last executing test programs: 2.929953749s ago: executing program 0 (id=1340): syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) listen(r0, 0x20000005) r1 = socket$inet6(0xa, 0x6, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=@newlink={0x20, 0x10, 0x1, 0x70bd26, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2102, 0x4800}}, 0x20}, 0x1, 0x0, 0x0, 0x4040014}, 0x24040800) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, 0x0, 0x0) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty}, 0x1c) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) r3 = accept4(r0, 0x0, 0x0, 0x0) bind$netrom(0xffffffffffffffff, 0x0, 0x0) recvmmsg$unix(r3, &(0x7f0000003fc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x67ac87061aeae0ba, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, 0x0, 0x0) write$nbd(r3, &(0x7f0000000440)=ANY=[], 0xd6) 2.030098079s ago: executing program 1 (id=1347): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) syz_emit_vhci(0x0, 0xf8) socket(0x400000000004, 0x5, 0x0) socket$rds(0x15, 0x5, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r2, 0x0) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) r4 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r4, 0x84, 0x4, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 2.029716408s ago: executing program 0 (id=1348): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'streebog512-generic\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000002540)=[{0xf0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000240)="d306c5", 0x3}], 0x1, 0x0, 0x0, 0x4000000}], 0x1, 0x20040005) 1.980088751s ago: executing program 0 (id=1349): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$P9_RGETLOCK(r1, &(0x7f00000094c0)=ANY=[], 0x200002e6) fcntl$setpipe(r1, 0x407, 0x7000000) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00003, 0x18) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) preadv(r0, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x1f, 0x0) 1.97888733s ago: executing program 1 (id=1350): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)) r0 = syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000080)=0x0) io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1) syz_io_uring_submit(r1, r2, 0x0) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x240, 0x36}, 0x4, [0x7, 0x8, 0x5, 0xd, 0x8, 0x155f, 0x6, 0x5, 0x25cd, 0x1, 0xa4, 0x6, 0xa2b9, 0x6, 0x9, 0xe4, 0x9, 0xfc000000, 0x3, 0xbbf, 0x0, 0x8, 0x9, 0xd, 0x2, 0x12a3, 0x6, 0x3, 0x2, 0x4, 0x7, 0x81, 0x8a, 0xfffffff8, 0x558e0d34, 0x4, 0xfffeffff, 0x91, 0x5, 0x4, 0x7, 0x2, 0x5, 0x400, 0x7fff, 0x5, 0x4a7, 0x81, 0x6, 0xf9a2, 0x80000001, 0xff, 0x0, 0x2, 0x2, 0x5, 0x7, 0x1, 0x7ff, 0x4, 0x4007f, 0xffffffff, 0x6, 0x6], [0x9, 0x3, 0x6, 0x5f, 0x4, 0xc66, 0xa8a9, 0x73, 0x8e, 0x10001, 0x7, 0x5, 0xf, 0xfffffff3, 0x4, 0x5, 0x1000, 0x0, 0x200b398, 0x400800, 0x0, 0x2, 0x1c, 0x8, 0x1, 0x2, 0x54f5bad8, 0x8, 0xfffffffd, 0x403, 0xffff58b9, 0x4c2336d3, 0x80004, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00002, 0x80005, 0xb, 0x2, 0x1, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x762, 0x1cb, 0x1, 0x4, 0x6, 0xaa5, 0x2, 0x9, 0x2, 0x8000, 0x5, 0xfffffff9, 0x994, 0x1000, 0x4, 0x5], [0x2, 0x1, 0xffff, 0x3, 0x2, 0x2e6bf783, 0x80000001, 0xb, 0x1, 0x4, 0x8d3, 0x6, 0x108, 0x3ff, 0x2, 0x400, 0x40, 0x6, 0x7, 0x7, 0x5, 0x0, 0x5, 0x9, 0x80000001, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x100006, 0x8000, 0x400, 0x3e55, 0x4, 0xd3, 0x7, 0x3435, 0x5, 0x9, 0xfd, 0x401, 0x101, 0x7ff, 0x60a2, 0x17fc, 0x9d26, 0x5, 0x8, 0x2, 0x2, 0x6, 0x8000, 0xf45, 0x3, 0xd500, 0x8, 0x77, 0x9, 0xfffffffc, 0x10000, 0x1, 0x8, 0x1], [0xa772, 0x1, 0x5, 0x1afa, 0xbfc, 0x8, 0x7c81, 0x7f, 0xfffffff8, 0x40, 0xff, 0x5, 0x7fffffff, 0x7, 0x4, 0x9, 0x81, 0x3, 0x9d86, 0x9, 0xfffffff7, 0x8, 0x40f1, 0x2, 0x3, 0x101, 0x80000001, 0x7777, 0xfff, 0x2, 0x100, 0xd8ce, 0x7fffffff, 0x624dfaee, 0xc, 0x7f, 0x1000, 0x1ff, 0x2, 0xffffffff, 0x10000, 0x0, 0x8001, 0x7fff, 0x1000, 0x6, 0xf, 0xe, 0x5337, 0x26d, 0x806, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0x4, 0x463f, 0x4, 0xdaf, 0x1, 0x8, 0x14000, 0x1, 0x1b18]}, 0x45c) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) sendmsg$RDMA_NLDEV_CMD_SYS_SET(0xffffffffffffffff, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000003c0), 0x40, &(0x7f0000000840)=ANY=[@ANYBLOB]) chdir(&(0x7f0000000100)='./file0\x00') syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) prctl$PR_SET_SECUREBITS(0x1c, 0xf) setresuid(0x0, 0xee00, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0) 1.888982358s ago: executing program 1 (id=1351): syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={0x0, 0x0, 0x26, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000001c0)={0x2710, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r2 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x181081) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r4) socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)) ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast}) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000008c80)=ANY=[@ANYBLOB="2c00000026000506"], 0x2c}}, 0x0) recvmmsg(r5, &(0x7f0000007700), 0x318, 0xfc0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000280)={{0x0, 0x0, 0x8, 0x2, 0x8001}}) syz_genetlink_get_family_id$fou(&(0x7f0000000240), 0xffffffffffffffff) r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x12, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) syz_kvm_setup_cpu$x86(r1, r6, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, 0x0}], 0x1, 0x13, &(0x7f0000000180)=[@cr4={0x1, 0x40002}], 0x1) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000014000/0x18000)=nil, &(0x7f0000002400)=[@textreal={0x8, &(0x7f00000002c0)="0f0d51f40f01d10fc75800f30fc73600102e0f71e100b800008ec0640f017400aa66b9e408000066b81f6269e766ba000000000f309c0c0cb8d09bbc8966efbafc0cedba4300ba210066ed3626f00fc70d", 0xaf}], 0xaaaab6d, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) r7 = socket$inet(0x2, 0x3, 0x4) setsockopt$inet_opts(r7, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5) setsockopt$SO_BINDTODEVICE(r7, 0x1, 0x19, &(0x7f00000000c0)='xfrm0\x00', 0x10) connect$inet(r7, &(0x7f0000000080)={0x2, 0x4e20, @private=0xa010100}, 0x10) mkdir(&(0x7f0000000140)='./file0\x00', 0x1) r8 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x4) fspick(r8, &(0x7f0000000400)='./file0\x00', 0x0) sendmmsg$inet(r7, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10, 0x0}}], 0x68000, 0x0) 1.603850888s ago: executing program 0 (id=1354): bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB='\t\x00\x00\x00\f'], 0x50) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r2 = accept4(r1, 0x0, 0x0, 0x800) socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010100000000000000", @ANYRES32], 0x54}, 0x1, 0x0, 0x0, 0x4010}, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0xb8}}, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 740.075956ms ago: executing program 0 (id=1357): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$lock(r2, 0x6, &(0x7f0000002000)={0x1}) dup(r0) fcntl$lock(r2, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000000000001}) sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x14}, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=ANY=[@ANYBLOB="4400000010001fff26bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800e000100697036677265746170000000080002800400120008000a00", @ANYRES32=r3, @ANYBLOB="098f51bfdec4185a490c1803a3fe7aea629a7a"], 0x44}, 0x1, 0x0, 0x0, 0x10000010}, 0x20000004) r4 = socket$netlink(0x10, 0x3, 0x15) writev(r4, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r4, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)={0x70, r5, 0x800, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r6}, @val={0xc, 0x99, {0xb64f, 0x64}}}}, [@NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0x108e}, @NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0x3}, @NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0xb5c}, @NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0x1}, @NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0x868}, @NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0xec6}, @NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0xc58}, @NL80211_ATTR_CRIT_PROT_ID={0x6}, @NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0xddd}]}, 0x70}}, 0x0) 614.731595ms ago: executing program 1 (id=1359): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000440), 0xffffffffffffffff) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000100)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_LEVEL(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYRES32=r3], 0x1c}, 0x1, 0x3000000}, 0x0) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) 612.835132ms ago: executing program 0 (id=1360): socket$l2tp6(0xa, 0x2, 0x73) socket$nl_generic(0x10, 0x3, 0x10) socket$key(0xf, 0x3, 0x2) syz_usb_connect$cdc_ecm(0x3, 0x4d, &(0x7f0000001240)=ANY=[@ANYBLOB="12010000020000102505a1a44000010203010902"], 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) syz_open_procfs(0x0, &(0x7f0000000080)='ns\x00') userfaultfd(0x801) syz_open_dev$sndctrl(&(0x7f0000000240), 0x0, 0x2a8600) openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000380), 0x2, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x40000012}) socket(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x201, 0x1, &(0x7f0000000540)=[r1], &(0x7f0000000500)=[0x1], &(0x7f0000000200), &(0x7f0000000580), 0x0, 0x7f}) 560.464105ms ago: executing program 1 (id=1361): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x8, 0x100}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0x2, 0x5, 0x3}) r3 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000340)={0x8, 0x8169, 0xe}) r4 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000140)={0x6, 0x1000, 0x800}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000001c0)={0xff, 0x3, 0xd83f}) dup(r2) close_range(r0, 0xffffffffffffffff, 0x0) 474.067524ms ago: executing program 1 (id=1364): socket$l2tp6(0xa, 0x2, 0x73) socket$nl_generic(0x10, 0x3, 0x10) socket$key(0xf, 0x3, 0x2) syz_usb_connect$cdc_ecm(0x3, 0x4d, &(0x7f0000001240)=ANY=[@ANYBLOB="12010000020000102505a1a44000010203010902"], 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) syz_open_procfs(0x0, &(0x7f0000000080)='ns\x00') userfaultfd(0x801) syz_open_dev$sndctrl(&(0x7f0000000240), 0x0, 0x2a8600) openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000380), 0x2, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x40000012}) socket(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x201, 0x1, &(0x7f0000000540)=[r1], &(0x7f0000000500)=[0x1], &(0x7f0000000200), &(0x7f0000000580), 0x0, 0x7f}) 309.653937ms ago: executing program 3 (id=1373): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000002c0)={0x3c, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @val={0xc, 0x99, {0x8000, 0x29}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0x2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40084}, 0x0) r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00') pread64(r4, &(0x7f0000001240)=""/102400, 0x19000, 0x1000000000) r5 = eventfd(0x4) ioctl$VHOST_SET_VRING_BASE(r3, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f}) ioctl$VHOST_SET_LOG_FD(r3, 0x4004af07, &(0x7f0000000240)=r5) ioctl$VHOST_SET_VRING_KICK(r3, 0x4008af20, &(0x7f0000000040)={0x1, r5}) r6 = userfaultfd(0x80001) ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000380)) ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/64, 0x0, 0xdddd0000}) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x10012, r7, 0x0) ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/236, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/66}) ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f0000000000)=0x1) 309.380727ms ago: executing program 2 (id=1374): mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x81c0, 0x0) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10) write(r0, &(0x7f0000000280), 0x0) r1 = landlock_create_ruleset(0x0, 0x0, 0x3) openat$pmem0(0xffffffffffffff9c, &(0x7f0000002340), 0x80d01, 0x0) sync() sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x180000504) landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(0xffffffffffffffff, 0x1, &(0x7f0000000200)={0x1a0, r1}, 0x0) landlock_restrict_self(r1, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x0) 238.386395ms ago: executing program 2 (id=1375): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x8) sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x2d}, 0x1, 0x0, 0x0, 0x8801}, 0x8000) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0) getsockname$packet(r3, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a0008", @ANYRES32=r4, @ANYBLOB="00001000252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000) sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=@newlink={0x3c, 0x10, 0x503, 0x0, 0xfffffffc, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bond={{0x9}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x4000) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x60, &(0x7f0000000300)={&(0x7f0000000900)=ANY=[@ANYBLOB="5c00000010001ffffcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800b0001006772657461700000240002800800070064010100060003001008000008001500700f0d0008000700ac1414bb08000a00", @ANYRES32=r5], 0x5c}}, 0x40) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket(0x10, 0x803, 0x2) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r7) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r8, @ANYBLOB="0100000001000000"], 0x3c}}, 0x0) 238.043373ms ago: executing program 3 (id=1376): r0 = socket(0x10, 0x803, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=@newtfilter={0x494, 0x2c, 0xd2b, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0xf, 0x1}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x468, 0x2, [@TCA_U32_SEL={0x44, 0x5, {0xe, 0x1, 0x3, 0x1, 0x4, 0x2, 0x6, 0xfffffffa, [{0x2, 0x500, 0x3, 0x6}, {0x6783, 0x2, 0x8001, 0x10}, {0x2, 0x80000000, 0xa9, 0x1}]}}, @TCA_U32_CLASSID={0x8, 0x1, {0xffff, 0x9}}, @TCA_U32_POLICE={0x418, 0x6, [@TCA_POLICE_RESULT={0x8, 0x5, 0x7000000}, @TCA_POLICE_AVRATE={0x8, 0x4, 0xa}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x8001, 0xffffffff, 0x2, 0x5, 0xa, 0x8, 0x5, 0xfffffffa, 0x8000, 0x40, 0x80000000, 0x7, 0x6, 0x7e, 0x4, 0x5, 0x3, 0x8, 0x2, 0xa47, 0x8, 0xb00, 0x2, 0x573d, 0x5, 0xa43, 0x59, 0x80000000, 0x101, 0x5, 0x5, 0x1, 0x9, 0x1, 0xd3b, 0x4, 0x7, 0x9f, 0x2afcfe88, 0x4, 0xa, 0x3, 0x9, 0x9, 0x7, 0xa7c, 0x4478, 0x5, 0xe, 0x9, 0x8, 0xffffffff, 0x8, 0x2, 0x3, 0xfb, 0x7, 0x4, 0x101, 0x4d9, 0x1, 0xff, 0x9, 0x1, 0x155, 0x4, 0x0, 0x0, 0x6, 0x9, 0x9, 0xb549, 0xfff, 0x1, 0xff, 0x909, 0x1, 0x7, 0x7, 0x401, 0xfffffff7, 0x8, 0x3ff, 0x9, 0x8, 0x6, 0xffffffff, 0x0, 0x4, 0x6, 0xffff8001, 0x1, 0x97, 0x0, 0x4, 0xa3, 0x4, 0x0, 0x9, 0x5af1, 0x9, 0x1, 0x7f, 0x10000000, 0x7, 0x81, 0x8, 0x92de, 0x8a0000, 0x9, 0x5, 0xff, 0x89e, 0x6, 0x1, 0xa, 0x5, 0x80, 0x4, 0x7, 0x2, 0x3, 0x83, 0x445, 0x5, 0x7, 0x401, 0x80, 0xff, 0x1ff, 0x336b, 0x4, 0x1, 0x3, 0xbd, 0xc, 0x4, 0x302, 0x1, 0x5, 0x1, 0x4, 0xfff, 0x7, 0xfffff560, 0x0, 0x2, 0x8, 0x6, 0x80, 0xff, 0x5, 0xfffffffd, 0x5, 0x1, 0x7, 0x10, 0x3, 0x4, 0xffffffff, 0x9, 0x3f, 0x7, 0xfffffc01, 0xe, 0xb71, 0x4, 0x0, 0x3, 0x1, 0x9, 0xb808, 0x3b, 0x6, 0xd5, 0x5, 0x7f, 0x7a, 0xa, 0x5, 0x6, 0x0, 0x1, 0x3, 0x7, 0x572e, 0x4, 0x6, 0x200, 0xfffffffd, 0x1000, 0x1, 0x200, 0x10001, 0x7, 0x400, 0x9, 0x7fffffff, 0x9, 0x4, 0x2eb7, 0xbab0, 0x5, 0x1, 0xff, 0xa2fa, 0x8, 0x9e7, 0x8, 0x73c128b, 0x2, 0xce7, 0x40, 0x7, 0x8, 0x745, 0x7, 0xce71, 0x6, 0xfffffffd, 0x5, 0xa53, 0x7, 0x2, 0xfffffffe, 0x40, 0x4, 0x0, 0x401, 0x81, 0x4, 0x4, 0xffffffff, 0x10001, 0x800, 0x2, 0x5, 0x1, 0x1, 0x5, 0x0, 0x4, 0x1, 0x2, 0x80000001, 0x3, 0x4, 0x1, 0xffff, 0xfc, 0x4, 0x0, 0x7, 0x10, 0x6, 0x8]}]}]}}]}, 0x494}}, 0x24040084) 129.847717ms ago: executing program 3 (id=1377): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000440), 0xffffffffffffffff) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000100)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_GET_SEC_LEVEL(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYRES32=r3], 0x1c}, 0x1, 0x3000000}, 0x0) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), r0) 129.343072ms ago: executing program 2 (id=1378): openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) 129.099515ms ago: executing program 3 (id=1379): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000006c0)={0x0, 0xf0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x44, 0x10, 0x40d, 0x70bd2d, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, 0xc060, 0x22428}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0xc, 0x5, 0x0, 0x1, [@IFLA_BRPORT_BACKUP_PORT={0x8, 0x22, r2}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x24000885}, 0x0) 80.118885ms ago: executing program 2 (id=1380): r0 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x1}, 0xfffff, 0x0, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f0000000100), &(0x7f00000002c0)={'syz', 0x2}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000240)={'syz', 0x0}, 0x0, 0x0, r1) r3 = add_key$keyring(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, r2) r4 = add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x3}, 0x0, 0x0, r3) r5 = add_key$keyring(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, r4) add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, r5) r6 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_SECURITY_KEY(r6, 0x110, 0x1, &(0x7f0000000140)='\x00', 0x1) 79.861135ms ago: executing program 3 (id=1381): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="390000000108000000000000000000004c000000ee480f56a626428a931451985791cecf55fb3239869ac03c1b55fb3c12411cc9cb4e6f3e7137675e886b89c68b22603a8ef04841d54e6c35af68f17b491a4b5be1da0e02f114f158bee6e09acf29f5a895f9351e100462", @ANYRES32=0x0, @ANYBLOB="c30001000000000008001b00000000000500100005000000"], 0x30}, 0x1, 0xffffa888}, 0x0) fsopen(0x0, 0x1) getsockopt$netlink(r0, 0x10e, 0x7, &(0x7f0000000440)=""/173, &(0x7f00000000c0)=0xad) r1 = socket$inet_smc(0x2b, 0x1, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a09040000000000000000020000000900020073797a32000000000900010073797a300000000070000000080a01010000000000000000020000000900010073797a30000000000900020073797a32000000002c00058008000140000000000800024000000000080001400000000608000140000000f9080001400000005c080009"], 0xc4}}, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)) r3 = socket$inet(0x2b, 0x801, 0x0) connect$inet(r3, &(0x7f0000000080)={0x2, 0x0, @dev}, 0x10) ioctl$sock_inet_tcp_SIOCOUTQNSD(r3, 0x894b, &(0x7f0000000100)) getsockopt$ARPT_SO_GET_INFO(r1, 0x0, 0x60, &(0x7f0000000180)={'filter\x00', 0x0, [0x10000, 0x1, 0x7]}, &(0x7f0000000080)=0xffffffc7) 79.226703ms