last executing test programs: 5.940814537s ago: executing program 2 (id=2626): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000580)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010800040000000000000b00000008000300", @ANYRES32=r2], 0x58}}, 0x0) 5.719886514s ago: executing program 0 (id=2629): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) sendmsg$NL80211_CMD_EXTERNAL_AUTH(r2, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000b80)={&(0x7f0000000b00)={0x4c, r3, 0x1, 0x70bd27, 0x2, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x3}, @NL80211_ATTR_PMKID={0x14, 0x55, "d912e66681be769895821177bc4112ac"}, @NL80211_ATTR_SSID={0x12, 0x34, @random="005a0b6a93258f602616107061c4"}]}, 0x4c}}, 0x8000) 5.660653619s ago: executing program 0 (id=2630): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="160000000000000004000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB="0000000000000000000000000033ea3372d7000054b002f4cbe28ce9c4e143d4d357011da83b192f66bf10b17c6c2f3932a8b7cf8e1fbad94eeff118232e0cd974f79a382da56f5a6468e7880793ab8ca77e50bad86cb45419d73cc6aa23cdd4aaa71341bdfbbffe1acfed539dad8dcfddbb7a2c82", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r2}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r4 = openat$cgroup_int(r3, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) write$cgroup_subtree(r4, &(0x7f0000000100)=ANY=[@ANYBLOB='-0'], 0x9) 5.500726594s ago: executing program 0 (id=2631): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0) openat$selinux_member(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0) openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r1, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) socket$inet6(0xa, 0x3, 0x14) io_submit(0x0, 0x1, &(0x7f0000000540)=[&(0x7f0000000380)={0x0, 0x0, 0x0, 0x8, 0xda98, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, 0x2}]) write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x10400}}, 0x50) syz_fuse_handle_req(r1, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0) writev(r3, &(0x7f0000000000)=[{&(0x7f0000000cc0)="e1", 0x56000}], 0x1) close_range(r0, 0xffffffffffffffff, 0x0) 5.188458341s ago: executing program 0 (id=2632): mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x100, 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0) write$FUSE_GETXATTR(r2, &(0x7f0000000480)={0x18}, 0x18) write$FUSE_INIT(r2, &(0x7f0000000600)={0x50, 0x0, 0x0, {0x7, 0x29, 0x5, 0x0, 0x4, 0x2672, 0x1, 0x0, 0x0, 0x0, 0x80, 0x1fd}}, 0x50) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0) io_setup(0x1fe, &(0x7f0000000200)=0x0) io_submit(r4, 0x140b, &(0x7f0000000700)=[&(0x7f0000000440)={0x18, 0x7000000, 0x4, 0x1, 0x0, r3, &(0x7f0000000180)='\x00', 0x37000}]) 2.55003338s ago: executing program 3 (id=2635): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c7442400ab000000c7442402cade0000c7442406000000000f01142466b811008ed0001164d9eef40f0013f3660f09c4e1f8107cf60e66b82e010f00d8", 0x3d}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0, 0x9}], 0x1, 0x1, 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x0, 0x74, 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 2.331042325s ago: executing program 3 (id=2636): r0 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb1000000001020009050276"], 0x0) syz_usb_control_io$hid(r0, &(0x7f0000001280)={0x24, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0003040000000403"], 0x0, 0x0}, 0x0) ioctl$IOCTL_VMCI_DATAGRAM_SEND(0xffffffffffffffff, 0x7ab, &(0x7f0000000280)={&(0x7f0000000780)={{@my=0x0, 0xcc35712f}, {@any, 0x800000}, 0x400, "884fbe2726aa0a32f3e65f909acda971a093228292456e0332e6c11577b514f0bb8db731789d860e9589c4cbdd60b7a851a8a3c55ada2f90c51a69bf4a5c3e32296535dc838ef00dc18a32a79118dc858628f741f107552021e5a81d38e4374a8a717a7ca9015083cfff5d16156ef9cabf4f60c0da46870a10bf520cc5abcf9e3a437761ea75776763139fadd55c46daf5338870951822f6a803ccfbab9c3f507672d7c39ea9ccf81d9bc2b4649e7b44ed9fd7cb9bd389240cd41c415113d1caac4536f05c07e596d6addad2a4d27ba21a3b655753c508caedcc812ca235a7cd1686426b208bdecf8a4265ba8f6824aa60306e2d623481eed301b6dc21041fa8b6592be00bb74de1989a45a5aa32c189e9f5a5bb878281d0129afcfb8410cd1fa5acd080993d2d084213130a9b8d517d13251e6605a03d9b8faf507e820205a1f471af7b261419e79e09c547f7c10fd3f1ad876f59fdcc5e07d0ff4dee6ea2e3856616a352d648b9b5261b6263020fc3ae8eb404bc25703b3d3b83172d07ff22907d6631d226c8247c92c1826ff814590dfe8c7fc54dfb265e906f756846546316b20e0105e2a5355a210b2b7f5db61d8f90bb783b41ce368233bd08044e9283531fffe49e3d305ecfb16075a047557f57bb7baf8babfc02975ad0d60ed8de9cb8adc9f667bc6826cbea8e260e4bff28a5ec19d38d1fc019db3cfaf310e764d78619cb27fb17af05a0e8ae831ce8413721e71138e62cc4ad8e7974d1506b4fb581c549a3dd7b7ef44ac37201aa3bce6f37f648d781bcb4f329fd45ffa640f1b04efb38a36e0ed0e2abcb07e4ad88ae3edfb6d840d75340204243d0e1c1c3139823b0d5ad196430bf4566619a1a97df4376a7e9a9e9c1d97b9f773c921778f2cb5165c02da1423305c502076177e4af50cb3343c10b01b78e3fe5520bdfae2b3dbe42db0f0eb55bbcb19038018d45ccdb8b0df400085a02c61b033f430fb6a7408e090c65798bc49d35e049d276fd1952d2b3dfd92a2548411e21be26216fe68fc3cf1c6625031260153708a53255b3d3d0411d5f0e8ab2102a97e539c34e9c769a7dafb87c5918deb59ef05e928c2c52775de467fa843cbcdabc290097eeb2ee7c58d86e3fccc39a5b694c18a4cc0d6af1e61d9c69e6466bc0cbef15365109e4f67a6268625f8c3f358fb7d567cbea52e1bc289bd8effda4e362a729e8cd3064970b97e3f72535d9ba88e97a14834cfd8dc86b5d2f9b35425a4162e6abe8b785ef462883e716c91b8eb281d81f68f606f16fcbc5cddfdec3b515818a647d86a4c17bae6ad525e95598052c49cdee821ceb45b2350dda13628db0dd266f30285241a2b147d65113b8ed3665a3451f7a56cf430ec98aeac702d9b9f776d97520a9d039e5b2fff34ac4d4e0a32e1f35c8f38e4f4fe1b3212a70f185ad71ec86b8c9"}, 0x418}) syz_usb_connect$cdc_ecm(0x3, 0x59, &(0x7f0000000100)={{0x12, 0x1, 0x250, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x47, 0x1, 0x1, 0xf6, 0x40, 0x4, [{{0x9, 0x4, 0x0, 0xf, 0x3, 0x2, 0x6, 0x0, 0x7, {{0x5}, {0x5, 0x24, 0x0, 0xfffc}, {0xd, 0x24, 0xf, 0x1, 0x9, 0x400, 0x4, 0xf9}, [@mbim={0xc, 0x24, 0x1b, 0x8, 0x2, 0x5, 0xc, 0x0, 0xff}]}, {[], {{0x9, 0x5, 0x82, 0x2, 0x228, 0x8, 0x0, 0xf8}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0xad, 0x0, 0xfd}}}}}]}}]}}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0}) syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xc38, &(0x7f0000000080)=ANY=[]) 2.087880233s ago: executing program 2 (id=2626): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000580)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010800040000000000000b00000008000300", @ANYRES32=r2], 0x58}}, 0x0) 2.039763455s ago: executing program 2 (id=2637): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2000, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0xe8, 0x0, 0x0) r4 = eventfd(0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f}) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r4) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r4}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000800)=""/90}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000340)=0x1) 1.848201895s ago: executing program 2 (id=2638): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = dup(0xffffffffffffffff) ioctl$KDGKBSENT(0xffffffffffffffff, 0x4b48, &(0x7f0000000000)={0x9, "e241e8542bf2d9bc990fee2381754b0e08ab71e625046ac023cd92ea7b17bf8234a16f454f87298f426d3b49ef79fcdaac11ab9501697b299a2e3197c9cafeceaf3cd8bcb5295c26ae2976bb3e0e158b686b0e42ee2da7ffca37082a70c0f69ffb1adadd13537f68ce62166ec95a593683c991dbcb005890f17fbbc648169d2fb3ca6fbf68168471052a758c8c8f4a8cbde394ea31d1e560f2b929bf87aa352b16f28b9487e5c95ca2d378f3a4566c99cd1f7a33b771490a1f70f0b1af53e42cb6eb3b45e72e5bba4cde4ec5ec8ee35eac87d3542ac0d9a7a23883aff86ae9dcfc4b19e1a269a775fb9510b4fe9a7bdd3ebd2f7a3a9406db7bd46698c9f412a777d28994c498f04060c99ccb9d1d83f5aa4302d118dd8227ba5e6248305e31c85db8affc037a611f371fd205e02dac1b7d36cdf98d9b580186b9e262d7717cf8347955ea5c36c48261d196b884337521cba7bbf339f31a2a358416e079c608c0776413598ff9f5833631e60e13c0cbcf3e30f6b199f21ca71244fd27acfccd8e304c82420f5668f725b8612dfade8586a71e7d2f813000047a1da0960313ac905ee78144f1bcb0b77916c6e7278159ad8688b07161df584a30d068a64540c7b7f9a88a3332859b0c3e8fa0dedcce3fa5ea3c058f50ca5eb9ddf895e592d69743e794d4ca7c63cba76416271b81c73c578b143e7798010ffb5be0af5879c80a48"}) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(r1, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x42, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) 1.848002407s ago: executing program 2 (id=2639): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="160000000000000004000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB="0000000000000000000000000033ea3372d7000054b002f4cbe28ce9c4e143d4d357011da83b192f66bf10b17c6c2f3932a8b7cf8e1fbad94eeff118232e0cd974f79a382da56f5a6468e7880793ab8ca77e50bad86cb45419d73cc6aa23cdd4aaa71341bdfbbffe1acfed539dad8dcfddbb7a2c82", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r3 = openat$cgroup_int(r2, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[@ANYBLOB='-0'], 0x9) 1.539703246s ago: executing program 1 (id=2641): r0 = syz_io_uring_setup(0x239, &(0x7f0000000300)={0x0, 0x400004, 0x13900}, &(0x7f0000000000), &(0x7f0000000200)) syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="120100001d906e20501dc6609b620103000109021b0001000010000904f7000176246700090582020002"], 0x0) preadv(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000001c0)=""/178, 0xb2}], 0x1, 0x1ff, 0x401) poll(&(0x7f0000000080)=[{r0, 0x5}], 0x1, 0x7ff) 689.284059ms ago: executing program 3 (id=2642): openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, 0x0, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000040)=ANY=[@ANYBLOB="44010000100001000000000800000000fc0100000000000000000000000000000a010100"/45, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffffff000000000000000000000000000000006c000000ac1414bb00000000000000000000000000000000020000000000000000000000e03154617cc57118000000000000000000000000000000000000000001000000000000000000000000000000000000100000000000000000000000000000000004000000000000000d000000000000000a"], 0x144}}, 0x20000000) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0) r1 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d77f", 0x7, 0xfffffffffffffffe) r2 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r1, r2, r1}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x20, 0x0, 0x201, 0x70bd2d, 0x25dfdbfc, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = dup(r4) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) 689.006702ms ago: executing program 2 (id=2643): sched_setaffinity(0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) syz_emit_vhci(&(0x7f0000000380)=ANY=[@ANYBLOB="040e1a00031000"], 0xf) 429.991057ms ago: executing program 3 (id=2644): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c7442400ab000000c7442402cade0000c7442406000000000f01142466b811008ed0001164d9eef40f0013f3660f09c4e1f8107cf60e66b82e010f00d8", 0x3d}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0, 0x9}], 0x1, 0x1, 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x0, 0x74, 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 230.181637ms ago: executing program 1 (id=2645): madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x20042, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) mprotect(&(0x7f000004f000/0x800000)=nil, 0x800000, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00003, 0x8) 230.035681ms ago: executing program 0 (id=2632): mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x100, 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0) write$FUSE_GETXATTR(r2, &(0x7f0000000480)={0x18}, 0x18) write$FUSE_INIT(r2, &(0x7f0000000600)={0x50, 0x0, 0x0, {0x7, 0x29, 0x5, 0x0, 0x4, 0x2672, 0x1, 0x0, 0x0, 0x0, 0x80, 0x1fd}}, 0x50) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0) io_setup(0x1fe, &(0x7f0000000200)=0x0) io_submit(r4, 0x140b, &(0x7f0000000700)=[&(0x7f0000000440)={0x18, 0x7000000, 0x4, 0x1, 0x0, r3, &(0x7f0000000180)='\x00', 0x37000}]) 229.665581ms ago: executing program 1 (id=2646): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000580)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010800040000000000000b00000008000300", @ANYRES32=r2, @ANYBLOB], 0x58}}, 0x0) 150.071775ms ago: executing program 1 (id=2647): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = dup(0xffffffffffffffff) ioctl$KDGKBSENT(0xffffffffffffffff, 0x4b48, &(0x7f0000000000)={0x9, "e241e8542bf2d9bc990fee2381754b0e08ab71e625046ac023cd92ea7b17bf8234a16f454f87298f426d3b49ef79fcdaac11ab9501697b299a2e3197c9cafeceaf3cd8bcb5295c26ae2976bb3e0e158b686b0e42ee2da7ffca37082a70c0f69ffb1adadd13537f68ce62166ec95a593683c991dbcb005890f17fbbc648169d2fb3ca6fbf68168471052a758c8c8f4a8cbde394ea31d1e560f2b929bf87aa352b16f28b9487e5c95ca2d378f3a4566c99cd1f7a33b771490a1f70f0b1af53e42cb6eb3b45e72e5bba4cde4ec5ec8ee35eac87d3542ac0d9a7a23883aff86ae9dcfc4b19e1a269a775fb9510b4fe9a7bdd3ebd2f7a3a9406db7bd46698c9f412a777d28994c498f04060c99ccb9d1d83f5aa4302d118dd8227ba5e6248305e31c85db8affc037a611f371fd205e02dac1b7d36cdf98d9b580186b9e262d7717cf8347955ea5c36c48261d196b884337521cba7bbf339f31a2a358416e079c608c0776413598ff9f5833631e60e13c0cbcf3e30f6b199f21ca71244fd27acfccd8e304c82420f5668f725b8612dfade8586a71e7d2f813000047a1da0960313ac905ee78144f1bcb0b77916c6e7278159ad8688b07161df584a30d068a64540c7b7f9a88a3332859b0c3e8fa0dedcce3fa5ea3c058f50ca5eb9ddf895e592d69743e794d4ca7c63cba76416271b81c73c578b143e7798010ffb5be0af5879c80a48"}) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(r1, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x42, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) 149.568231ms ago: executing program 1 (id=2648): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000c40), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000640)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="070500000000000000000300000028000180100001006574683a67656e65766531"], 0x3c}}, 0x0) 149.476768ms ago: executing program 3 (id=2649): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r0, 0x400455c8, 0x400000009) close(0x3) 70.115441ms ago: executing program 1 (id=2650): r0 = syz_usb_connect(0x3, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0) syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x8, &(0x7f0000000980)=ANY=[@ANYBLOB]) r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0) ioctl$EVIOCSFF(r1, 0x40304580, &(0x7f00000001c0)={0x51, 0x3, 0x560c, {0x803, 0x5d5}, {0xfffa, 0x2}, @cond=[{0x5, 0x0, 0x6, 0xfffe, 0xd, 0x6a}, {0x800, 0x80, 0x800, 0x0, 0x85f, 0xfffc}]}) 69.599774ms ago: executing program 0 (id=2651): r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10) r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x48000, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0) r3 = socket$inet6(0xa, 0x3, 0x8000000003c) sendmmsg$inet6(r3, 0x0, 0x0, 0x4000880) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r2, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) sendmsg$rds(r0, &(0x7f00000012c0)={&(0x7f0000000200)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000000cc0)=[@fadd={0x58, 0x114, 0x6, {{0x2, 0x3}, &(0x7f0000000340), 0x0, 0x3, 0x8, 0x7, 0x10001, 0x65, 0x6}}], 0x58, 0x20004814}, 0x0) 0s ago: executing program 3 (id=2652): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, 0x0}, 0x2020) syz_fuse_handle_req(r0, &(0x7f0000008400)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9474a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529d91d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x90, 0x0, 0xfffffffffffffffe, {0x2, 0x0, 0x0, 0xa6, 0x4000, 0x5, {0x3, 0x100000000000, 0x1, 0x101, 0x40200, 0x6, 0x0, 0x1, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x801}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_INIT(r0, &(0x7f0000001240)={0x50, 0x0, r1, {0x7, 0x2b, 0xfff, 0x83120, 0x3, 0x107, 0x1ff, 0x9, 0x0, 0x0, 0x0, 0x5}}, 0x50) r2 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x0) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) dup2(r3, r2) kernel console output (not intermixed with test programs): 331] usb 6-1: unable to read config index 0 descriptor/start: -71 [ 80.507241][ T1331] usb 6-1: can't read configurations, error -71 [ 80.538827][ T7596] program syz.3.641 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 81.009432][ T7623] netlink: 'syz.3.653': attribute type 11 has an invalid length. [ 81.112923][ T7629] netlink: 4 bytes leftover after parsing attributes in process `syz.3.656'. [ 81.425507][ T7619] syz.2.645 (7619) used greatest stack depth: 19576 bytes left [ 81.850020][ T7690] netlink: 'syz.1.682': attribute type 30 has an invalid length. [ 82.324207][ T7713] netlink: 60 bytes leftover after parsing attributes in process `syz.1.695'. [ 82.415694][ T13] syzkaller0: tun_net_xmit 76 [ 82.417854][ T13] syzkaller0: tun_net_xmit 48 [ 82.419698][ T7717] syzkaller0: tun_chr_ioctl cmd 1074812118 [ 82.422093][ T7717] syzkaller0: create flow: hash 4283371142 index 1 [ 82.447434][ T6164] syzkaller0: tun_net_xmit 76 [ 82.452963][ T7717] syzkaller0: delete flow: hash 4283371142 index 1 [ 82.662824][ T7735] netlink: 60 bytes leftover after parsing attributes in process `syz.2.705'. [ 84.259111][ T7791] Driver unsupported XDP return value 0 on prog (id 382) dev N/A, expect packet loss! [ 84.697037][ T10] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 84.846179][ T10] usb 7-1: Using ep0 maxpacket: 8 [ 84.850881][ T10] usb 7-1: config 179 has an invalid interface number: 65 but max is 0 [ 84.854816][ T10] usb 7-1: config 179 has no interface number 0 [ 84.857564][ T10] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 84.861821][ T10] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 84.865631][ T10] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 84.869197][ T10] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 84.872819][ T10] usb 7-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 84.877509][ T10] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 84.880315][ T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 84.885820][ T7817] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 84.950685][ T7869] __nla_validate_parse: 2 callbacks suppressed [ 84.950696][ T7869] netlink: 48 bytes leftover after parsing attributes in process `syz.0.770'. [ 85.101184][ T10] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:179.65/input/input5 [ 85.109252][ T40] kauditd_printk_skb: 354 callbacks suppressed [ 85.109262][ T40] audit: type=1400 audit(1757852462.066:1918): avc: denied { read } for pid=5365 comm="acpid" name="js0" dev="devtmpfs" ino=2861 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 85.121550][ T40] audit: type=1400 audit(1757852462.066:1919): avc: