank_simulate: vblank timer overrun [ 203.020481][ T7504] ERROR: Out of memory at tomoyo_realpath_from_path. [ 203.027655][ T7504] vivid-000: ================= START STATUS ================= [ 203.037812][ T7504] vivid-000: Test Pattern: 75% Colorbar [ 203.040633][ T7504] vivid-000: Fill Percentage of Frame: 100 [ 203.052278][ T7504] vivid-000: Horizontal Movement: No Movement [ 203.054880][ T7504] vivid-000: Vertical Movement: No Movement [ 203.057393][ T7504] vivid-000: OSD Text Mode: All [ 203.059568][ T7504] vivid-000: Show Border: false [ 203.061554][ T7504] vivid-000: Show Square: false [ 203.072197][ T7504] vivid-000: Sensor Flipped Horizontally: false [ 203.075080][ T7504] vivid-000: Sensor Flipped Vertically: false [ 203.077703][ T7504] vivid-000: Insert SAV Code in Image: false [ 203.080141][ T7504] vivid-000: Insert EAV Code in Image: false [ 203.082687][ T7504] vivid-000: Insert Video Guard Band: false [ 203.084922][ T7504] vivid-000: Reduced Framerate: false [ 203.086498][ T7504] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator [ 203.089272][ T7504] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator [ 203.092718][ T7504] vivid-000: Enable Capture Cropping: true [ 203.095118][ T7504] vivid-000: Enable Capture Composing: true [ 203.097773][ T7504] vivid-000: Enable Capture Scaler: true [ 203.100322][ T7504] vivid-000: Timestamp Source: End of Frame [ 203.103535][ T7504] vivid-000: Colorspace: sRGB [ 203.105832][ T7504] vivid-000: Transfer Function: Default [ 203.108038][ T7504] vivid-000: Y'CbCr Encoding: Default [ 203.110573][ T7504] vivid-000: HSV Encoding: Hue 0-179 [ 203.113097][ T7504] vivid-000: Quantization: Default [ 203.115350][ T7504] vivid-000: Apply Alpha To Red Only: false [ 203.117142][ T39] audit: type=1400 audit(1725715352.909:416): avc: denied { setopt } for pid=7505 comm="syz.3.623" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 203.118717][ T7504] vivid-000: Standard Aspect Ratio: 4x3 [ 203.129113][ T7504] vivid-000: DV Timings Signal Mode: Current DV Timings inactive [ 203.132847][ T7504] vivid-000: DV Timings: 640x480p59 inactive [ 203.135497][ T7504] vivid-000: DV Timings Aspect Ratio: Source Width x Height [ 203.138435][ T7504] vivid-000: Maximum EDID Blocks: 2 [ 203.140507][ T7504] vivid-000: Limited RGB Range (16-235): false [ 203.143514][ T7504] vivid-000: Rx RGB Quantization Range: Automatic [ 203.145934][ T7504] vivid-000: Power Present: 0x00000001 [ 203.148093][ T7504] tpg source WxH: 320x180 (R'G'B) [ 203.150080][ T7504] tpg field: 1 [ 203.151451][ T7504] tpg crop: 320x180@0x0 [ 203.153692][ T7504] tpg compose: 320x180@0x0 [ 203.155646][ T7504] tpg colorspace: 8 [ 203.157262][ T7504] tpg transfer function: 0/0 [ 203.159024][ T7504] tpg quantization: 0/0 [ 203.160584][ T7504] tpg RGB range: 0/2 [ 203.162321][ T7504] vivid-000: ================== END STATUS ================== [ 203.361095][ T5394] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 203.367539][ T7508] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 203.370805][ T7508] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 203.374134][ T7508] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 203.408409][ T5394] hid-generic 0000:0000:0000.0002: hidraw1: HID v0.00 Device [syz0] on syz1 [ 203.500566][ T39] audit: type=1400 audit(1725715353.289:417): avc: denied { read } for pid=7505 comm="syz.3.623" name="fb0" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 203.510354][ T39] audit: type=1400 audit(1725715353.299:418): avc: denied { open } for pid=7505 comm="syz.3.623" path="/dev/fb0" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 203.691511][ T7518] block nbd0: not configured, cannot reconfigure [ 203.791638][ T7518] netlink: 12 bytes leftover after parsing attributes in process `syz.0.627'. [ 204.346883][ T7529] netlink: 8 bytes leftover after parsing attributes in process `syz.1.630'. [ 204.351107][ T7529] netlink: 8 bytes leftover after parsing attributes in process `syz.1.630'. [ 204.447220][ T39] kauditd_printk_skb: 3 callbacks suppressed [ 204.447254][ T39] audit: type=1400 audit(1725715354.239:422): avc: denied { getopt } for pid=7530 comm="syz.1.632" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 205.351032][ T7546] mkiss: ax0: crc mode is auto. [ 205.601577][ T7550] netlink: 8 bytes leftover after parsing attributes in process `syz.2.636'. [ 205.612940][ T7550] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 205.614531][ T7551] input: syz1 as /devices/virtual/input/input11 [ 205.624265][ T7550] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 205.678001][ T39] audit: type=1400 audit(1725715355.469:423): avc: denied { search } for pid=7554 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 205.711378][ T39] audit: type=1400 audit(1725715355.469:424): avc: denied { read } for pid=7555 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=1484 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 205.738641][ T39] audit: type=1400 audit(1725715355.469:425): avc: denied { open } for pid=7555 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1484 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 205.754350][ T5362] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 205.758177][ T5362] Bluetooth: hci3: Injecting HCI hardware error event [ 205.762378][ T39] audit: type=1400 audit(1725715355.469:426): avc: denied { getattr } for pid=7555 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1484 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 205.762468][ T66] Bluetooth: hci3: hardware error 0x00 [ 205.772962][ T39] audit: type=1400 audit(1725715355.489:427): avc: denied { write } for pid=7554 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1483 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 205.773000][ T39] audit: type=1400 audit(1725715355.509:428): avc: denied { add_name } for pid=7554 comm="dhcpcd-run-hook" name="resolv.conf.lapb5.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 205.773034][ T39] audit: type=1400 audit(1725715355.509:429): avc: denied { create } for pid=7554 comm="dhcpcd-run-hook" name="resolv.conf.lapb5.