ago: executing program 2 (id=1382): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000100)={'netdevsim0\x00', &(0x7f0000000040)=@ethtool_ringparam={0x48, 0x7f, 0x20000a2e, 0x0, 0x0, 0x3, 0x2000000, 0x0, 0x3000000}}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000100)=ANY=[@ANYBLOB="200000002c00010026bd7000fcdbdf25040000000800170008000000040019"], 0x20}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000) r3 = syz_open_dev$MSR(&(0x7f0000000580), 0xa, 0x0) ioctl$X86_IOC_RDMSR_REGS(r3, 0xc02063a0, &(0x7f00000005c0)=[0x4, 0x0, 0x6, 0x0, 0x4, 0x1000, 0xffff0000, 0x35b]) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'veth1_to_hsr\x00', 0x1000}) r4 = socket$unix(0x1, 0x5, 0x0) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r4, r5, &(0x7f00000000c0)=0x10008e, 0x180000504) r6 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_DELETE(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x34, r6, 0x1, 0x70bd2c, 0x44, {0x5}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaa8}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x5}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x2}]}, 0x34}}, 0x0) sendmsg$L2TP_CMD_SESSION_DELETE(r5, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x54, r6, 0x400, 0x74bd2b, 0x25dfdbfc, {}, [@L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x50}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @L2TP_ATTR_L2SPEC_TYPE={0x5}, @L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x7}, @L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x4}, @L2TP_ATTR_PEER_CONN_ID={0x8}]}, 0x54}, 0x1, 0x0, 0x0, 0x4004807}, 0x20040081) 179.239µs ago: executing program 3 (id=1383): bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB='\t\x00\x00\x00\f'], 0x50) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r2 = accept4(r1, 0x0, 0x0, 0x800) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=ANY=[@ANYBLOB='T\x00\x00', @ANYRES16=r4, @ANYBLOB="010100000000000000", @ANYRES32], 0x54}, 0x1, 0x0, 0x0, 0x4010}, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0xb8}}, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 0s ago: executing program 2 (id=1384): r0 = io_uring_setup(0x1a6f, &(0x7f0000000240)={0x0, 0x0, 0x400, 0x7ffff, 0xfffffffc}) r1 = syz_open_dev$dri(&(0x7f0000000040), 0x100006, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000140)=[0x0], 0x0, 0x0, 0x0, 0x1}) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) r3 = getpid() r4 = syz_pidfd_open(r3, 0x0) setns(r4, 0x24020000) syz_clone(0x498144ee7b68e549, 0x0, 0x0, 0x0, 0x0, 0x0) r5 = socket$can_raw(0x1d, 0x3, 0x1) getsockopt$CAN_RAW_LOOPBACK(r5, 0x65, 0x3, &(0x7f0000000000), &(0x7f0000000080)=0x4) ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f0000000640)={0x0, 0x0, r2, 0x0, 0x80, 0x5, 0x9, 0x0, {0xa, 0xff, 0x1c, 0x7, 0x7, 0x402, 0xfff5, 0x6, 0x0, 0x53, 0x8001, 0x7e9, 0x401, 0x5, "cb630dab3a03380574010300000000000000dc45c87d55b42a28b8f01c0e0e7a"}}) close_range(r0, 0xffffffffffffffff, 0x0) kernel console output (not intermixed with test programs): eftover after parsing attributes in process `syz.2.139'. [ 58.132249][ T6360] netlink: 4 bytes leftover after parsing attributes in process `syz.3.141'. [ 58.179892][ T6362] netlink: 24 bytes leftover after parsing attributes in process `syz.3.142'. [ 58.695979][ T6383] lo: entered allmulticast mode [ 58.727875][ T6382] lo: left allmulticast mode [ 58.746627][ T5944] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 58.749843][ T5944] Bluetooth: hci0: Injecting HCI hardware error event [ 58.752552][ T5944] Bluetooth: hci0: hardware error 0x00 [ 58.809447][ T6385] netlink: 16 bytes leftover after parsing attributes in process `syz.0.151'. [ 59.064920][ T5956] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 59.067456][ T5956] Bluetooth: hci3: Injecting HCI hardware error event [ 59.070323][ T5956] Bluetooth: hci3: hardware error 0x00 [ 59.130862][ T6393] overlayfs: failed to get inode (-116) [ 59.132944][ T6393] overlayfs: failed to get inode (-116) [ 59.220314][ T6395] kvm: pic: non byte read [ 59.227235][ T6395] kvm: pic: level sensitive irq not supported [ 59.228782][ T6395] kvm: pic: single mode not supported [ 59.232860][ T6395] kvm: pic: level sensitive irq not supported [ 59.271523][ T6395] kvm: pic: level sensitive irq not supported [ 59.280792][ T6395] kvm: pic: level sensitive irq not supported [ 59.486108][ T6412] netlink: 16 bytes leftover after parsing attributes in process `syz.3.160'. [ 59.726543][ T6418] netlink: 4 bytes leftover after parsing attributes in process `syz.0.162'. [ 60.289288][ T6433] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 60.347005][ T6436] netlink: 16 bytes leftover after parsing attributes in process `syz.2.169'. [ 60.579508][ T6445] usb 1-1: USB disconnect, device number 2 [ 60.614597][ T6446] wg1: entered promiscuous mode [ 60.616044][ T6446] wg1: entered allmulticast mode [ 60.904133][ T5944] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 61.154261][ T5956] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 61.324839][ T6448] netlink: 156 bytes leftover after parsing attributes in process `syz.2.173'. [ 61.332338][ T40] kauditd_printk_skb: 56 callbacks suppressed [ 61.332351][ T40] audit: type=1400 audit(1743401915.767:290): avc: denied { mount } for pid=6447 comm="syz.2.173" name="/" dev="afs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 61.334722][ T6448] netlink: 'syz.2.173': attribute type 4 has an invalid length. [ 61.352294][ T40] audit: type=1400 audit(1743401915.787:291): avc: denied { unmount } for pid=5938 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 61.915158][ T6464] kvm: apic: phys broadcast and lowest prio [ 62.079308][ T40] audit: type=1400 audit(1743401916.517:292): avc: denied { create } for pid=6467 comm="syz.1.181" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 62.086485][ T40] audit: type=1400 audit(1743401916.527:293): avc: denied { connect } for pid=6467 comm="syz.1.181" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 62.093051][ T40] audit: type=1400 audit(1743401916.527:294): avc: denied { ioctl } for pid=6467 comm="syz.1.181" path="socket:[13647]" dev="sockfs" ino=13647 ioctlcmd=0x8918 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 62.536491][ T6482] netlink: 12 bytes leftover after parsing attributes in process `syz.2.186'. [ 62.550687][ T6482] 8021q: adding VLAN 0 to HW filter on device bond1 [ 62.561787][ T6482] veth1_to_bond: entered allmulticast mode [ 62.624768][ T6481] veth1_to_bond: left allmulticast mode [ 62.669630][ T40] audit: type=1400 audit(1743401917.107:295): avc: denied { create } for pid=6489 comm="syz.2.189" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 62.675910][ T40] audit: type=1400 audit(1743401917.107:296): avc: denied { setopt } for pid=6489 comm="syz.2.189" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 62.681474][ T40] audit: type=1400 audit(1743401917.107:297): avc: denied { write } for pid=6489 comm="syz.2.189" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 62.689193][ T40] audit: type=1400 audit(1743401917.107:298): avc: denied { read } for pid=6489 comm="syz.2.189" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 62.690221][ T6493] 9pnet: Unknown protocol version 9p200 [ 62.697855][ T6492] netfs: Couldn't get user pages (rc=-14) [ 62.701350][ T40] audit: type=1400 audit(1743401917.127:299): avc: denied { read append } for pid=6486 comm="syz.1.188" path="/53/file0/memory.events" dev="9p" ino=36831355 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 62.713312][ T6493] 9pnet_virtio: no channels available for device syz [ 62.939079][ T6505] overlayfs: failed to get index nlink (file1/bus, err=-61) [ 63.010929][ T6513] __nla_validate_parse: 1 callbacks suppressed [ 63.010940][ T6513] netlink: 8 bytes leftover after parsing attributes in process `syz.2.197'. [ 63.609963][ T6552] input: syz0 as /devices/virtual/input/input5 [ 63.855146][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 63.874408][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 63.952315][ T6576] 9pnet: Unknown protocol version 9p2000. [ 64.817289][ T6618] netlink: 12 bytes leftover after parsing attributes in process `syz.0.223'. [ 64.838025][ T6618] bridge1: port 1(ip6gretap1) entered blocking state [ 64.840392][ T6618] bridge1: port 1(ip6gretap1) entered disabled state [ 64.842501][ T6618] ip6gretap1: entered allmulticast mode [ 64.845237][ T6618] ip6gretap1: entered promiscuous mode [ 64.870835][ T6618] veth3: entered promiscuous mode [ 64.872560][ T6618] bridge1: port 2(veth3) entered blocking state [ 64.874640][ T6618] bridge1: port 2(veth3) entered disabled state [ 64.876560][ T6618] veth3: entered allmulticast mode [ 64.994118][ T5944] Bluetooth: hci2: command 0x0405 tx timeout [ 65.081965][ T6632] block nbd0: NBD_DISCONNECT [ 65.196238][ T6633] veth0_vlan: left promiscuous mode [ 65.198562][ T6633] veth0_vlan: entered promiscuous mode [ 65.306976][ T6644] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 65.514488][ T6033] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 65.666425][ T6033] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 65.670353][ T6033] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 65.674811][ T6033] usb 5-1: config 1 interface 1 altsetting 1 has an invalid descriptor for endpoint zero, skipping [ 65.680025][ T6033] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 65.682583][ T6033] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 65.685505][ T6033] usb 5-1: Product: syz [ 65.686784][ T6033] usb 5-1: Manufacturer: syz [ 65.690223][ T6033] usb 5-1: SerialNumber: syz [ 65.934161][ T6642] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 syzkaller syzkaller login: [ 66.317562][ T6653] netlink: 4 bytes leftover after parsing attributes in process `syz.1.235'. [ 66.322601][ T6657] netlink: 8 bytes leftover after parsing attributes in process `syz.2.236'. [ 66.340024][ T6033] cdc_mbim 5-1:1.0: failed GET_NTB_PARAMETERS [ 66.342173][ T6033] cdc_mbim 5-1:1.0: bind() failure [ 66.346826][ T6033] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found [ 66.350132][ T6033] cdc_ncm 5-1:1.1: bind() failure [ 66.356110][ T6033] usb 5-1: USB disconnect, device number 3 [ 66.431014][ T6660] netlink: 4 bytes leftover after parsing attributes in process `syz.2.237'. [ 66.482995][ T40] kauditd_printk_skb: 47 callbacks suppressed [ 66.483010][ T40] audit: type=1400 audit(1743401920.917:347): avc: denied { create } for pid=6659 comm="syz.2.237" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 66.493375][ T40] audit: type=1400 audit(1743401920.927:348): avc: denied { write } for pid=6659 comm="syz.2.237" path="socket:[14238]" dev="sockfs" ino=14238 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 66.502741][ T40] audit: type=1400 audit(1743401920.927:349): avc: denied { nlmsg_read } for pid=6659 comm="syz.2.237" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 66.541487][ T6666] mac80211_hwsim hwsim7 wlan1: entered allmulticast mode [ 66.546711][ T6666] netlink: 'syz.2.239': attribute type 10 has an invalid length. [ 66.556965][ T6666] mac80211_hwsim hwsim7 wlan1: left allmulticast mode [ 66.563417][ T6666] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 66.566741][ T40] audit: type=1400 audit(1743401921.007:350): avc: denied { search } for pid=5336 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 66.878171][ T6682] netlink: 'syz.0.246': attribute type 1 has an invalid length. [ 66.897221][ T6684] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 66.903222][ T6682] 8021q: adding VLAN 0 to HW filter on device bond1 [ 66.984234][ T34] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 67.074557][ T6690] kvm: kvm [6689]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000 [ 67.077853][ T6690] kvm: kvm [6689]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000 [ 67.097561][ T6690] kvm: kvm [6689]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x0 [ 67.100200][ T6690] kvm: kvm [6689]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0x4000 [ 67.127181][ T6690] kvm: kvm [6689]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0x4000 [ 67.131267][ T6690] kvm: kvm [6689]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x4000 [ 67.134618][ T34] usb 6-1: Using ep0 maxpacket: 16 [ 67.140409][ T34] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 67.143827][ T34] usb 6-1: config 1 has 0 interfaces, different from the descriptor's value: 1 [ 67.148764][ T34] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 67.152238][ T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 67.155873][ T34] usb 6-1: SerialNumber: syz [ 67.364655][ T34] usb 6-1: USB disconnect, device number 5 [ 67.698765][ T40] audit: type=1400 audit(1743401922.137:351): avc: denied { create } for pid=6699 comm="syz.2.252" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 67.707442][ T40] audit: type=1400 audit(1743401922.137:352): avc: denied { ioctl } for pid=6699 comm="syz.2.252" path="socket:[14277]" dev="sockfs" ino=14277 ioctlcmd=0x89ed scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 67.848454][ T6702] capability: warning: `syz.2.253' uses deprecated v2 capabilities in a way that may be insecure [ 67.881113][ T6702] kvm: kvm [6701]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0x800 [ 68.067702][ T40] audit: type=1400 audit(1743401922.507:353): avc: denied { create } for pid=6716 comm="syz.1.259" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 68.112778][ T6717] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 68.121915][ T6717] picdev_read: 16 callbacks suppressed [ 68.121924][ T6717] kvm: pic: non byte read [ 68.127029][ T6717] pic_ioport_write: 3 callbacks suppressed [ 68.127038][ T6717] kvm: pic: level sensitive irq not supported [ 68.129099][ T6717] kvm: pic: non byte read [ 68.425581][ T40] audit: type=1400 audit(1743401922.857:354): avc: denied { create } for pid=6731 comm="syz.0.262" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 68.427093][ T6732] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 68.455637][ T6729] kvm: kvm [6728]: vcpu0, guest rIP: 0x1bd Unhandled WRMSR(0xc1) = 0x88000040a9 [ 68.468389][ T6729] kvm: kvm [6728]: vcpu0, guest rIP: 0x1bd Unhandled WRMSR(0xc1) = 0x9600004049 [ 68.477019][ T6729] kvm: kvm [6728]: vcpu0, guest rIP: 0x1bd Unhandled WRMSR(0xc1) = 0x9600004059 [ 68.889017][ T40] audit: type=1400 audit(1743401923.327:355): avc: denied { create } for pid=6746 comm="syz.0.268" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 68.915023][ T40] audit: type=1400 audit(1743401923.327:356): avc: denied { accept } for pid=6746 comm="syz.0.268" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 68.921533][ T6747] 8021q: adding VLAN 0 to HW filter on device bond0 [ 68.926423][ T6747] bond0: (slave rose0): Enslaving as an active interface with an up link [ 69.083743][ T6762] netlink: 'syz.2.271': attribute type 1 has an invalid length. [ 69.133307][ T6762] bond2: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 69.146301][ T46] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 69.147333][ T6762] 8021q: adding VLAN 0 to HW filter on device bond2 [ 69.160004][ T6771] netlink: 20 bytes leftover after parsing attributes in process `syz.3.273'. [ 69.170650][ T6762] veth3: entered promiscuous mode [ 69.175495][ T6762] bond2: (slave veth3): Enslaving as a backup interface with a down link [ 69.181692][ T6771] vlan2: entered promiscuous mode [ 69.183163][ T6771] bridge0: entered promiscuous mode [ 69.257337][ T46] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 69.261734][ T6780] netlink: 36 bytes leftover after parsing attributes in process `syz.2.275'. [ 69.266208][ T6780] netlink: 16 bytes leftover after parsing attributes in process `syz.2.275'. [ 69.270306][ T6780] netlink: 36 bytes leftover after parsing attributes in process `syz.2.275'. [ 69.272905][ T6780] netlink: 36 bytes leftover after parsing attributes in process `syz.2.275'. [ 69.894480][ T6814] tipc: Started in network mode [ 69.896491][ T6814] tipc: Node identity fa2b58e6ed79, cluster identity 4711 [ 69.899540][ T6814] tipc: Enabled bearer , priority 0 [ 69.969233][ T6813] tipc: Resetting bearer [ 70.082119][ T6781] dccp_close: ABORT with 32 bytes unread [ 70.957219][ T24] tipc: Node number set to 391272678 [ 71.076509][ T1419] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.079712][ T1419] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.557013][ T6813] tipc: Disabling bearer [ 71.564911][ T40] kauditd_printk_skb: 8 callbacks suppressed [ 71.564921][ T40] audit: type=1400 audit(1743401926.007:365): avc: denied { write } for pid=5336 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 71.573110][ T40] audit: type=1400 audit(1743401926.007:366): avc: denied { remove_name } for pid=5336 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 71.582581][ T40] audit: type=1400 audit(1743401926.007:367): avc: denied { rename } for pid=5336 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 71.589200][ T40] audit: type=1400 audit(1743401926.007:368): avc: denied { add_name } for pid=5336 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 71.597041][ T40] audit: type=1400 audit(1743401926.007:369): avc: denied { unlink } for pid=5336 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 71.603742][ T40] audit: type=1400 audit(1743401926.007:370): avc: denied { create } for pid=5336 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 71.649230][ T6803] Set syz1 is full, maxelem 65536 reached [ 71.684698][ T6829] syz.2.292 uses obsolete (PF_INET,SOCK_PACKET) [ 71.704216][ T40] audit: type=1400 audit(1743401926.137:371): avc: denied { bind } for pid=6831 comm="syz.0.293" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 72.005398][ T40] audit: type=1400 audit(1743401926.447:372): avc: denied { bind } for pid=6833 comm="syz.0.294" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 72.217218][ T40] audit: type=1400 audit(1743401926.657:373): avc: denied { ioctl } for pid=6845 comm="syz.2.297" path="socket:[15899]" dev="sockfs" ino=15899 ioctlcmd=0x89e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 72.274076][ T40] audit: type=1400 audit(1743401926.707:374): avc: denied { write } for pid=6841 comm="syz.0.296" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 72.810541][ T6860] 9pnet_virtio: no channels available for device syz [ 72.875119][ T6868] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 72.894111][ T10] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 73.047117][ T10] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 73.054074][ T10] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 73.067252][ T10] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 73.070519][ T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 73.073342][ T10] usb 6-1: Product: syz [ 73.076989][ T10] usb 6-1: Manufacturer: syz [ 73.078711][ T10] usb 6-1: SerialNumber: syz [ 73.172612][ T6886] 9pnet_virtio: no channels available for device syz [ 73.296603][ T6850] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 73.305015][ T6893] sr 2:0:0:0: [sr0] CDROM not ready. Make sure there is a disc in the drive. [ 73.345207][ T6901] 9pnet_virtio: no channels available for device syz [ 73.504491][ T6909] warning: `syz.2.328' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 73.903123][ T6850] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 74.108151][ T10] cdc_mbim 6-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 74.109991][ T10] cdc_mbim 6-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048 [ 74.112122][ T10] cdc_mbim 6-1:1.0: setting rx_max = 2048 [ 74.309834][ T10] cdc_mbim 6-1:1.0: setting tx_max = 184 [ 74.312547][ T10] cdc_mbim 6-1:1.0: cdc-wdm0: USB WDM device [ 74.318755][ T10] wwan wwan0: port wwan0mbim0 attached [ 74.326751][ T10] cdc_mbim 6-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.1-1, CDC MBIM, 42:42:42:42:42:42 [ 74.477566][ T5654] 8021q: adding VLAN 0 to HW filter on device wwan0 [ 74.511713][ C0] cdc_mbim 6-1:1.0: nonzero urb status received: -71 [ 74.514021][ C0] cdc_mbim 6-1:1.0: wdm_int_callback - 0 bytes [ 74.516557][ C0] cdc_mbim 6-1:1.0: nonzero urb status received: -71 [ 74.519058][ C0] cdc_mbim 6-1:1.0: wdm_int_callback - 0 bytes [ 74.521582][ C0] cdc_mbim 6-1:1.0: nonzero urb status received: -71 [ 74.524115][ C0] cdc_mbim 6-1:1.0: wdm_int_callback - 0 bytes [ 74.527560][ C0] cdc_mbim 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -1 [ 74.531397][ T1466] usb 6-1: USB disconnect, device number 6 [ 74.533423][ T1466] cdc_mbim 6-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.1-1, CDC MBIM [ 74.574110][ T6033] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 74.609397][ T1466] wwan wwan0: port wwan0mbim0 disconnected [ 74.724137][ T6033] usb 8-1: Using ep0 maxpacket: 32 [ 74.727594][ T6033] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 102, changing to 10 [ 74.731669][ T6033] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24624, setting to 1024 [ 74.736103][ T6033] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 74.742781][ T6033] usb 8-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 74.746628][ T6033] usb 8-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 74.754165][ T6033] usb 8-1: Product: syz [ 74.755666][ T6033] usb 8-1: Manufacturer: syz [ 74.757340][ T6033] usb 8-1: SerialNumber: syz [ 74.764502][ T6033] input: appletouch as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:1.0/input/input6 [ 74.968095][ T1466] usb 8-1: USB disconnect, device number 2 [ 74.978546][ T1466] appletouch 8-1:1.0: input: appletouch disconnected [ 75.206656][ T6991] netlink: 20 bytes leftover after parsing attributes in process `syz.2.352'. [ 75.306441][ T5940] sr 2:0:0:0: [sr0] CDROM not ready. Make sure there is a disc in the drive. [ 75.484970][ T5940] sr 2:0:0:0: [sr0] CDROM not ready. Make sure there is a disc in the drive. [ 75.673679][ T7023] ip6t_REJECT: ECHOREPLY is not supported [ 75.906108][ T6003] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 76.016880][ T7026] 9pnet: Unknown protocol version 9 [ 76.054492][ T6003] usb 7-1: Using ep0 maxpacket: 16 [ 76.057213][ T6003] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 76.060397][ T6003] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 76.063460][ T6003] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 76.067084][ T6003] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 76.070594][ T6003] usb 7-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00 [ 76.073130][ T6003] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 76.077742][ T6003] usb 7-1: config 0 descriptor?? [ 76.080244][ T7021] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 76.084193][ T6003] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input7 [ 76.286200][ T6003] usb 7-1: USB disconnect, device number 3 [ 76.554426][ T1466] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 76.719557][ T40] kauditd_printk_skb: 17 callbacks suppressed [ 76.719568][ T40] audit: type=1400 audit(1743401931.157:392): avc: denied { name_bind } for pid=7036 comm="syz.3.372" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 76.725580][ T1466] usb 5-1: config index 0 descriptor too short (expected 23569, got 27) [ 76.729677][ T1466] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 76.733169][ T1466] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 76.736243][ T1466] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 76.739231][ T1466] usb 5-1: Manufacturer: syz [ 76.743211][ T1466] usb 5-1: config 0 descriptor?? [ 76.784169][ T1466] rc_core: IR keymap rc-hauppauge not found [ 76.785886][ T1466] Registered IR keymap rc-empty [ 76.789090][ T1466] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0 [ 76.792836][ T1466] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0/input8 [ 76.938533][ T7060] input: syz0 as /devices/virtual/input/input9 [ 76.954515][ T1466] usb 5-1: USB disconnect, device number 4 [ 77.045162][ T40] audit: type=1400 audit(1743401931.487:393): avc: denied { create } for pid=7073 comm="syz.3.386" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 77.324106][ T6033] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 77.345175][ T10] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 77.474426][ T6033] usb 6-1: Using ep0 maxpacket: 8 [ 77.481361][ T6033] usb 6-1: config 0 has an invalid interface number: 186 but max is 0 [ 77.484866][ T6033] usb 6-1: config 0 has no interface number 0 [ 77.487365][ T6033] usb 6-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 77.491684][ T6033] usb 6-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A [ 77.497338][ T6033] usb 6-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 77.505531][ T6033] usb 6-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3 [ 77.513209][ T6033] usb 6-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5 [ 77.517181][ T6033] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 77.520232][ T6033] usb 6-1: Product: syz [ 77.521885][ T6033] usb 6-1: Manufacturer: syz [ 77.523728][ T6033] usb 6-1: SerialNumber: syz [ 77.530088][ T6033] usb 6-1: config 0 descriptor?? [ 77.534367][ T10] usb 8-1: Using ep0 maxpacket: 8 [ 77.539725][ T10] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 77.544277][ T10] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 77.547915][ T10] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 77.551531][ T10] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 77.557214][ T10] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 77.560652][ T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 77.744530][ T6033] iowarrior 6-1:0.186: IOWarrior product=0x1505, serial=42424242 interface=186 now attached to iowarrior0 [ 77.772946][ T10] usb 8-1: GET_CAPABILITIES returned 0 [ 77.775086][ T10] usbtmc 8-1:16.0: can't read capabilities [ 77.851025][ T40] audit: type=1400 audit(1743401932.287:394): avc: denied { map } for pid=7102 comm="syz.0.400" path="/dev/dri/card0" dev="devtmpfs" ino=635 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 77.859725][ T40] audit: type=1400 audit(1743401932.287:395): avc: denied { execute } for pid=7102 comm="syz.0.400" path="/dev/dri/card0" dev="devtmpfs" ino=635 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 77.941590][ T40] audit: type=1400 audit(1743401932.377:396): avc: denied { write } for pid=7077 comm="syz.1.388" name="iowarrior0" dev="devtmpfs" ino=2851 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 77.946661][ T6033] usb 6-1: USB disconnect, device number 7 [ 77.976345][ T6003] usb 8-1: USB disconnect, device number 3 [ 78.118978][ T40] audit: type=1400 audit(1743401932.557:397): avc: denied { ioctl } for pid=7112 comm="syz.2.404" path="socket:[15297]" dev="sockfs" ino=15297 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 78.159638][ T7115] loop2: detected capacity change from 0 to 7 [ 78.164122][ T7115] Dev loop2: unable to read RDB block 7 [ 78.165826][ T7115] loop2: AHDI p1 p3 [ 78.167084][ T7115] loop2: partition table partially beyond EOD, truncated [ 78.199023][ T7117] Bluetooth: MGMT ver 1.23 [ 78.595933][ T7127] syzkaller1: entered promiscuous mode [ 78.597613][ T7127] syzkaller1: entered allmulticast mode [ 78.730884][ T40] audit: type=1400 audit(1743401933.167:398): avc: denied { associate } for pid=7133 comm="syz.3.414" name="pids.current" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 78.782855][ T7136] tipc: Enabled bearer , priority 0 [ 78.847744][ T40] audit: type=1400 audit(1743401933.287:399): avc: denied { connect } for pid=7142 comm="syz.1.419" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 78.852995][ T40] audit: type=1400 audit(1743401933.287:400): avc: denied { bind } for pid=7142 comm="syz.1.419" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 78.858577][ T40] audit: type=1400 audit(1743401933.287:401): avc: denied { write } for pid=7142 comm="syz.1.419" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 79.043480][ T7169] netlink: 8 bytes leftover after parsing attributes in process `syz.3.431'. [ 79.047938][ T7169] netlink: 12 bytes leftover after parsing attributes in process `syz.3.431'. [ 79.051383][ T7169] netlink: 8 bytes leftover after parsing attributes in process `syz.3.431'. [ 79.214174][ T6033] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 79.374083][ T6033] usb 5-1: Using ep0 maxpacket: 8 [ 79.377080][ T6033] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 79.379436][ T6033] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 79.382095][ T6033] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 79.386492][ T6033] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 79.390130][ T6033] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 79.395491][ T6033] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 79.398938][ T6033] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 79.608589][ T6033] usb 5-1: usb_control_msg returned -32 [ 79.610250][ T6033] usbtmc 5-1:16.0: can't read capabilities [ 79.963684][ T7183] usbtmc 5-1:16.0: control status returned 0 [ 80.165913][ T10] usb 5-1: USB disconnect, device number 5 [ 80.784103][ T6003] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 80.801189][ T7220] syzkaller1: entered promiscuous mode [ 80.803362][ T7220] syzkaller1: entered allmulticast mode [ 80.934214][ T6003] usb 6-1: Using ep0 maxpacket: 32 [ 80.944285][ T6003] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 80.950083][ T6003] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 80.953583][ T6003] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 80.956756][ T6003] usb 6-1: Product: syz [ 80.958344][ T6003] usb 6-1: Manufacturer: syz [ 80.960097][ T6003] usb 6-1: SerialNumber: syz [ 80.964510][ T6003] usb 6-1: config 0 descriptor?? [ 80.968375][ T7213] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 81.073055][ T7235] netlink: 'syz.2.458': attribute type 1 has an invalid length. [ 81.103728][ T7235] 8021q: adding VLAN 0 to HW filter on device bond4 [ 81.110391][ T7235] bond3: (slave bond4): making interface the new active one [ 81.113063][ T7235] bond3: (slave bond4): Enslaving as an active interface with an up link [ 81.119486][ T7238] 9pnet_virtio: no channels available for device syz [ 81.134325][ T7235] bond3: (slave gretap1): Enslaving as a backup interface with an up link [ 81.145046][ T7235] netlink: 28 bytes leftover after parsing attributes in process `syz.2.458'. [ 81.149863][ T7235] 8021q: adding VLAN 0 to HW filter on device bond3 [ 81.228974][ T6003] usb 6-1: USB disconnect, device number 8 [ 81.231837][ T7253] 9pnet_virtio: no channels available for device syz [ 81.315960][ T63] cfg80211: failed to load regulatory.db [ 81.347512][ T7262] team0: No ports can be present during mode change [ 81.416078][ T7268] netlink: 8 bytes leftover after parsing attributes in process `syz.2.472'. [ 81.704209][ T6033] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 81.801165][ T40] kauditd_printk_skb: 13 callbacks suppressed [ 81.801175][ T40] audit: type=1400 audit(1743401936.237:415): avc: denied { setopt } for pid=7285 comm="syz.1.480" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 81.865698][ T6033] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 81.876427][ T6033] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 81.879929][ T6033] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 81.885756][ T6033] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 81.888963][ T6033] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 81.893944][ T6033] usb 5-1: config 0 descriptor?? [ 81.913354][ T7291] netlink: 16 bytes leftover after parsing attributes in process `syz.1.482'. [ 81.917339][ T7291] team0: No ports can be present during mode change [ 81.948523][ T7295] netlink: 'syz.1.484': attribute type 1 has an invalid length. [ 81.979822][ T7295] 8021q: adding VLAN 0 to HW filter on device bond2 [ 81.983912][ T7295] bond1: (slave bond2): making interface the new active one [ 81.986993][ T7295] bond1: (slave bond2): Enslaving as an active interface with an up link [ 82.026118][ T7299] netlink: 28 bytes leftover after parsing attributes in process `syz.1.485'. [ 82.108344][ T7303] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input10 [ 82.164136][ T5945] usb 7-1: new full-speed USB device number 4 using dummy_hcd [ 82.165892][ T40] audit: type=1400 audit(1743401936.607:416): avc: denied { connect } for pid=7305 comm="syz.1.488" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 82.283269][ T40] audit: type=1400 audit(1743401936.717:417): avc: denied { write } for pid=7312 comm="syz.3.491" name="ip_mr_cache" dev="proc" ino=4026533192 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 82.318570][ T6033] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving [ 82.322492][ T5945] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 82.326328][ T6033] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 82.326852][ T5945] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 82.335912][ T5945] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 82.339218][ T5945] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 82.455933][ T7328] 9pnet: Unknown protocol version 9p200 [ 82.553598][ T5945] usb 7-1: GET_CAPABILITIES returned 0 [ 82.556721][ T5945] usbtmc 7-1:16.0: can't read capabilities [ 82.576642][ T34] usb 5-1: USB disconnect, device number 6 [ 82.756730][ T6003] usb 7-1: USB disconnect, device number 4 [ 83.001188][ T7362] netlink: 'syz.1.509': attribute type 1 has an invalid length. [ 83.033089][ T7362] 8021q: adding VLAN 0 to HW filter on device bond4 [ 83.038492][ T7362] bond3: (slave bond4): making interface the new active one [ 83.041741][ T7362] bond3: (slave bond4): Enslaving as an active interface with an up link [ 83.136860][ T7370] netlink: 8 bytes leftover after parsing attributes in process `syz.1.512'. [ 83.401074][ T7387] netlink: 'syz.3.519': attribute type 1 has an invalid length. [ 83.426656][ T7387] 8021q: adding VLAN 0 to HW filter on device bond2 [ 83.429948][ T7387] bond1: (slave bond2): making interface the new active one [ 83.432248][ T7387] bond1: (slave bond2): Enslaving as an active interface with an up link [ 83.542377][ T7397] netlink: 188 bytes leftover after parsing attributes in process `syz.3.523'. [ 83.545313][ T7397] netlink: 'syz.3.523': attribute type 1 has an invalid length. [ 83.588713][ T7399] loop2: detected capacity change from 0 to 7 [ 83.591910][ T7399] Dev loop2: unable to read RDB block 7 [ 83.594177][ T7399] loop2: unable to read partition table [ 83.596580][ T7399] loop2: partition table beyond EOD, truncated [ 83.598958][ T7399] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 83.855052][ T40] audit: type=1400 audit(1743401938.297:418): avc: denied { read } for pid=7410 comm="syz.3.529" path="socket:[19078]" dev="sockfs" ino=19078 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 83.924232][ T6003] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 84.074145][ T6003] usb 7-1: Using ep0 maxpacket: 32 [ 84.083063][ T6003] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 84.088151][ T6003] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 84.091844][ T6003] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 84.097338][ T6003] usb 7-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00 [ 84.100783][ T6003] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 84.110713][ T6003] usb 7-1: config 0 descriptor?? [ 84.279802][ T7422] 9pnet_virtio: no channels available for device syz [ 84.533936][ T6003] input: HID 0458:5011 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:0458:5011.0003/input/input12 [ 84.599303][ T6003] input: HID 0458:5011 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:0458:5011.0003/input/input13 [ 84.606685][ T6003] kye 0003:0458:5011.0003: input,hiddev0,hidraw0: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.2-1/input0 [ 85.576946][ C2] kye 0003:0458:5011.0003: usb_submit_urb(ctrl) failed: -1 [ 85.724218][ T1466] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 85.876101][ T1466] usb 5-1: Using ep0 maxpacket: 8 [ 85.879476][ T1466] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 85.883326][ T1466] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 85.887523][ T1466] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 85.891340][ T1466] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 85.898595][ T1466] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 85.902122][ T1466] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 86.007773][ T7476] netlink: 1752 bytes leftover after parsing attributes in process `syz.3.553'. [ 86.122431][ T1466] usb 5-1: GET_CAPABILITIES returned 0 [ 86.134159][ T1466] usbtmc 5-1:16.0: can't read capabilities [ 86.145222][ T7486] netlink: 'syz.2.556': attribute type 1 has an invalid length. [ 86.241817][ T40] audit: type=1400 audit(1743401940.677:419): avc: denied { ioctl } for pid=7493 comm="syz.3.559" path="socket:[21007]" dev="sockfs" ino=21007 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 86.376516][ T10] usb 5-1: USB disconnect, device number 7 [ 86.427357][ T7501] block nbd2: shutting down sockets [ 86.459050][ T5945] usb 7-1: USB disconnect, device number 5 [ 86.524221][ T65] usb 8-1: new full-speed USB device number 4 using dummy_hcd [ 86.699190][ T65] usb 8-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 86.702366][ T65] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 86.705364][ T65] usb 