denied { open } for pid=5365 comm="acpid" path="/dev/input/js0" dev="devtmpfs" ino=2861 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 85.131618][ T40] audit: type=1400 audit(1757852462.066:1920): avc: denied { ioctl } for pid=5365 comm="acpid" path="/dev/input/js0" dev="devtmpfs" ino=2861 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 85.299978][ T7817] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 85.304267][ T7817] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 85.313776][ T839] usb 7-1: USB disconnect, device number 2 [ 85.313863][ C0] xpad 7-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 85.313917][ C0] xpad 7-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 85.342438][ T7904] lo speed is unknown, defaulting to 1000 [ 86.082425][ T40] audit: type=1400 audit(1757852463.036:1921): avc: denied { sys_module } for pid=7963 comm="syz.2.816" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 88.023642][ T40] audit: type=1400 audit(1757852464.976:1922): avc: denied { read } for pid=8021 comm="syz.2.841" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 88.037853][ T40] audit: type=1400 audit(1757852464.976:1923): avc: denied { open } for pid=8021 comm="syz.2.841" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 88.045080][ T40] audit: type=1400 audit(1757852464.986:1924): avc: denied { ioctl } for pid=8021 comm="syz.2.841" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 88.754815][ T40] audit: type=1400 audit(1757852465.706:1925): avc: denied { append } for pid=8027 comm="syz.3.845" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 88.764527][ T40] audit: type=1400 audit(1757852465.716:1926): avc: denied { write } for pid=8027 comm="syz.3.845" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 88.985619][ T40] audit: type=1400 audit(1757852465.936:1927): avc: denied { create } for pid=8044 comm="syz.2.852" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 89.138335][ T8070] netlink: 8 bytes leftover after parsing attributes in process `syz.3.865'. [ 89.141417][ T8070] openvswitch: netlink: nsh attribute has 1 unknown bytes. [ 89.143882][ T8070] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 89.321863][ T8104] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 89.363824][ T8110] netlink: 14 bytes leftover after parsing attributes in process `syz.3.884'. [ 89.627191][ T8144] netlink: 68 bytes leftover after parsing attributes in process `syz.2.901'. [ 89.654482][ T8150] netlink: 56 bytes leftover after parsing attributes in process `syz.0.904'. [ 89.791395][ T8180] netlink: 40 bytes leftover after parsing attributes in process `syz.1.918'. [ 89.798201][ T8182] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 89.916013][ T8198] lo speed is unknown, defaulting to 1000 [ 89.996367][ T54] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 90.156221][ T54] usb 8-1: Using ep0 maxpacket: 8 [ 90.159696][ T54] usb 8-1: config 179 has an invalid interface number: 65 but max is 0 [ 90.162289][ T54] usb 8-1: config 179 has no interface number 0 [ 90.164264][ T54] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 90.167862][ T54] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 90.171343][ T54] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 90.174794][ T54] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 90.180460][ T54] usb 8-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 90.184426][ T54] usb 8-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 90.187651][ T54] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 90.192383][ T8174] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 90.404926][ T54] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:179.65/input/input6 [ 90.610235][ T8174] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 90.613116][ T8174] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 91.013351][ T54] usb 8-1: USB disconnect, device number 2 [ 91.015245][ C2] xpad 8-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 91.015265][ C2] xpad 8-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 91.103988][ T40] kauditd_printk_skb: 11 callbacks suppressed [ 91.104003][ T40] audit: type=1400 audit(1757852468.056:1939): avc: denied { read } for pid=8265 comm="syz.2.958" name="card1" dev="devtmpfs" ino=636 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 91.119305][ T40] audit: type=1400 audit(1757852468.056:1940): avc: denied { open } for pid=8265 comm="syz.2.958" path="/dev/dri/card1" dev="devtmpfs" ino=636 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 91.133791][ T40] audit: type=1400 audit(1757852468.056:1941): avc: denied { ioctl } for pid=8265 comm="syz.2.958" path="/dev/dri/card1" dev="devtmpfs" ino=636 ioctlcmd=0x640d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 91.153983][ T40] audit: type=1400 audit(1757852468.106:1942): avc: denied { read write } for pid=8268 comm="syz.1.959" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1 [ 91.166972][ T40] audit: type=1400 audit(1757852468.106:1943): avc: denied { open } for pid=8268 comm="syz.1.959" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1 [ 91.559170][ T40] audit: type=1400 audit(1757852468.516:1944): avc: denied { read write } for pid=8278 comm="syz.3.962" name="video0" dev="devtmpfs" ino=955 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 91.571832][ T40] audit: type=1400 audit(1757852468.516:1945): avc: denied { open } for pid=8278 comm="syz.3.962" path="/dev/video0" dev="devtmpfs" ino=955 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 91.583884][ T40] audit: type=1400 audit(1757852468.516:1946): avc: denied { ioctl } for pid=8278 comm="syz.3.962" path="/dev/video0" dev="devtmpfs" ino=955 ioctlcmd=0x5605 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 91.729399][ T40] audit: type=1400 audit(1757852468.686:1947): avc: denied { name_bind 0x1000000 } for pid=8288 comm="syz.0.961" path="socket:[15324]" dev="sockfs" ino=15324 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1 [ 91.741681][ T40] audit: type=1400 audit(1757852468.696:1948): avc: denied { create } for pid=8290 comm="syz.3.967" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 91.938347][ T8299] mkiss: ax0: crc mode is auto. [ 92.031152][ T8299] mkiss: ax0: crc mode is auto. [ 93.466246][ T1331] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 93.626204][ T1331] usb 8-1: Using ep0 maxpacket: 8 [ 93.630666][ T1331] usb 8-1: config 179 has an invalid interface number: 65 but max is 0 [ 93.634070][ T1331] usb 8-1: config 179 has no interface number 0 [ 93.636763][ T1331] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 93.641372][ T1331] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 93.645711][ T1331] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 93.650461][ T1331] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 93.656347][ T1331] usb 8-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 93.661067][ T1331] usb 8-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 93.664428][ T1331] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 93.671338][ T8365] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 93.803071][ T8397] team0: No ports can be present during mode change [ 93.879454][ T1331] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:179.65/input/input7 [ 93.939213][ T8401] syzkaller1: entered promiscuous mode [ 93.941380][ T8401] syzkaller1: entered allmulticast mode [ 94.080031][ T8365] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 94.082939][ T8365] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 94.086488][ T1331] usb 8-1: USB disconnect, device number 3 [ 94.086539][ C3] xpad 8-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 94.086559][ C3] xpad 8-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 94.192736][ T10] hid-generic 0005:15C2:1010.0002: item fetching failed at offset 0/1 [ 94.208119][ T10] hid-generic 0005:15C2:1010.0002: probe with driver hid-generic failed with error -22 [ 95.426218][ T10] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 95.797733][ T10] usb 8-1: Using ep0 maxpacket: 8 [ 95.802309][ T10] usb 8-1: config 179 has an invalid interface number: 65 but max is 0 [ 95.804941][ T10] usb 8-1: config 179 has no interface number 0 [ 95.807102][ T10] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 95.810736][ T10] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 95.814343][ T10] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 95.817921][ T10] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 95.821495][ T10] usb 8-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 95.825734][ T10] usb 8-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 95.828669][ T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 95.832961][ T8455] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 96.040277][ T10] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:179.65/input/input8 [ 96.244396][ T8455] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 96.247658][ T8455] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 96.252735][ T6164] usb 8-1: USB disconnect, device number 4 [ 96.252855][ C0] xpad 8-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 96.257951][ C0] dummy_hcd dummy_hcd.3: timer fired with no URBs pending? [ 96.273386][ T40] kauditd_printk_skb: 21 callbacks suppressed [ 96.273402][ T40] audit: type=1400 audit(1757852473.226:1970): avc: denied { write } for pid=8472 comm="syz.1.1042" path="socket:[17383]" dev="sockfs" ino=17383 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 96.515856][ T8483] tmpfs: Bad value for 'mpol' [ 96.516157][ T40] audit: type=1400 audit(1757852473.466:1971): avc: denied { mounton } for pid=8482 comm="syz.1.1047" path="/syzcgroup/unified/syz1" dev="cgroup2" ino=96 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1 [ 96.895157][ T8497] netlink: 64691 bytes leftover after parsing attributes in process `syz.3.1052'. [ 97.745746][ T40] audit: type=1400 audit(1757852474.696:1972): avc: denied { mounton } for pid=8519 comm="syz.2.1061" path="/proc/543/task" dev="proc" ino=19557 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 97.839398][ T8530] netlink: 'syz.3.1065': attribute type 3 has an invalid length. [ 97.882084][ T8536] capability: warning: `syz.3.1067' uses deprecated v2 capabilities in a way that may be insecure [ 97.907020][ T53] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 98.166279][ T53] usb 6-1: Using ep0 maxpacket: 8 [ 98.169952][ T53] usb 6-1: config 179 has an invalid interface number: 65 but max is 0 [ 98.173319][ T53] usb 6-1: config 179 has no interface number 0 [ 98.175878][ T53] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 98.180496][ T53] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 98.185879][ T53] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 98.193783][ T53] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 98.198451][ T53] usb 6-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 98.203937][ T53] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 98.207748][ T53] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 98.225225][ T8515] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 98.254641][ T40] audit: type=1400 audit(1757852475.206:1973): avc: denied { ioctl } for pid=8543 comm="syz.3.1072" path="socket:[19579]" dev="sockfs" ino=19579 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 98.264497][ T40] audit: type=1400 audit(1757852475.226:1974): avc: denied { connect } for pid=8543 comm="syz.3.1072" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 98.473487][ T40] audit: type=1400 audit(1757852475.226:1975): avc: denied { write } for pid=8543 comm="syz.3.1072" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 98.507250][ T53] input: Generic X-Box pad as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:179.65/input/input9 [ 98.629597][ T8558] netlink: 'syz.0.1077': attribute type 3 has an invalid length. [ 98.681621][ T8515] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 98.686344][ T8515] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 98.695189][ T53] usb 6-1: USB disconnect, device number 4 [ 98.695263][ C1] xpad 6-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 98.701157][ C1] xpad 6-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 98.868328][ T40] audit: type=1400 audit(1757852475.826:1976): avc: denied { bind } for pid=8568 comm="syz.3.1082" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 98.999658][ T8577] netlink: 'syz.2.1086': attribute type 3 has an invalid length. [ 99.037578][ T8579] netlink: 168 bytes leftover after parsing attributes in process `syz.2.1087'. [ 99.402656][ T40] audit: type=1400 audit(1757852476.356:1977): avc: denied { getopt } for pid=8587 comm="syz.2.1091" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 99.695973][ T8569] Bluetooth: hci0: Opcode 0x0401 failed: -4 [ 99.728538][ T8595] veth0: entered promiscuous mode [ 99.900580][ T40] audit: type=1400 audit(1757852476.856:1978): avc: denied { setopt } for pid=8602 comm="syz.0.1096" lport=57555 faddr=::ffff:100.1.1.0 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 99.928389][ T8605] netlink: 'syz.0.1097': attribute type 3 has an invalid length. [ 99.946301][ T8597] veth0: left promiscuous mode [ 100.092433][ T40] audit: type=1400 audit(1757852477.046:1979): avc: denied { create } for pid=8622 comm="syz.0.1105" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 100.124302][ T8625] netlink: 'syz.3.1107': attribute type 3 has an invalid length. [ 100.380861][ T8640] lo speed is unknown, defaulting to 1000 [ 100.456543][ T8642] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9) [ 100.458737][ T8642] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 100.461846][ T8642] vhci_hcd vhci_hcd.0: Device attached [ 100.767796][ T54] vhci_hcd: vhci_device speed not set [ 100.826124][ T54] usb 37-1: new full-speed USB device number 2 using vhci_hcd [ 100.896296][ T5973] Bluetooth: hci0: command 0x0401 tx timeout [ 101.022127][ T8643] vhci_hcd: connection reset by peer [ 101.026379][ T81] vhci_hcd: stop threads [ 101.028532][ T81] vhci_hcd: release socket [ 101.030751][ T81] vhci_hcd: disconnect device [ 101.395677][ T8663] netlink: 'syz.1.1119': attribute type 3 has an invalid length. [ 101.929046][ T40] kauditd_printk_skb: 5 callbacks suppressed [ 101.929061][ T40] audit: type=1400 audit(1757852478.886:1985): avc: denied { read write } for pid=8691 comm="syz.3.1132" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 101.941359][ T40] audit: type=1400 audit(1757852478.886:1986): avc: denied { open } for pid=8691 comm="syz.3.1132" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 101.950506][ T40] audit: type=1400 audit(1757852478.886:1987): avc: denied { map } for pid=8691 comm="syz.3.1132" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 101.965018][ T40] audit: type=1400 audit(1757852478.886:1988): avc: denied { execute } for pid=8691 comm="syz.3.1132" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 102.000926][ T40] audit: type=1400 audit(1757852478.956:1989): avc: denied { ioctl } for pid=8691 comm="syz.3.1132" path="/dev/nullb0" dev="devtmpfs" ino=707 ioctlcmd=0x127f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 102.713210][ T40] audit: type=1400 audit(1757852479.666:1990): avc: denied { getopt } for pid=8714 comm="syz.1.1141" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 102.775919][ T8717] lo speed is unknown, defaulting to 1000 [ 103.080002][ T40] audit: type=1400 audit(1757852480.036:1991): avc: denied { create } for pid=8726 comm="syz.1.1146" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 103.086218][ T40] audit: type=1400 audit(1757852480.036:1992): avc: denied { setopt } for pid=8726 comm="syz.1.1146" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 103.358234][ T8749] usb usb7: usbfs: process 8749 (syz.3.1157) did not claim interface 0 before use [ 103.513077][ T8757] netlink: 'syz.1.1155': attribute type 10 has an invalid length. [ 103.517309][ T8757] team0: Device ipvlan1 failed to register rx_handler [ 103.830552][ T40] audit: type=1400 audit(1757852480.786:1993): avc: denied { read } for pid=8764 comm="syz.2.1163" laddr=::ac14:14aa lport=46073 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 103.971892][ T40] audit: type=1400 audit(1757852480.926:1994): avc: denied { read write } for pid=8774 comm="syz.2.1168" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 105.086779][ T5973] Bluetooth: hci0: unexpected event for opcode 0x2035 [ 105.572756][ T8857] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1200'. [ 105.927206][ T54] vhci_hcd: vhci_device speed not set [ 105.936724][ T8859] veth0: entered promiscuous mode [ 106.766718][ T8858] veth0: left promiscuous mode [ 107.012116][ T8921] veth0: entered promiscuous mode [ 107.691091][ T40] kauditd_printk_skb: 16 callbacks suppressed [ 107.691106][ T40] audit: type=1400 audit(1757852484.646:2011): avc: denied { read } for pid=8945 comm="syz.2.1237" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 107.701301][ T40] audit: type=1400 audit(1757852484.646:2012): avc: denied { open } for pid=8945 comm="syz.2.1237" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 107.701343][ T40] audit: type=1400 audit(1757852484.646:2013): avc: denied { ioctl } for pid=8945 comm="syz.2.1237" path="/dev/fb0" dev="devtmpfs" ino=637 ioctlcmd=0x4606 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 107.826144][ T40] audit: type=1400 audit(1757852484.756:2014): avc: denied { ioctl } for pid=8941 comm="syz.3.1236" path="/dev/input/event0" dev="devtmpfs" ino=941 ioctlcmd=0x4509 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 107.848726][ T8920] veth0: left promiscuous mode [ 108.004181][ T8954] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1240'. [ 108.458971][ T8962] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 108.502931][ T40] audit: type=1400 audit(1757852485.456:2015): avc: denied { read } for pid=8966 comm="syz.1.1245" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 108.553823][ T40] audit: type=1400 audit(1757852485.506:2016): avc: denied { setopt } for pid=8966 comm="syz.1.1245" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 108.995956][ T8999] lo speed is unknown, defaulting to 1000 [ 109.267649][ T40] audit: type=1400 audit(1757852486.226:2017): avc: denied { bind } for pid=9025 comm="syz.3.1272" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 109.315393][ T9031] veth0: entered promiscuous mode [ 109.381821][ T9039] delete_channel: no stack [ 109.502496][ T54] kernel write not supported for file /dsp (pid: 54 comm: kworker/2:1) [ 109.514758][ T9035] veth0: left promiscuous mode [ 109.585946][ T9060] veth0: entered promiscuous mode [ 109.773135][ T9064] veth0: left promiscuous mode [ 109.929714][ T9079] warning: `syz.0.1290' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 110.048634][ T40] audit: type=1400 audit(1757852487.016:2018): avc: denied { ioctl } for pid=9088 comm="syz.1.1297" path="socket:[20985]" dev="sockfs" ino=20985 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 110.143070][ T9093] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1299'. [ 110.240375][ T40] audit: type=1400 audit(1757852487.196:2019): avc: denied { write } for pid=9100 comm="syz.3.1303" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 110.322410][ T40] audit: type=1400 audit(1757852487.276:2020): avc: denied { mount } for pid=9102 comm="syz.2.1304" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 111.171874][ T9138] ip6_vti0: entered promiscuous mode [ 111.328908][ T9152] tipc: Started in network mode [ 111.330832][ T9152] tipc: Node identity ac1414aa, cluster identity 4711 [ 111.333538][ T9152] tipc: Enabled bearer , priority 10 [ 111.446504][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 111.449926][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 111.470321][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 111.497871][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 111.501288][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 111.505170][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 111.629395][ T9169] ip6_vti0: entered promiscuous mode [ 111.937234][ T6164] hid-generic 0005:0B57:05DF.0003: unknown main item tag 0x5 [ 111.946394][ T6164] hid-generic 0005:0B57:05DF.0003: hidraw1: BLUETOOTH HID v0.09 Device [syz1] on aa:aa:aa:aa:aa:aa [ 112.181587][ T9191] capability: warning: `syz.2.1340' uses 32-bit capabilities (legacy support in use) [ 112.187273][ T9191] random: crng reseeded on system resumption [ 112.269273][ T9198] ip6_vti0: entered promiscuous mode [ 112.450643][ T6034] tipc: Node number set to 2886997162 [ 112.536532][ T9213] bridge_slave_0: default FDB implementation only supports local addresses [ 112.540679][ T9213] bridge_slave_0: default FDB implementation only supports local addresses [ 112.564828][ T9215] veth0: entered promiscuous mode [ 112.703645][ T9234] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1359'. [ 112.734631][ T9218] veth0: left promiscuous mode [ 113.096860][ T9270] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1376'. [ 113.199550][ T40] kauditd_printk_skb: 6 callbacks suppressed [ 113.199564][ T40] audit: type=1400 audit(1757852490.156:2027): avc: denied { unmount } for pid=5967 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 113.465944][ T40] audit: type=1400 audit(1757852490.416:2028): avc: denied { connect } for pid=9278 comm="syz.2.1380" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 114.152854][ T9297] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1386'. [ 114.199537][ T9306] fuse: Bad value for 'fd' [ 114.265225][ T9311] lo speed is unknown, defaulting to 1000 [ 114.404855][ T9325] pim6reg1: entered promiscuous mode [ 114.406706][ T9325] pim6reg1: entered allmulticast mode [ 114.430633][ T9327] lo speed is unknown, defaulting to 1000 [ 115.137395][ T5331] Bluetooth: hci2: command 0x0406 tx timeout [ 115.270557][ T9339] lo speed is unknown, defaulting to 1000 [ 115.612000][ T9376] lo speed is unknown, defaulting to 1000 [ 115.763563][ T9382] lo speed is unknown, defaulting to 1000 [ 115.978301][ T9405] lo speed is unknown, defaulting to 1000 [ 116.214923][ T9428] lo speed is unknown, defaulting to 1000 [ 117.503313][ T9482] lo speed is unknown, defaulting to 1000 [ 117.678960][ T9496] lo speed is unknown, defaulting to 1000 [ 117.992269][ T9528] wg2: entered promiscuous mode [ 117.994386][ T9528] wg2: entered allmulticast mode [ 118.115252][ T9540] pim6reg1: entered promiscuous mode [ 118.119201][ T9540] pim6reg1: entered allmulticast mode [ 119.697720][ T9638] lo speed is unknown, defaulting to 1000 [ 119.813763][ T9649] lo speed is unknown, defaulting to 1000 [ 119.916359][ T9666] wg2: entered promiscuous mode [ 119.918487][ T9666] wg2: entered allmulticast mode [ 120.092916][ T9682] lo speed is unknown, defaulting to 1000 [ 120.193293][ T9676] lo speed is unknown, defaulting to 1000 [ 120.333190][ T9685] lo speed is unknown, defaulting to 1000 [ 120.553960][ T9690] lo speed is unknown, defaulting to 1000 [ 121.741152][ T9833] sit0: entered promiscuous mode [ 121.743056][ T9833] sit0: entered allmulticast mode [ 121.801167][ T9844] veth0: entered promiscuous mode [ 121.969519][ T9859] lo speed is unknown, defaulting to 1000 [ 122.001712][ T9849] veth0: left promiscuous mode [ 122.308901][ T9872] lo speed is unknown, defaulting to 1000 [ 122.346130][ T5973] Bluetooth: hci0: command 0x0401 tx timeout [ 122.883277][ T9884] lo speed is unknown, defaulting to 1000 [ 124.628437][ T9925] lo speed is unknown, defaulting to 1000 [ 125.986346][ T9979] lo speed is unknown, defaulting to 1000 [ 126.115200][ T9977] lo speed is unknown, defaulting to 1000 [ 126.323479][T10005] lo speed is unknown, defaulting to 1000 [ 126.916991][T10083] pim6reg1: entered promiscuous mode [ 126.921791][T10083] pim6reg1: entered allmulticast mode [ 126.933646][T10087] 9pnet_fd: Insufficient options for proto=fd [ 127.241297][T10134] wg2: entered promiscuous mode [ 127.243605][T10134] wg2: entered allmulticast mode [ 127.249801][T10131] lo speed is unknown, defaulting to 1000 [ 128.920430][ T40] audit: type=1400 audit(1757852505.876:2029): avc: denied { create } for pid=10252 comm="syz.0.1795" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 130.618714][T10298] 9pnet_fd: Insufficient options for proto=fd [ 130.692769][T10304] pim6reg1: entered promiscuous mode [ 130.694790][T10304] pim6reg1: entered allmulticast mode [ 131.131431][T10365] pim6reg1: entered promiscuous mode [ 131.133166][T10365] pim6reg1: entered allmulticast mode [ 131.192999][T10371] syzkaller0: entered promiscuous mode [ 131.195328][T10371] syzkaller0: entered allmulticast mode [ 132.211754][T10406] lo speed is unknown, defaulting to 1000 [ 132.660638][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.663304][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.530407][T10442] lo speed is unknown, defaulting to 1000 [ 133.599844][T10450] pim6reg1: entered promiscuous mode [ 133.602171][T10450] pim6reg1: entered allmulticast mode [ 133.696301][ T5331] Bluetooth: hci3: command 0x0406 tx timeout [ 134.121542][T10491] lo speed is unknown, defaulting to 1000 [ 134.391715][T10515] 9pnet_fd: Insufficient options for proto=fd [ 134.946277][T10542] lo speed is unknown, defaulting to 1000 [ 134.955671][T10547] 9pnet_fd: Insufficient options for proto=fd [ 135.047758][T10549] pim6reg1: entered promiscuous mode [ 135.049483][T10549] pim6reg1: entered allmulticast mode [ 136.179775][T10561] pim6reg1: entered promiscuous mode [ 136.181863][T10561] pim6reg1: entered allmulticast mode [ 136.800114][ T40] audit: type=1400 audit(1757852513.756:2030): avc: denied { create } for pid=10624 comm="syz.2.1949" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 137.122399][T10650] pim6reg1: entered promiscuous mode [ 137.124687][T10650] pim6reg1: entered allmulticast mode [ 137.327700][T10662] pim6reg1: entered promiscuous mode [ 137.329422][T10662] pim6reg1: entered allmulticast mode [ 137.342898][T10662] cgroup: fork rejected by pids controller in /syz2 [ 137.752147][ T40] audit: type=1400 audit(1757852514.706:2031): avc: denied { execute } for pid=10688 comm="syz-executor" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 137.776140][ T40] audit: type=1400 audit(1757852514.706:2032): avc: denied { execute_no_trans } for pid=10688 comm="syz-executor" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 137.904140][ T40] audit: type=1400 audit(1757852514.856:2033): avc: denied { read } for pid=10701 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 137.909521][ T5331] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 137.911980][ T40] audit: type=1400 audit(1757852514.856:2034): avc: denied { open } for pid=10701 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 137.915034][ T5331] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 137.927411][ T5331] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 137.934876][ T5331] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 137.938631][ T5331] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 137.959621][ T40] audit: type=1400 audit(1757852514.916:2035): avc: denied { mounton } for pid=10701 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 137.994332][T10701] lo speed is unknown, defaulting to 1000 [ 138.162356][T10701] chnl_net:caif_netlink_parms(): no params data found [ 138.358746][T10701] bridge0: port 1(bridge_slave_0) entered blocking state [ 138.361059][T10701] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.363921][T10701] bridge_slave_0: entered allmulticast mode [ 138.367033][T10701] bridge_slave_0: entered promiscuous mode [ 138.370532][T10701] bridge0: port 2(bridge_slave_1) entered blocking state [ 138.372829][T10701] bridge0: port 2(bridge_slave_1) entered disabled state [ 138.375251][T10701] bridge_slave_1: entered allmulticast mode [ 138.380298][T10701] bridge_slave_1: entered promiscuous mode [ 138.431849][T10701] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 138.438822][T10701] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 138.485884][T10736] veth0_vlan: entered allmulticast mode [ 138.502686][T10701] team0: Port device team_slave_0 added [ 138.514236][T10701] team0: Port device team_slave_1 added [ 138.573474][T10701] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 138.576567][T10701] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 138.587509][T10701] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 138.593338][T10701] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 138.596409][T10701] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 138.609225][T10701] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 138.710013][T10701] hsr_slave_0: entered promiscuous mode [ 138.713069][T10701] hsr_slave_1: entered promiscuous mode [ 138.715403][T10701] debugfs: 'hsr0' already exists in 'hsr' [ 138.717556][T10701] Cannot create hsr debugfs directory [ 138.855503][T10758] lo speed is unknown, defaulting to 1000 [ 139.470678][T10701] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 139.598578][T10701] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 139.694856][T10701] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 139.789111][T10701] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 140.016842][ T5973] Bluetooth: hci1: command tx timeout [ 140.779322][T10828] lo speed is unknown, defaulting to 1000 [ 140.801113][T10701] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 140.807289][T10701] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 140.814848][T10701] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 140.821489][T10701] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 140.920915][T10701] 8021q: adding VLAN 0 to HW filter on device bond0 [ 141.812976][T10701] 8021q: adding VLAN 0 to HW filter on device team0 [ 141.839051][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 141.842136][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 141.861170][ T98] bridge0: port 2(bridge_slave_1) entered blocking state [ 141.863770][ T98] bridge0: port 2(bridge_slave_1) entered forwarding state [ 141.902747][T10701] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 142.108263][ T5973] Bluetooth: hci1: command tx timeout [ 142.810859][T10701] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 142.840197][T10701] veth0_vlan: entered promiscuous mode [ 142.848266][T10701] veth1_vlan: entered promiscuous mode [ 142.865786][T10701] veth0_macvtap: entered promiscuous mode [ 142.873000][T10701] veth1_macvtap: entered promiscuous mode [ 142.923253][T10701] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 142.933713][T10701] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 142.947668][ T46] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 142.951188][ T46] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 142.955357][ T46] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 142.970634][ T46] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 143.022763][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 143.025469][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 143.045580][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 143.049684][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 143.058999][ T40] audit: type=1400 audit(1757852520.016:2036): avc: denied { mounton } for pid=10701 comm="syz-executor" path="/syzkaller.xlYXqj/syz-tmp" dev="sda1" ino=2038 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 143.067279][ T40] audit: type=1400 audit(1757852520.016:2037): avc: denied { mount } for pid=10701 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 143.074593][ T40] audit: type=1400 audit(1757852520.016:2038): avc: denied { mounton } for pid=10701 comm="syz-executor" path="/syzkaller.xlYXqj/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 143.084472][ T40] audit: type=1400 audit(1757852520.016:2039): avc: denied { mounton } for pid=10701 comm="syz-executor" path="/syzkaller.xlYXqj/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=29763 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 143.094238][ T40] audit: type=1400 audit(1757852520.026:2040): avc: denied { unmount } for pid=10701 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 143.116118][ T40] audit: type=1400 audit(1757852520.036:2041): avc: denied { mounton } for pid=10701 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=2837 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 143.123489][ T40] audit: type=1400 audit(1757852520.036:2042): avc: denied { mount } for pid=10701 comm="syz-executor" name="/" dev="gadgetfs" ino=9223 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 143.132640][ T40] audit: type=1400 audit(1757852520.036:2043): avc: denied { mounton } for pid=10701 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 143.157057][T10898] pim6reg1: entered promiscuous mode [ 143.159324][T10898] pim6reg1: entered allmulticast mode [ 143.239946][T10913] pim6reg1: entered promiscuous mode [ 143.242242][T10913] pim6reg1: entered allmulticast mode [ 143.341491][T10924] veth1_macvtap: left promiscuous mode [ 143.343351][T10924] macsec0: entered allmulticast mode [ 143.765656][T10946] lo speed is unknown, defaulting to 1000 [ 144.176483][ T5973] Bluetooth: hci1: command tx timeout [ 144.252235][ T40] audit: type=1400 audit(1757852521.206:2044): avc: denied { create } for pid=10991 comm="syz.2.2099" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 144.297899][T10994] lo speed is unknown, defaulting to 1000 [ 144.443971][ T40] audit: type=1400 audit(1757852521.396:2045): avc: denied { create } for pid=11007 comm="syz.1.2106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 145.716545][T11032] lo speed is unknown, defaulting to 1000 [ 146.174276][T11095] lo speed is unknown, defaulting to 1000 [ 146.256276][ T5973] Bluetooth: hci1: command tx timeout [ 146.495088][ T5331] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 146.499056][ T5331] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 146.502624][ T5331] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 146.506417][ T5331] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 146.509139][ T5331] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 146.560091][T11121] lo speed is unknown, defaulting to 1000 [ 146.740848][T11121] chnl_net:caif_netlink_parms(): no params data found [ 146.837299][ T1149] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 146.849835][T11121] bridge0: port 1(bridge_slave_0) entered blocking state [ 146.852694][T11121] bridge0: port 1(bridge_slave_0) entered disabled state [ 146.855619][T11121] bridge_slave_0: entered allmulticast mode [ 146.861666][T11121] bridge_slave_0: entered promiscuous mode [ 146.867004][T11121] bridge0: port 2(bridge_slave_1) entered blocking state [ 146.870009][T11121] bridge0: port 2(bridge_slave_1) entered disabled state [ 146.873034][T11121] bridge_slave_1: entered allmulticast mode [ 146.876518][T11121] bridge_slave_1: entered promiscuous mode [ 146.941427][T11121] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 146.947131][T11121] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 146.951563][T11170] lo speed is unknown, defaulting to 1000 [ 146.968095][ T1149] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 147.037956][T11121] team0: Port device team_slave_0 added [ 147.042753][T11121] team0: Port device team_slave_1 added [ 147.099706][ T1149] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 147.262570][T11121] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 147.264972][T11121] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 147.274928][T11121] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 147.290834][ T1149] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 147.305700][T11121] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 147.309061][T11121] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 147.319146][T11121] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 147.420305][T11121] hsr_slave_0: entered promiscuous mode [ 147.422501][T11121] hsr_slave_1: entered promiscuous mode [ 147.424654][T11121] debugfs: 'hsr0' already exists in 'hsr' [ 147.426613][T11121] Cannot create hsr debugfs directory [ 147.515329][ T1149] bridge_slave_1: left allmulticast mode [ 147.518447][ T1149] bridge_slave_1: left promiscuous mode [ 147.521821][ T1149] bridge0: port 2(bridge_slave_1) entered disabled state [ 147.527528][ T1149] bridge_slave_0: left allmulticast mode [ 147.529989][ T1149] bridge_slave_0: left promiscuous mode [ 147.532198][ T1149] bridge0: port 1(bridge_slave_0) entered disabled state [ 147.767489][ T1149] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 147.772729][ T1149] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 147.776347][ T1149] bond0 (unregistering): (slave dummy0): Releasing backup interface [ 147.782678][ T1149] bond0 (unregistering): Released all slaves [ 147.784362][T11222] tipc: Can't bind to reserved service type 1 [ 147.849743][ T1149] bond1 (unregistering): Released all slaves [ 147.935932][ T1149] tipc: Left network mode [ 148.238164][ T1149] hsr_slave_0: left promiscuous mode [ 148.241137][ T1149] hsr_slave_1: left promiscuous mode [ 148.243862][ T1149] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 148.250034][ T1149] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 148.471501][T11233] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2199'. [ 148.471721][ T40] kauditd_printk_skb: 6 callbacks suppressed [ 148.471735][ T40] audit: type=1400 audit(1757852525.426:2052): avc: denied { nlmsg_read } for pid=11232 comm="syz.3.2199" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 148.588255][ T5331] Bluetooth: hci3: command tx timeout [ 148.783959][ T1149] team0 (unregistering): Port device team_slave_1 removed [ 148.848798][ T1149] team0 (unregistering): Port device team_slave_0 removed [ 149.301830][T11235] lo speed is unknown, defaulting to 1000 [ 149.380071][T11121] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 149.389470][T11121] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 149.391240][ T40] audit: type=1400 audit(1757852526.346:2053): avc: denied { setopt } for pid=11248 comm="syz.0.2205" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 149.410767][T11121] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 149.422516][T11121] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 149.506154][ T40] audit: type=1400 audit(1757852526.456:2054): avc: denied { bind } for pid=11262 comm="syz.0.2209" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 149.516760][T11121] 8021q: adding VLAN 0 to HW filter on device bond0 [ 149.529839][T11121] 8021q: adding VLAN 0 to HW filter on device team0 [ 149.535234][ T81] bridge0: port 1(bridge_slave_0) entered blocking state [ 149.538428][ T81] bridge0: port 1(bridge_slave_0) entered forwarding state [ 149.550199][ T1143] bridge0: port 2(bridge_slave_1) entered blocking state [ 149.552880][ T1143] bridge0: port 2(bridge_slave_1) entered forwarding state [ 149.673817][T11121] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 149.696800][T11121] veth0_vlan: entered promiscuous mode [ 149.701590][T11121] veth1_vlan: entered promiscuous mode [ 149.717892][T11121] veth0_macvtap: entered promiscuous mode [ 149.727104][T11121] veth1_macvtap: entered promiscuous mode [ 149.735620][T11121] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 149.742707][T11121] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 149.748620][ T46] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 149.751777][ T46] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 149.754913][ T46] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 149.757709][ T46] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 149.790366][ T81] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 149.792795][ T81] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 149.808785][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 149.811160][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 149.829414][T11276] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 149.839847][T11276] kvm: pic: non byte read [ 149.842564][T11276] kvm: pic: level sensitive irq not supported [ 149.842916][T11276] kvm: pic: non byte read [ 149.847643][T11276] kvm: pic: level sensitive irq not supported [ 149.847906][T11276] kvm: pic: non byte read [ 149.855468][T11276] kvm: pic: level sensitive irq not supported [ 149.855828][T11276] kvm: pic: non byte read [ 149.861104][T11276] kvm: pic: level sensitive irq not supported [ 149.861427][T11276] kvm: pic: non byte read [ 149.870278][T11276] kvm: pic: level sensitive irq not supported [ 149.870712][T11276] kvm: pic: non byte read [ 149.878271][T11276] kvm: pic: level sensitive irq not supported [ 149.878706][T11276] kvm: pic: non byte read [ 150.122778][ T40] audit: type=1400 audit(1757852527.076:2055): avc: denied { write } for pid=11285 comm="syz.2.2216" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 150.136140][ T29] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 150.244703][ T5973] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 150.254432][ T5973] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 150.258217][ T5973] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 150.261777][ T5973] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 150.264621][ T5973] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 150.286216][ T29] usb 6-1: Using ep0 maxpacket: 8 [ 150.289972][ T29] usb 6-1: config 179 has an invalid interface number: 65 but max is 0 [ 150.293072][ T29] usb 6-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config [ 150.294665][T11287] lo speed is unknown, defaulting to 1000 [ 150.297180][ T29] usb 6-1: config 179 has no interface number 0 [ 150.302064][ T29] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 150.306566][ T29] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 150.311115][ T29] usb 6-1: config 179 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23 [ 150.316296][ T29] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 150.320202][ T29] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 150.330156][T11282] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 150.389260][ T40] audit: type=1400 audit(1757852527.346:2056): avc: denied { ioctl } for pid=11289 comm="syz.2.2217" path="/dev/binderfs/binder0" dev="binder" ino=4 ioctlcmd=0xf50f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 150.390484][T11290] binder: 11289:11290 ioctl f50f 0 returned -22 [ 150.445112][ T1149] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 150.449459][ T1149] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.535545][ T29] usb 6-1: USB disconnect, device number 5 [ 150.540458][ T1149] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 150.546122][ T1149] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.556409][T11287] chnl_net:caif_netlink_parms(): no params data found [ 150.629695][ T40] audit: type=1400 audit(1757852527.586:2057): avc: denied { unlink } for pid=11303 comm="syz.2.2220" name="#1" dev="tmpfs" ino=149 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 150.643924][ T40] audit: type=1400 audit(1757852527.596:2058): avc: denied { mount } for pid=11303 comm="syz.2.2220" name="/" dev="overlay" ino=145 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 150.645075][T11305] overlayfs: failed lookup in lower (newroot/24, name='bus', err=-40): overlapping layers [ 150.656824][ T5973] Bluetooth: hci3: command tx timeout [ 150.662619][T11305] overlayfs: failed lookup in lower (newroot/24, name='bus', err=-40): overlapping layers [ 150.684610][ T1149] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 150.688864][ T1149] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.699244][T11287] bridge0: port 1(bridge_slave_0) entered blocking state [ 150.702149][T11287] bridge0: port 1(bridge_slave_0) entered disabled state [ 150.706541][T11287] bridge_slave_0: entered allmulticast mode [ 150.710535][T11287] bridge_slave_0: entered promiscuous mode [ 150.715404][T11287] bridge0: port 2(bridge_slave_1) entered blocking state [ 150.718594][T11287] bridge0: port 2(bridge_slave_1) entered disabled state [ 150.722050][T11287] bridge_slave_1: entered allmulticast mode [ 150.726011][T11287] bridge_slave_1: entered promiscuous mode [ 150.790629][T11287] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 150.799852][T11287] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 150.809571][ T1149] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 150.813042][ T1149] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.883659][T11287] team0: Port device team_slave_0 added [ 151.003540][T11287] team0: Port device team_slave_1 added [ 151.044271][T11287] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 151.046728][T11287] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 151.054527][T11287] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 151.059517][T11287] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 151.061743][T11287] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 151.069475][T11287] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 151.163427][T11287] hsr_slave_0: entered promiscuous mode [ 151.167467][T11287] hsr_slave_1: entered promiscuous mode [ 151.170076][T11287] debugfs: 'hsr0' already exists in 'hsr' [ 151.171956][T11287] Cannot create hsr debugfs directory [ 151.182042][ T40] audit: type=1400 audit(1757852528.136:2059): avc: denied { read } for pid=11324 comm="syz.0.2228" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 151.353594][ T1149] dvmrp8 (unregistering): left allmulticast mode [ 151.473833][ T1149] bond0 (unregistering): Released all slaves [ 151.901263][ T1149] hsr_slave_0: left promiscuous mode [ 151.904286][ T1149] hsr_slave_1: left promiscuous mode [ 151.957898][ T1149] veth0_macvtap: left promiscuous mode [ 151.960407][ T1149] veth1_vlan: left promiscuous mode [ 151.962609][ T1149] veth0_vlan: left promiscuous mode [ 152.337479][ T5973] Bluetooth: hci2: command tx timeout [ 152.746216][ T5973] Bluetooth: hci3: command tx timeout [ 153.012432][ T46] smc: removing ib device sz1 [ 153.017826][ T1331] lo speed is unknown, defaulting to 1000 [ 153.020367][ T1331] sz1: Port: 1 Link DOWN [ 153.121029][T11349] syz.0.2235: vmalloc error: size 268435456, failed to allocated page array size 524288, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 153.127178][T11349] CPU: 2 UID: 0 PID: 11349 Comm: syz.0.2235 Not tainted syzkaller #0 PREEMPT(full) [ 153.127210][T11349] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 153.127221][T11349] Call Trace: [ 153.127228][T11349] [ 153.127235][T11349] dump_stack_lvl+0x16c/0x1f0 [ 153.127265][T11349] warn_alloc+0x248/0x3a0 [ 153.127287][T11349] ? __pfx_warn_alloc+0x10/0x10 [ 153.127318][T11349] ? xp_create_and_assign_umem+0x1b5/0xe20 [ 153.127342][T11349] ? __vmalloc_node_noprof+0xad/0xf0 [ 153.127373][T11349] __vmalloc_node_range_noprof+0x101b/0x14b0 [ 153.127409][T11349] ? xp_create_and_assign_umem+0x1b5/0xe20 [ 153.127440][T11349] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 153.127471][T11349] ? ___kmalloc_large_node+0xed/0x160 [ 153.127502][T11349] __kvmalloc_node_noprof+0x30a/0x620 [ 153.127520][T11349] ? xp_create_and_assign_umem+0x1b5/0xe20 [ 153.127545][T11349] ? xp_create_and_assign_umem+0x1b5/0xe20 [ 153.127574][T11349] ? xp_create_and_assign_umem+0x1b5/0xe20 [ 153.127596][T11349] xp_create_and_assign_umem+0x1b5/0xe20 [ 153.127619][T11349] ? dev_get_by_index+0x17c/0x380 [ 153.127649][T11349] xsk_bind+0x4c6/0x1570 [ 153.127671][T11349] ? __pfx_xsk_bind+0x10/0x10 [ 153.127696][T11349] __sys_bind+0x1a4/0x260 [ 153.127715][T11349] ? __pfx___sys_bind+0x10/0x10 [ 153.127744][T11349] ? do_user_addr_fault+0x843/0x1370 [ 153.127767][T11349] __x64_sys_bind+0x72/0xb0 [ 153.127783][T11349] ? lockdep_hardirqs_on+0x7c/0x110 [ 153.127806][T11349] do_syscall_64+0xcd/0x4e0 [ 153.127832][T11349] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 153.127850][T11349] RIP: 0033:0x7f3d6138eba9 [ 153.127865][T11349] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 153.127881][T11349] RSP: 002b:00007f3d62200038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 153.127899][T11349] RAX: ffffffffffffffda RBX: 00007f3d615d6180 RCX: 00007f3d6138eba9 [ 153.127910][T11349] RDX: 0000000000000010 RSI: 0000200000000100 RDI: 0000000000000003 [ 153.127921][T11349] RBP: 00007f3d61411e19 R08: 0000000000000000 R09: 0000000000000000 [ 153.127931][T11349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 153.127942][T11349] R13: 00007f3d615d6218 R14: 00007f3d615d6180 R15: 00007ffc46b5f1c8 [ 153.127965][T11349] [ 153.127972][T11349] Mem-Info: [ 153.205283][T11349] active_anon:5965 inactive_anon:0 isolated_anon:0 [ 153.205283][T11349] active_file:5157 inactive_file:50462 isolated_file:0 [ 153.205283][T11349] unevictable:1768 dirty:108 writeback:0 [ 153.205283][T11349] slab_reclaimable:12585 slab_unreclaimable:72855 [ 153.205283][T11349] mapped:24167 shmem:2393 pagetables:1229 [ 153.205283][T11349] sec_pagetables:311 bounce:0 [ 153.205283][T11349] kernel_misc_reclaimable:0 [ 153.205283][T11349] free:361801 free_pcp:17464 free_cma:0 [ 153.223842][T11349] Node 0 active_anon:23860kB inactive_anon:0kB active_file:20628kB inactive_file:201648kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:96668kB dirty:432kB writeback:0kB shmem:6036kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12880kB pagetables:4188kB sec_pagetables:1244kB all_unreclaimable? yes Balloon:0kB [ 153.234252][T11349] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:176kB pagetables:728kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 153.243760][T11349] Node 0 DMA free:7276kB boost:2048kB min:2388kB low:2472kB high:2556kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:260kB local_pcp:128kB free_cma:0kB [ 153.254606][T11349] lowmem_reserve[]: 0 1233 1233 1233 1233 [ 153.257854][T11349] Node 0 DMA32 free:55900kB boost:18432kB min:45948kB low:52824kB high:59700kB reserved_highatomic:2048KB free_highatomic:396KB active_anon:23860kB inactive_anon:0kB active_file:20628kB inactive_file:201648kB unevictable:3536kB writepending:432kB present:2080628kB managed:1263424kB mlocked:0kB bounce:0kB free_pcp:48328kB local_pcp:13480kB free_cma:0kB [ 153.271998][T11349] lowmem_reserve[]: 0 0 0 0 0 [ 153.274001][T11349] Node 1 Normal free:1384220kB boost:0kB min:39720kB low:49648kB high:59576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:3536kB writepending:0kB present:2097152kB managed:1781892kB mlocked:0kB bounce:0kB free_pcp:21460kB local_pcp:2324kB free_cma:0kB [ 153.286136][T11349] lowmem_reserve[]: 0 0 0 0 0 [ 153.288060][T11349] Node 0 DMA: 3*4kB (UM) 2*8kB (M) 1*16kB (U) 2*32kB (UM) 0*64kB 2*128kB (UM) 1*256kB (M) 1*512kB (M) 2*1024kB (UM) 2*2048kB (UM) 0*4096kB = 7276kB [ 153.294036][T11349] Node 0 DMA32: 337*4kB (UMEH) 98*8kB (UMEH) 159*16kB (UME) 88*32kB (UMEH) 55*64kB (UMEH) 31*128kB (UME) 24*256kB (UM) 19*512kB (M) 9*1024kB (UME) 8*2048kB (UME) 0*4096kB = 56452kB [ 153.301385][T11349] Node 1 Normal: 25*4kB (ME) 27*8kB (UME) 45*16kB (UME) 44*32kB (ME) 37*64kB (ME) 38*128kB (UME) 21*256kB (ME) 24*512kB (ME) 13*1024kB (UME) 6*2048kB (UME) 325*4096kB (M) = 1384140kB [ 153.308972][T11349] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 153.312022][T11349] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 153.315023][T11349] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 153.318250][T11349] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 153.321380][T11349] 58008 total pagecache pages [ 153.323001][T11349] 0 pages in swap cache [ 153.324309][T11349] Free swap = 124996kB [ 153.325782][T11349] Total swap = 124996kB [ 153.327179][T11349] 1048443 pages RAM [ 153.328674][T11349] 0 pages HighMem/MovableOnly [ 153.330625][T11349] 283274 pages reserved [ 153.332321][T11349] 0 pages cma reserved [ 153.561979][T11287] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 153.567532][T11287] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 153.576730][T11287] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 153.583862][T11287] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 153.616345][T11331] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 153.616426][ T5973] Bluetooth: hci0: command 0x0401 tx timeout [ 153.621453][T11331] Bluetooth: hci0: Opcode 0x0406 failed: -110 [ 153.625157][T11287] 8021q: adding VLAN 0 to HW filter on device bond0 [ 153.634910][T11287] 8021q: adding VLAN 0 to HW filter on device team0 [ 153.641613][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 153.644089][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 153.652654][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 153.655089][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 153.732854][ T1149] IPVS: stop unused estimator thread 0... [ 153.789937][T11287] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 153.821727][T11287] veth0_vlan: entered promiscuous mode [ 153.826359][T11287] veth1_vlan: entered promiscuous mode [ 153.840642][T11287] veth0_macvtap: entered promiscuous mode [ 153.844882][T11287] veth1_macvtap: entered promiscuous mode [ 153.853211][T11287] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 153.864819][T11287] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 153.872223][ T1149] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.875535][ T1149] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.881101][ T1149] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.884630][ T1149] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 154.260321][T11331] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 154.262739][T11331] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 154.268578][T11331] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 154.271830][T11331] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 154.273997][T11331] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 154.276971][T11331] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 154.279974][T11331] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 154.282327][T11331] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 154.285658][T11331] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 154.312048][ T1149] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 154.314636][ T1149] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 154.340060][ T1149] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 154.343179][ T1149] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 154.437543][ T40] audit: type=1400 audit(1757852531.396:2060): avc: denied { append } for pid=11368 comm="syz.3.2215" name="loop7" dev="devtmpfs" ino=665 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 154.488916][T11377] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2242'. [ 154.521023][ T40] audit: type=1400 audit(1757852531.476:2061): avc: denied { append } for pid=11378 comm="syz.3.2243" name="001" dev="devtmpfs" ino=761 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 154.856314][ T6053] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 154.994163][T11386] fuse: Bad value for 'fd' [ 155.035361][ T40] audit: type=1400 audit(1757852531.986:2062): avc: denied { listen } for pid=11387 comm="syz.2.2247" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 155.044322][ T6053] usb 6-1: unable to get BOS descriptor or descriptor too short [ 155.050628][ T6053] usb 6-1: unable to read config index 0 descriptor/start: -71 [ 155.053574][ T6053] usb 6-1: can't read