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 205.831997][ T39] audit: type=1400 audit(1725715355.509:430): avc: denied { write open } for pid=7554 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf.lapb5.link" dev="tmpfs" ino=4334 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 205.852230][ T39] audit: type=1400 audit(1725715355.509:431): avc: denied { append } for pid=7554 comm="dhcpcd-run-hook" name="resolv.conf.lapb5.link" dev="tmpfs" ino=4334 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 206.328975][ T7571] loop0: detected capacity change from 0 to 7 [ 206.362193][ T7571] Dev loop0: unable to read RDB block 7 [ 206.367105][ T7571] loop0: unable to read partition table [ 206.372149][ T7571] loop0: partition table beyond EOD, truncated [ 206.375858][ T7571] loop_reread_partitions: partition scan of loop0 (þ被xüŸÑø éî±dÆä´à–) failed (rc=-5) [ 206.382333][ T7576] befs: Unrecognized mount option "ß" or missing value [ 206.385228][ T7576] befs: (nbd3): cannot parse mount options [ 206.742589][ T4833] Dev loop0: unable to read RDB block 7 [ 206.744543][ T4833] loop0: unable to read partition table [ 206.747280][ T4833] loop0: partition table beyond EOD, truncated [ 206.747837][ T7601] netlink: 8 bytes leftover after parsing attributes in process `syz.0.644'. [ 206.790372][ T25] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 206.798560][ T25] hid-generic 0000:0000:0000.0003: hidraw1: HID v0.00 Device [syz0] on syz1 [ 206.925522][ T5394] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 206.958877][ T5394] hid-generic 0000:0000:0000.0004: hidraw1: HID v0.00 Device [syz0] on syz1 [ 206.977768][ T4833] Dev loop0: unable to read RDB block 7 [ 206.980353][ T4833] loop0: unable to read partition table [ 206.984728][ T4833] loop0: partition table beyond EOD, truncated [ 207.099571][ T4833] Dev loop0: unable to read RDB block 7 [ 207.103558][ T4833] loop0: unable to read partition table [ 207.117326][ T4833] loop0: partition table beyond EOD, truncated [ 207.362737][ T7622] netlink: 24 bytes leftover after parsing attributes in process `syz.1.649'. [ 207.382112][ T5394] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 207.562103][ T5394] usb 5-1: Using ep0 maxpacket: 8 [ 207.566434][ T5394] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 16 [ 207.570803][ T5394] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1024 [ 207.581936][ T5394] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 207.586467][ T5394] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 207.589730][ T5394] usb 5-1: Product: Ð [ 207.591490][ T5394] usb 5-1: Manufacturer: ꙩ㒽î¹í†¿Ù¬ï…僶ㆪ螰âˆä„‘깦쬗è½âƒï …⢅ྯ敠䓲㗸⦰誼촌컪쑄嶲幛覤厈￳ᬶᘆ뗢譇꺹⣳ꩬ阌麜逷ãµä»«é›¢ë† íšì‰»ê‰¥î¡¨ì¬™á¡»êˆ›å‹— [ 207.599293][ T5394] usb 5-1: SerialNumber: Ћ [ 207.772574][ T5362] Bluetooth: hci0: command 0x0406 tx timeout [ 207.782282][ T58] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 207.794155][ T58] Bluetooth: hci0: Error when powering off device on rfkill (-110) [ 207.842523][ T66] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 207.845983][ T7620] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 207.850176][ T7620] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 208.377557][ T5394] cdc_ncm 5-1:1.0: bind() failure [ 208.421638][ T7643] FAULT_INJECTION: forcing a failure. [ 208.421638][ T7643] name failslab, interval 1, probability 0, space 0, times 0 [ 208.428245][ T7643] CPU: 3 UID: 0 PID: 7643 Comm: syz.2.655 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 208.433936][ T7643] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 208.438850][ T7643] Call Trace: [ 208.440186][ T7643] [ 208.441206][ T7643] dump_stack_lvl+0x16c/0x1f0 [ 208.443871][ T7643] should_fail_ex+0x497/0x5b0 [ 208.445802][ T7643] should_failslab+0xc2/0x120 [ 208.447832][ T7643] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 208.449938][ T7643] ? skb_clone+0x190/0x3f0 [ 208.451881][ T7643] skb_clone+0x190/0x3f0 [ 208.453701][ T7643] netlink_deliver_tap+0xab3/0xd90 [ 208.455861][ T7643] netlink_unicast+0x5e1/0x7f0 [ 208.457680][ T7643] ? __pfx_netlink_unicast+0x10/0x10 [ 208.459756][ T7643] netlink_sendmsg+0x8b8/0xd70 [ 208.461870][ T7643] ? __pfx_netlink_sendmsg+0x10/0x10 [ 208.464190][ T7643] ? __import_iovec+0x1fd/0x6e0 [ 208.466306][ T7643] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 208.468418][ T7643] ____sys_sendmsg+0xab5/0xc90 [ 208.470480][ T7643] ? copy_msghdr_from_user+0x10b/0x160 [ 208.472795][ T7643] ? __pfx_____sys_sendmsg+0x10/0x10 [ 208.474991][ T7643] ? find_held_lock+0x2d/0x110 [ 208.476957][ T7643] ? __pfx___lock_acquire+0x10/0x10 [ 208.479141][ T7643] ___sys_sendmsg+0x135/0x1e0 [ 208.481250][ T7643] ? __pfx____sys_sendmsg+0x10/0x10 [ 208.483485][ T7643] ? ksys_write+0x21c/0x260 [ 208.485469][ T7643] ? __fget_light+0x173/0x210 [ 208.487434][ T7643] __sys_sendmsg+0x117/0x1f0 [ 208.489444][ T7643] ? __pfx___sys_sendmsg+0x10/0x10 [ 208.491864][ T7643] do_syscall_64+0xcd/0x250 [ 208.494207][ T7643] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 208.496696][ T7643] RIP: 0033:0x7faf1db7cef9 [ 208.498547][ T7643] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 208.506507][ T7643] RSP: 002b:00007faf1ea44038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 208.509997][ T7643] RAX: ffffffffffffffda RBX: 00007faf1dd35f80 RCX: 00007faf1db7cef9 [ 208.513316][ T7643] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 208.516695][ T7643] RBP: 00007faf1ea44090 R08: 0000000000000000 R09: 0000000000000000 [ 208.520065][ T7643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 208.523310][ T7643] R13: 0000000000000000 R14: 00007faf1dd35f80 R15: 00007ffde079d5c8 [ 208.526781][ T7643] [ 208.748989][ T5394] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found [ 208.751728][ T5394] cdc_ncm 5-1:1.1: bind() failure [ 208.771652][ T5394] usb 5-1: USB disconnect, device number 4 [ 208.787976][ T5924] udevd[5924]: failed to send result of seq 13921 to main daemon: Connection refused [ 209.841989][ T66] Bluetooth: hci2: command 0x0406 tx timeout [ 209.842043][ T58] Bluetooth: hci2: Opcode 0x0c1a failed: -110 [ 209.850319][ T58] Bluetooth: hci2: Error when powering off device on rfkill (-110) [ 210.027324][ T7656] block nbd2: not configured, cannot reconfigure [ 210.117183][ T7656] netlink: 12 bytes leftover after parsing attributes in process `syz.2.659'. [ 210.500243][ T7661] netlink: 