8-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 86.708824][ T65] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 86.711950][ T65] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 86.717174][ T65] usbtmc 8-1:16.0: bulk endpoints not found [ 86.826415][ T40] audit: type=1400 audit(1743401941.267:420): avc: denied { write } for pid=7518 comm="syz.1.565" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 86.923994][ T40] audit: type=1400 audit(1743401941.357:421): avc: denied { append } for pid=7526 comm="syz.1.569" name="nbd1" dev="devtmpfs" ino=691 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 87.054293][ T7530] nbd1: detected capacity change from 0 to 67125268 [ 87.061700][ T5940] block nbd1: Send control failed (result -89) [ 87.067869][ T5940] block nbd1: Request send failed, requeueing [ 87.072274][ T5956] block nbd1: Receive control failed (result -32) [ 87.076551][ T1309] block nbd1: Dead connection, failed to find a fallback [ 87.079747][ T1309] block nbd1: shutting down sockets [ 87.081795][ T1309] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 87.085393][ T1309] Buffer I/O error on dev nbd1, logical block 0, async page read [ 87.088121][ T5940] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 87.090787][ T5940] Buffer I/O error on dev nbd1, logical block 0, async page read [ 87.093168][ T5940] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 87.095840][ T5940] Buffer I/O error on dev nbd1, logical block 0, async page read [ 87.098886][ T5940] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 87.102118][ T5940] Buffer I/O error on dev nbd1, logical block 0, async page read [ 87.105948][ T5940] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 87.109401][ T5940] Buffer I/O error on dev nbd1, logical block 0, async page read [ 87.112469][ T5940] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 87.116237][ T5940] Buffer I/O error on dev nbd1, logical block 0, async page read [ 87.120224][ T5940] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 87.123689][ T5940] Buffer I/O error on dev nbd1, logical block 0, async page read [ 87.127141][ T5940] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 87.130609][ T5940] Buffer I/O error on dev nbd1, logical block 0, async page read [ 87.132954][ T5940] ldm_validate_partition_table(): Disk read failed. [ 87.135119][ T5940] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 87.137597][ T5940] Buffer I/O error on dev nbd1, logical block 0, async page read [ 87.139827][ T5940] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 87.142318][ T5940] Buffer I/O error on dev nbd1, logical block 0, async page read [ 87.145096][ T5940] Dev nbd1: unable to read RDB block 0 [ 87.147219][ T5940] nbd1: unable to read partition table [ 87.153806][ T5940] ldm_validate_partition_table(): Disk read failed. [ 87.156708][ T5940] Dev nbd1: unable to read RDB block 0 [ 87.158469][ T5940] nbd1: unable to read partition table [ 87.185038][ T7534] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 87.314814][ T7542] netlink: 4 bytes leftover after parsing attributes in process `syz.0.573'. [ 87.384405][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 87.457762][ T7545] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.574'. [ 87.942176][ T40] audit: type=1400 audit(1743401942.377:422): avc: denied { read } for pid=7552 comm="syz.1.578" name="file0" dev="fuse" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 87.950191][ T40] audit: type=1400 audit(1743401942.377:423): avc: denied { open } for pid=7552 comm="syz.1.578" path="/148/file0/file0" dev="fuse" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 87.952056][ T7554] block device autoloading is deprecated and will be removed. [ 87.965671][ T40] audit: type=1400 audit(1743401942.407:424): avc: denied { ioctl } for pid=7552 comm="syz.1.578" path="/148/file0/file0" dev="fuse" ino=4 ioctlcmd=0x923 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 88.115662][ T63] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 88.156294][ T7563] 9pnet_virtio: no channels available for device syz [ 88.250865][ T7565] netlink: 'syz.1.584': attribute type 1 has an invalid length. [ 88.277132][ T63] usb 7-1: Using ep0 maxpacket: 8 [ 88.284991][ T63] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 88.288137][ T63] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 88.291223][ T63] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 88.308208][ T63] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 88.313016][ T63] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 88.316776][ T63] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 88.376738][ T7571] syzkaller0: entered promiscuous mode [ 88.378722][ T7571] syzkaller0: entered allmulticast mode [ 88.529984][ T63] usb 7-1: GET_CAPABILITIES returned 0 [ 88.532400][ T63] usbtmc 7-1:16.0: can't read capabilities [ 88.738432][ C2] usbtmc 7-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 88.741302][ T7551] usbtmc 7-1:16.0: Unable to send data, error -14 [ 88.750721][ T6003] usb 7-1: USB disconnect, device number 6 [ 89.290019][ T10] usb 8-1: USB disconnect, device number 4 [ 89.332343][ T40] audit: type=1400 audit(1743401943.767:425): avc: denied { read write } for pid=7582 comm="syz.2.591" name="uhid" dev="devtmpfs" ino=1296 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 89.340135][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.350597][ T40] audit: type=1400 audit(1743401943.767:426): avc: denied { open } for pid=7582 comm="syz.2.591" path="/dev/uhid" dev="devtmpfs" ino=1296 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 89.350817][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.362166][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.364465][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.366567][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.368683][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.370837][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.373076][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.373373][ T40] audit: type=1400 audit(1743401943.807:427): avc: denied { write } for pid=7580 comm="syz.3.590" name="file0" dev="fuse" ino=6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 89.376120][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.383725][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.386220][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.388879][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.391146][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.399390][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.401618][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.403789][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.406279][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.408454][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.410951][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.413144][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.415543][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.417861][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.420020][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.422171][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.425898][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.428188][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.430643][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.433309][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.437037][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.440292][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.443493][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.446832][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.450149][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.453133][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.459737][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.462277][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.465527][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.468104][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.470174][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.472525][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.475199][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.480490][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.483157][ T63] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 89.496813][ T5956] Bluetooth: hci2: Malformed MSFT vendor event: 0x02 [ 89.498342][ T63] hid-generic 0000:007F:FFFFFFFE.0004: hidraw0: HID v0.00 Device [syz1] on syz0 [ 89.800189][ T40] audit: type=1400 audit(1743401944.237:428): avc: denied { read } for pid=7627 comm="syz.0.609" name="nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 89.809278][ T40] audit: type=1400 audit(1743401944.237:429): avc: denied { open } for pid=7627 comm="syz.0.609" path="/dev/nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 89.825930][ T7626] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 90.427596][ T7655] kvm: user requested TSC rate below hardware speed [ 90.845002][ T7676] bond3 (unregistering): Released all slaves [ 91.187568][ T7692] bridge0: port 3(syz_tun) entered blocking state [ 91.190309][ T7692] bridge0: port 3(syz_tun) entered disabled state [ 91.193192][ T7692] syz_tun: entered allmulticast mode [ 91.202375][ T7692] syz_tun: entered promiscuous mode [ 91.205465][ T7692] bridge0: port 3(syz_tun) entered blocking state [ 91.208048][ T7692] bridge0: port 3(syz_tun) entered forwarding state [ 91.596751][ T7703] netlink: 'syz.2.637': attribute type 1 has an invalid length. [ 91.641979][ T7703] 8021q: adding VLAN 0 to HW filter on device bond7 [ 91.644960][ T7703] bond6: (slave bond7): making interface the new active one [ 91.647229][ T7703] bond6: (slave bond7): Enslaving as an active interface with an up link [ 91.651629][ T7703] netlink: 28 bytes leftover after parsing attributes in process `syz.2.637'. [ 91.655361][ T7703] 8021q: adding VLAN 0 to HW filter on device bond6 [ 91.903705][ T7720] netlink: 'syz.1.644': attribute type 1 has an invalid length. [ 91.963766][ T7726] netlink: 'syz.1.646': attribute type 1 has an invalid length. [ 92.004775][ T7726] 8021q: adding VLAN 0 to HW filter on device bond10 [ 92.008922][ T7726] bond9: (slave bond10): making interface the new active one [ 92.012109][ T7726] bond9: (slave bond10): Enslaving as an active interface with an up link [ 92.018391][ T7726] netlink: 28 bytes leftover after parsing attributes in process `syz.1.646'. [ 92.023509][ T7726] 8021q: adding VLAN 0 to HW filter on device bond9 [ 92.109003][ T7734] netlink: 20 bytes leftover after parsing attributes in process `syz.3.649'. [ 92.444848][ T7745] 9pnet_virtio: no channels available for device syz [ 92.581295][ T7750] 9pnet_virtio: no channels available for device syz [ 94.363561][ T7781] kvm: emulating exchange as write [ 94.480355][ T40] kauditd_printk_skb: 5 callbacks suppressed [ 94.480367][ T40] audit: type=1400 audit(1743401948.917:435): avc: denied { mounton } for pid=7785 comm="syz.2.669" path="/185/file0" dev="tmpfs" ino=1047 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1 [ 94.553111][ T7788] 9pnet_virtio: no channels available for device syz [ 94.569233][ T40] audit: type=1400 audit(1743401949.007:436): avc: denied { module_request } for pid=7787 comm="syz.3.670" kmod="netdev-wlan0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 94.659147][ T7802] 9pnet_virtio: no channels available for device syz [ 94.788068][ T40] audit: type=1400 audit(1743401949.227:437): avc: denied { create } for pid=7812 comm="syz.3.678" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 94.793868][ T40] audit: type=1400 audit(1743401949.227:438): avc: denied { bind } for pid=7812 comm="syz.3.678" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 95.134226][ T57] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 95.286108][ T57] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 95.289378][ T57] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 95.293116][ T57] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 95.296740][ T57] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 95.300774][ T57] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 95.306513][ T57] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 95.309821][ T57] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 95.312736][ T57] usb 8-1: Product: syz [ 95.314444][ T57] usb 8-1: Manufacturer: syz [ 95.320386][ T57] cdc_wdm 8-1:1.0: skipping garbage [ 95.322356][ T57] cdc_wdm 8-1:1.0: skipping garbage [ 95.325753][ T57] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device [ 95.327868][ T57] cdc_wdm 8-1:1.0: Unknown control protocol [ 95.573558][ C1] cdc_wdm 8-1:1.0: nonzero urb status received: -71 [ 95.575368][ C1] cdc_wdm 8-1:1.0: wdm_int_callback - 0 bytes [ 95.577351][ C1] cdc_wdm 8-1:1.0: nonzero urb status received: -71 [ 95.579252][ C1] cdc_wdm 8-1:1.0: wdm_int_callback - 0 bytes [ 95.581136][ C1] cdc_wdm 8-1:1.0: nonzero urb status received: -71 [ 95.583367][ C1] cdc_wdm 8-1:1.0: wdm_int_callback - 0 bytes [ 95.585052][ C1] cdc_wdm 8-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 95.589895][ T1466] usb 8-1: USB disconnect, device number 5 [ 95.698344][ T7854] bond2 (unregistering): Released all slaves [ 95.798657][ T7854] netlink: 28 bytes leftover after parsing attributes in process `syz.0.696'. [ 95.924374][ T40] audit: type=1400 audit(1743401950.357:439): avc: denied { cmd } for pid=7863 comm="syz.2.700" path="/dev/sr0" dev="devtmpfs" ino=726 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:removable_device_t tclass=io_uring permissive=1 [ 95.937248][ T7866] capability: warning: `syz.0.701' uses 32-bit capabilities (legacy support in use) [ 96.182024][ T7868] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 96.327813][ T7877] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 96.332693][ T7877] kvm: user requested TSC rate below hardware speed [ 96.353738][ T7882] bond3 (unregistering): Released all slaves [ 96.448877][ T7882] netlink: 28 bytes leftover after parsing attributes in process `syz.3.707'. [ 96.539321][ T7885] kvm: pic: non byte write [ 96.865204][ T40] audit: type=1400 audit(1743401951.307:440): avc: denied { mount } for pid=7904 comm="syz.1.715" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 97.063849][ T7912] 9pnet_virtio: no channels available for device syz [ 97.383002][ T40] audit: type=1800 audit(1743401951.817:441): pid=7922 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.3.723" name="bus" dev="tmpfs" ino=2 res=0 errno=0 [ 97.427026][ T7925] netlink: 1624 bytes leftover after parsing attributes in process `syz.0.724'. [ 97.804114][ T7936] 9pnet_virtio: no channels available for device syz [ 97.872752][ T7940] 9pnet_virtio: no channels available for device syz [ 98.102659][ T7952] bond3 (unregistering): Released all slaves [ 98.305803][ T7962] Cache volume key already in use (9p,syz,) [ 98.361701][ T7965] netlink: 'syz.0.736': attribute type 1 has an invalid length. [ 98.438915][ T7965] netlink: 28 bytes leftover after parsing attributes in process `syz.0.736'. [ 98.828963][ T40] audit: type=1400 audit(1743401953.267:442): avc: denied { sqpoll } for pid=7982 comm="syz.0.744" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 98.835474][ T40] audit: type=1400 audit(1743401953.267:443): avc: denied { map } for pid=7982 comm="syz.0.744" path="pipe:[6610]" dev="pipefs" ino=6610 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 99.558608][ T8005] syzkaller1: entered promiscuous mode [ 99.560666][ T8005] syzkaller1: entered allmulticast mode [ 100.563280][ T8039] 9pnet_virtio: no channels available for device syz [ 100.885100][ T40] audit: type=1400 audit(1743401955.327:444): avc: denied { execute_no_trans } for pid=8048 comm="syz.0.772" path="/172/file1" dev="tmpfs" ino=985 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 100.949213][ T40] audit: type=1400 audit(1743401955.387:445): avc: denied { allowed } for pid=8053 comm="syz.2.771" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 100.967149][ T8052] 9pnet_fd: p9_fd_create_tcp (8052): problem connecting socket to 127.0.0.1 [ 101.022686][ T40] audit: type=1400 audit(1743401955.457:446): avc: denied { create } for pid=8059 comm="syz.0.776" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 101.034098][ T40] audit: type=1400 audit(1743401955.457:447): avc: denied { write } for pid=8059 comm="syz.0.776" path="socket:[25060]" dev="sockfs" ino=25060 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 101.040800][ T40] audit: type=1400 audit(1743401955.457:448): avc: denied { nlmsg_read } for pid=8059 comm="syz.0.776" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 101.342660][ T40] audit: type=1400 audit(1743401955.777:449): avc: denied { read } for pid=8077 comm="syz.1.782" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1 [ 101.349894][ T40] audit: type=1400 audit(1743401955.777:450): avc: denied { open } for pid=8077 comm="syz.1.782" path="/187/file0/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1 [ 101.350391][ T8078] orangefs_devreq_open: device cannot be opened in blocking mode [ 101.358577][ T40] audit: type=1400 audit(1743401955.787:451): avc: denied { write } for pid=8077 comm="syz.1.782" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1 [ 101.361416][ T8078] orangefs_devreq_open: device cannot be opened in blocking mode [ 101.503905][ T40] audit: type=1400 audit(1743401955.937:452): avc: denied { rename } for pid=8079 comm="syz.3.783" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1 [ 101.524389][ T40] audit: type=1800 audit(1743401955.957:453): pid=8091 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.2.787" name="bus" dev="overlay" ino=1201 res=0 errno=0 [ 101.640902][ T8098] tipc: Started in network mode [ 101.642883][ T8098] tipc: Node identity 62eaec4732a5, cluster identity 4711 [ 101.645993][ T8098] tipc: Enabled bearer , priority 0 [ 101.658949][ T8096] tipc: Resetting bearer [ 101.816703][ T8107] 9pnet_virtio: no channels available for device syz [ 102.612629][ T8096] tipc: Disabling bearer [ 102.968389][ T8147] bond11 (unregistering): Released all slaves [ 103.202544][ T8164] block device autoloading is deprecated and will be removed. [ 103.206716][ T8168] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 103.209605][ T8168] overlayfs: failed to set xattr on upper [ 103.211962][ T8168] overlayfs: ...falling back to redirect_dir=nofollow. [ 103.213893][ T8168] overlayfs: ...falling back to index=off. [ 103.216461][ T8168] overlayfs: ...falling back to uuid=null. [ 103.363532][ T8179] bond3 (unregistering): Released all slaves [ 103.954226][ T2300] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 