configurations, error -71 [ 155.299104][T11396] netlink: 'syz.0.2250': attribute type 19 has an invalid length. [ 155.301888][T11396] netlink: 5 bytes leftover after parsing attributes in process `syz.0.2250'. [ 155.696834][ T5331] Bluetooth: hci1: command 0x0c1a tx timeout [ 155.696870][ T5980] Bluetooth: hci0: command 0x0401 tx timeout [ 156.338241][ T5331] Bluetooth: hci2: command 0x040f tx timeout [ 156.338269][ T5980] Bluetooth: hci3: command 0x0c1a tx timeout [ 157.056229][ T5980] Bluetooth: hci4: command 0x1003 tx timeout [ 157.056444][ T5973] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 157.068827][T11533] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2308'. [ 157.083999][T11535] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2309'. [ 157.132734][T11539] syzkaller1: entered promiscuous mode [ 157.134692][T11539] syzkaller1: entered allmulticast mode [ 157.388361][ T40] audit: type=1400 audit(1757852534.346:2063): avc: denied { ioctl } for pid=11558 comm="syz.2.2321" path="socket:[32225]" dev="sockfs" ino=32225 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 157.395867][ T40] audit: type=1400 audit(1757852534.346:2064): avc: denied { read } for pid=11558 comm="syz.2.2321" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 157.441113][ T40] audit: type=1400 audit(1757852534.396:2065): avc: denied { write } for pid=11558 comm="syz.2.2321" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1 [ 157.599306][ T40] audit: type=1400 audit(1757852534.556:2066): avc: denied { bind } for pid=11571 comm="syz.2.2327" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 157.606767][ T40] audit: type=1400 audit(1757852534.556:2067): avc: denied { name_bind } for pid=11571 comm="syz.2.2327" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1 [ 157.614876][ T40] audit: type=1400 audit(1757852534.556:2068): avc: denied { node_bind } for pid=11571 comm="syz.2.2327" saddr=ff02::1 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 157.661034][ T13] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting [ 157.673846][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 157.677163][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 157.786195][ T5973] Bluetooth: hci1: command 0x0c1a tx timeout [ 157.981366][T11588] syzkaller1: entered promiscuous mode [ 157.983628][T11588] syzkaller1: entered allmulticast mode [ 158.029333][ T40] audit: type=1400 audit(1757852534.986:2069): avc: denied { write } for pid=11592 comm="syz.1.2337" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 158.073189][T11594] netlink: 'syz.1.2337': attribute type 4 has an invalid length. [ 158.254216][T11601] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2341'. [ 158.416249][ T5973] Bluetooth: hci2: command 0x040f tx timeout [ 158.426197][ T5973] Bluetooth: hci3: command 0x0c1a tx timeout [ 158.523141][ T6164] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 158.613856][T11612] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=19 sclass=netlink_tcpdiag_socket pid=11612 comm=syz.2.2346 [ 158.661378][ T5973] Bluetooth: hci3: unexpected event for opcode 0x0c47 [ 158.686216][ T6164] usb 8-1: Using ep0 maxpacket: 32 [ 158.691439][ T6164] usb 8-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac [ 158.694362][ T6164] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 158.696868][ T6164] usb 8-1: Product: syz [ 158.698159][ T6164] usb 8-1: Manufacturer: syz [ 158.699595][ T6164] usb 8-1: SerialNumber: syz [ 158.702199][ T6164] usb 8-1: config 0 descriptor?? [ 158.706822][ T6164] gspca_main: sunplus-2.14.0 probing 055f:c230 [ 158.902989][T11627] sd 0:0:0:0: PR command failed: 1026 [ 158.904925][T11627] sd 0:0:0:0: Sense Key : Illegal Request [current] [ 158.908073][T11627] sd 0:0:0:0: Add. Sense: Invalid command operation code [ 159.856253][ T5973] Bluetooth: hci1: command 0x0c1a tx timeout [ 160.316023][ T6164] gspca_sunplus: reg_r err -71 [ 160.317745][ T6164] sunplus 8-1:0.0: probe with driver sunplus failed with error -71 [ 160.320921][ T6164] usb 8-1: USB disconnect, device number 5 [ 160.496280][ T5973] Bluetooth: hci2: command 0x040f tx timeout [ 160.852158][ T40] kauditd_printk_skb: 5 callbacks suppressed [ 160.852168][ T40] audit: type=1400 audit(1757852537.806:2075): avc: denied { bind } for pid=11663 comm="syz.3.2367" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 160.860135][ T40] audit: type=1400 audit(1757852537.806:2076): avc: denied { write } for pid=11663 comm="syz.3.2367" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 161.146226][ T6640] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 161.310276][ T6640] usb 8-1: config 0 interface 0 altsetting 32 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 161.315107][ T6640] usb 8-1: config 0 interface 0 has no altsetting 0 [ 161.318190][ T6640] usb 8-1: New USB device found, idVendor=054c, idProduct=05c4, bcdDevice= 0.00 [ 161.322138][ T6640] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 161.328427][ T6640] usb 8-1: config 0 descriptor?? [ 161.666251][ T24] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 161.702493][ T40] audit: type=1400 audit(1757852538.656:2077): avc: denied { watch watch_reads } for pid=11693 comm="syz.0.2381" path="pipe:[8209]" dev="pipefs" ino=8209 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 161.711509][ T40] audit: type=1400 audit(1757852538.666:2078): avc: denied { mount } for pid=11693 comm="syz.0.2381" name="/" dev="autofs" ino=33352 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1 [ 161.739304][ T6640] playstation 0003:054C:05C4.0004: unknown main item tag 0x0 [ 161.742606][ T6640] playstation 0003:054C:05C4.0004: unknown main item tag 0x0 [ 161.747206][ T6640] playstation 0003:054C:05C4.0004: unknown main item tag 0x0 [ 161.750389][ T6640] playstation 0003:054C:05C4.0004: unknown main item tag 0x0 [ 161.753515][ T6640] playstation 0003:054C:05C4.0004: unknown main item tag 0x0 [ 161.757009][ T6640] playstation 0003:054C:05C4.0004: unknown main item tag 0x0 [ 161.760161][ T6640] playstation 0003:054C:05C4.0004: unknown main item tag 0x0 [ 161.767354][ T6640] playstation 0003:054C:05C4.0004: hidraw1: USB HID v40.00 Device [HID 054c:05c4] on usb-dummy_hcd.3-1/input0 [ 161.805697][T11699] overlayfs: failed to clone upperpath [ 161.836159][ T24] usb 6-1: Using ep0 maxpacket: 8 [ 161.842209][ T24] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 13 [ 161.853033][ T24] usb 6-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58 [ 161.857028][ T24] usb 6-1: New USB device strings: Mfr=241, Product=1, SerialNumber=3 [ 161.860428][ T24] usb 6-1: Product: syz [ 161.862274][ T24] usb 6-1: Manufacturer: syz [ 161.864353][ T24] usb 6-1: SerialNumber: syz [ 161.870853][ T24] usb 6-1: config 0 descriptor?? [ 161.877761][ T24] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae [ 161.935767][ T6640] playstation 0003:054C:05C4.0004: Invalid reportID received, expected 18 got 83 [ 161.936272][ T5973] Bluetooth: hci1: command 0x0c1a tx timeout [ 161.940086][ T6640] playstation 0003:054C:05C4.0004: Failed to retrieve DualShock4 pairing info: -22 [ 161.945758][ T6640] playstation 0003:054C:05C4.0004: Failed to get MAC address from DualShock4 [ 161.951287][ T6640] playstation 0003:054C:05C4.0004: Failed to create dualshock4. [ 161.960069][ T6640] playstation 0003:054C:05C4.0004: probe with driver playstation failed with error -22 [ 162.077847][ T24] gspca_zc3xx: reg_w_i err -71 [ 162.142603][ T6640] usb 8-1: USB disconnect, device number 6 [ 162.586191][ T5973] Bluetooth: hci2: command 0x040f tx timeout [ 162.666349][ T24] gspca_zc3xx: Unknown sensor - set to TAS5130C [ 162.669039][ T24] gspca_zc3xx 6-1:0.0: probe with driver gspca_zc3xx failed with error -71 [ 162.673864][ T24] usb 6-1: USB disconnect, device number 8 [ 162.968534][ T24] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 163.116184][ T24] usb 6-1: Using ep0 maxpacket: 8 [ 163.121344][ T24] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 13 [ 163.127850][ T24] usb 6-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58 [ 163.131830][ T24] usb 6-1: New USB device strings: Mfr=241, Product=1, SerialNumber=3 [ 163.135320][ T24] usb 6-1: Product: syz [ 163.137203][ T24] usb 6-1: Manufacturer: syz [ 163.139348][ T24] usb 6-1: SerialNumber: syz [ 163.142225][ T24] usb 6-1: config 0 descriptor?? [ 163.145616][ T24] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae [ 163.546721][ T24] gspca_zc3xx: reg_w_i err -71 [ 163.547816][ T5980] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 163.551655][ T5980] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 163.554553][ T5980] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 163.558227][ T5980] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 163.560856][ T5980] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 163.679568][ T46] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 163.761217][ T46] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 163.774317][T11742] chnl_net:caif_netlink_parms(): no params data found [ 163.857984][ T46] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 163.893977][T11742] bridge0: port 1(bridge_slave_0) entered blocking state [ 163.897206][T11742] bridge0: port 1(bridge_slave_0) entered disabled state [ 163.900248][T11742] bridge_slave_0: entered allmulticast mode [ 163.904161][T11742] bridge_slave_0: entered promiscuous mode [ 163.909189][T11742] bridge0: port 2(bridge_slave_1) entered blocking state [ 163.912229][T11742] bridge0: port 2(bridge_slave_1) entered disabled state [ 163.915366][T11742] bridge_slave_1: entered allmulticast mode [ 163.919902][T11742] bridge_slave_1: entered promiscuous mode [ 163.978546][T11742] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 163.992145][ T46] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 164.000542][T11742] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 164.037587][T11742] team0: Port device team_slave_0 added [ 164.042303][T11742] team0: Port device team_slave_1 added [ 164.095491][T11742] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 164.098663][T11742] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 164.109214][T11742] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 164.115835][T11742] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 164.119015][T11742] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 164.131760][T11742] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 164.156554][ T24] gspca_zc3xx: Unknown sensor - set to TAS5130C [ 164.159168][ T24] gspca_zc3xx 6-1:0.0: probe with driver gspca_zc3xx failed with error -71 [ 164.164510][ T24] usb 6-1: USB disconnect, device number 9 [ 164.209433][T11742] hsr_slave_0: entered promiscuous mode [ 164.212259][T11742] hsr_slave_1: entered promiscuous mode [ 164.214655][T11742] debugfs: 'hsr0' already exists in 'hsr' [ 164.216796][T11742] Cannot create hsr debugfs directory [ 164.489374][ T46] bond0 (unregistering): (slave dummy0): Releasing backup interface [ 164.492999][ T46] bond0 (unregistering): Released all slaves [ 164.550337][ T46] bond1 (unregistering): Released all slaves [ 164.654377][ T46] tipc: Disabling bearer [ 164.657685][ T46] tipc: Left network mode [ 164.666454][ T5973] Bluetooth: hci2: command 0x040f tx timeout [ 164.881475][ T46] hsr_slave_0: left promiscuous mode [ 164.883652][ T46] hsr_slave_1: left promiscuous mode [ 164.907088][ T46] veth1_macvtap: left promiscuous mode [ 164.909613][ T46] veth0_macvtap: left promiscuous mode [ 164.912213][ T46] veth1_vlan: left promiscuous mode [ 165.318385][ T6640] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 165.476157][ T6640] usb 6-1: Using ep0 maxpacket: 8 [ 165.480266][ T6640] usb 6-1: config 179 has an invalid interface number: 65 but max is 0 [ 165.483937][ T6640] usb 6-1: config 179 has no interface number 0 [ 165.486834][ T6640] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 165.491849][ T6640] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 165.495751][ T6640] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 165.499291][ T6640] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 165.503228][ T6640] usb 6-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 165.508535][ T6640] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 165.512329][ T6640] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 165.524038][T11762] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 165.616282][ T5973] Bluetooth: hci4: command tx timeout [ 165.730497][ T6053] usb 6-1: USB disconnect, device number 10 [ 165.730899][ C2] xpad 6-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 165.735730][ C2] dummy_hcd dummy_hcd.1: timer fired with no URBs pending? [ 166.338324][T11742] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 166.345924][T11742] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 166.356282][T11742] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 166.370689][T11742] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 166.427319][T11742] 8021q: adding VLAN 0 to HW filter on device bond0 [ 166.441986][T11742] 8021q: adding VLAN 0 to HW filter on device team0 [ 166.450878][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 166.453892][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 166.463073][ T98] bridge0: port 2(bridge_slave_1) entered blocking state [ 166.466126][ T98] bridge0: port 2(bridge_slave_1) entered forwarding state [ 166.541310][T11797] 9pnet_fd: Insufficient options for proto=fd [ 166.613347][T11742] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 166.643940][T11742] veth0_vlan: entered promiscuous mode [ 166.648590][T11742] veth1_vlan: entered promiscuous mode [ 166.663530][T11742] veth0_macvtap: entered promiscuous mode [ 166.667353][T11742] veth1_macvtap: entered promiscuous mode [ 166.675217][T11742] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 166.684165][T11742] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 166.692590][ T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 166.696497][ T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 166.700826][ T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 166.704437][ T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 166.749765][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 166.752431][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 166.772260][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 166.774720][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 166.810102][ T40] audit: type=1400 audit(1757852543.766:2079): avc: denied { set_context_mgr } for pid=11801 comm="syz.0.2404" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 166.816877][ T40] audit: type=1400 audit(1757852543.766:2080): avc: denied { map } for pid=11801 comm="syz.0.2404" path="/dev/binderfs/binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 166.824635][ T40] audit: type=1400 audit(1757852543.766:2081): avc: denied { call } for pid=11801 comm="syz.0.2404" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 166.831557][ T40] audit: type=1400 audit(1757852543.776:2082): avc: denied { read write } for pid=11804 comm="syz.3.2428" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 166.838770][ T40] audit: type=1800 audit(1757852543.776:2083): pid=11806 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.3.2428" name="/" dev="9p" ino=2 res=0 errno=0 [ 167.042330][ T40] audit: type=1400 audit(1757852543.996:2084): avc: denied { connect } for pid=11824 comm="syz.1.2429" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 167.094511][ T40] audit: type=1400 audit(1757852544.046:2085): avc: denied { write } for pid=11824 comm="syz.1.2429" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 167.175832][T11831] syzkaller1: entered promiscuous mode [ 167.178548][T11831] syzkaller1: entered allmulticast mode [ 167.196198][ T6031] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 167.366194][ T6031] usb 8-1: Using ep0 maxpacket: 8 [ 167.370198][ T6031] usb 8-1: config 179 has an invalid interface number: 65 but max is 0 [ 167.373550][ T6031] usb 8-1: config 179 has no interface number 0 [ 167.376513][ T6031] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 167.381509][ T6031] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 167.390073][ T6031] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 167.394929][ T6031] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 167.399890][ T6031] usb 8-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 167.405920][ T6031] usb 8-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 167.409779][ T6031] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 167.415636][T11819] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 167.623419][ T839] usb 8-1: USB disconnect, device number 7 [ 167.623428][ C2] xpad 8-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 167.623451][ C2] xpad 8-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 167.706465][ T5973] Bluetooth: hci4: command tx timeout [ 167.948830][ T40] audit: type=1800 audit(1757852544.906:2086): pid=11835 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.1.2433" name="/" dev="9p" ino=2 res=0 errno=0 [ 168.316749][ T6031] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 168.468064][ T6031] usb 6-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 168.471690][ T6031] usb 6-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 168.475284][ T6031] usb 6-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 168.478816][ T6031] usb 6-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 168.481619][ T6031] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 168.486712][T11837] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 168.526301][ T61] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 168.696388][ T61] usb 8-1: Using ep0 maxpacket: 16 [ 168.700402][ T61] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 168.703928][ T61] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 168.707168][ T61] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 168.712307][ T61] usb 8-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 168.716279][ T61] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 168.720182][ T61] usb 8-1: config 0 descriptor?? [ 169.127373][ T61] shield 0003:0955:7214.0005: unknown main item tag 0x0 [ 169.129689][ T61] shield 0003:0955:7214.0005: unknown main item tag 0x0 [ 169.131916][ T61] shield 0003:0955:7214.0005: unknown main item tag 0x0 [ 169.134082][ T61] shield 0003:0955:7214.0005: unknown main item tag 0x0 [ 169.136827][ T61] shield 0003:0955:7214.0005: unknown main item tag 0x0 [ 169.140912][ T61] input: HID 0955:7214 Haptics as /devices/virtual/input/input11 [ 169.153983][ T61] shield 0003:0955:7214.0005: Registered Thunderstrike controller [ 169.157132][ T61] shield 0003:0955:7214.0005: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.3-1/input0 [ 169.327668][T11845] netlink: 'syz.3.2437': attribute type 2 has an invalid length. [ 169.330227][T11845] netlink: 244 bytes leftover after parsing attributes in process `syz.3.2437'. [ 169.335834][ T1331] usb 8-1: USB disconnect, device number 8 [ 169.338243][ T61] shield 0003:0955:7214.0005: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 169.346492][ T61] shield 0003:0955:7214.0005: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 169.351000][ T61] shield 0003:0955:7214.0005: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 169.354962][ T61] shield 0003:0955:7214.0005: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 169.419647][ T40] audit: type=1400 audit(1757852546.376:2087): avc: denied { ioctl } for pid=11856 comm="syz.2.2442" path="socket:[34731]" dev="sockfs" ino=34731 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 169.421402][T11857] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2442'. [ 169.776303][ T5973] Bluetooth: hci4: command tx timeout [ 170.049210][T11869] 9pnet_fd: Insufficient options for proto=fd [ 170.608047][ T6031] aiptek 6-1:17.0: Aiptek using 400 ms programming speed [ 170.611650][ T6031] input: Aiptek as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:17.0/input/input10 [ 170.623057][ T6031] usb 6-1: USB disconnect, device number 11 [ 170.625049][ C2] aiptek 6-1:17.0: aiptek_irq - usb_submit_urb failed with result -19 [ 171.157741][T11902] 9pnet_fd: Insufficient options for proto=fd [ 171.254344][T11904] pim6reg1: entered promiscuous mode [ 171.256045][T11904] pim6reg1: entered allmulticast mode [ 171.333178][T11287] cgroup: fork rejected by pids controller in /syz3 [ 171.569672][ T98] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 171.669976][ T98] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 171.720401][ T98] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 171.829848][ T98] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 171.848018][T11925] 9pnet_fd: Insufficient options for proto=fd [ 171.853618][ T5980] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 171.858548][ T5980] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 171.861484][ T5980] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 171.864512][ T5980] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 171.866297][ T5331] Bluetooth: hci4: command tx timeout [ 171.867530][ T5980] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 171.979147][ T98] bridge_slave_1: left allmulticast mode [ 171.981039][ T98] bridge_slave_1: left promiscuous mode [ 171.982995][ T98] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.988567][ T98] bridge_slave_0: left allmulticast mode [ 171.990345][ T98] bridge_slave_0: left promiscuous mode [ 171.992451][ T98] bridge0: port 1(bridge_slave_0) entered disabled state [ 172.261711][ T98] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 172.265803][ T98] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 172.269621][ T98] bond0 (unregistering): Released all slaves [ 172.286024][T11937] pim6reg1: entered promiscuous mode [ 172.289665][T11937] pim6reg1: entered allmulticast mode [ 172.312118][T11926] chnl_net:caif_netlink_parms(): no params data found [ 172.411719][T11926] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.414074][T11926] bridge0: port 1(bridge_slave_0) entered disabled state [ 172.416906][T11926] bridge_slave_0: entered allmulticast mode [ 172.419605][T11926] bridge_slave_0: entered promiscuous mode [ 172.422740][T11926] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.425088][T11926] bridge0: port 2(bridge_slave_1) entered disabled state [ 172.428224][T11926] bridge_slave_1: entered allmulticast mode [ 172.431298][T11926] bridge_slave_1: entered promiscuous mode [ 172.478118][T11926] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 172.493430][T11926] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 172.546974][T11926] team0: Port device team_slave_0 added [ 172.550525][T11926] team0: Port device team_slave_1 added [ 172.597130][T11926] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 172.599516][T11926] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 172.611133][T11926] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 172.617031][T11926] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 172.619552][T11926] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 172.629062][T11926] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 172.639428][ T98] hsr_slave_0: left promiscuous mode [ 172.642108][ T98] hsr_slave_1: left promiscuous mode [ 172.644787][ T98] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 172.647314][ T98] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 172.650185][ T98] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 172.652510][ T98] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 172.672948][ T98] veth1_macvtap: left promiscuous mode [ 172.675727][ T98] veth0_macvtap: left promiscuous mode [ 172.678572][ T98] veth1_vlan: left promiscuous mode [ 172.680273][ T98] veth0_vlan: left promiscuous mode [ 172.725408][T11957] 9pnet_fd: Insufficient options for proto=fd [ 172.726164][ T61] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 172.886865][ T61] usb 6-1: Using ep0 maxpacket: 8 [ 172.891142][ T61] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 172.894657][ T61] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 172.899181][ T61] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 172.902638][ T61] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 172.905924][ T61] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 172.910123][ T61] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 172.916888][ T61] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 173.124619][ T61] usb 6-1: usb_control_msg returned -32 [ 173.127221][ T61] usbtmc 6-1:16.0: can't read capabilities [ 173.325161][ T98] team0 (unregistering): Port device team_slave_1 removed [ 173.395895][ T98] team0 (unregistering): Port device team_slave_0 removed [ 173.895238][T11926] hsr_slave_0: entered promiscuous mode [ 173.899237][T11926] hsr_slave_1: entered promiscuous mode [ 173.946278][ T5980] Bluetooth: hci0: command tx timeout [ 174.507565][T11926] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 174.513525][T11926] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 174.521699][T11926] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 174.526917][T11926] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 174.574310][T11926] 8021q: adding VLAN 0 to HW filter on device bond0 [ 174.588174][T11926] 8021q: adding VLAN 0 to HW filter on device team0 [ 174.594333][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 174.596648][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 174.610637][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 174.613681][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 174.728944][T11926] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 174.752924][T11926] veth0_vlan: entered promiscuous mode [ 174.760051][T11926] veth1_vlan: entered promiscuous mode [ 174.783942][T11926] veth0_macvtap: entered promiscuous mode [ 174.792044][T11926] veth1_macvtap: entered promiscuous mode [ 174.803410][T11926] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 174.812414][T11926] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 174.819006][ T46] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.822663][ T46] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.828188][ T46] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.831167][ T46] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.870524][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 174.873775][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 174.891095][T12006] 9pnet_fd: Insufficient options for proto=fd [ 174.895297][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 174.898599][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 174.935728][ T40] audit: type=1400 audit(1757852551.886:2088): avc: denied { map } for pid=12007 comm="syz.3.2467" path="socket:[35749]" dev="sockfs" ino=35749 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1 [ 174.980183][T12010] pim6reg1: entered promiscuous mode [ 174.982481][T12010] pim6reg1: entered allmulticast mode [ 175.499748][ T61] usb 6-1: USB disconnect, device number 12 [ 175.554569][ T5980] Bluetooth: hci1: unexpected event for opcode 0x1003 [ 175.639693][T12034] 9pnet_fd: Insufficient options for proto=fd [ 175.901848][ T40] audit: type=1800 audit(1757852552.856:2089): pid=12041 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.2.2505" name="/" dev="9p" ino=2 res=0 errno=0 [ 176.016343][ T5980] Bluetooth: hci0: command tx timeout [ 176.319808][T12058] 9pnet_fd: Insufficient options for proto=fd [ 176.986936][T12080] 9pnet_fd: Insufficient options for proto=fd [ 177.366299][ T6053] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 177.526180][ T6053] usb 8-1: Using ep0 maxpacket: 32 [ 177.529080][ T6053] usb 8-1: config 0 has an invalid interface number: 247 but max is 0 [ 177.531665][ T6053] usb 8-1: config 0 has no interface number 0 [ 177.534746][ T6053] usb 8-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b [ 177.537996][ T6053] usb 8-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0 [ 177.540583][ T6053] usb 8-1: Product: syz [ 177.542078][ T6053] usb 8-1: Manufacturer: syz [ 177.544830][ T6053] usb 8-1: config 0 descriptor?? [ 177.589073][ T40] audit: type=1800 audit(1757852554.546:2090): pid=12098 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.1.2528" name="/" dev="9p" ino=2 res=0 errno=0 [ 177.749162][ T5962] usb 8-1: USB disconnect, device number 9 [ 177.760743][ T5980] Bluetooth: hci3: unexpected event for opcode 0x1003 [ 177.765095][T12102] pim6reg1: entered promiscuous mode [ 177.766877][T12102] pim6reg1: entered allmulticast mode [ 178.001948][T12109] 9pnet_fd: Insufficient options for proto=fd [ 178.296700][T12124] pim6reg1: entered promiscuous mode [ 178.298904][T12124] pim6reg1: entered allmulticast mode [ 178.529659][T12140] 9pnet_fd: Insufficient options for proto=fd [ 179.174499][T12171] 9pnet_fd: Insufficient options for proto=fd [ 179.618129][ T5980] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 179.621307][ T5980] Bluetooth: hci1: Injecting HCI hardware error event [ 179.624758][ T5973] Bluetooth: hci1: hardware error 0x00 [ 180.237985][T12197] pim6reg1: entered promiscuous mode [ 180.240279][T12197] pim6reg1: entered allmulticast mode [ 180.286237][ T6034] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 180.458876][ T6034] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 180.463223][ T6034] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 180.467226][ T6034] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 180.472342][ T6034] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 180.476036][ T6034] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 180.481352][ T6034] usb 6-1: config 0 descriptor?? [ 180.576166][ T5980] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 180.580937][ T5980] Bluetooth: hci4: Injecting HCI hardware error event [ 180.583889][ T5980] Bluetooth: hci4: hardware error 0x00 [ 180.906122][ T29] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 181.058475][ T29] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 181.062387][ T29] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 181.066429][ T29] usb 8-1: New USB device found, idVendor=1223, idProduct=3f07, bcdDevice= 0.00 [ 181.069280][ T29] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 181.074156][ T29] usb 8-1: config 0 descriptor?? [ 181.091362][ T6034] usbhid 6-1:0.0: can't add hid device: -71 [ 181.093369][ T6034] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 181.097287][ T6034] usb 6-1: USB disconnect, device number 13 [ 181.146563][ T5331] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 181.149923][ T5331] Bluetooth: hci0: Injecting HCI hardware error event [ 181.153284][ T5331] Bluetooth: hci0: hardware error 0x00 [ 181.280042][ T40] audit: type=1400 audit(1757852558.236:2091): avc: denied { map } for pid=12204 comm="syz.3.2571" path="/dev/usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 181.282411][ T29] usbhid 8-1:0.0: can't add hid device: -71 [ 181.288970][ T40] audit: type=1400 audit(1757852558.236:2092): avc: denied { execute } for pid=12204 comm="syz.3.2571" path="/dev/usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 181.300107][ T29] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 181.303233][ T29] usb 8-1: USB disconnect, device number 10 [ 181.339527][T12210] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 181.354776][ T40] audit: type=1400 audit(1757852558.306:2093): avc: denied { rename } for pid=12209 comm="syz.0.2573" name="bus" dev="tmpfs" ino=189 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 181.696422][ T5973] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 181.776214][ T5973] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 181.779169][ T5973] Bluetooth: hci3: Injecting HCI hardware error event [ 181.782081][ T5973] Bluetooth: hci3: hardware error 0x00 [ 181.816785][T12223] pim6reg1: entered promiscuous mode [ 181.818887][T12223] pim6reg1: entered allmulticast mode [ 182.656440][ T5980] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 182.844845][T12259] pim6reg1: entered promiscuous mode [ 182.847182][T12259] pim6reg1: entered allmulticast mode [ 183.227832][ T5331] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 183.478681][ T40] audit: type=1400 audit(1757852560.436:2094): avc: denied { ioctl } for pid=12273 comm="syz.3.2599" path="/dev/vhost-vsock" dev="devtmpfs" ino=1301 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 183.706943][T12281] pim6reg1: entered promiscuous mode [ 183.708598][T12281] pim6reg1: entered allmulticast mode [ 183.857985][ T5973] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 184.218022][T12293] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2607'. [ 184.532280][T12301] pim6reg1: entered promiscuous mode [ 184.534565][T12301] pim6reg1: entered allmulticast mode [ 184.957816][T12314] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2617'. [ 185.243566][ T1149] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 185.402197][ T1149] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 185.427810][ T5331] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 185.431698][ T5331] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 185.434809][ T5331] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 185.438295][ T5331] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 185.442122][ T5331] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 185.478014][ T1149] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 185.486136][ T61] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 185.553971][ T1149] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 185.596145][ T1331] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 185.598464][T12335] chnl_net:caif_netlink_parms(): no params data found [ 185.624431][T11742] cgroup: fork rejected by pids controller in /syz0 [ 185.636143][ T61] usb 8-1: Using ep0 maxpacket: 8 [ 185.639898][ T61] usb 8-1: config index 0 descriptor too short (expected 301, got 45) [ 185.642479][ T61] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 185.645462][ T61] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 185.649465][ T61] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 185.652501][ T61] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 185.657328][ T61] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 185.660077][ T61] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 185.696188][T12335] bridge0: port 1(bridge_slave_0) entered blocking state [ 185.699265][T12335] bridge0: port 1(bridge_slave_0) entered disabled state [ 185.702329][T12335] bridge_slave_0: entered allmulticast mode [ 185.708116][T12335] bridge_slave_0: entered promiscuous mode [ 185.712670][T12335] bridge0: port 2(bridge_slave_1) entered blocking state [ 185.715674][T12335] bridge0: port 2(bridge_slave_1) entered disabled state [ 185.718847][T12335] bridge_slave_1: entered allmulticast mode [ 185.722642][T12335] bridge_slave_1: entered promiscuous mode [ 185.746143][ T1331] usb 6-1: Using ep0 maxpacket: 32 [ 185.756423][ T1331] usb 6-1: config 0 has an invalid interface number: 247 but max is 0 [ 185.759061][ T1331] usb 6-1: config 0 has no interface number 0 [ 185.762430][ T1331] usb 6-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b [ 185.765333][ T1331] usb 6-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0 [ 185.768326][ T1331] usb 6-1: Product: syz [ 185.770354][ T1331] usb 6-1: Manufacturer: syz [ 185.774735][ T1331] usb 6-1: config 0 descriptor?? [ 185.779616][T12335] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 185.793434][T12335] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 185.857085][T12335] team0: Port device team_slave_0 added [ 185.866907][T12335] team0: Port device team_slave_1 added [ 185.867001][ T61] usb 8-1: usb_control_msg returned -32 [ 185.873787][ T61] usbtmc 8-1:16.0: can't read capabilities [ 185.901727][ T1149] bridge_slave_1: left allmulticast mode [ 185.903517][ T1149] bridge_slave_1: left promiscuous mode [ 185.905396][ T1149] bridge0: port 2(bridge_slave_1) entered disabled state [ 185.910055][ T1149] bridge_slave_0: left allmulticast mode [ 185.911821][ T1149] bridge_slave_0: left promiscuous mode [ 185.913632][ T1149] bridge0: port 1(bridge_slave_0) entered disabled state [ 185.982813][ T61] usb 6-1: USB disconnect, device number 14 [ 186.137468][ T5331] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 186.140339][ T5331] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 186.144763][ T5331] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 186.149442][ T5331] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 186.154492][ T5331] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 186.213788][ T1149] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 186.218692][ T1149] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 186.222525][ T1149] bond0 (unregistering): Released all