24 bytes leftover after parsing attributes in process `syz.2.660'. [ 210.661525][ T5394] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 210.682673][ T5394] hid-generic 0000:0000:0000.0005: hidraw1: HID v0.00 Device [syz0] on syz1 [ 211.072041][ T35] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 211.257628][ T35] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 211.263017][ T35] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 211.267926][ T35] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 211.275195][ T35] usb 8-1: New USB device found, idVendor=172f, idProduct=0038, bcdDevice= 0.00 [ 211.279832][ T35] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 211.288103][ T35] usb 8-1: config 0 descriptor?? [ 211.944723][ T7683] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.666'. [ 211.954071][ T35] waltop 0003:172F:0038.0006: unknown main item tag 0xe [ 211.957345][ T35] waltop 0003:172F:0038.0006: item fetching failed at offset 4/5 [ 211.966069][ T35] waltop 0003:172F:0038.0006: probe with driver waltop failed with error -22 [ 212.163262][ T39] kauditd_printk_skb: 15 callbacks suppressed [ 212.163278][ T39] audit: type=1400 audit(1725715361.959:447): avc: denied { read } for pid=7691 comm="syz.1.669" name="sg0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 212.432055][ T5394] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 212.624691][ T5394] usb 6-1: New USB device found, idVendor=1235, idProduct=0018, bcdDevice=f0.ee [ 212.633762][ T5394] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 212.648503][ T5394] usb 6-1: config 0 descriptor?? [ 212.663483][ T5394] usb 6-1: selecting invalid altsetting 1 [ 212.714446][ T5394] snd-usb-audio 6-1:0.0: probe with driver snd-usb-audio failed with error -22 [ 212.861277][ T7692] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 212.870254][ T7692] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 212.875079][ T7692] sg_write: data in/out 721423411/135 bytes for SCSI command 0x15-- guessing data in; [ 212.875079][ T7692] program syz.1.669 not setting count and/or reply_len properly [ 212.900645][ T25] usb 6-1: USB disconnect, device number 4 [ 213.899475][ T25] usb 8-1: USB disconnect, device number 4 [ 215.808548][ T39] audit: type=1400 audit(1725715365.599:448): avc: denied { ioctl } for pid=7747 comm="syz.2.688" path="socket:[17086]" dev="sockfs" ino=17086 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 215.827488][ T39] audit: type=1400 audit(1725715365.599:449): avc: denied { write } for pid=7747 comm="syz.2.688" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1 [ 215.841750][ T39] audit: type=1400 audit(1725715365.609:450): avc: denied { read } for pid=7747 comm="syz.2.688" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1 [ 215.853497][ T39] audit: type=1400 audit(1725715365.639:451): avc: denied { connect } for pid=7749 comm="syz.1.692" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 216.094107][ T39] audit: type=1400 audit(1725715365.879:452): avc: denied { map } for pid=7765 comm="syz.1.698" path="socket:[19491]" dev="sockfs" ino=19491 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1 [ 216.163396][ T39] audit: type=1400 audit(1725715365.949:453): avc: denied { bind } for pid=7769 comm="syz.1.699" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 216.188303][ T39] audit: type=1400 audit(1725715365.949:454): avc: denied { name_bind } for pid=7769 comm="syz.1.699" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1 [ 216.201263][ T39] audit: type=1400 audit(1725715365.949:455): avc: denied { node_bind } for pid=7769 comm="syz.1.699" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1 [ 216.207267][ T7772] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6) [ 216.211777][ T39] audit: type=1400 audit(1725715365.959:456): avc: denied { listen } for pid=7769 comm="syz.1.699" lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 216.215756][ T7772] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 216.218248][ T7772] vhci_hcd vhci_hcd.0: Device attached [ 216.237160][ T7776] netlink: 72 bytes leftover after parsing attributes in process `syz.1.701'. [ 216.512290][ T56] usb 17-1: new high-speed USB device number 2 using vhci_hcd [ 216.772131][ T5394] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 216.788268][ T7773] vhci_hcd: connection reset by peer [ 216.795757][ T40] vhci_hcd: stop threads [ 216.798350][ T40] vhci_hcd: release socket [ 216.801613][ T40] vhci_hcd: disconnect device [ 216.979511][ T5394] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 216.984697][ T5394] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 216.990586][ T5394] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 216.995046][ T5394] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 217.002280][ T5394] usb 6-1: config 0 descriptor?? [ 217.008767][ T5394] usbhid 6-1:0.0: couldn't find an input interrupt endpoint [ 217.212343][ T5455] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 217.338406][ T7805] netlink: zone id is out of range [ 217.340933][ T7805] netlink: zone id is out of range [ 217.343763][ T7805] netlink: zone id is out of range [ 217.346106][ T7805] netlink: zone id is out of range [ 217.347929][ T7805] netlink: zone id is out of range [ 217.349483][ T7805] netlink: zone id is out of range [ 217.351438][ T7805] netlink: zone id is out of range [ 217.356336][ T7805] netlink: zone id is out of range [ 217.358453][ T7805] netlink: zone id is out of range [ 217.360418][ T7805] netlink: zone id is out of range [ 217.394877][ T5455] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 217.400749][ T39] kauditd_printk_skb: 5 callbacks suppressed [ 217.400761][ T39] audit: type=1400 audit(1725715367.189:462): avc: denied { create } for pid=7806 comm="syz.2.713" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 217.413673][ T5455] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 217.414114][ T7809] bridge0: port 3(bond0) entered disabled state [ 217.418814][ T5455] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 217.418839][ T5455] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 217.418883][ T5455] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 217.429400][ T7809] bridge0: port 