104.083200][ T8204] netlink: 'syz.1.829': attribute type 1 has an invalid length. [ 104.112220][ T8204] 8021q: adding VLAN 0 to HW filter on device bond12 [ 104.115486][ T2300] usb 7-1: Using ep0 maxpacket: 8 [ 104.119191][ T2300] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 104.123107][ T2300] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 104.125875][ T8204] bond11: (slave bond12): making interface the new active one [ 104.126736][ T2300] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 104.128937][ T8204] bond11: (slave bond12): Enslaving as an active interface with an up link [ 104.132408][ T2300] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 104.132455][ T2300] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 104.143573][ T2300] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 104.146403][ T8204] netlink: 28 bytes leftover after parsing attributes in process `syz.1.829'. [ 104.150747][ T8204] 8021q: adding VLAN 0 to HW filter on device bond11 [ 104.354930][ T2300] usb 7-1: usb_control_msg returned -32 [ 104.356986][ T2300] usbtmc 7-1:16.0: can't read capabilities [ 104.788322][ T8232] Set syz0 is full, maxelem 0 reached [ 104.825300][ T5295] Bluetooth: hci1: command 0x0406 tx timeout [ 104.847793][ T5956] Bluetooth: Frame is too long (len 16, expected len 4) [ 104.857907][ T8235] kvm_pr_unimpl_wrmsr: 9 callbacks suppressed [ 104.857919][ T8235] kvm: kvm [8234]: vcpu0, guest rIP: 0x1a3 Unhandled WRMSR(0x11e) = 0xbe70a111 [ 104.912451][ T24] usb 7-1: USB disconnect, device number 7 [ 105.017474][ T8238] netlink: 'syz.0.841': attribute type 1 has an invalid length. [ 105.053042][ T8238] 8021q: adding VLAN 0 to HW filter on device bond4 [ 105.057527][ T8238] bond3: (slave bond4): making interface the new active one [ 105.060507][ T8238] bond3: (slave bond4): Enslaving as an active interface with an up link [ 105.073938][ T8238] netlink: 28 bytes leftover after parsing attributes in process `syz.0.841'. [ 105.079050][ T8238] 8021q: adding VLAN 0 to HW filter on device bond3 [ 105.456307][ T8248] netlink: 'syz.2.844': attribute type 72 has an invalid length. [ 105.691436][ T8263] netlink: 'syz.2.850': attribute type 1 has an invalid length. [ 105.720292][ T8263] 8021q: adding VLAN 0 to HW filter on device bond9 [ 105.726867][ T8263] bond8: (slave bond9): making interface the new active one [ 105.729285][ T8263] bond8: (slave bond9): Enslaving as an active interface with an up link [ 105.734495][ T8263] netlink: 28 bytes leftover after parsing attributes in process `syz.2.850'. [ 105.740494][ T8263] 8021q: adding VLAN 0 to HW filter on device bond8 [ 106.344808][ T5956] Bluetooth: hci4: command 0x1003 tx timeout [ 106.347373][ T5944] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 106.924698][ T63] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 107.216082][ T8295] netlink: 'syz.0.855': attribute type 72 has an invalid length. [ 107.256722][ T40] kauditd_printk_skb: 6 callbacks suppressed [ 107.256731][ T40] audit: type=1400 audit(1743401961.697:460): avc: denied { create } for pid=8296 comm="syz.0.856" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 107.265766][ T40] audit: type=1400 audit(1743401961.707:461): avc: denied { ioctl } for pid=8296 comm="syz.0.856" path="/dev/autofs" dev="devtmpfs" ino=104 ioctlcmd=0x9379 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 107.366535][ T8300] 9pnet_virtio: no channels available for device syz [ 107.695324][ T8307] md2: using deprecated bitmap file support [ 107.697668][ T8307] md2: error: bitmap file must be a regular file [ 107.767658][ T8313] tipc: Enabling of bearer rejected, failed to enable media [ 109.208778][ T40] audit: type=1400 audit(1743401963.647:462): avc: denied { sys_chroot } for pid=8314 comm="dhcpcd" capability=18 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1 [ 109.216641][ T40] audit: type=1400 audit(1743401963.647:463): avc: denied { setgid } for pid=8314 comm="dhcpcd" capability=6 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1 [ 109.224398][ T40] audit: type=1400 audit(1743401963.647:464): avc: denied { setrlimit } for pid=8314 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=process permissive=1 [ 117.567137][ T8329] sr 2:0:0:0: [sr0] CDROM not ready. Make sure there is a disc in the drive. [ 117.623443][ T8336] kvm: kvm [8333]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000 [ 117.639040][ T8336] kvm: kvm [8333]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000 [ 117.652727][ T8336] kvm: kvm [8333]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000 [ 117.667920][ T8336] kvm: kvm [8333]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000 [ 117.682143][ T8336] kvm: kvm [8333]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000 [ 117.695201][ T8336] kvm: kvm [8333]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000 [ 117.708284][ T8336] kvm: kvm [8333]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000 [ 117.722779][ T8336] kvm: kvm [8333]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000 [ 117.737137][ T8336] kvm: kvm [8333]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000 [ 117.751090][ T8336] kvm: kvm [8333]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000 [ 117.821876][ T8352] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9) [ 117.823860][ T8352] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 117.829123][ T8352] vhci_hcd vhci_hcd.0: Device attached [ 117.833718][ T8352] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(11) [ 117.835579][ T8352] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 117.838153][ T8352] vhci_hcd vhci_hcd.0: Device attached [ 117.843048][ T8352] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(13) [ 117.845486][ T8352] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 117.848615][ T8352] vhci_hcd vhci_hcd.0: Device attached [ 117.855781][ T8352] vhci_hcd vhci_hcd.0: pdev(3) rhport(3) sockfd(16) [ 117.858313][ T8352] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 117.861053][ T8352] vhci_hcd vhci_hcd.0: Device attached [ 117.864848][ T8352] vhci_hcd vhci_hcd.0: pdev(3) rhport(4) sockfd(18) [ 117.866648][ T8352] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 117.869254][ T8352] vhci_hcd vhci_hcd.0: Device attached [ 117.872252][ T8352] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 117.876802][ T8352] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 117.882423][ T8352] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 117.898496][ T8352] vhci_hcd vhci_hcd.0: port 0 already used [ 117.917441][ T8359] vhci_hcd: connection closed [ 117.917456][ T8361] vhci_hcd: connection closed [ 117.918790][ T8357] vhci_hcd: connection closed [ 117.920072][ T13] vhci_hcd: stop threads [ 117.920325][ T8355] vhci_hcd: connection closed [ 117.921940][ T13] vhci_hcd: release socket [ 117.923134][ T8353] vhci_hcd: connection closed [ 117.925101][ T13] vhci_hcd: disconnect device [ 117.928773][ T13] vhci_hcd: stop threads [ 117.930019][ T13] vhci_hcd: release socket [ 117.931314][ T13] vhci_hcd: disconnect device [ 117.932828][ T13] vhci_hcd: stop threads [ 117.934212][ T13] vhci_hcd: release socket [ 117.935465][ T13] vhci_hcd: disconnect device [ 117.936877][ T13] vhci_hcd: stop threads [ 117.938082][ T13] vhci_hcd: release socket [ 117.939344][ T13] vhci_hcd: disconnect device [ 117.941437][ T13] vhci_hcd: stop threads [ 117.942654][ T13] vhci_hcd: release socket [ 117.943953][ T13] vhci_hcd: disconnect device [ 118.435397][ T8370] netlink: 'syz.1.872': attribute type 1 has an invalid length. [ 118.457997][ T8373] netlink: 'syz.3.873': attribute type 1 has an invalid length. [ 118.494709][ T8370] 8021q: adding VLAN 0 to HW filter on device bond14 [ 118.498361][ T8370] bond13: (slave bond14): making interface the new active one [ 118.500663][ T8370] bond13: (slave bond14): Enslaving as an active interface with an up link [ 118.520785][ T8373] 8021q: adding VLAN 0 to HW filter on device bond4 [ 118.523287][ T8373] bond3: (slave bond4): making interface the new active one [ 118.525549][ T8373] bond3: (slave bond4): Enslaving as an active interface with an up link [ 118.530120][ T8370] netlink: 28 bytes leftover after parsing attributes in process `syz.1.872'. [ 118.533673][ T8370] 8021q: adding VLAN 0 to HW filter on device bond13 [ 118.541093][ T8373] bond3: (slave gretap1): Enslaving as a backup interface with an up link [ 118.549310][ T8373] netlink: 28 bytes leftover after parsing attributes in process `syz.3.873'. [ 118.581762][ T40] audit: type=1400 audit(1743401973.017:465): avc: denied { write } for pid=8379 comm="syz.3.876" name="urandom" dev="devtmpfs" ino=9 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1 [ 118.614743][ T8384] netlink: 'syz.3.877': attribute type 1 has an invalid length. [ 118.650255][ T8387] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9) [ 118.652257][ T8387] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 118.655186][ T8387] vhci_hcd vhci_hcd.0: Device attached [ 118.662740][ T8387] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(11) [ 118.663944][ T8384] 8021q: adding VLAN 0 to HW filter on device bond6 [ 118.664699][ T8387] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 118.670510][ T8384] bond5: (slave bond6): making interface the new active one [ 118.671840][ T8387] vhci_hcd vhci_hcd.0: Device attached [ 118.672739][ T8384] bond5: (slave bond6): Enslaving as an active interface with an up link [ 118.675810][ T8387] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 118.688804][ T8387] vhci_hcd vhci_hcd.0: pdev(1) rhport(3) sockfd(15) [ 118.691163][ T8387] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 118.693691][ T8387] vhci_hcd vhci_hcd.0: Device attached [ 118.698867][ T8387] vhci_hcd vhci_hcd.0: pdev(1) rhport(4) sockfd(18) [ 118.701358][ T8387] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 118.704421][ T8387] vhci_hcd vhci_hcd.0: Device attached [ 118.712213][ T8387] vhci_hcd vhci_hcd.0: pdev(1) rhport(5) sockfd(20) [ 118.714581][ T8387] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 118.719978][ T8387] vhci_hcd vhci_hcd.0: Device attached [ 118.723835][ T40] audit: type=1400 audit(1743401973.157:466): avc: denied { listen } for pid=8401 comm="syz.3.880" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 118.724648][ T8387] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 118.731561][ T40] audit: type=1400 audit(1743401973.167:467): avc: denied { accept } for pid=8401 comm="syz.3.880" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 118.736166][ T8387] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 118.741583][ T8387] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 118.760206][ T8399] vhci_hcd: connection closed [ 118.760489][ T8395] vhci_hcd: connection closed [ 118.761702][ T8390] vhci_hcd: connection closed [ 118.762230][ T8393] vhci_hcd: connection closed [ 118.763486][ T8397] vhci_hcd: connection closed [ 118.765133][ T13] vhci_hcd: stop threads [ 118.768695][ T13] vhci_hcd: release socket [ 118.770664][ T13] vhci_hcd: disconnect device [ 118.772027][ T13] vhci_hcd: stop threads [ 118.773244][ T13] vhci_hcd: release socket [ 118.774727][ T13] vhci_hcd: disconnect device [ 118.777258][ T13] vhci_hcd: stop threads [ 118.778564][ T13] vhci_hcd: release socket [ 118.780116][ T13] vhci_hcd: disconnect device [ 118.783159][ T13] vhci_hcd: stop threads [ 118.784698][ T13] vhci_hcd: release socket [ 118.786040][ T13] vhci_hcd: disconnect device [ 118.788287][ T13] vhci_hcd: stop threads [ 118.789566][ T13] vhci_hcd: release socket [ 118.790996][ T13] vhci_hcd: disconnect device [ 118.844118][ T2300] vhci_hcd: vhci_device speed not set [ 119.441037][ T40] audit: type=1400 audit(1743401973.877:468): avc: denied { load_policy } for pid=8411 comm="syz.1.884" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 119.441148][ T8412] SELinux: ebitmap: map size 74280818 does not match my size 64 (high bit was 33554432) [ 119.451429][ T8412] SELinux: failed to load policy [ 119.532435][ T8417] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 119.657690][ T8422] netlink: 4 bytes leftover after parsing attributes in process `syz.2.888'. [ 119.761851][ T8429] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 119.762142][ T8425] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 119.780657][ T8425] kvm: pic: level sensitive irq not supported [ 119.781018][ T8425] kvm: pic: non byte read [ 119.786242][ T8425] kvm: pic: level sensitive irq not supported [ 119.786495][ T8425] kvm: pic: non byte read [ 119.796586][ T8425] kvm: pic: level sensitive irq not supported [ 119.797096][ T8425] kvm: pic: non byte read [ 119.802334][ T8425] kvm: pic: level sensitive irq not supported [ 119.802631][ T8425] kvm: pic: non byte read [ 119.807728][ T8425] kvm: pic: level sensitive irq not supported [ 119.808063][ T8425] kvm: pic: non byte read [ 119.812032][ T8425] kvm: pic: level sensitive irq not supported [ 119.812278][ T8425] kvm: pic: non byte read [ 120.000058][ T40] audit: type=1400 audit(1743401974.437:469): avc: denied { create } for pid=8437 comm="syz.1.893" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ipx_socket permissive=1 [ 120.021955][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 120.025475][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 120.041052][ T0] NOHZ tick-stop error: local softirq work is pending, handler #48!!! [ 120.051053][ T8442] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 120.063744][ T8434] infiniband syz1: set active [ 120.068606][ T8434] infiniband syz1: added bond0 [ 120.097559][ T8434] RDS/IB: syz1: added [ 120.099107][ T8434] smc: adding ib device syz1 with port count 1 [ 120.101024][ T8434] smc: ib device syz1 port 1 has pnetid [ 120.172529][ T8449] 9pnet_virtio: no channels available for device syz [ 120.210692][ T40] audit: type=1400 audit(1743401974.647:470): avc: denied { getopt } for pid=8450 comm="syz.3.897" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 120.429181][ T40] audit: type=1400 audit(1743401974.867:471): avc: denied { read append open } for pid=8452 comm="syz.1.898" path="/218/file1/cpuacct.usage_percpu_user" dev="9p" ino=36831368 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 120.456872][ T8456] netlink: 'syz.3.899': attribute type 25 has an invalid length. [ 120.534223][ T0] NOHZ tick-stop error: local softirq work is pending, handler #280!!! [ 120.616948][ T8467] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 121.409397][ T8482] 9pnet_virtio: no channels available for device syz [ 121.722087][ T8500] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 121.838006][ T40] audit: type=1400 audit(1743401976.277:472): avc: denied { mounton } for pid=8505 comm="syz.3.920" path="/240/file0/bus" dev="9p" ino=36831321 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 121.838039][ T8506] overlay: ./file1 is not a directory [ 121.887966][ T40] audit: type=1400 audit(1743401976.327:473): avc: denied { unlink } for pid=8505 comm="syz.3.920" name="file1" dev="9p" ino=36831321 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 121.897849][ T40] audit: type=1400 audit(1743401976.337:474): avc: denied { create } for pid=8497 comm="syz.1.917" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 121.930605][ T8511] netlink: 36 bytes leftover after parsing attributes in process `syz.2.921'. [ 121.933106][ T8511] netlink: 16 bytes leftover after parsing attributes in process `syz.2.921'. [ 121.936025][ T8511] netlink: 36 bytes leftover after parsing attributes in process `syz.2.921'. [ 121.938477][ T8511] netlink: 36 bytes leftover after parsing attributes in process `syz.2.921'. [ 122.031861][ T8517] ip6t_REJECT: ECHOREPLY is not supported [ 122.633087][ T8532] overlayfs: failed to create directory ./bus/work (errno: 22); mounting read-only [ 122.946017][ T8545] 9pnet_virtio: no channels available for device syz [ 123.049811][ T8554] 9pnet_virtio: no channels available for device syz [ 123.464148][ T34] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 123.522293][ T8534] syz.0.930 (8534): drop_caches: 1 [ 123.573722][ T8534] syz.0.930 (8534): drop_caches: 1 [ 123.607883][ T40] kauditd_printk_skb: 5 callbacks suppressed [ 123.607894][ T40] audit: type=1400 audit(1743401978.047:480): avc: denied { create } for pid=8580 comm="syz.1.947" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 123.617513][ T40] audit: type=1400 audit(1743401978.047:481): avc: denied { write } for pid=8580 comm="syz.1.947" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 123.630001][ T8581] 9pnet_virtio: no channels available for device syz [ 123.634081][ T34] usb 7-1: Using ep0 maxpacket: 16 [ 123.637059][ T34] usb 7-1: config 0 has no interfaces? [ 123.640066][ T40] audit: type=1400 audit(1743401978.077:482): avc: denied { ioctl } for pid=8584 comm="syz.1.949" path="socket:[29767]" dev="sockfs" ino=29767 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 123.649788][ T34] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 123.649807][ T40] audit: type=1400 audit(1743401978.077:483): avc: denied { write } for pid=8584 comm="syz.1.949" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 123.652275][ T34] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 123.652288][ T34] usb 7-1: Product: syz [ 123.662449][ T34] usb 7-1: Manufacturer: syz [ 123.663811][ T34] usb 7-1: SerialNumber: syz [ 123.675407][ T34] usb 7-1: config 0 descriptor?? [ 123.822225][ T8589] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 123.892882][ T34] usb 7-1: USB disconnect, device number 8 [ 124.261743][ T8606] 9pnet_virtio: no channels available for device syz [ 124.265275][ T40] audit: type=1400 audit(1743401978.707:484): avc: denied { read } for pid=8607 comm="syz.1.958" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 124.273633][ T40] audit: type=1400 audit(1743401978.707:485): avc: denied { open } for pid=8607 comm="syz.1.958" path="/dev/sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 124.283195][ T40] audit: type=1400 audit(1743401978.707:486): avc: denied { ioctl } for pid=8607 comm="syz.1.958" path="/dev/sg0" dev="devtmpfs" ino=721 ioctlcmd=0x2284 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 124.504115][ T8615] FAULT_INJECTION: forcing a failure. [ 124.504115][ T8615] name failslab, interval 1, probability 0, space 0, times 1 [ 124.508533][ T8615] CPU: 2 UID: 0 PID: 8615 Comm: syz.2.961 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(full) [ 124.508547][ T8615] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 124.508554][ T8615] Call Trace: [ 124.508559][ T8615] [ 124.508564][ T8615] dump_stack_lvl+0x16c/0x1f0 [ 124.508603][ T8615] should_fail_ex+0x512/0x640 [ 124.508619][ T8615] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 124.508636][ T8615] should_failslab+0xc2/0x120 [ 124.508652][ T8615] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 124.508666][ T8615] ? find_held_lock+0x2b/0x80 [ 124.508679][ T8615] ? mpol_new+0x11b/0x2d0 [ 124.508692][ T8615] ? get_pid_task+0xfc/0x250 [ 124.508704][ T8615] mpol_new+0x11b/0x2d0 [ 124.508718][ T8615] do_mbind+0x218/0xf30 [ 124.508733][ T8615] ? __pfx_do_mbind+0x10/0x10 [ 124.508742][ T8615] ? find_held_lock+0x2b/0x80 [ 124.508755][ T8615] ? ksys_write+0x190/0x240 [ 124.508773][ T8615] ? __pfx_get_nodes+0x10/0x10 [ 124.508787][ T8615] ? __fget_files+0x20e/0x3c0 [ 124.508805][ T8615] kernel_mbind+0x1e3/0x1f0 [ 124.508822][ T8615] ? __pfx_kernel_mbind+0x10/0x10 [ 124.508835][ T8615] ? rcu_is_watching+0x12/0xc0 [ 124.508860][ T8615] do_syscall_64+0xcd/0x260 [ 124.508882][ T8615] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.508899][ T8615] RIP: 0033:0x7ff8fb98d169 [ 124.508913][ T8615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 124.508928][ T8615] RSP: 002b:00007ff8fc704038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 124.508943][ T8615] RAX: ffffffffffffffda RBX: 00007ff8fbba5fa0 RCX: 00007ff8fb98d169 [ 124.508953][ T8615] RDX: 0000000000000001 RSI: 0000000000800000 RDI: 0000200000001000 [ 124.508963][ T8615] RBP: 00007ff8fc704090 R08: 0000000000000008 R09: 0000000000000002 [ 124.508972][ T8615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 124.508981][ T8615] R13: 0000000000000000 R14: 00007ff8fbba5fa0 R15: 00007ffc182ae788 [ 124.509009][ T8615] [ 124.642172][ T8621] overlayfs: failed to resolve './file0': -40 [ 124.676941][ T40] audit: type=1400 audit(1743401979.117:487): avc: denied { setopt } for pid=8625 comm="syz.2.966" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 124.836527][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 124.961532][ T8638] bond5 (unregistering): Released all slaves [ 124.982341][ T40] audit: type=1400 audit(1743401979.417:488): avc: denied { write } for pid=8640 comm="syz.3.972" name="pids.current" dev="9p" ino=36831360 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 124.990977][ T8639] usb usb1: usbfs: process 8639 (syz.2.969) did not claim interface 0 before use [ 124.998031][ T8644] netlink: 28 bytes leftover after parsing attributes in process `syz.0.971'. [ 125.422948][ T8665] xt_recent: hitcount (4294967295) is larger than allowed maximum (65535) [ 125.453346][ T8670] overlayfs: failed to resolve './file0': -40 [ 125.483191][ T8668] netlink: 'syz.1.982': attribute type 4 has an invalid length. [ 125.534778][ T8665] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8665 comm=syz.1.982 [ 125.769576][ T8689] netlink: 'syz.1.992': attribute type 29 has an invalid length. [ 125.772088][ T8691] netlink: 28 bytes leftover after parsing attributes in process `syz.2.993'. [ 125.798391][ T8691] bond10 (unregistering): Released all slaves [ 125.807603][ T8696] 9pnet_virtio: no channels available for device syz [ 125.827911][ T8698] netlink: 28 bytes leftover after parsing attributes in process `syz.2.993'. [ 125.963346][ T8707] program syz.0.1000 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 125.970098][ T40] audit: type=1400 audit(1743401980.407:489): avc: denied { view } for pid=8706 comm="syz.0.1000" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 126.001748][ T8707] input: syz1 as /devices/virtual/input/input14 [ 126.002886][ T8711] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1002'. [ 126.022307][ T8711] bond10 (unregistering): Released all slaves [ 126.265949][ T8726] sr 2:0:0:0: [sr0] CDROM not ready. Make sure there is a disc in the drive. [ 126.569141][ T8739] syz.1.1013 (8739): drop_caches: 1 [ 126.596106][ T8739] syz.1.1013 (8739): drop_caches: 1 [ 126.607534][ T8749] kvm: user requested TSC rate below hardware speed [ 126.910130][ T8773] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1026'. [ 127.151397][ T8779] syz.2.1030 (8779): drop_caches: 1 [ 127.191100][ T8779] syz.2.1030 (8779): drop_caches: 1 [ 127.447585][ T8794] usb usb1: usbfs: process 8794 (syz.3.1031) did not claim interface 0 before use [ 127.576222][ T8806] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1036'. [ 127.611697][ T8809] use of bytesused == 0 is deprecated and will be removed in the future, [ 127.615330][ T8809] use the actual size instead. [ 128.022845][ T8819] overlayfs: failed to resolve './file0': -40 [ 128.181674][ T8828] Cache volume key already in use (9p,syz,) [ 128.313790][ T8836] FAULT_INJECTION: forcing a failure. [ 128.313790][ T8836] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 128.318523][ T8836] CPU: 0 UID: 0 PID: 8836 Comm: syz.1.1049 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(full) [ 128.318537][ T8836] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 128.318544][ T8836] Call Trace: [ 128.318547][ T8836] [ 128.318551][ T8836] dump_stack_lvl+0x16c/0x1f0 [ 128.318569][ T8836] should_fail_ex+0x512/0x640 [ 128.318584][ T8836] should_fail_alloc_page+0xe7/0x130 [ 128.318601][ T8836] prepare_alloc_pages+0x3c2/0x610 [ 128.318612][ T8836] ? is_bpf_text_address+0x8a/0x1a0 [ 128.318625][ T8836] __alloc_frozen_pages_noprof+0x18f/0x2370 [ 128.318640][ T8836] ? is_bpf_text_address+0x94/0x1a0 [ 128.318651][ T8836] ? kernel_text_address+0x8d/0x100 [ 128.318663][ T8836] ? __kernel_text_address+0xd/0x40 [ 128.318674][ T8836] ? unwind_get_return_address+0x59/0xa0 [ 128.318689][ T8836] ? arch_stack_walk+0xa6/0x100 [ 128.318704][ T8836] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 128.318719][ T8836] ? __lock_acquire+0x5ca/0x1ba0 [ 128.318730][ T8836] ? stack_trace_save+0x8e/0xc0 [ 128.318747][ T8836] ? look_up_lock_class+0x59/0x150 [ 128.318762][ T8836] ? __lock_acquire+0xaa4/0x1ba0 [ 128.318770][ T8836] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 128.318782][ T8836] ? policy_nodemask+0xea/0x4e0 [ 128.318806][ T8836] alloc_pages_mpol+0x1fb/0x550 [ 128.318824][ T8836] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 128.318840][ T8836] ? __lock_acquire+0x5ca/0x1ba0 [ 128.318851][ T8836] folio_alloc_mpol_noprof+0x36/0x2f0 [ 128.318863][ T8836] vma_alloc_folio_noprof+0xed/0x1e0 [ 128.318875][ T8836] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 128.318890][ T8836] do_pte_missing+0x2049/0x3ea0 [ 128.318909][ T8836] __handle_mm_fault+0x1043/0x2a50 [ 128.318926][ T8836] ? __pfx___handle_mm_fault+0x10/0x10 [ 128.318947][ T8836] ? find_vma+0xbf/0x140 [ 128.318957][ T8836] ? __pfx_find_vma+0x10/0x10 [ 128.318970][ T8836] handle_mm_fault+0x404/0xae0 [ 128.318985][ T8836] do_user_addr_fault+0x7a9/0x1430 [ 128.319000][ T8836] exc_page_fault+0x5c/0xc0 [ 128.319013][ T8836] asm_exc_page_fault+0x26/0x30 [ 128.319023][ T8836] RIP: 0010:_copy_to_user+0xb6/0xd0 [ 128.319036][ T8836] Code: 89 ee 48 89 ef e8 1a 19 ee fc 4d 85 ff 75 a8 e8 70 1e ee fc 89 de 4c 89 e7 e8 a6 9d 52 fd 0f 01 cb 48 89 d9 48 89 ef 4c 89 e6 a4 0f 1f 00 0f 01 ca 48 89 cb eb 80 66 2e 0f 1f 84 00 00 00 00 [ 128.319046][ T8836] RSP: 0018:ffffc90007577ae0 EFLAGS: 00050246 [ 128.319054][ T8836] RAX: 0000000000000001 RBX: 0000000000000001 RCX: 0000000000000001 [ 128.319060][ T8836] RDX: fffff52000eaef80 RSI: ffffc90007577bf8 RDI: 00002000000021c0 [ 128.319066][ T8836] RBP: 00002000000021c0 R08: 0000000000000000 R09: fffff52000eaef7f [ 128.319072][ T8836] R10: ffffc90007577bf8 R11: 0000000000000000 R12: ffffc90007577bf8 [ 128.319077][ T8836] R13: 00002000000021c1 R14: 00007ffffffff000 R15: 0000000000000000 [ 128.319103][ T8836] userio_char_read+0x58f/0x760 [ 128.319148][ T8836] ? __pfx_userio_char_read+0x10/0x10 [ 128.319163][ T8836] ? inode_security+0x101/0x130 [ 128.319180][ T8836] ? __pfx_autoremove_wake_function+0x10/0x10 [ 128.319198][ T8836] ? security_file_permission+0x71/0x210 [ 128.319208][ T8836] ? rw_verify_area+0xcf/0x680 [ 128.319219][ T8836] ? __pfx_userio_char_read+0x10/0x10 [ 128.319231][ T8836] vfs_readv+0x6bc/0x8a0 [ 128.319241][ T8836] ? get_pid_task+0x106/0x250 [ 128.319255][ T8836] ? __pfx_vfs_readv+0x10/0x10 [ 128.319266][ T8836] ? find_held_lock+0x2b/0x80 [ 128.319295][ T8836] ? __fget_files+0x20e/0x3c0 [ 128.319321][ T8836] ? do_preadv+0x1af/0x270 [ 128.319331][ T8836] do_preadv+0x1af/0x270 [ 128.319343][ T8836] ? __pfx_do_preadv+0x10/0x10 [ 128.319353][ T8836] ? rcu_is_watching+0x12/0xc0 [ 128.319370][ T8836] do_syscall_64+0xcd/0x260 [ 128.319385][ T8836] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 128.319394][ T8836] RIP: 0033:0x7fb2c2f8d169 [ 128.319402][ T8836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 128.319412][ T8836] RSP: 002b:00007fb2c3d00038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 128.319421][ T8836] RAX: ffffffffffffffda RBX: 00007fb2c31a5fa0 RCX: 00007fb2c2f8d169 [ 128.319427][ T8836] RDX: 0000000000000001 RSI: 0000200000000180 RDI: 0000000000000003 [ 128.319432][ T8836] RBP: 00007fb2c3d00090 R08: 0000000000000005 R09: 0000000000000000 [ 128.319438][ T8836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 128.319443][ T8836] R13: 0000000000000000 R14: 00007fb2c31a5fa0 R15: 00007ffc984ca9d8 [ 128.319456][ T8836] [ 128.471474][ C0] vkms_vblank_simulate: vblank timer overrun [ 128.577108][ T8847] openvswitch: netlink: IP tunnel dst address not specified [ 128.579964][ T8847] program syz.1.1053 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 128.824268][ T63] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 128.974115][ T63] usb 6-1: Using ep0 maxpacket: 8 [ 128.977420][ T63] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 128.981363][ T63] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 128.985537][ T63] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 128.989247][ T63] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 128.994413][ T63] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 128.997877][ T63] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 129.205753][ T63] usb 6-1: GET_CAPABILITIES returned 0 [ 129.208035][ T63] usbtmc 6-1:16.0: can't read capabilities [ 129.287076][ T8864] FAULT_INJECTION: forcing a failure. [ 129.287076][ T8864] name failslab, interval 1, probability 0, space 0, times 0 [ 129.291460][ T8864] CPU: 1 UID: 0 PID: 8864 Comm: syz.0.1060 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(full) [ 129.291480][ T8864] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 129.291488][ T8864] Call Trace: [ 129.291504][ T8864] [ 129.291511][ T8864] dump_stack_lvl+0x16c/0x1f0 [ 129.291553][ T8864] should_fail_ex+0x512/0x640 [ 129.291576][ T8864] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 129.291599][ T8864] should_failslab+0xc2/0x120 [ 129.291620][ T8864] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 129.291640][ T8864] ? __alloc_skb+0x2b2/0x380 [ 129.291662][ T8864] __alloc_skb+0x2b2/0x380 [ 129.291680][ T8864] ? __pfx___alloc_skb+0x10/0x10 [ 129.291699][ T8864] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 129.291723][ T8864] netlink_alloc_large_skb+0x69/0x130 [ 129.291744][ T8864] netlink_sendmsg+0x6a1/0xdd0 [ 129.291768][ T8864] ? __pfx_netlink_sendmsg+0x10/0x10 [ 129.291796][ T8864] ____sys_sendmsg+0xa95/0xc70 [ 129.291811][ T8864] ? copy_msghdr_from_user+0x10a/0x160 [ 129.291829][ T8864] ? __pfx_____sys_sendmsg+0x10/0x10 [ 129.291852][ T8864] ___sys_sendmsg+0x134/0x1d0 [ 129.291872][ T8864] ? __pfx____sys_sendmsg+0x10/0x10 [ 129.291917][ T8864] __sys_sendmsg+0x16d/0x220 [ 129.291942][ T8864] ? __pfx___sys_sendmsg+0x10/0x10 [ 129.291975][ T8864] do_syscall_64+0xcd/0x260 [ 129.291996][ T8864] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.292011][ T8864] RIP: 0033:0x7fa40018d169 [ 129.292023][ T8864] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 129.292036][ T8864] RSP: 002b:00007fa401020038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 129.292050][ T8864] RAX: ffffffffffffffda RBX: 00007fa4003a5fa0 RCX: 00007fa40018d169 [ 129.292059][ T8864] RDX: 0000000000000000 RSI: 00002000000006c0 RDI: 0000000000000003 [ 129.292067][ T8864] RBP: 00007fa401020090 R08: 0000000000000000 R09: 0000000000000000 [ 129.292076][ T8864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 129.292084][ T8864] R13: 0000000000000000 R14: 00007fa4003a5fa0 R15: 00007ffd614c0398 [ 129.292104][ T8864] [ 129.408182][ C1] usbtmc 6-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 129.411958][ T8847] usbtmc 6-1:16.0: Unable to send data, error -71 [ 129.416223][ T10] usb 6-1: USB disconnect, device number 9 [ 129.546365][ T8869] sp0: Synchronizing with TNC [ 129.775804][ T8883] netlink: 'syz.0.1068': attribute type 1 has an invalid length. [ 130.058492][ T8897] tmpfs: Bad value for 'mpol' [ 130.304459][ T57] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 130.567818][ T8901] overlayfs: failed to resolve './file0': -40 [ 130.797775][ T8913] 8021q: adding VLAN 0 to HW filter on device bond7 [ 130.802377][ T8913] bond6: (slave bond7): Enslaving as an active interface with an up link [ 130.807213][ T8913] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1080'. [ 130.817050][ T8913] 8021q: adding VLAN 0 to HW filter on device bond6 [ 131.114518][ T8957] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1097'. [ 131.174478][ T40] kauditd_printk_skb: 8 callbacks suppressed [ 131.174488][ T40] audit: type=1400 audit(1743401985.617:498): avc: denied { map } for pid=8960 comm="syz.1.1099" path="socket:[33811]" dev="sockfs" ino=33811 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 131.182829][ T40] audit: type=1400 audit(1743401985.617:499): avc: denied { accept } for pid=8960 comm="syz.1.1099" path="socket:[33811]" dev="sockfs" ino=33811 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 131.206455][ T8963] 8021q: adding VLAN 0 to HW filter on device bond8 [ 131.208995][ T8963] bond7: (slave bond8): Enslaving as an active interface with an up link [ 131.217711][ T8963] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1094'. [ 131.222865][ T8963] 8021q: adding VLAN 0 to HW filter on device bond7 [ 131.611372][ T8985] netlink: 'syz.3.1108': attribute type 1 has an invalid length. [ 131.765257][ T9000] 9pnet: Unknown protocol version 9 [ 132.059856][ T9018] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1122'. [ 132.117066][ T9025] FAULT_INJECTION: forcing a failure. [ 132.117066][ T9025] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 132.120984][ T9018] trusted_key: syz.2.1122 sent an empty control message without MSG_MORE. [ 132.122161][ T9025] CPU: 1 UID: 0 PID: 9025 Comm: syz.1.1123 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(full) [ 132.122189][ T9025] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 132.122199][ T9025] Call Trace: [ 132.122205][ T9025] [ 132.122211][ T9025] dump_stack_lvl+0x16c/0x1f0 [ 132.122238][ T9025] should_fail_ex+0x512/0x640 [ 132.122259][ T9025] _copy_to_user+0x32/0xd0 [ 132.122282][ T9025] simple_read_from_buffer+0xcb/0x170 [ 132.122304][ T9025] proc_fail_nth_read+0x197/0x270 [ 132.122326][ T9025] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 132.122347][ T9025] ? rw_verify_area+0xcf/0x680 [ 132.122364][ T9025] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 132.122384][ T9025] vfs_read+0x1de/0xc70 [ 132.122406][ T9025] ? __pfx___mutex_lock+0x10/0x10 [ 132.122429][ T9025] ? __pfx_vfs_read+0x10/0x10 [ 132.122456][ T9025] ? __fget_files+0x20e/0x3c0 [ 132.122484][ T9025] ksys_read+0x12a/0x240 [ 132.122502][ T9025] ? __pfx_ksys_read+0x10/0x10 [ 132.122520][ T9025] ? rcu_is_watching+0x12/0xc0 [ 132.122546][ T9025] do_syscall_64+0xcd/0x260 [ 132.122568][ T9025] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 132.122582][ T9025] RIP: 0033:0x7fb2c2f8bb7c [ 132.122596][ T9025] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 132.122610][ T9025] RSP: 002b:00007fb2c3d00030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 132.122624][ T9025] RAX: ffffffffffffffda RBX: 00007fb2c31a5fa0 RCX: 00007fb2c2f8bb7c [ 132.122634][ T9025] RDX: 000000000000000f RSI: 00007fb2c3d000a0 RDI: 0000000000000004 [ 132.122643][ T9025] RBP: 00007fb2c3d00090 R08: 0000000000000000 R09: 0000000000000000 [ 132.122651][ T9025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 132.122659][ T9025] R13: 0000000000000000 R14: 00007fb2c31a5fa0 R15: 00007ffc984ca9d8 [ 132.122678][ T9025] [ 132.222315][ T9029] sp0: Synchronizing with TNC [ 132.506705][ T1419] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.508448][ T1419] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.570203][ T9043] overlayfs: failed to resolve './file0': -40 [ 132.666273][ T9048] netlink: 'syz.3.1132': attribute type 1 has an invalid length. [ 132.701214][ T9052] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1131'. [ 132.704688][ T9048] 8021q: adding VLAN 0 to HW filter on device bond11 [ 132.708615][ T9048] bond10: (slave bond11): Enslaving as an active interface with an up link [ 132.714959][ T9048] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1132'. [ 132.718768][ T9048] 8021q: adding VLAN 0 to HW filter on device bond10 [ 132.735514][ T40] audit: type=1400 audit(1743401987.177:500): avc: denied { setopt } for pid=9053 comm="syz.1.1133" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 132.774517][ T9058] sp0: Synchronizing with TNC [ 132.853281][ T40] audit: type=1400 audit(1743401987.287:501): avc: denied { ioctl } for pid=9057 comm="syz.1.1135" path="/dev/rtc0" dev="devtmpfs" ino=944 ioctlcmd=0x7007 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 133.070192][ T9078] overlayfs: failed to resolve './file0': -40 [ 133.100222][ T9082] overlayfs: failed to verify upper (290/file1, ino=1647, err=-116) [ 133.103792][ T9082] overlayfs: failed to verify index dir 'upper' xattr [ 133.106978][ T9082] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 133.110221][ T9085] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1142'. [ 133.160211][ T9089] netlink: 'syz.3.1143': attribute type 1 has an invalid length. [ 133.206543][ T9089] 8021q: adding VLAN 0 to HW filter on device bond13 [ 133.211852][ T9089] bond12: (slave bond13): Enslaving as an active interface with an up link [ 133.218492][ T9089] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1143'. [ 133.223670][ T9089] 8021q: adding VLAN 0 to HW filter on device bond12 [ 133.254872][ T9101] FAULT_INJECTION: forcing a failure. [ 133.254872][ T9101] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 133.258494][ T9101] CPU: 0 UID: 0 PID: 9101 Comm: syz.3.1149 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(full) [ 133.258510][ T9101] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 133.258516][ T9101] Call Trace: [ 133.258520][ T9101] [ 133.258523][ T9101] dump_stack_lvl+0x16c/0x1f0 [ 133.258557][ T9101] should_fail_ex+0x512/0x640 [ 133.258576][ T9101] _copy_to_user+0x32/0xd0 [ 133.258590][ T9101] simple_read_from_buffer+0xcb/0x170 [ 133.258604][ T9101] proc_fail_nth_read+0x197/0x270 [ 133.258618][ T9101] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 133.258631][ T9101] ? rw_verify_area+0xcf/0x680 [ 133.258642][ T9101] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 133.258654][ T9101] vfs_read+0x1de/0xc70 [ 133.258668][ T9101] ? __pfx___mutex_lock+0x10/0x10 [ 133.258683][ T9101] ? __pfx_vfs_read+0x10/0x10 [ 133.258698][ T9101] ? __fget_files+0x20e/0x3c0 [ 133.258715][ T9101] ksys_read+0x12a/0x240 [ 133.258727][ T9101] ? __pfx_ksys_read+0x10/0x10 [ 133.258742][ T9101] do_syscall_64+0xcd/0x260 [ 133.258758][ T9101] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.258768][ T9101] RIP: 0033:0x7fc45e78bb7c [ 133.258777][ T9101] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 133.258787][ T9101] RSP: 002b:00007fc45f609030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 133.258796][ T9101] RAX: ffffffffffffffda RBX: 00007fc45e9a5fa0 RCX: 00007fc45e78bb7c [ 133.258803][ T9101] RDX: 000000000000000f RSI: 00007fc45f6090a0 RDI: 0000000000000004 [ 133.258808][ T9101] RBP: 00007fc45f609090 R08: 0000000000000000 R09: 0000000000000000 [ 133.258814][ T9101] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000001 [ 133.258820][ T9101] R13: 0000000000000000 R14: 00007fc45e9a5fa0 R15: 00007ffc63db3628 [ 133.258832][ T9101] [ 133.314281][ C0] vkms_vblank_simulate: vblank timer overrun [ 133.383825][ T9111] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1152'. [ 133.453725][ T9117] netlink: 'syz.2.1154': attribute type 1 has an invalid length. [ 133.489179][ T9117] 8021q: adding VLAN 0 to HW filter on device bond11 [ 133.495462][ T9117] bond10: (slave bond11): making interface the new active one [ 133.497549][ T40] audit: type=1400 audit(1743401987.937:502): avc: denied { block_suspend } for pid=9113 comm="syz.3.1153" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 133.498371][ T9117] bond10: (slave bond11): Enslaving as an active interface with an up link [ 133.525297][ T9117] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1154'. [ 133.530430][ T9117] 8021q: adding VLAN 0 to HW filter on device bond10 [ 134.105614][ T9153] netlink: 'syz.2.1165': attribute type 1 has an invalid length. [ 134.156901][ T40] audit: type=1400 audit(1743401988.597:503): avc: denied { map } for pid=9158 comm="syz.1.1167" path="/dev/zero" dev="devtmpfs" ino=6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1 [ 134.353278][ T9174] bond14 (unregistering): Released all slaves [ 134.836253][ T9201] sr 2:0:0:0: [sr0] CDROM not ready. Make sure there is a disc in the drive. [ 134.908504][ T9206] bond8 (unregistering): Released all slaves [ 135.295628][ T9236] bond8 (unregistering): Released all slaves [ 135.435469][ T9242] usb usb1: usbfs: process 9242 (syz.1.1195) did not claim interface 0 before use [ 135.896774][ T9269] sp0: Synchronizing with TNC [ 135.910715][ T9269] [U] è [ 135.962387][ T9272] netlink: 'syz.0.1210': attribute type 8 has an invalid length. [ 135.965440][ T9272] __nla_validate_parse: 7 callbacks suppressed [ 135.965452][ T9272] netlink: 163260 bytes leftover after parsing attributes in process `syz.0.1210'. [ 136.008106][ T9276] vlan2: entered allmulticast mode [ 136.009690][ T9276] bond0: entered allmulticast mode [ 136.011533][ T9276] bond_slave_0: entered allmulticast mode [ 136.012269][ T9269] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1210'. [ 136.013418][ T9276] bond_slave_1: entered allmulticast mode [ 136.016882][ T9269] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 136.021256][ T9276] mac80211_hwsim hwsim7 wlan1: entered allmulticast mode [ 136.168045][ T9278] overlayfs: failed to resolve './file0': -40 [ 136.264516][ T5956] Bluetooth: hci4: command 0x1003 tx timeout [ 136.264971][ T5944] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 136.395492][ T9297] TCP: TCP_TX_DELAY enabled [ 136.770952][ T9312] overlayfs: failed to resolve './file0': -40 [ 136.799294][ T9318] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1228'. [ 136.854749][ T9315] netlink: 'syz.1.1229': attribute type 10 has an invalid length. [ 136.857050][ T9315] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1229'. [ 136.870065][ T9315] team0: Port device geneve0 added [ 136.947538][ T9325] bond14 (unregistering): Released all slaves [ 136.980234][ T9333] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1230'. [ 137.080711][ T9344] tipc: Enabling of bearer rejected, failed to enable media [ 137.319747][ T9367] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 137.347215][ T9367] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1244'. [ 137.654893][ T10] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 137.814220][ T10] usb 7-1: Using ep0 maxpacket: 16 [ 137.821409][ T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 137.827875][ T10] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 137.831254][ T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 137.835879][ T10] usb 7-1: Product: syz [ 137.837423][ T10] usb 7-1: Manufacturer: syz [ 137.839126][ T10] usb 7-1: SerialNumber: syz [ 137.842101][ T10] usb 7-1: config 0 descriptor?? [ 137.847487][ T10] hub 7-1:0.0: bad descriptor, ignoring hub [ 137.849586][ T10] hub 7-1:0.0: probe with driver hub failed with error -5 [ 137.855543][ T10] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input18 [ 137.885122][ T9386] overlayfs: failed to resolve './file0': -40 [ 137.915414][ T40] audit: type=1400 audit(1743401992.357:504): avc: denied { setopt } for pid=9388 comm="syz.0.1254" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 137.983255][ T9394] befs: Unknown parameter '].(-'' [ 137.986428][ T9394] befs: Unknown parameter '].(-'' [ 137.988314][ T9394] befs: Unknown parameter '].(-'' [ 137.990679][ T9394] befs: Unknown parameter '].(-'' [ 137.992477][ T9394] befs: Unknown parameter '].(-'' [ 137.996492][ T9394] befs: Unknown parameter '].(-'' [ 137.998632][ T9394] befs: Unknown parameter '].(-'' [ 138.000965][ T9394] befs: Unknown parameter '].(-'' [ 138.002990][ T9394] befs: Unknown parameter '].(-'' [ 138.005063][ T9394] befs: Unknown parameter '].(-'' [ 138.007116][ T9394] befs: Unknown parameter '].(-'' [ 138.008653][ T9394] befs: Unknown parameter '].(-'' [ 138.010765][ T9394] befs: Unknown parameter '].(-'' [ 138.012811][ T9394] befs: Unknown parameter '].(-'' [ 138.025128][ T9394] befs: Unknown parameter '].(-'' [ 138.026880][ T9394] befs: Unknown parameter '].(-'' [ 138.028606][ T9394] befs: Unknown parameter '].(-'' [ 138.030682][ T9394] befs: Unknown parameter '].(-'' [ 138.032274][ T9394] befs: Unknown parameter '].(-'' [ 138.033624][ T40] audit: type=1400 audit(1743401992.467:505): avc: denied { watch } for pid=9392 comm="syz.0.1256" path="/290/file0" dev="tmpfs" ino=1623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 138.035065][ T9394] befs: Unknown parameter '].(-'' [ 138.042379][ T40] audit: type=1400 audit(1743401992.467:506): avc: denied { watch_sb watch_reads } for pid=9392 comm="syz.0.1256" path="/290/file0" dev="tmpfs" ino=1623 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 138.043778][ T9394] befs: Unknown parameter '].(-'' [ 138.055331][ T40] audit: type=1400 audit(1743401992.497:507): avc: denied { read write } for pid=9370 comm="syz.2.1247" name="mice" dev="devtmpfs" ino=939 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1 [ 138.055515][ T40] audit: type=1400 audit(1743401992.497:508): avc: denied { open } for pid=9370 comm="syz.2.1247" path="/dev/input/mice" dev="devtmpfs" ino=939 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1 [ 138.059698][ T9394] befs: Unknown parameter '].(-'' [ 138.077109][ T9394] befs: Unknown parameter '].(-'' [ 138.078757][ T9394] befs: Unknown parameter '].(-'' [ 138.080576][ T9394] befs: Unknown parameter '].(-'' [ 138.082738][ T9394] befs: Unknown parameter '].(-'' [ 138.086366][ T9394] befs: Unknown parameter '].(-'' [ 138.088091][ T9394] befs: Unknown parameter '].(-'' [ 138.089911][ T9394] befs: Unknown parameter '].(-'' [ 138.091690][ T9394] befs: Unknown parameter '].(-'' [ 138.093390][ T9394] befs: Unknown parameter '].(-'' [ 138.096050][ T9394] befs: Unknown parameter '].(-'' [ 138.097836][ T9394] befs: Unknown parameter '].(-'' [ 138.099769][ T9394] befs: Unknown parameter '].(-'' [ 138.101859][ T9394] befs: Unknown parameter '].(-'' [ 138.103733][ T9394] befs: Unknown parameter '].(-'' [ 138.103876][ T9394] befs: Unknown parameter '].(-'' [ 138.104699][ T9394] befs: Unknown parameter '].(-'' [ 138.110841][ T9394] befs: Unknown parameter '].(-'' [ 138.112957][ T9394] befs: Unknown parameter '].(-'' [ 138.114826][ T9394] befs: Unknown parameter '].(-'' [ 138.116813][ T9394] befs: Unknown parameter '].(-'' [ 138.118677][ T9394] befs: Unknown parameter '].(-'' [ 138.120768][ T9394] befs: Unknown parameter '].(-'' [ 138.122682][ T9394] befs: Unknown parameter '].(-'' [ 138.125063][ T9394] befs: Unknown parameter '].(-'' [ 138.127123][ T9394] befs: Unknown parameter '].(-'' [ 138.129068][ T9394] befs: Unknown parameter '].(-'' [ 138.131182][ T9394] befs: Unknown parameter '].(-'' [ 138.133037][ T9394] befs: Unknown parameter '].(-'' [ 138.134910][ T9394] befs: Unknown parameter '].(-'' [ 138.136540][ T9394] befs: Unknown parameter '].(-'' [ 138.138365][ T9394] befs: Unknown parameter '].(-'' [ 138.140587][ T9394] befs: Unknown parameter '].(-'' [ 138.142432][ T9394] befs: Unknown parameter '].(-'' [ 138.144979][ T9394] befs: Unknown parameter '].(-'' [ 138.146939][ T9394] befs: Unknown parameter '].(-'' [ 138.150265][ T9394] befs: Unknown parameter '].(-'' [ 138.153587][ T9394] befs: Unknown parameter '].(-'' [ 138.156142][ T9394] befs: Unknown parameter '].(-'' [ 138.158283][ T9394] befs: Unknown parameter '].(-'' [ 138.159946][ T9394] befs: Unknown parameter '].(-'' [ 138.162162][ T9394] befs: Unknown parameter '].(-'' [ 138.165675][ T9394] befs: Unknown parameter '].(-'' [ 138.167882][ T9394] befs: Unknown parameter '].(-'' [ 138.171225][ T9406] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1258'. [ 138.181293][ T40] audit: type=1400 audit(1743401992.617:509): avc: denied { search } for pid=5654 comm="dhcpcd" name="netdev:wlan2" dev="debugfs" ino=35551 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 138.216154][ T9406] vivid-007: ================= START STATUS ================= [ 138.218996][ T9406] vivid-007: Enable Output Cropping: true [ 138.221429][ T9406] vivid-007: Enable Output Composing: true [ 138.223715][ T9406] vivid-007: Enable Output Scaler: true [ 138.226571][ T9406] vivid-007: Tx RGB Quantization Range: Automatic [ 138.228928][ T9406] vivid-007: Transmit Mode: HDMI [ 138.230697][ T9406] vivid-007: Hotplug Present: 0x00000000 [ 138.232907][ T9406] vivid-007: RxSense Present: 0x00000000 [ 138.236361][ T9406] vivid-007: EDID Present: 0x00000000 [ 138.238647][ T9406] vivid-007: ================== END STATUS ================== [ 138.243004][ T40] audit: type=1400 audit(1743401992.677:510): avc: denied { ioctl } for pid=9405 comm="syz.3.1258" path="/dev/ndctl0" dev="devtmpfs" ino=109 ioctlcmd=0xae80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 138.279257][ T9415] FAULT_INJECTION: forcing a failure. [ 138.279257][ T9415] name failslab, interval 1, probability 0, space 0, times 0 [ 138.283722][ T9415] CPU: 3 UID: 0 PID: 9415 Comm: syz.3.1260 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(full) [ 138.283744][ T9415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 138.283753][ T9415] Call Trace: [ 138.283759][ T9415] [ 138.283766][ T9415] dump_stack_lvl+0x16c/0x1f0 [ 138.283796][ T9415] should_fail_ex+0x512/0x640 [ 138.283818][ T9415] should_failslab+0xc2/0x120 [ 138.283840][ T9415] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 138.283861][ T9415] ? skb_clone+0x190/0x3f0 [ 138.283884][ T9415] skb_clone+0x190/0x3f0 [ 138.283907][ T9415] netlink_deliver_tap+0xabd/0xd30 [ 138.283932][ T9415] netlink_unicast+0x5df/0x7f0 [ 138.283957][ T9415] ? __pfx_netlink_unicast+0x10/0x10 [ 138.283985][ T9415] netlink_sendmsg+0x8d1/0xdd0 [ 138.284023][ T9415] ? __pfx_netlink_sendmsg+0x10/0x10 [ 138.284054][ T9415] ____sys_sendmsg+0xa95/0xc70 [ 138.284077][ T9415] ? copy_msghdr_from_user+0x10a/0x160 [ 138.284096][ T9415] ? __pfx_____sys_sendmsg+0x10/0x10 [ 138.284123][ T9415] ___sys_sendmsg+0x134/0x1d0 [ 138.284144][ T9415] ? __pfx____sys_sendmsg+0x10/0x10 [ 138.284208][ T9415] __sys_sendmsg+0x16d/0x220 [ 138.284231][ T9415] ? __pfx___sys_sendmsg+0x10/0x10 [ 138.284258][ T9415] ? rcu_is_watching+0x12/0xc0 [ 138.284284][ T9415] do_syscall_64+0xcd/0x260 [ 138.284307][ T9415] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 138.284322][ T9415] RIP: 0033:0x7fc45e78d169 [ 138.284334][ T9415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 138.284355][ T9415] RSP: 002b:00007fc45f609038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 138.284370][ T9415] RAX: ffffffffffffffda RBX: 00007fc45e9a5fa0 RCX: 00007fc45e78d169 [ 138.284379][ T9415] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 138.284388][ T9415] RBP: 00007fc45f609090 R08: 0000000000000000 R09: 0000000000000000 [ 138.284397][ T9415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 138.284405][ T9415] R13: 0000000000000000 R14: 00007fc45e9a5fa0 R15: 00007ffc63db3628 [ 138.284427][ T9415] [ 138.964119][ T9462] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1274'. [ 139.021001][ T9465] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1275'. [ 139.253823][ T9486] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1284'. [ 139.265796][ T9484] overlayfs: failed to resolve './file0': -40 [ 139.535764][ T40] audit: type=1326 audit(1743401993.967:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9510 comm="syz.2.1293" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff8fb98d169 code=0x0 [ 139.565344][ T9513] overlayfs: failed to resolve './file0': -40 [ 139.637842][ T9516] input: syz0 as /devices/virtual/input/input19 [ 139.736830][ T9520] bond15 (unregistering): Released all slaves [ 139.960243][ T40] audit: type=1400 audit(1743401994.397:512): avc: denied { append } for pid=9539 comm="syz.1.1303" name="card2" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 139.991040][ T9540] 8021q: adding VLAN 0 to HW filter on device bond15 [ 139.996866][ T9540] bond0: (slave bond15): Enslaving as an active interface with an up link [ 140.128878][ T40] audit: type=1400 audit(1743401994.567:513): avc: denied { ioctl } for pid=9550 comm="syz.0.1307" path="socket:[34797]" dev="sockfs" ino=34797 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 140.130085][ T9551] program syz.0.1307 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 140.487809][ T9569] input: syz0 as /devices/virtual/input/input21 [ 140.490008][ T9569] input: failed to attach handler leds to device input21, error: -6 [ 140.501004][ T9569] ksmbd: Unknown IPC event: 1, ignore. [ 140.950490][ T9630] FAULT_INJECTION: forcing a failure. [ 140.950490][ T9630] name failslab, interval 1, probability 0, space 0, times 0 [ 140.954056][ T9630] CPU: 3 UID: 0 PID: 9630 Comm: syz.3.1338 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(full) [ 140.954071][ T9630] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 140.954077][ T9630] Call Trace: [ 140.954081][ T9630] [ 140.954085][ T9630] dump_stack_lvl+0x16c/0x1f0 [ 140.954123][ T9630] should_fail_ex+0x512/0x640 [ 140.954142][ T9630] should_failslab+0xc2/0x120 [ 140.954159][ T9630] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 140.954175][ T9630] ? sidtab_do_lookup+0x1bd/0x9d0 [ 140.954190][ T9630] ? security_netlbl_sid_to_secattr+0x1d8/0x4d0 [ 140.954205][ T9630] kstrdup+0x53/0x100 [ 140.954216][ T9630] security_netlbl_sid_to_secattr+0x1d8/0x4d0 [ 140.954230][ T9630] selinux_netlbl_sock_genattr+0x129/0x4f0 [ 140.954245][ T9630] selinux_netlbl_socket_post_create+0xb0/0x1b0 [ 140.954262][ T9630] selinux_socket_post_create+0x2f9/0x7f0 [ 140.954278][ T9630] ? __pfx_selinux_socket_post_create+0x10/0x10 [ 140.954293][ T9630] ? inet_create+0x973/0x1090 [ 140.954304][ T9630] security_socket_post_create+0x247/0x260 [ 140.954320][ T9630] __sock_create+0x738/0x8d0 [ 140.954333][ T9630] __sys_socket+0x14d/0x260 [ 140.954342][ T9630] ? fput+0x70/0xf0 [ 140.954350][ T9630] ? __pfx___sys_socket+0x10/0x10 [ 140.954359][ T9630] ? ksys_write+0x1b9/0x240 [ 140.954371][ T9630] ? __pfx_ksys_write+0x10/0x10 [ 140.954386][ T9630] __x64_sys_socket+0x72/0xb0 [ 140.954395][ T9630] ? lockdep_hardirqs_on+0x7c/0x110 [ 140.954409][ T9630] do_syscall_64+0xcd/0x260 [ 140.954424][ T9630] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 140.954434][ T9630] RIP: 0033:0x7fc45e78d169 [ 140.954443][ T9630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 140.954452][ T9630] RSP: 002b:00007fc45f609038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 140.954463][ T9630] RAX: ffffffffffffffda RBX: 00007fc45e9a5fa0 RCX: 00007fc45e78d169 [ 140.954472][ T9630] RDX: 0000000000000001 RSI: 0000000000000002 RDI: 0000000000000002 [ 140.954481][ T9630] RBP: 00007fc45f609090 R08: 0000000000000000 R09: 0000000000000000 [ 140.954489][ T9630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 140.954498][ T9630] R13: 0000000000000000 R14: 00007fc45e9a5fa0 R15: 00007ffc63db3628 [ 140.954519][ T9630] [ 141.274170][ T2300] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 141.424126][ T2300] usb 8-1: Using ep0 maxpacket: 16 [ 141.428152][ T2300] usb 8-1: config 0 has no interfaces? [ 141.432396][ T2300] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 141.436347][ T2300] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 141.438842][ T2300] usb 8-1: Product: syz [ 141.440061][ T2300] usb 8-1: Manufacturer: syz [ 141.441389][ T2300] usb 8-1: SerialNumber: syz [ 141.446756][ T2300] usb 8-1: config 0 descriptor?? [ 141.528158][ T6003] usb 7-1: USB disconnect, device number 9 [ 141.660247][ T5987] usb 8-1: USB disconnect, device number 6 [ 141.816060][ T9632] dccp_close: ABORT with 214 bytes unread [ 142.109722][ T9664] syzkaller0: entered promiscuous mode [ 142.111354][ T9664] syzkaller0: entered allmulticast mode [ 142.127426][ T9664] __nla_validate_parse: 59 callbacks suppressed [ 142.127438][ T9664] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1351'. [ 142.132322][ T9664] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1351'. [ 142.135524][ T9664] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1351'. [ 142.138358][ T9664] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1351'. [ 142.160484][ T9664] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1351'. [ 143.198144][ T9679] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9679 comm=syz.0.1357 [ 143.198549][ T40] kauditd_printk_skb: 7 callbacks suppressed [ 143.198563][ T40] audit: type=1400 audit(1743401997.637:521): avc: denied { lock } for pid=9678 comm="syz.0.1357" path="socket:[39365]" dev="sockfs" ino=39365 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1 [ 143.203499][ T9677] syz.3.1356: attempt to access beyond end of device [ 143.203499][ T9677] nbd3: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 143.216088][ T9677] XFS (nbd3): SB validate failed with error -5. [ 143.260207][ T40] audit: type=1400 audit(1743401997.697:522): avc: denied { create } for pid=9678 comm="syz.0.1357" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 143.268049][ T40] audit: type=1400 audit(1743401997.707:523): avc: denied { write } for pid=9678 comm="syz.0.1357" path="socket:[36577]" dev="sockfs" ino=36577 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 143.273078][ T9687] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1358'. [ 143.564119][ T10] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 143.664219][ T6033] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 143.669913][ T9726] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1375'. [ 143.688319][ T9726] bond14 (unregistering): Released all slaves [ 143.715291][ T10] usb 5-1: Using ep0 maxpacket: 16 [ 143.718086][ T10] usb 5-1: config 0 has no interfaces? [ 143.722367][ T10] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 143.726612][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 143.728779][ T9734] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1375'. [ 143.729454][ T10] usb 5-1: Product: syz [ 143.733511][ T10] usb 5-1: Manufacturer: syz [ 143.735535][ T10] usb 5-1: SerialNumber: syz [ 143.738288][ T10] usb 5-1: config 0 descriptor?? [ 143.834227][ T6033] usb 6-1: Using ep0 maxpacket: 16 [ 143.837798][ T6033] usb 6-1: config 0 has no interfaces? [ 143.840923][ T6033] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 143.843470][ T6033] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 143.846375][ T6033] usb 6-1: Product: syz [ 143.847151][ T9745] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1381'. [ 143.847614][ T6033] usb 6-1: Manufacturer: syz [ 143.851420][ T6033] usb 6-1: SerialNumber: syz [ 143.854654][ T40] audit: type=1400 audit(1743401998.297:524): avc: denied { ioctl } for pid=9744 comm="syz.3.1381" path="socket:[38314]" dev="sockfs" ino=38314 ioctlcmd=0x894b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 143.855974][ T6033] usb 6-1: config 0 descriptor?? [ 143.871031][ T40] audit: type=1400 audit(1743401998.297:525): avc: denied { getopt } for pid=9744 comm="syz.3.1381" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 143.891314][ T40] audit: type=1400 audit(1743401998.327:526): avc: denied { ioctl } for pid=9746 comm="syz.2.1382" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 ioctlcmd=0x63a0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 143.949102][ T12] ================================================================== [ 143.951834][ T12] BUG: KASAN: slab-use-after-free in drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0 [ 143.954953][ T12] Read of size 1 at addr ffff88804de55809 by task kworker/u32:0/12 [ 143.957954][ T12] [ 143.959016][ T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u32:0 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(full) [ 143.959033][ T12] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 143.959042][ T12] Workqueue: events_unbound commit_work [ 143.959063][ T12] Call Trace: [ 143.959068][ T12] [ 143.959073][ T12] dump_stack_lvl+0x116/0x1f0 [ 143.959092][ T12] print_report+0xc3/0x670 [ 143.959110][ T12] ? __virt_addr_valid+0x5e/0x590 [ 143.959129][ T12] ? __phys_addr+0xc6/0x150 [ 143.959147][ T12] ? drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0 [ 143.959165][ T12] kasan_report+0xe0/0x110 [ 143.959183][ T12] ? drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0 [ 143.959203][ T12] drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0 [ 143.959223][ T12] ? preempt_schedule_thunk+0x16/0x30 [ 143.959237][ T12] ? __pfx_drm_atomic_helper_wait_for_vblanks.part.0+0x10/0x10 [ 143.959256][ T12] ? _raw_spin_unlock_irqrestore+0x61/0x80 [ 143.959271][ T12] ? drm_atomic_helper_commit_hw_done+0x330/0x490 [ 143.959291][ T12] drm_atomic_helper_commit_tail+0xcb/0xf0 [ 143.959308][ T12] commit_tail+0x35b/0x400 [ 143.959326][ T12] process_one_work+0x9cc/0x1b70 [ 143.959344][ T12] ? __pfx_process_one_work+0x10/0x10 [ 143.959361][ T12] ? assign_work+0x1a0/0x250 [ 143.959374][ T12] worker_thread+0x6c8/0xf10 [ 143.959391][ T12] ? __pfx_worker_thread+0x10/0x10 [ 143.959405][ T12] kthread+0x3c2/0x780 [ 143.959418][ T12] ? __pfx_kthread+0x10/0x10 [ 143.959429][ T12] ? __pfx_kthread+0x10/0x10 [ 143.959441][ T12] ? __pfx_kthread+0x10/0x10 [ 143.959453][ T12] ? __pfx_kthread+0x10/0x10 [ 143.959465][ T12] ? rcu_is_watching+0x12/0xc0 [ 143.959480][ T12] ? __pfx_kthread+0x10/0x10 [ 143.959493][ T12] ret_from_fork+0x45/0x80 [ 143.959505][ T12] ? __pfx_kthread+0x10/0x10 [ 143.959517][ T12] ret_from_fork_asm+0x1a/0x30 [ 143.959539][ T12] [ 143.959543][ T12] [ 144.020694][ T12] Allocated by task 9691: [ 144.022032][ T12] kasan_save_stack+0x33/0x60 [ 144.023518][ T12] kasan_save_track+0x14/0x30 [ 144.025085][ T12] __kasan_kmalloc+0xaa/0xb0 [ 144.026601][ T12] drm_atomic_helper_crtc_duplicate_state+0x70/0xd0 [ 144.028920][ T12] drm_atomic_get_crtc_state+0x16e/0x450 [ 144.030760][ T12] drm_atomic_get_plane_state+0x436/0x590 [ 144.032641][ T12] drm_atomic_set_property+0xa29/0x34e0 [ 144.034464][ T12] drm_mode_atomic_ioctl+0x66f/0x25f0 [ 144.036263][ T12] drm_ioctl_kernel+0x1f1/0x3e0 [ 144.037890][ T12] drm_ioctl+0x5c9/0xc30 [ 144.039334][ T12] __x64_sys_ioctl+0x190/0x200 [ 144.040931][ T12] do_syscall_64+0xcd/0x260 [ 144.042444][ T12] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.044441][ T12] [ 144.045246][ T12] Freed by task 9690: [ 144.046556][ T12] kasan_save_stack+0x33/0x60 [ 144.048115][ T12] kasan_save_track+0x14/0x30 [ 144.049666][ T12] kasan_save_free_info+0x3b/0x60 [ 144.051186][ T12] __kasan_slab_free+0x51/0x70 [ 144.052581][ T12] kfree+0x2b6/0x4d0 [ 144.053872][ T12] drm_atomic_state_default_clear+0x455/0xe40 [ 144.055863][ T12] __drm_atomic_state_free+0x185/0x2b0 [ 144.057641][ T12] drm_client_modeset_commit_atomic+0x6b2/0x7e0 [ 144.059680][ T12] drm_client_modeset_commit_locked+0x14d/0x580 [ 144.061702][ T12] drm_client_modeset_commit+0x4f/0x80 [ 144.063490][ T12] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 144.065853][ T12] drm_fbdev_client_restore+0x2c/0x40 [ 144.067593][ T12] drm_client_dev_restore+0x1f3/0x2a0 [ 144.069333][ T12] drm_release+0x2c4/0x360 [ 144.070825][ T12] __fput+0x3ff/0xb70 [ 144.072146][ T12] task_work_run+0x14d/0x240 [ 144.073642][ T12] syscall_exit_to_user_mode+0x27b/0x2a0 [ 144.075493][ T12] do_syscall_64+0xda/0x260 [ 144.076987][ T12] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.078901][ T12] [ 144.079718][ T12] The buggy address belongs to the object at ffff88804de55800 [ 144.079718][ T12] which belongs to the cache kmalloc-512 of size 512 [ 144.081942][ T1466] usb 6-1: USB disconnect, device number 11 [ 144.084183][ T12] The buggy address is located 9 bytes inside of [ 144.084183][ T12] freed 512-byte region [ffff88804de55800, ffff88804de55a00) [ 144.084199][ T12] [ 144.084202][ T12] The buggy address belongs to the physical page: [ 144.084207][ T12] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4de54 [ 144.084219][ T12] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 144.098677][ T12] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 144.101119][ T12] page_type: f5(slab) [ 144.102418][ T12] raw: 00fff00000000040 ffff88801b442c80 dead000000000100 dead000000000122 [ 144.105239][ T12] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 144.108031][ T12] head: 00fff00000000040 ffff88801b442c80 dead000000000100 dead000000000122 [ 144.110758][ T12] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 144.113574][ T12] head: 00fff00000000002 ffffea0001379501 ffffffffffffffff 0000000000000000 [ 144.116408][ T12] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 144.119244][ T12] page dumped because: kasan: bad access detected [ 144.121338][ T12] page_owner tracks the page as allocated [ 144.123210][ T12] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5943, tgid 5943 (syz-executor), ts 48894536290, free_ts 48781662212 [ 144.130081][ T12] post_alloc_hook+0x181/0x1b0 [ 144.131714][ T12] get_page_from_freelist+0x10fc/0x35c0 [ 144.133354][ T12] __alloc_frozen_pages_noprof+0x223/0x2370 [ 144.135173][ T12] alloc_pages_mpol+0x1fb/0x550 [ 144.136770][ T12] new_slab+0x23c/0x330 [ 144.138239][ T12] ___slab_alloc+0xd9c/0x1940 [ 144.139809][ T12] __slab_alloc.constprop.0+0x56/0xb0 [ 144.141624][ T12] __kmalloc_noprof+0x2f2/0x510 [ 144.143274][ T12] fib6_info_alloc+0x40/0x160 [ 144.144865][ T12] ip6_route_info_create+0x33f/0x18e0 [ 144.146623][ T12] ip6_route_add+0x26/0x1c0 [ 144.148135][ T12] addrconf_prefix_route+0x2fd/0x510 [ 144.149993][ T12] inet6_addr_add+0x589/0x960 [ 144.151659][ T12] inet6_rtm_newaddr+0x1483/0x1a80 [ 144.153331][ T12] rtnetlink_rcv_msg+0x95b/0xe90 [ 144.154951][ T12] netlink_rcv_skb+0x16a/0x440 [ 144.156492][ T12] page last free pid 5940 tgid 5940 stack trace: [ 144.158603][ T12] __free_frozen_pages+0x69d/0xf90 [ 144.160342][ T12] __put_partials+0x16d/0x1c0 [ 144.161897][ T12] qlist_free_all+0x4e/0x120 [ 144.163443][ T12] kasan_quarantine_reduce+0x195/0x1e0 [ 144.165250][ T12] __kasan_slab_alloc+0x69/0x90 [ 144.166858][ T12] kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 144.169401][ T12] getname_flags.part.0+0x48/0x540 [ 144.171158][ T12] getname_flags+0x93/0xf0 [ 144.172666][ T12] do_sys_openat2+0xb8/0x1d0 [ 144.174208][ T12] __x64_sys_openat+0x174/0x210 [ 144.175819][ T12] do_syscall_64+0xcd/0x260 [ 144.177292][ T12] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.179239][ T12] [ 144.180040][ T12] Memory state around the buggy address: [ 144.181867][ T12] ffff88804de55700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.184460][ T12] ffff88804de55780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 144.187068][ T12] >ffff88804de55800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 144.189623][ T12] ^ [ 144.191077][ T12] ffff88804de55880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 144.193676][ T12] ffff88804de55900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 144.196318][ T12] ================================================================== [ 144.198888][ C0] vkms_vblank_simulate: vblank timer overrun [ 144.198982][ T40] audit: type=1400 audit(1743401998.487:527): avc: denied { create } for pid=9752 comm="syz.2.1384" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1 [ 144.199247][ T2300] usb 5-1: USB disconnect, device number 8 [ 144.208059][ T40] audit: type=1400 audit(1743401998.487:528): avc: denied { sys_admin } for pid=9752 comm="syz.2.1384" capability=21 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1 [ 144.208403][ T12] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 144.208416][ T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u32:0 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(full) [ 144.208432][ T12] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 144.208441][ T12] Workqueue: events_unbound commit_work [ 144.208463][ T12] Call Trace: [ 144.208467][ T12] [ 144.208472][ T12] dump_stack_lvl+0x3d/0x1f0 [ 144.208492][ T12] panic+0x71c/0x800 [ 144.208504][ T12] ? __pfx_panic+0x10/0x10 [ 144.208515][ T12] ? irqentry_exit+0x3b/0x90 [ 144.208532][ T12] ? lockdep_hardirqs_on+0x7c/0x110 [ 144.208548][ T12] ? preempt_schedule_thunk+0x16/0x30 [ 144.208562][ T12] ? drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0 [ 144.208580][ T12] ? preempt_schedule_common+0x44/0xc0 [ 144.208597][ T12] ? check_panic_on_warn+0x1f/0xb0 [ 144.208610][ T12] ? drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0 [ 144.208627][ T12] check_panic_on_warn+0xab/0xb0 [ 144.208640][ T12] end_report+0x107/0x170 [ 144.208658][ T12] kasan_report+0xee/0x110 [ 144.208676][ T12] ? drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0 [ 144.208696][ T12] drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0 [ 144.208717][ T12] ? preempt_schedule_thunk+0x16/0x30 [ 144.208730][ T12] ? __pfx_drm_atomic_helper_wait_for_vblanks.part.0+0x10/0x10 [ 144.208755][ T12] ? _raw_spin_unlock_irqrestore+0x61/0x80 [ 144.208771][ T12] ? drm_atomic_helper_commit_hw_done+0x330/0x490 [ 144.208791][ T12] drm_atomic_helper_commit_tail+0xcb/0xf0 [ 144.208808][ T12] commit_tail+0x35b/0x400 [ 144.208827][ T12] process_one_work+0x9cc/0x1b70 [ 144.208846][ T12] ? __pfx_process_one_work+0x10/0x10 [ 144.208862][ T12] ? assign_work+0x1a0/0x250 [ 144.208875][ T12] worker_thread+0x6c8/0xf10 [ 144.208893][ T12] ? __pfx_worker_thread+0x10/0x10 [ 144.208907][ T12] kthread+0x3c2/0x780 [ 144.208920][ T12] ? __pfx_kthread+0x10/0x10 [ 144.208932][ T12] ? __pfx_kthread+0x10/0x10 [ 144.208944][ T12] ? __pfx_kthread+0x10/0x10 [ 144.208956][ T12] ? __pfx_kthread+0x10/0x10 [ 144.208968][ T12] ? rcu_is_watching+0x12/0xc0 [ 144.208984][ T12] ? __pfx_kthread+0x10/0x10 [ 144.208997][ T12] ret_from_fork+0x45/0x80 [ 144.209010][ T12] ? __pfx_kthread+0x10/0x10 [ 144.209023][ T12] ret_from_fork_asm+0x1a/0x30 [ 144.209046][ T12] [ 144.214097][ T12] Kernel Offset: disabled VM DIAGNOSIS: 06:19:58 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff854b8065 RDI=ffffffff9ae04360 RBP=ffffffff9ae04320 RSP=ffffc900000f7508 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3430383838666666 R12=0000000000000000 R13=0000000000000020 R14=ffffffff9ae04320 R15=ffffffff854b8000 RIP=ffffffff854b808f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d69d4000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007ff8fb970f20 CR3=0000000041964000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000ffffc000 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff8fba0f282 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff8fba0f28f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff8fba0f289 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff8fba0f29d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff8fba0f323 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff8fba0f401 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 2323232323232323 2323232323232323 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000032647261632f 6972642f7665642f ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000011475142400c 4a51470c5546470c ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=00000000001ab28b RBX=0000000000000001 RCX=ffffffff8b6e82d9 RDX=0000000000000000 RSI=ffffffff8dbe4889 RDI=ffffffff8bf42120 RBP=ffffed1003ad0488 RSP=ffffc90000177e00 R8 =0000000000000001 R9 =ffffed100d4a65bd R10=ffff88806a532deb R11=0000000000000000 R12=0000000000000001 R13=ffff88801d682440 R14=ffffffff90859d10 R15=0000000000000000 RIP=ffffffff8b6e96cf RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6ad4000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00005603342b9260 CR3=00000000315ee000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000c0fffc00 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000015 000000000001df8a ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557a541c1d 000055557a541550 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557a533d30 000055557a533b30 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 08e80300080008e0 0300080008d80300 080008d003020800 08c80300080008c0 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 030fffffffffffff 0408b0030fffffff ffffff0408a00305 80040890030fffff ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff04088003 0010000180808c10 0001800406027198 0023647261632f69 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 72642f7665642f01 ffffffffffffffff e108018003098004 69de080004000dba ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000001ffffff ffffffffffe70809 b80301080009b003 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 72642f7665642f01 ffffffffffffffff e108018003098004 69de080004000dba ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff04088003 0010000180808c10 0001800406027198 0023647261632f69 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100100001080001 0000000806060103 ac1980041886c392 c408000100000208 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000007 RBX=ffff88804105f088 RCX=ffffffff8233da03 RDX=0000000000000000 RSI=ffffffff8233da69 RDI=ffff88804105f094 RBP=0000000000000003 RSP=ffffc900032c7d00 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000 R12=ffffffff8e5e1380 R13=0000000000000002 R14=ffff88804105f0b0 R15=ffff8880287da000 RIP=ffffffff8233da98 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000555555e36500 ffffffff 00c00000 GS =0000 ffff8880d6bd4000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000555555e515c8 CR3=000000002599c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=00000000be70000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000020081 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc63db28c0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc45e80f282 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc45e80f28f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc45e80f289 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc45e80f29d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc45e80f323 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc45e80f401 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 47414c46585f5346 2074657365720064 656c696166202973 2528746174736c00 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 47414c46585f5346 0551405640570041 40494c4443050c56 000d514451564900 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=ffff88806a73afc0 RCX=ffffffff81af33ae RDX=ffff88801d2fc880 RSI=ffffffff81af3388 RDI=0000000000000005 RBP=ffffc90000157d10 RSP=ffffc90000157c40 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=fffffbfff1c793ee R12=1ffff9200002af8c R13=0000000000000002 R14=0000000000000001 R15=ffffed100d4e75f9 RIP=ffffffff81af338a RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6cd4000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fdc42bd2440 CR3=0000000028ef0000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000004000040 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc984cad60 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb2c300f282 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb2c300f28f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb2c300f289 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb2c300f29d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb2c300f323 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb2c300f401 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000