slaves [ 186.228458][T12335] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 186.230907][T12335] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 186.239152][T12335] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 186.254320][T12335] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 186.258142][T12335] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 186.265978][T12335] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 186.309647][T12335] hsr_slave_0: entered promiscuous mode [ 186.311855][T12335] hsr_slave_1: entered promiscuous mode [ 186.313871][T12335] debugfs: 'hsr0' already exists in 'hsr' [ 186.315752][T12335] Cannot create hsr debugfs directory [ 186.506524][ T1149] hsr_slave_0: left promiscuous mode [ 186.509366][ T1149] hsr_slave_1: left promiscuous mode [ 186.511452][ T1149] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 186.513775][ T1149] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 186.517579][ T1149] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 186.520687][ T1149] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 186.540594][ T1149] veth1_macvtap: left promiscuous mode [ 186.543012][ T1149] veth0_macvtap: left promiscuous mode [ 186.545469][ T1149] veth1_vlan: left promiscuous mode [ 186.548081][ T1149] veth0_vlan: left promiscuous mode [ 186.866508][ T6053] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 187.026216][ T6053] usb 6-1: Using ep0 maxpacket: 16 [ 187.030336][ T6053] usb 6-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 187.034935][ T6053] usb 6-1: config 0 interface 0 has no altsetting 0 [ 187.037863][ T6053] usb 6-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00 [ 187.041713][ T6053] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 187.046985][ T6053] usb 6-1: config 0 descriptor?? [ 187.087211][ T1149] team0 (unregistering): Port device team_slave_1 removed [ 187.145199][ T1149] team0 (unregistering): Port device team_slave_0 removed [ 187.456299][ T5973] Bluetooth: hci1: command tx timeout [ 187.469243][ T6053] nzxt-smart2 0003:1E71:2009.0006: hidraw1: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.1-1/input0 [ 187.636572][T12349] chnl_net:caif_netlink_parms(): no params data found [ 187.723786][T12349] bridge0: port 1(bridge_slave_0) entered blocking state [ 187.727807][T12349] bridge0: port 1(bridge_slave_0) entered disabled state [ 187.730897][T12349] bridge_slave_0: entered allmulticast mode [ 187.734718][T12349] bridge_slave_0: entered promiscuous mode [ 187.739381][T12349] bridge0: port 2(bridge_slave_1) entered blocking state [ 187.742449][T12349] bridge0: port 2(bridge_slave_1) entered disabled state [ 187.745456][T12349] bridge_slave_1: entered allmulticast mode [ 187.749357][T12349] bridge_slave_1: entered promiscuous mode [ 187.809099][T12349] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 187.820690][T12349] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 187.878974][T12349] team0: Port device team_slave_0 added [ 187.884227][T12349] team0: Port device team_slave_1 added [ 187.946371][T12349] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 187.949631][T12349] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 187.962439][T12349] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 187.975538][T12349] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 187.978524][T12349] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 187.989084][T12349] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 188.059406][T12335] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 188.071360][T12349] hsr_slave_0: entered promiscuous mode [ 188.074843][T12349] hsr_slave_1: entered promiscuous mode [ 188.078088][T12349] debugfs: 'hsr0' already exists in 'hsr' [ 188.080651][T12349] Cannot create hsr debugfs directory [ 188.083521][T12335] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 188.091141][T12335] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 188.096000][T12335] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 188.192737][ T1149] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 188.237076][ T5962] usb 8-1: USB disconnect, device number 11 [ 188.256330][ T5973] Bluetooth: hci2: command tx timeout [ 188.265107][ T1149] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 188.284674][T12335] 8021q: adding VLAN 0 to HW filter on device bond0 [ 188.305375][T12335] 8021q: adding VLAN 0 to HW filter on device team0 [ 188.311451][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 188.313822][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 188.319390][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 188.322401][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 188.345835][ T1149] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 188.402987][ T1149] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 188.499228][T12335] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 188.524898][ T1149] bridge_slave_1: left allmulticast mode [ 188.526806][ T1149] bridge_slave_1: left promiscuous mode [ 188.528662][ T1149] bridge0: port 2(bridge_slave_1) entered disabled state [ 188.532955][ T1149] bridge_slave_0: left allmulticast mode [ 188.535473][ T1149] bridge_slave_0: left promiscuous mode [ 188.538589][ T1149] bridge0: port 1(bridge_slave_0) entered disabled state [ 188.827354][ T1149] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 188.831977][ T1149] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 188.836223][ T1149] bond0 (unregistering): Released all slaves [ 188.879496][T12335] veth0_vlan: entered promiscuous mode [ 188.885319][T12335] veth1_vlan: entered promiscuous mode [ 188.912609][T12335] veth0_macvtap: entered promiscuous mode [ 188.916769][T12335] veth1_macvtap: entered promiscuous mode [ 188.925316][T12335] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 188.933228][T12335] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 188.954433][ T1143] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.960469][ T1143] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.963946][ T1143] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.967417][ T1143] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 189.015616][ T1143] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 189.018354][ T1143] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 189.047146][ T6031] usb 8-1: new high-speed USB device number 12 using dummy_hcd [ 189.055305][ T81] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 189.057880][ T81] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 189.100334][T12380] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2626'. [ 189.136351][ T1149] hsr_slave_0: left promiscuous mode [ 189.138696][ T1149] hsr_slave_1: left promiscuous mode [ 189.141046][ T1149] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 189.143512][ T1149] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 189.147097][ T1149] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 189.150666][ T1149] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 189.183573][ T1149] veth1_macvtap: left promiscuous mode [ 189.186004][ T1149] veth0_macvtap: left promiscuous mode [ 189.188567][ T1149] veth1_vlan: left promiscuous mode [ 189.190882][ T1149] veth0_vlan: left promiscuous mode [ 189.206246][ T6031] usb 8-1: Using ep0 maxpacket: 16 [ 189.209703][ T6031] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 189.213911][ T6031] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 189.220452][ T6031] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 189.224451][ T6031] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 189.232471][ T6031] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 189.238747][ T6031] usb 8-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 189.242447][ T6031] usb 8-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 189.245699][ T6031] usb 8-1: Manufacturer: syz [ 189.250068][ T6031] usb 8-1: config 0 descriptor?? [ 189.520129][ T6031] rc_core: IR keymap rc-hauppauge not found [ 189.522656][ T6031] Registered IR keymap rc-empty [ 189.525132][ T6031] mceusb 8-1:0.0: Error: mce write submit urb error = -90 [ 189.546266][ T5973] Bluetooth: hci1: command tx timeout [ 189.549491][ T6031] mceusb 8-1:0.0: Error: mce write submit urb error = -90 [ 189.555721][ T29] usb 6-1: USB disconnect, device number 15 [ 189.578958][ T6031] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0 [ 189.584031][ T6031] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0/input12 [ 189.602895][ T6031] mceusb 8-1:0.0: Error: mce write submit urb error = -90 [ 189.630066][ T6031] mceusb 8-1:0.0: Error: mce write submit urb error = -90 [ 189.646278][ T6031] mceusb 8-1:0.0: Error: mce write submit urb error = -90 [ 189.657053][T12378] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 189.661572][T12378] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 189.676221][ T6031] mceusb 8-1:0.0: Error: mce write submit urb error = -90 [ 189.706656][ T6031] mceusb 8-1:0.0: Error: mce write submit urb error = -90 [ 189.726356][ T6031] mceusb 8-1:0.0: Error: mce write submit urb error = -90 [ 189.757609][ T6031] mceusb 8-1:0.0: Error: mce write submit urb error = -90 [ 189.778225][ T6031] mceusb 8-1:0.0: Error: mce write submit urb error = -90 [ 189.796273][ T6031] mceusb 8-1:0.0: Error: mce write submit urb error = -90 [ 189.817573][ T6031] mceusb 8-1:0.0: Error: mce write submit urb error = -90 [ 189.831451][ T1149] team0 (unregistering): Port device team_slave_1 removed [ 189.839785][ T6031] mceusb 8-1:0.0: Error: mce write submit urb error = -90 [ 189.862103][ T6031] mceusb 8-1:0.0: Registered with mce emulator interface version 90 [ 189.864663][ T6031] mceusb 8-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 189.899824][ T1149] team0 (unregistering): Port device team_slave_0 removed [ 189.914592][ T5962] usb 8-1: USB disconnect, device number 12 [ 189.987583][ T29] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 190.146254][ T29] usb 6-1: Using ep0 maxpacket: 32 [ 190.154439][ T29] usb 6-1: config 0 has an invalid interface number: 247 but max is 0 [ 190.157258][ T29] usb 6-1: config 0 has no interface number 0 [ 190.161396][ T29] usb 6-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b [ 190.164591][ T29] usb 6-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0 [ 190.167384][ T29] usb 6-1: Product: syz [ 190.168731][ T29] usb 6-1: Manufacturer: syz [ 190.171447][ T29] usb 6-1: config 0 descriptor?? [ 190.346317][ T5973] Bluetooth: hci2: command tx timeout [ 190.375291][ T29] usb 6-1: USB disconnect, device number 16 [ 190.503248][T12349] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 190.524315][T12349] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 190.533175][T12349] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 190.541099][T12349] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 190.595184][T12349] 8021q: adding VLAN 0 to HW filter on device bond0 [ 190.605970][T12349] 8021q: adding VLAN 0 to HW filter on device team0 [ 190.612133][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.614553][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 190.622273][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 190.624697][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 190.766176][T12349] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 190.794733][T12349] veth0_vlan: entered promiscuous mode [ 190.800067][T12349] veth1_vlan: entered promiscuous mode [ 190.818311][T12349] veth0_macvtap: entered promiscuous mode [ 190.822925][T12349] veth1_macvtap: entered promiscuous mode [ 190.833166][T12349] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 190.842117][T12349] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 190.848211][ T81] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 190.851014][ T81] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 190.854355][ T81] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 190.857732][ T81] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 190.891505][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 190.894816][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 190.911049][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 190.913512][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 190.957603][T12417] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2646'. [ 190.963352][T12414] 9pnet: Could not find request transport: fd0x0000000000000003 [ 191.025272][T12422] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2648'. [ 191.029152][T12422] tipc: Started in network mode [ 191.031079][T12422] tipc: Node identity aaaaaaaaaa41, cluster identity 4711 [ 191.034943][T12422] tipc: Enabled bearer , priority 10 [ 191.170626][T12426] BUG: Bad page state in process syz.0.2651 pfn:4cc01 [ 191.173662][T12426] page does not match folio SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 191.175340][ T40] audit: type=1400 audit(1757852568.126:2095): avc: denied { write } for pid=5927 comm="syz-executor" path="pipe:[3627]" dev="pipefs" ino=3627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 191.176422][T12426] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x4cc01 [ 191.176448][T12426] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 191.176469][T12426] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff [ 191.176484][T12426] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000 [ 191.176493][T12426] page dumped because: nonzero pincount [ 191.176501][T12426] page_owner tracks the page as allocated [ 191.176514][T12426] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 12426, tgid 12426 (syz.0.2651), ts 191103330796, free_ts 163534392173 [ 191.176543][T12426] post_alloc_hook+0x1c0/0x230 [ 191.176594][T12426] get_page_from_freelist+0x132b/0x38e0 [ 191.176610][T12426] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 191.176626][T12426] alloc_pages_mpol+0x1fb/0x550 [ 191.176643][T12426] folio_alloc_noprof+0x20/0x2d0 [ 191.176663][T12426] filemap_alloc_folio_noprof+0x3a1/0x470 [ 191.176686][T12426] page_cache_ra_order+0x4e1/0xd70 [ 191.176700][T12426] filemap_fault+0x1b4b/0x2930 [ 191.176718][T12426] __do_fault+0x10d/0x490 [ 191.176733][T12426] do_pte_missing+0x1a6/0x3ba0 [ 191.176755][T12426] __handle_mm_fault+0x152a/0x2a50 [ 191.176778][T12426] handle_mm_fault+0x589/0xd10 [ 191.176800][T12426] do_user_addr_fault+0x60c/0x1370 [ 191.176816][T12426] exc_page_fault+0x5c/0xb0 [ 191.176841][T12426] asm_exc_page_fault+0x26/0x30 [ 191.176860][T12426] page last free pid 5968 tgid 5968 stack trace: [ 191.176870][T12426] __free_frozen_pages+0x7d5/0x10f0 [ 191.176892][T12426] vfree+0x1fd/0xb50 [ 191.176911][T12426] kcov_close+0x34/0x60 [ 191.176927][T12426] __fput+0x402/0xb70 [ 191.176947][T12426] task_work_run+0x150/0x240 [ 191.176964][T12426] do_exit+0x86f/0x2bf0 [ 191.176987][T12426] do_group_exit+0xd3/0x2a0 [ 191.177010][T12426] get_signal+0x2673/0x26d0 [ 191.177029][T12426] arch_do_signal_or_restart+0x8f/0x7d0 [ 191.177049][T12426] exit_to_user_mode_loop+0x84/0x110 [ 191.177066][T12426] do_syscall_64+0x41c/0x4e0 [ 191.177086][T12426] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.177102][T12426] Modules linked in: [ 191.177116][T12426] CPU: 2 UID: 0 PID: 12426 Comm: syz.0.2651 Not tainted syzkaller #0 PREEMPT(full) [ 191.177574][T12426] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 191.177584][T12426] Call Trace: [ 191.177590][T12426] [ 191.177596][T12426] dump_stack_lvl+0x16c/0x1f0 [ 191.177628][T12426] bad_page+0xcf/0x220 [ 191.177646][T12426] ? __pfx_bad_page+0x10/0x10 [ 191.177668][T12426] free_tail_page_prepare+0x44f/0x5b0 [ 191.177690][T12426] __free_frozen_pages+0xbae/0x10f0 [ 191.177720][T12426] __folio_put+0x329/0x450 [ 191.177737][T12426] ? __pfx___folio_put+0x10/0x10 [ 191.177755][T12426] ? find_held_lock+0x2b/0x80 [ 191.177776][T12426] ? delete_from_page_cache_batch+0x6c9/0x9b0 [ 191.177794][T12426] ? mark_held_locks+0x49/0x80 [ 191.177819][T12426] filemap_free_folio+0x132/0x170 [ 191.177837][T12426] delete_from_page_cache_batch+0x741/0x9b0 [ 191.177877][T12426] ? __pfx_delete_from_page_cache_batch+0x10/0x10 [ 191.177900][T12426] ? __pfx_workingset_update_node+0x10/0x10 [ 191.177925][T12426] truncate_inode_pages_range+0x279/0xe50 [ 191.177953][T12426] ? __pfx_truncate_inode_pages_range+0x10/0x10 [ 191.177995][T12426] ? smp_call_function_many_cond+0x1239/0x1600 [ 191.178016][T12426] ? lockdep_hardirqs_on+0x7c/0x110 [ 191.178034][T12426] ? __pfx_invalidate_bh_lru+0x10/0x10 [ 191.178054][T12426] ? on_each_cpu_cond_mask+0x40/0x90 [ 191.178073][T12426] ? smp_call_function_many_cond+0x457/0x1600 [ 191.178117][T12426] ? __pfx_invalidate_bh_lru+0x10/0x10 [ 191.178136][T12426] ? __pfx_has_bh_in_lru+0x10/0x10 [ 191.178157][T12426] blkdev_flush_mapping+0xfb/0x290 [ 191.178186][T12426] blkdev_put_whole+0xc4/0xf0 [ 191.178210][T12426] bdev_release+0x47e/0x6d0 [ 191.178229][T12426] ? __pfx_blkdev_release+0x10/0x10 [ 191.178244][T12426] blkdev_release+0x15/0x20 [ 191.178260][T12426] __fput+0x402/0xb70 [ 191.178286][T12426] task_work_run+0x150/0x240 [ 191.178305][T12426] ? __pfx_task_work_run+0x10/0x10 [ 191.178324][T12426] ? do_raw_spin_unlock+0x172/0x230 [ 191.178346][T12426] do_exit+0x86f/0x2bf0 [ 191.178375][T12426] ? __pfx_do_exit+0x10/0x10 [ 191.178397][T12426] ? preempt_schedule_thunk+0x16/0x30 [ 191.178426][T12426] do_group_exit+0xd3/0x2a0 [ 191.178451][T12426] __x64_sys_exit_group+0x3e/0x50 [ 191.178476][T12426] x64_sys_call+0x14fa/0x1720 [ 191.178495][T12426] do_syscall_64+0xcd/0x4e0 [ 191.178517][T12426] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.178533][T12426] RIP: 0033:0x7f648798eba9 [ 191.178545][T12426] Code: Unable to access opcode bytes at 0x7f648798eb7f. [ 191.178551][T12426] RSP: 002b:00007ffea7cb93d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 191.178566][T12426] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f648798eba9 [ 191.178576][T12426] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000 [ 191.178585][T12426] RBP: 00007ffea7cb943c R08: 0000000aa7cb94cf R09: 00000000000927c0 [ 191.178595][T12426] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001 [ 191.178604][T12426] R13: 00000000000927c0 R14: 000000000002e981 R15: 00007ffea7cb9490 [ 191.178626][T12426] [ 191.178646][T12426] Disabling lock debugging due to kernel taint [ 191.316189][ T6034] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 191.318068][T12426] BUG: Bad page state in process syz.0.2651 pfn:4cc00 [ 191.375861][T12426] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4cc00 [ 