2(bridge_slave_1) entered disabled state [ 217.437822][ T5455] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 217.445054][ T5455] usb 8-1: config 0 descriptor?? [ 217.944382][ T39] audit: type=1400 audit(1725715367.729:463): avc: denied { execute } for pid=7785 comm="syz.1.706" name="file0" dev="ramfs" ino=17727 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=file permissive=1 [ 217.960224][ T39] audit: type=1400 audit(1725715367.729:464): avc: denied { execute_no_trans } for pid=7785 comm="syz.1.706" path="/180/file0/file0" dev="ramfs" ino=17727 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=file permissive=1 [ 218.186065][ T5455] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 218.194546][ T5455] plantronics 0003:047F:FFFF.0007: No inputs registered, leaving [ 218.231341][ T5455] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 218.617090][ T39] audit: type=1400 audit(1725715368.409:465): avc: denied { shutdown } for pid=7826 comm="syz.2.719" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 218.656663][ T7831] loop7: detected capacity change from 0 to 127 [ 219.115183][ T7833] team_slave_0: entered promiscuous mode [ 219.118045][ T7833] team_slave_1: entered promiscuous mode [ 219.122243][ T7833] netlink: 'syz.2.721': attribute type 10 has an invalid length. [ 219.131818][ T7833] team_slave_0: left promiscuous mode [ 219.136899][ T7833] team_slave_1: left promiscuous mode [ 219.157900][ T7833] team_slave_0: entered promiscuous mode [ 219.160384][ T7833] team_slave_1: entered promiscuous mode [ 219.168679][ T7833] 8021q: adding VLAN 0 to HW filter on device team0 [ 219.173569][ T7833] team0: entered promiscuous mode [ 219.177039][ T7833] bond0: (slave team0): Enslaving as an active interface with an up link [ 219.656146][ T5455] usb 8-1: reset high-speed USB device number 5 using dummy_hcd [ 220.241773][ T35] usb 6-1: USB disconnect, device number 5 [ 220.372434][ T39] audit: type=1400 audit(1725715370.159:466): avc: denied { read } for pid=7853 comm="syz.1.728" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 220.381592][ T39] audit: type=1400 audit(1725715370.159:467): avc: denied { open } for pid=7853 comm="syz.1.728" path="/dev/snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 220.462079][ T39] audit: type=1400 audit(1725715370.249:468): avc: denied { write } for pid=7857 comm="syz.3.730" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 220.504747][ T39] audit: type=1400 audit(1725715370.259:469): avc: denied { read } for pid=7857 comm="syz.3.730" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 220.662773][ T39] audit: type=1400 audit(1725715370.449:470): avc: denied { bind } for pid=7866 comm="syz.3.733" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 220.671181][ T39] audit: type=1400 audit(1725715370.449:471): avc: denied { listen } for pid=7866 comm="syz.3.733" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 221.252155][ T5392] usb 8-1: USB disconnect, device number 5 [ 221.692401][ T56] vhci_hcd: vhci_device speed not set [ 222.012253][ T5392] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 222.195955][ T5392] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 222.200876][ T5392] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 222.206288][ T5392] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 222.213427][ T5392] usb 6-1: config 0 descriptor?? [ 222.641710][ T5392] keytouch 0003:0926:3333.0008: fixing up Keytouch IEC report descriptor [ 222.650121][ T5392] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:0926:3333.0008/input/input12 [ 222.751323][ T7896] netlink: 12 bytes leftover after parsing attributes in process `syz.0.744'. [ 222.769862][ T7896] bridge_slave_1: left allmulticast mode [ 222.771796][ T7896] bridge_slave_1: left promiscuous mode [ 222.774040][ T7896] bridge0: port 2(bridge_slave_1) entered disabled state [ 222.778967][ T7896] bridge2: port 1(bridge_slave_1) entered blocking state [ 222.781326][ T7896] bridge2: port 1(bridge_slave_1) entered disabled state [ 222.784072][ T7896] bridge_slave_1: entered allmulticast mode [ 222.787634][ T7896] bridge_slave_1: entered promiscuous mode [ 222.964625][ T5392] keytouch 0003:0926:3333.0008: input,hidraw1: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0 [ 223.061058][ T5393] usb 6-1: USB disconnect, device number 6 [ 223.292064][ T5390] usb 7-1: new low-speed USB device number 8 using dummy_hcd [ 223.615604][ T5390] usb 7-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config [ 223.620734][ T5390] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 223.637099][ T5390] usb 7-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config [ 223.641775][ T5390] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 223.648974][ T5390] usb 7-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config [ 223.655530][ T5390] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 223.669489][ T5390] usb 7-1: string descriptor 0 read error: -22 [ 223.672987][ T5390] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 223.679080][ T5390] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 223.827232][ T7917] netlink: 8 bytes leftover after parsing attributes in process `syz.0.752'. [ 223.871540][ T5390] adutux 7-1:168.0: interrupt endpoints not found [ 223.997805][ T39] kauditd_printk_skb: 1 callbacks suppressed [ 223.997821][ T39] audit: type=1400 audit(1725715373.789:473): avc: denied { connect } for pid=7923 comm="syz.1.755" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 224.020717][ T39] audit: type=1400 audit(1725715373.799:474): avc: denied { bind } for pid=7923 comm="syz.1.755" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 224.122060][ T39] audit: type=1400 audit(1725715373.799:475): avc: denied { write } for pid=7923 comm="syz.1.755" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 224.134896][ T7924] xt_CT: No such helper "snmp_trap" [ 224.552568][ T39] audit: type=1400 audit(1725715374.329:476): avc: denied { getopt } for pid=7935 comm="syz.1.757" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 224.569219][ T39] audit: type=1400 audit(1725715374.329:477): avc: denied { write } for pid=7935 comm="syz.1.757" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 224.884858][ T7953] ip6tnl1: entered allmulticast mode [ 225.803113][ T7964] netlink: 12 bytes leftover after parsing attributes in process `syz.3.768'. [ 225.817123][ T7964] bridge_slave_1: left allmulticast mode [ 225.819520][ T7964] bridge_slave_1: left promiscuous mode [ 225.822470][ T7964] bridge0: port 2(bridge_slave_1) entered disabled state [ 225.830327][ T7964] bridge1: port 1(bridge_slave_1) entered blocking state [ 225.834027][ T7964] bridge1: port 1(bridge_slave_1) entered disabled state [ 225.836972][ T7964] bridge_slave_1: entered allmulticast mode [ 225.840020][ T5390] usb 7-1: USB disconnect, device number 8 [ 225.842022][ T7964] bridge_slave_1: entered promiscuous mode [ 225.852685][ T7963] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 225.892728][ T39] audit: type=1400 audit(1725715375.689:478): avc: denied { setopt } for pid=7967 comm="syz.1.771" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 225.907875][ T7969] netlink: 8 bytes leftover after parsing attributes in process `syz.1.771'. [ 226.124956][ T39] audit: type=1400 audit(1725715375.919:479): avc: denied { setopt } for pid=7985 comm="syz.1.779" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 226.362053][ T5390] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 226.544264][ T5390] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 226.549216][ T5390] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 226.553787][ T5390] usb 7-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00 [ 226.557884][ T5390] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 226.567315][ T5390] usb 7-1: config 0 descriptor?? [ 226.695450][ T5392] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 226.883869][ T5392] usb 8-1: Using ep0 maxpacket: 8 [ 226.887424][ T5392] usb 8-1: config index 0 descriptor too short (expected 301, got 45) [ 226.890949][ T5392] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 226.895221][ T5392] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 226.899205][ T5392] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 226.903620][ T5392] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 226.908375][ T5392] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 226.912166][ T5392] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 226.983623][ T5390] isku 0003:1E7D:319C.0009: hidraw1: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.2-1/input0 [ 227.126761][ T5392] usb 8-1: usb_control_msg returned -32 [ 227.129012][ T5392] usbtmc 8-1:16.0: can't read capabilities [ 227.180829][ T5390] isku 0003:1E7D:319C.0009: couldn't init struct isku_device [ 227.185014][ T5390] isku 0003:1E7D:319C.0009: couldn't install keyboard [ 227.188619][ T5390] isku 0003:1E7D:319C.0009: probe with driver isku failed with error -32 [ 227.193879][ T5390] usb 7-1: USB disconnect, device number 9 [ 227.875698][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x4 [ 227.878647][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x2 [ 227.881844][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0 [ 227.884713][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0 [ 227.887631][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0 [ 227.890256][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0 [ 227.894796][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0 [ 227.898057][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0 [ 227.901362][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0 [ 227.904658][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0 [ 227.907832][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0 [ 227.910991][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0 [ 227.914188][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0 [ 227.917981][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0 [ 227.920949][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0 [ 227.923756][ T5390] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0 [ 227.927244][ T5390] hid-generic 0000:3000000:0000.000A: hidraw1: HID v0.00 Device [sy] on syz0 [ 228.155286][ T8013] netlink: 68 bytes leftover after parsing attributes in process `syz.2.789'. [ 228.232020][ T7990] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 228.926935][ T8033] netlink: 169 bytes leftover after parsing attributes in process `syz.0.796'. [ 229.352083][ T831] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 229.439936][ T5390] usb 8-1: USB disconnect, device number 6 [ 229.473893][ T8046] netlink: 12 bytes leftover after parsing attributes in process `syz.3.802'. [ 229.521315][ T8046] netlink: 40 bytes leftover after parsing attributes in process `syz.3.802'. [ 229.526334][ T8046] 8021q: adding VLAN 0 to HW filter on device bond1 [ 229.532269][ T831] usb 5-1: Using ep0 maxpacket: 32 [ 229.539027][ T831] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 229.544560][ T831] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 229.552864][ T831] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 229.556589][ T8049] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5) [ 229.557869][ T831] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 229.560307][ T8049] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 229.561192][ T8049] vhci_hcd vhci_hcd.0: Device attached [ 229.565535][ T831] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 229.577848][ T831] usb 5-1: config 0 descriptor?? [ 229.581565][ T8039] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 229.581586][ T8050] vhci_hcd: connection closed [ 229.587381][ T1110] vhci_hcd: stop threads [ 229.588388][ T831] hub 5-1:0.0: USB hub found [ 229.589436][ T1110] vhci_hcd: release socket [ 229.589476][ T1110] vhci_hcd: disconnect device [ 229.657156][ T8054] RDS: rds_bind could not find a transport for 2001::1, load rds_tcp or rds_rdma? [ 229.797415][ T831] hub 5-1:0.0: 2 ports detected [ 230.830280][ T8039] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 230.833632][ T8039] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 231.129989][ T1110] Bluetooth: (null): Invalid header checksum [ 231.135558][ T1110] Bluetooth: (null): Invalid header checksum [ 231.238974][ T1110] Bluetooth: (null): Invalid header checksum [ 231.353625][ T1110] Bluetooth: (null): Invalid header checksum [ 231.457155][ T831] hub 5-1:0.0: hub_ext_port_status failed (err = -71) [ 231.463410][ T1102] Bluetooth: (null): Invalid header checksum [ 232.472772][ T831] hub 5-1:0.0: set hub depth failed [ 232.475812][ T25] usb 5-1: USB disconnect, device number 5 [ 233.266657][ T7859] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 233.476046][ T7859] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 233.480241][ T7859] usb 7-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 233.485663][ T7859] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 233.497756][ T7859] usb 7-1: config 0 descriptor?? [ 233.540011][ T7859] pwc: Askey VC010 type 2 USB webcam detected. [ 233.730542][ T7859] pwc: send_video_command error -71 [ 233.733548][ T7859] pwc: Failed to set video mode CIF@30 fps; return code = -71 [ 233.738786][ T7859] Philips webcam 7-1:0.0: probe with driver Philips webcam failed with error -71 [ 234.483230][ T7859] usb 7-1: USB disconnect, device number 10 [ 234.854491][ T39] audit: type=1400 audit(1725715385.648:480): avc: denied { map } for pid=8106 comm="syz.0.823" path="/dev/binderfs/binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 234.887155][ T7859] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 235.094001][ T7859] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 235.100091][ T7859] usb 7-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 235.108919][ T7859] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 235.132415][ T7859] usb 7-1: config 0 descriptor?? [ 235.169564][ T7859] pwc: Askey VC010 type 2 USB webcam detected. [ 235.847322][ T7859] pwc: recv_control_msg error -32 req 02 val 2700 [ 235.853576][ T7859] pwc: recv_control_msg error -32 req 02 val 2c00 [ 235.873648][ T7859] pwc: recv_control_msg error -32 req 04 val 1000 [ 235.881773][ T7859] pwc: recv_control_msg error -32 req 04 val 1300 [ 235.890916][ T7859] pwc: recv_control_msg error -32 req 04 val 1400 [ 236.125279][ T39] audit: type=1400 audit(1725715386.908:481): avc: denied { name_connect } for pid=8116 comm="syz.3.826" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1 [ 236.171426][ T39] audit: type=1400 audit(1725715386.958:482): avc: denied { bind } for pid=8116 comm="syz.3.826" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 236.331462][ T8130] futex_wake_op: syz.0.831 tries to shift op by 32; fix this program [ 236.491371][ T7859] pwc: recv_control_msg error -71 req 02 val 2100 [ 236.497828][ T7859] pwc: recv_control_msg error -71 req 04 val 1500 [ 236.500953][ T7859] pwc: recv_control_msg error -71 req 02 val 2500 [ 236.504100][ T7859] pwc: recv_control_msg error -71 req 02 val 2400 [ 236.507388][ T7859] pwc: recv_control_msg error -71 req 02 val 2600 [ 236.510583][ T7859] pwc: recv_control_msg error -71 req 02 val 2900 [ 236.514064][ T7859] pwc: recv_control_msg error -71 req 02 val 2800 [ 236.519892][ T7859] pwc: recv_control_msg error -71 req 04 val 1100 [ 236.522910][ T7859] pwc: recv_control_msg error -71 req 04 val 1200 [ 236.529518][ T7859] pwc: Registered as video71. [ 236.533296][ T7859] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb7/7-1/input/input13 [ 236.539988][ T7859] usb 7-1: USB disconnect, device number 11 [ 236.563162][ T8] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 236.802123][ T8] usb 6-1: Using ep0 maxpacket: 8 [ 236.815087][ T8] usb 6-1: config 0 has an invalid interface number: 224 but max is 0 [ 236.818285][ T8] usb 6-1: config 0 has no interface number 0 [ 236.820682][ T8] usb 6-1: New USB device found, idVendor=0abf, idProduct=3370, bcdDevice= 3.0e [ 236.824361][ T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 236.835909][ T8] usb 6-1: config 0 descriptor?? [ 237.045418][ T7859] usb 6-1: USB disconnect, device number 7 [ 237.203921][ T39] audit: type=1400 audit(1725715387.998:483): avc: denied { getopt } for pid=8142 comm="syz.3.835" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 238.172100][ T8] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 238.372102][ T8] usb 7-1: Using ep0 maxpacket: 8 [ 238.376986][ T8] usb 7-1: config 0 has an invalid interface number: 1 but max is 0 [ 238.380148][ T8] usb 7-1: config 0 has no interface number 0 [ 238.383201][ T8] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 238.388177][ T8] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 238.392598][ T8] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 238.398577][ T8] usb 7-1: config 0 descriptor?? [ 238.416472][ T8] iowarrior 7-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 238.558760][ T8192] netlink: 169 bytes leftover after parsing attributes in process `syz.0.850'. [ 238.610530][ T5392] usb 7-1: USB disconnect, device number 12 [ 238.616802][ T5392] iowarrior 7-1:0.1: I/O-Warror #0 now disconnected [ 238.667953][ T39] audit: type=1400 audit(1725715389.458:484): avc: denied { setopt } for pid=8195 comm="syz.0.852" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 238.765999][ T8200] loop5: detected capacity change from 0 to 16385 [ 238.822424][ T8200] loop5: detected capacity change from 16385 to 16321 [ 239.043038][ T8225] random: crng reseeded on system resumption [ 239.046554][ T39] audit: type=1400 audit(1725715389.838:485): avc: denied { write } for pid=8223 comm="syz.1.862" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 240.518346][ T39] audit: type=1400 audit(1725715391.308:486): avc: denied { connect } for pid=8252 comm="syz.2.872" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 240.685824][ T8258] usb usb9: usbfs: process 8258 (syz.2.872) did not claim interface 0 before use [ 240.694283][ T8258] usb usb9: selecting invalid altsetting 21783 [ 241.247114][ T8267] netlink: 32 bytes leftover after parsing attributes in process `syz.0.876'. [ 241.266615][ T8267] netlink: 32 bytes leftover after parsing attributes in process `syz.0.876'. [ 241.303080][ T39] audit: type=1400 audit(1725715392.088:487): avc: denied { connect } for pid=8264 comm="syz.2.875" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 243.147265][ T8312] syz.2.893[8312] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 243.147402][ T8312] syz.2.893[8312] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 243.701304][ T8329] net_ratelimit: 21 callbacks suppressed [ 243.701321][ T8329] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280 [ 244.839987][ T8356] netlink: 8 bytes leftover after parsing attributes in process `syz.1.904'. [ 245.262267][ T35] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 245.464215][ T35] usb 8-1: Using ep0 maxpacket: 8 [ 245.474953][ T35] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 245.479700][ T35] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid maxpacket 15104, setting to 1024 [ 245.486148][ T35] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1024 [ 245.490509][ T35] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 245.500390][ T35] usb 8-1: New USB device found, idVendor=04ca, idProduct=3bfb, bcdDevice=6e.b5 [ 245.504914][ T35] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 245.508550][ T35] usb 8-1: Product: syz [ 245.510451][ T35] usb 8-1: Manufacturer: syz [ 245.513209][ T35] usb 8-1: SerialNumber: syz [ 245.518216][ T35] usb 8-1: config 0 descriptor?? [ 245.521317][ T8360] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 245.770995][ T35] usb 8-1: USB disconnect, device number 7 [ 246.427838][ T39] audit: type=1400 audit(1725715397.218:488): avc: denied { ioctl } for pid=8384 comm="syz.3.916" path="socket:[18050]" dev="sockfs" ino=18050 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 247.595163][ T39] audit: type=1400 audit(1725715398.388:489): avc: denied { read } for pid=8402 comm="syz.0.923" name="loop-control" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 247.615676][ T39] audit: type=1400 audit(1725715398.388:490): avc: denied { open } for pid=8402 comm="syz.0.923" path="/dev/loop-control" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 247.932016][ T39] audit: type=1400 audit(1725715398.708:491): avc: denied { ioctl } for pid=8402 comm="syz.0.923" path="/dev/loop-control" dev="devtmpfs" ino=659 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 250.419764][ T39] audit: type=1326 audit(1725715401.208:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8472 comm="syz.3.948" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f308cd7cef9 code=0x7ffc0000 [ 250.436156][ T39] audit: type=1326 audit(1725715401.208:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8472 comm="syz.3.948" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f308cd7cef9 code=0x7ffc0000 [ 250.449168][ T39] audit: type=1326 audit(1725715401.208:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8472 comm="syz.3.948" exe="/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f308cd7cef9 code=0x7ffc0000 [ 250.461373][ T39] audit: type=1326 audit(1725715401.208:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8472 comm="syz.3.948" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f308cd7cef9 code=0x7ffc0000 [ 250.474374][ T39] audit: type=1326 audit(1725715401.218:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8472 comm="syz.3.948" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f308cd7cef9 code=0x7ffc0000 [ 250.575191][ T39] audit: type=1326 audit(1725715401.368:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8480 comm="+}[@" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38e5f7cef9 code=0x7ffc0000 [ 251.031639][ T8525] Cannot find del_set index 0 as target [ 251.044015][ T8525] netlink: 104 bytes leftover after parsing attributes in process `syz.2.971'. [ 251.247658][ T8539] netlink: 224 bytes leftover after parsing attributes in process `syz.3.977'. [ 251.357751][ T8545] netlink: 28 bytes leftover after parsing attributes in process `syz.2.979'. [ 251.905998][ T39] kauditd_printk_skb: 77 callbacks suppressed [ 251.906012][ T39] audit: type=1400 audit(1725715402.698:575): avc: denied { name_bind } for pid=8553 comm="syz.1.980" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 252.074367][ C3] [ 252.075508][ C3] ============================================ [ 252.078248][ C3] WARNING: possible recursive locking detected [ 252.080977][ C3] 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 Not tainted [ 252.085731][ C3] -------------------------------------------- [ 252.088837][ C3] ksoftirqd/3/34 is trying to acquire lock: [ 252.091440][ C3] ffff88804c4a21d8 (&qs->lock){-.-.}-{2:2}, at: __stack_map_get+0x2a8/0x350 [ 252.095358][ C3] [ 252.095358][ C3] but task is already holding lock: [ 252.098570][ C3] ffff888054d4d1d8 (&qs->lock){-.-.}-{2:2}, at: __stack_map_get+0x2a8/0x350 [ 252.102397][ C3] [ 252.102397][ C3] other info that might help us debug this: [ 252.105890][ C3] Possible unsafe locking scenario: [ 252.105890][ C3] [ 252.109148][ C3] CPU0 [ 252.110621][ C3] ---- [ 252.112118][ C3] lock(&qs->lock); [ 252.113863][ C3] lock(&qs->lock); [ 252.115635][ C3] [ 252.115635][ C3] *** DEADLOCK *** [ 252.115635][ C3] [ 252.119048][ C3] May be due to missing lock nesting notation [ 252.119048][ C3] [ 252.122628][ C3] 4 locks held by ksoftirqd/3/34: [ 252.124836][ C3] #0: ffffffff8ddb9ec0 (rcu_callback){....}-{0:0}, at: rcu_core+0x7cc/0x16b0 [ 252.128751][ C3] #1: ffffffff8ddb9fe0 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run3+0x1d1/0x5a0 [ 252.132877][ C3] #2: ffff888054d4d1d8 (&qs->lock){-.-.}-{2:2}, at: __stack_map_get+0x2a8/0x350 [ 252.136887][ C3] #3: ffffffff8ddb9fe0 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0x1c2/0x590 [ 252.140972][ C3] [ 252.140972][ C3] stack backtrace: [ 252.143570][ C3] CPU: 3 UID: 0 PID: 34 Comm: ksoftirqd/3 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 252.148149][ C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 252.152864][ C3] Call Trace: [ 252.154356][ C3] [ 252.155682][ C3] dump_stack_lvl+0x116/0x1f0 [ 252.157772][ C3] __lock_acquire+0x2167/0x3cb0 [ 252.159948][ C3] ? __pfx___lock_acquire+0x10/0x10 [ 252.162263][ C3] lock_acquire+0x1b1/0x560 [ 252.164286][ C3] ? __stack_map_get+0x2a8/0x350 [ 252.166487][ C3] ? __pfx_lock_acquire+0x10/0x10 [ 252.168772][ C3] ? lock_acquire+0x1b1/0x560 [ 252.170889][ C3] _raw_spin_lock_irqsave+0x3a/0x60 [ 252.173184][ C3] ? __stack_map_get+0x2a8/0x350 [ 252.175407][ C3] __stack_map_get+0x2a8/0x350 [ 252.177543][ C3] bpf_prog_00798911c748094f+0x42/0x46 [ 252.179931][ C3] bpf_trace_run2+0x231/0x590 [ 252.181998][ C3] ? __pfx_mark_lock+0x10/0x10 [ 252.184119][ C3] ? __pfx_bpf_trace_run2+0x10/0x10 [ 252.186384][ C3] ? mark_lock+0xb5/0xc60 [ 252.188241][ C3] ? unwind_next_frame+0x51/0x23a0 [ 252.190448][ C3] ? __orc_find+0x104/0x130 [ 252.192454][ C3] __bpf_trace_contention_end+0xca/0x110 [ 252.194879][ C3] ? __pfx___bpf_trace_contention_end+0x10/0x10 [ 252.197625][ C3] ? hlock_class+0x4e/0x130 [ 252.199636][ C3] ? __lock_acquire+0x1620/0x3cb0 [ 252.201848][ C3] trace_contention_end.constprop.0+0xea/0x170 [ 252.204547][ C3] __pv_queued_spin_lock_slowpath+0x27e/0xc90 [ 252.207251][ C3] ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10 [ 252.210088][ C3] ? lock_acquire+0x1b1/0x560 [ 252.212199][ C3] do_raw_spin_lock+0x210/0x2c0 [ 252.214352][ C3] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 252.216730][ C3] _raw_spin_lock_irqsave+0x42/0x60 [ 252.219002][ C3] ? __stack_map_get+0x2a8/0x350 [ 252.221178][ C3] __stack_map_get+0x2a8/0x350 [ 252.223266][ C3] bpf_prog_00798911c748094f+0x42/0x46 [ 252.225487][ C3] bpf_trace_run3+0x240/0x5a0 [ 252.227573][ C3] ? __pfx_bpf_trace_run3+0x10/0x10 [ 252.229876][ C3] ? rcu_core+0x828/0x16b0 [ 252.231868][ C3] ? __pfx_lock_acquire+0x10/0x10 [ 252.234052][ C3] ? rcu_core+0x828/0x16b0 [ 252.236057][ C3] __traceiter_kmem_cache_free+0x35/0x50 [ 252.238547][ C3] kmem_cache_free+0x1dd/0x3a0 [ 252.240672][ C3] ? rcu_core+0x828/0x16b0 [ 252.242682][ C3] ? rcu_core+0x826/0x16b0 [ 252.244672][ C3] rcu_core+0x828/0x16b0 [ 252.246567][ C3] ? __pfx_rcu_core+0x10/0x10 [ 252.248664][ C3] handle_softirqs+0x216/0x8f0 [ 252.250790][ C3] ? __pfx_handle_softirqs+0x10/0x10 [ 252.253121][ C3] ? rcu_is_watching+0x12/0xc0 [ 252.255265][ C3] ? __pfx_run_ksoftirqd+0x10/0x10 [ 252.257517][ C3] ? smpboot_thread_fn+0x59d/0xa10 [ 252.259777][ C3] run_ksoftirqd+0x3a/0x60 [ 252.261757][ C3] smpboot_thread_fn+0x661/0xa10 [ 252.263949][ C3] ? __kthread_parkme+0x148/0x220 [ 252.266169][ C3] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 252.268564][ C3] kthread+0x2c1/0x3a0 [ 252.270355][ C3] ? _raw_spin_unlock_irq+0x23/0x50 [ 252.272666][ C3] ? __pfx_kthread+0x10/0x10 [ 252.274726][ C3] ret_from_fork+0x45/0x80 [ 252.276730][ C3] ? __pfx_kthread+0x10/0x10 [ 252.278795][ C3] ret_from_fork_asm+0x1a/0x30 [ 252.280931][ C3] [ 253.432108][ T66] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 253.432188][ T5362] Bluetooth: hci4: command 0x1003 tx timeout [ 261.433668][ T1380] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.435863][ T1380] ieee802154 phy1 wpan1: encryption failed: -22 VM DIAGNOSIS: 13:23:22 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=0000000000000003 RCX=ffffffff813c44fe RDX=ffff88801bfa4880 RSI=ffffffff813c451b RDI=0000000000000000 RBP=ffff888054d4d1c0 RSP=ffffc900009876f0 R8 =0000000000000000 R9 =0000000000000003 R10=0000000000000003 R11=0000000000000000 R12=0000000000000003 R13=0000000000000003 R14=ffff88806a63fc80 R15=ffffed100a9a9a38 RIP=ffffffff813c451c RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f9df4653176 CR3=0000000025574000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd15b70ac0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f38e5fefe6a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f38e5fefe77 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f38e5fefe71 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f38e5fefe85 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f38e5feff0b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f38e5feffe9 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 00000000000000a0 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=ffff888054d4d1c0 RCX=ffffffff8b19c2d4 RDX=ffffed100a9a9a39 RSI=0000000000000004 RDI=ffff888054d4d1c0 RBP=0000000000000003 RSP=ffffc900008af560 R8 =0000000000000000 R9 =ffffed100a9a9a38 R10=ffff888054d4d1c3 R11=0000000000000000 R12=ffffed100a9a9a38 R13=0000000000000000 R14=ffff88806a73fc80 R15=0000000000000001 RIP=ffffffff81ea9880 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f9df4937a8c CR3=0000000048c96000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc09549380 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9df47efe6a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9df47efe77 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9df47efe71 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9df47efe85 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9df47eff0b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9df47effe9 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000050 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000040000 RBX=ffff88806a6467c0 RCX=ffffc90006c22000 RDX=0000000000040000 RSI=ffffffff817f9b85 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc900229b7520 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=ffffed100d4c8cf9 R13=0000000000000001 R14=ffff88806a6467c8 R15=ffff88806a83ffc0 RIP=ffffffff817f9b87 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f9df54e46c0 ffffffff 00c00000 GS =0000 ffff88806a800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=0000000052b38000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000208001 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9df47efe6a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9df47efe77 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9df47efe71 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9df47efe85 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9df47eff0b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9df47effe9 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9df48ff488 00007f9df48ff480 00007f9df48ff478 00007f9df48ff450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9df546d100 00007f9df48ff440 00007f9df48ff458 00007f9df48ff4a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9df48ff498 00007f9df48ff490 00007f9df48ff488 00007f9df48ff480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85030a45 RDI=ffffffff9a5b4f60 RBP=ffffffff9a5b4f20 RSP=ffffc900008df030 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d R12=0000000000000000 R13=0000000000000030 R14=ffffffff850309e0 R15=0000000000000000 RIP=ffffffff85030a6f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a900000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f38e6137a8c CR3=000000000db7c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000