191.379556][T12426] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0 [ 191.383016][T12426] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff) [ 191.387638][T12426] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000 [ 191.391164][T12426] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 191.394619][T12426] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000 [ 191.398261][T12426] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 191.402672][T12426] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 191.406366][T12426] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000 [ 191.409933][T12426] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set [ 191.412930][T12426] page_owner tracks the page as allocated [ 191.415296][T12426] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 12426, tgid 12426 (syz.0.2651), ts 191103330796, free_ts 163534380783 [ 191.423183][T12426] post_alloc_hook+0x1c0/0x230 [ 191.424812][T12426] get_page_from_freelist+0x132b/0x38e0 [ 191.426720][T12426] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 191.428564][T12426] alloc_pages_mpol+0x1fb/0x550 [ 191.430256][T12426] folio_alloc_noprof+0x20/0x2d0 [ 191.431820][T12426] filemap_alloc_folio_noprof+0x3a1/0x470 [ 191.433646][T12426] page_cache_ra_order+0x4e1/0xd70 [ 191.435503][T12426] filemap_fault+0x1b4b/0x2930 [ 191.437586][T12426] __do_fault+0x10d/0x490 [ 191.439388][T12426] do_pte_missing+0x1a6/0x3ba0 [ 191.441439][T12426] __handle_mm_fault+0x152a/0x2a50 [ 191.443529][T12426] handle_mm_fault+0x589/0xd10 [ 191.445544][T12426] do_user_addr_fault+0x60c/0x1370 [ 191.447728][T12426] exc_page_fault+0x5c/0xb0 [ 191.449598][T12426] asm_exc_page_fault+0x26/0x30 [ 191.451570][T12426] page last free pid 5968 tgid 5968 stack trace: [ 191.454116][T12426] __free_frozen_pages+0x7d5/0x10f0 [ 191.457376][T12426] vfree+0x1fd/0xb50 [ 191.458997][T12426] kcov_close+0x34/0x60 [ 191.460687][T12426] __fput+0x402/0xb70 [ 191.462322][T12426] task_work_run+0x150/0x240 [ 191.464233][T12426] do_exit+0x86f/0x2bf0 [ 191.465982][T12426] do_group_exit+0xd3/0x2a0 [ 191.468140][T12426] get_signal+0x2673/0x26d0 [ 191.470014][T12426] arch_do_signal_or_restart+0x8f/0x7d0 [ 191.472263][T12426] exit_to_user_mode_loop+0x84/0x110 [ 191.474430][T12426] do_syscall_64+0x41c/0x4e0 [ 191.476452][T12426] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.478904][T12426] Modules linked in: [ 191.480533][T12426] CPU: 2 UID: 0 PID: 12426 Comm: syz.0.2651 Tainted: G B syzkaller #0 PREEMPT(full) [ 191.480557][T12426] Tainted: [B]=BAD_PAGE [ 191.480563][T12426] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 191.480573][T12426] Call Trace: [ 191.480579][T12426] [ 191.480585][T12426] dump_stack_lvl+0x16c/0x1f0 [ 191.480607][T12426] bad_page+0xcf/0x220 [ 191.480625][T12426] ? __pfx_bad_page+0x10/0x10 [ 191.480642][T12426] ? page_bad_reason+0x9d/0x1f0 [ 191.480660][T12426] __free_frozen_pages+0x7f7/0x10f0 [ 191.480686][T12426] __folio_put+0x329/0x450 [ 191.480703][T12426] ? __pfx___folio_put+0x10/0x10 [ 191.480720][T12426] ? find_held_lock+0x2b/0x80 [ 191.480738][T12426] ? delete_from_page_cache_batch+0x6c9/0x9b0 [ 191.480755][T12426] ? mark_held_locks+0x49/0x80 [ 191.480777][T12426] filemap_free_folio+0x132/0x170 [ 191.480798][T12426] delete_from_page_cache_batch+0x741/0x9b0 [ 191.480817][T12426] ? __pfx_delete_from_page_cache_batch+0x10/0x10 [ 191.480835][T12426] ? __pfx_workingset_update_node+0x10/0x10 [ 191.480854][T12426] truncate_inode_pages_range+0x279/0xe50 [ 191.480877][T12426] ? __pfx_truncate_inode_pages_range+0x10/0x10 [ 191.480904][T12426] ? smp_call_function_many_cond+0x1239/0x1600 [ 191.480924][T12426] ? lockdep_hardirqs_on+0x7c/0x110 [ 191.480942][T12426] ? __pfx_invalidate_bh_lru+0x10/0x10 [ 191.480961][T12426] ? on_each_cpu_cond_mask+0x40/0x90 [ 191.480979][T12426] ? smp_call_function_many_cond+0x457/0x1600 [ 191.481008][T12426] ? __pfx_invalidate_bh_lru+0x10/0x10 [ 191.481026][T12426] ? __pfx_has_bh_in_lru+0x10/0x10 [ 191.481045][T12426] blkdev_flush_mapping+0xfb/0x290 [ 191.481070][T12426] blkdev_put_whole+0xc4/0xf0 [ 191.481094][T12426] bdev_release+0x47e/0x6d0 [ 191.481109][T12426] ? __pfx_blkdev_release+0x10/0x10 [ 191.481124][T12426] blkdev_release+0x15/0x20 [ 191.481166][T12426] __fput+0x402/0xb70 [ 191.481186][T12426] task_work_run+0x150/0x240 [ 191.481202][T12426] ? __pfx_task_work_run+0x10/0x10 [ 191.481217][T12426] ? do_raw_spin_unlock+0x172/0x230 [ 191.481232][T12426] do_exit+0x86f/0x2bf0 [ 191.481248][T12426] ? __pfx_do_exit+0x10/0x10 [ 191.481263][T12426] ? preempt_schedule_thunk+0x16/0x30 [ 191.481279][T12426] do_group_exit+0xd3/0x2a0 [ 191.481294][T12426] __x64_sys_exit_group+0x3e/0x50 [ 191.481310][T12426] x64_sys_call+0x14fa/0x1720 [ 191.481321][T12426] do_syscall_64+0xcd/0x4e0 [ 191.481334][T12426] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.481345][T12426] RIP: 0033:0x7f648798eba9 [ 191.481352][T12426] Code: Unable to access opcode bytes at 0x7f648798eb7f. [ 191.481357][T12426] RSP: 002b:00007ffea7cb93d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 191.481366][T12426] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f648798eba9 [ 191.481373][T12426] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000 [ 191.481379][T12426] RBP: 00007ffea7cb943c R08: 0000000aa7cb94cf R09: 00000000000927c0 [ 191.481385][T12426] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001 [ 191.481391][T12426] R13: 00000000000927c0 R14: 000000000002e981 R15: 00007ffea7cb9490 [ 191.481399][T12426] [ 191.669968][ T46] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.740390][ T46] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.858728][ T46] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.978379][ T46] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 192.109403][ T46] bridge_slave_1: left allmulticast mode [ 192.111251][ T46] bridge_slave_1: left promiscuous mode [ 192.113066][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 192.115901][ T46] bridge_slave_0: left allmulticast mode [ 192.117875][ T46] bridge_slave_0: left promiscuous mode [ 192.120042][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 192.146164][ T29] tipc: Node number set to 15444650 [ 192.231303][ T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 192.235012][ T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 192.239679][ T46] bond0 (unregistering): Released all slaves [ 192.601507][ T46] hsr_slave_0: left promiscuous mode [ 192.604280][ T46] hsr_slave_1: left promiscuous mode [ 192.606961][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 192.609971][ T46] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 192.613296][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 192.616356][ T46] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 192.622132][ T46] veth1_macvtap: left promiscuous mode [ 192.624410][ T46] veth0_macvtap: left promiscuous mode [ 192.626833][ T46] veth1_vlan: left promiscuous mode [ 192.629033][ T46] veth0_vlan: left promiscuous mode [ 192.827516][ T46] team0 (unregistering): Port device team_slave_1 removed [ 192.868418][ T46] team0 (unregistering): Port device team_slave_0 removed [ 193.471636][ T46] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.098348][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.100939][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.170182][ T46] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.231049][ T46] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.290940][ T46] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.379944][ T46] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.430299][ T46] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.471541][ T46] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.559109][ T46] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.660990][ T46] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.751983][ T46] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.819230][ T46] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.889522][ T46] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.968495][ T46] bridge_slave_1: left allmulticast mode [ 195.970309][ T46] bridge_slave_1: left promiscuous mode [ 195.972138][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 195.975155][ T46] bridge_slave_0: left allmulticast mode [ 195.977483][ T46] bridge_slave_0: left promiscuous mode [ 195.979581][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 195.983689][ T46] bridge_slave_1: left allmulticast mode [ 195.985385][ T46] bridge_slave_1: left promiscuous mode [ 195.987840][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 195.991160][ T46] bridge_slave_0: left allmulticast mode [ 195.993313][ T46] bridge_slave_0: left promiscuous mode [ 195.995577][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 195.999582][ T46] bridge_slave_1: left allmulticast mode [ 196.001792][ T46] bridge_slave_1: left promiscuous mode [ 196.003861][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 196.007304][ T46] bridge_slave_0: left allmulticast mode [ 196.009199][ T46] bridge_slave_0: left promiscuous mode [ 196.011431][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 196.015459][ T46] tipc: Resetting bearer [ 196.180139][ T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 196.184757][ T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 196.188732][ T46] bond0 (unregistering): Released all slaves [ 196.210032][ T46] tipc: Disabling bearer [ 196.275594][ T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 196.279618][ T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 196.283274][ T46] bond0 (unregistering): Released all slaves [ 196.372870][ T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 196.376503][ T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 196.379737][ T46] bond0 (unregistering): Released all slaves [ 196.482170][ T46] tipc: Left network mode [ 197.042100][ T46] hsr_slave_0: left promiscuous mode [ 197.044076][ T46] hsr_slave_1: left promiscuous mode [ 197.046502][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 197.049461][ T46] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 197.052163][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 197.054531][ T46] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 197.059804][ T46] hsr_slave_0: left promiscuous mode [ 197.062378][ T46] hsr_slave_1: left promiscuous mode [ 197.064891][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 197.067441][ T46] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 197.069987][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 197.072311][ T46] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 197.077665][ T46] hsr_slave_0: left promiscuous mode [ 197.080254][ T46] hsr_slave_1: left promiscuous mode [ 197.082320][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 197.084681][ T46] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 197.087923][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 197.090170][ T46] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 197.098387][ T46] veth1_macvtap: left promiscuous mode [ 197.100667][ T46] veth0_macvtap: left promiscuous mode [ 197.102506][ T46] veth1_vlan: left promiscuous mode [ 197.104158][ T46] veth0_vlan: left promiscuous mode [ 197.108554][ T46] veth1_macvtap: left promiscuous mode [ 197.110652][ T46] veth0_macvtap: left promiscuous mode [ 197.112416][ T46] veth1_vlan: left promiscuous mode [ 197.114149][ T46] veth0_vlan: left promiscuous mode [ 197.117019][ T46] veth1_macvtap: left promiscuous mode [ 197.119056][ T46] veth0_macvtap: left promiscuous mode [ 197.120923][ T46] veth1_vlan: left promiscuous mode [ 197.122945][ T46] veth0_vlan: left promiscuous mode [ 197.329868][ T46] team0 (unregistering): Port device team_slave_1 removed [ 197.359423][ T46] team0 (unregistering): Port device team_slave_0 removed [ 197.605805][ T46] team0 (unregistering): Port device team_slave_1 removed [ 197.643881][ T46] team0 (unregistering): Port device team_slave_0 removed [ 197.924620][ T46] team0 (unregistering): Port device team_slave_1 removed [ 197.956448][ T46] team0 (unregistering): Port device team_slave_0 removed VM DIAGNOSIS: 12:22:48 Registers: info registers vcpu 0 CPU#0 RAX=000000000028e769 RBX=0000000000000000 RCX=ffffffff8b94bb49 RDX=0000000000000000 RSI=ffffffff8de527c8 RDI=ffffffff8c163300 RBP=fffffbfff1c52ef8 RSP=ffffffff8e207e08 R8 =0000000000000001 R9 =ffffed100d486655 R10=ffff88806a4332ab R11=0000000000000000 R12=0000000000000000 R13=ffffffff8e2977c0 R14=ffffffff90ab7090 R15=0000000000000000 RIP=ffffffff8b94a68f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d66b4000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00002000000020c0 CR3=000000004ec19000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000080040001 Opmask01=0000000020080810 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffea7cb9400 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffea7cb9586 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffea7cb9586 00007ffea7cb958c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6487a12e46 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6487a12e53 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6487a12e4d ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6487a12e61 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6487a12ee7 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6487a12fc5 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0063696e61703d73 726f727265006f72 2d746e756f6d6572 3d73726f72726500 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00464c4b44551856 574a575740004a57 08514b504a484057 1856574a57574000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=0000000000000004 RCX=0000000000000004 RDX=0000000000000004 RSI=ffff88801faa0b68 RDI=ffff88801faa0000 RBP=ffffc900006a0940 RSP=ffffc900006a08a0 R8 =0000000000080000 R9 =0000000000000001 R10=0000000000000078 R11=0000000000000001 R12=ffff88801faa0b68 R13=0000000000000010 R14=0000000000000003 R15=ffff88801faa0000 RIP=ffffffff8197ab4d RFL=00000047 [---Z-PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d67b4000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007ffed16f4610 CR3=0000000031bda000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000044402 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa8c91a76c3 00007fa8c91a76c3 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffed16f6810 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555903586f9 00005555903582c0 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555903224a8 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555590337b94 0000555590335830 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055559032a194 000055559032a190 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000003bf12 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 616e676973206e77 6f6e6b6e75000a29 7325203a6425206f 6e7272652820000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 444b424c56054b52 4a4b4e4b50000a0c 5600051f4100054a 4b5757400d05000a ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0168ea048082a0a8 08004be00301b010 004bd0030c100034 a00301ca10003490 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 010010004b800401 0000000806060168 ea048082a0a80800 4be00301b010004b ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 d0030c100034a003 01ca100034900308 808210003480030e 100033f003101000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 33e00306100033d0 030fffffffffffff 0433c0030010000d 80030d800433b003 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 06080033a8030408 0033a0030c080033 980304a808003390 0301b01000338003 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffffffff8e4ceca0 RCX=00000000fffff1b4 RDX=ffff888012c42440 RSI=ffffffff819b79b8 RDI=ffffffff8e4ceca0 RBP=dffffc0000000000 RSP=ffffc90004b66ff0 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000 R12=ffffffff8e599628 R13=0000000000000053 R14=ffffc90004b67280 R15=00000000000011b4 RIP=ffffffff819b79b8 RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d68b4000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c39b3a2 CR3=000000000e380000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffea7cb9586 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffea7cb9586 00007ffea7cb958c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6487a12e46 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6487a12e53 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6487a12e4d ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6487a12e61 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6487a12ee7 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6487a12fc5 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6487ba74a8 00007f6487ba74a0 00007f6487ba7498 00007f6487ba7470 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f648870d100 00007f6487ba7460 00007f6487ba0004 0008000f0010000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6487ba74b8 00007f6487ba74b0 00007f6487ba74a8 00007f6487ba74a0 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=fffffbfff2156e12 RBX=fffffbfff2156e13 RCX=ffffffff81a7ea46 RDX=fffffbfff2156e13 RSI=0000000000000008 RDI=ffffffff90ab7090 RBP=fffffbfff2156e12 RSP=ffffc900007ef930 R8 =0000000000000000 R9 =fffffbfff2156e12 R10=ffffffff90ab7097 R11=ffffffff9b04de38 R12=0000000000000003 R13=00000000ffffd4de R14=ffff888032ead848 R15=000000000000001e RIP=ffffffff8221f7a9 RFL=00000082 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d69b4000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000555584d03808 CR3=000000005ffaa000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000080040001 Opmask01=0000000020080810 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff0dca7580 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff0dca7706 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff0dca7706 00007fff0dca770c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd7fd612e46 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd7fd612e53 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd7fd612e4d ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd7fd612e61 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd7fd612ee7 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd7fd612fc5 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0063696e61703d73 726f727265006f72 2d746e756f6d6572 3d73726f72726500 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00464c4b44551856 574a575740004a57 08514b504a484057 1856574a57574000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000