last executing test programs: 5.943676163s ago: executing program 1 (id=2): r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000540)=ANY=[@ANYBLOB="120141014813442024040075ee69010203010902240001000010000904b8070259d1ca000905060200020d0006090582020002"], 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000480)={0x84, &(0x7f0000000940)={0x40, 0xa, 0x4, "a0e763a8"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000080)={0x44, &(0x7f0000000200)={0x0, 0xc, 0x4, "da9483aa"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000740)={0x44, &(0x7f0000000000)=ANY=[@ANYBLOB="601004"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000840)={0x1c, &(0x7f00000006c0)={0x20, 0x8, 0x7a, "68ac6ab1918c50dfe0e5e0e3de887e67ae09efa59dbe1504e56a66df9fffd420fda502cbd2d68b209b8ac5c62cfea04c34f807b96dce710177e0f8f6ca7a16e8f5c8cd5d070928ce9985332d56209672cf9ad6e56f11097e49073e245322c30f23a3315aaac2ffef10ed62eb4bf122a3e42baae7e222d3f57500"}, &(0x7f00000007c0)={0x0, 0xa, 0x1, 0x17}, &(0x7f0000000800)={0x0, 0x8, 0x1, 0xf1}}) 3.879035123s ago: executing program 2 (id=20): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000580)=ANY=[@ANYBLOB="3400000013000100000100dffddbdf250700", @ANYRES32], 0x34}], 0x1, 0x0, 0x0, 0x4000}, 0x0) 3.878871041s ago: executing program 2 (id=21): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x9, 0x100000001002089}, 0x0) r1 = getpgrp(0x0) sched_setaffinity(r1, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x3) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(0xffffffffffffffff, 0x0, 0x5) fchdir(r3) r4 = open(&(0x7f0000000140)='.\x00', 0x8000, 0x112) getdents(r4, &(0x7f0000001fc0)=""/184, 0xb8) 3.791704463s ago: executing program 2 (id=22): openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[]) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x140) socket$inet_tcp(0x2, 0x1, 0x0) read(0xffffffffffffffff, &(0x7f0000000080)=""/1, 0x1) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000080)='tasks\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000040), 0x12) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) mount$overlay(0x0, 0x0, 0x0, 0x2002, 0x0) syz_usb_connect(0x5, 0x0, 0x0, &(0x7f00000034c0)={0x0, 0x0, 0x0, 0x0}) r3 = socket(0x2, 0x2, 0x0) setsockopt$inet_int(r3, 0x0, 0xb, &(0x7f00000000c0)=0x1002, 0x4) sendto$inet(r3, 0x0, 0x0, 0x80, 0x0, 0x0) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8) chdir(&(0x7f00000001c0)='./bus\x00') openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) 3.411613923s ago: executing program 1 (id=29): r0 = getpid() syz_pidfd_open(r0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket$nl_sock_diag(0x10, 0x3, 0x4) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) socket$nl_generic(0x10, 0x3, 0x10) socket$inet_tcp(0x2, 0x1, 0x0) pipe(&(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000001580)=ANY=[@ANYBLOB="1c000000120021030000000000bc61682a00968008000a00", @ANYRES32=r1], 0x1c}], 0x1}, 0x4040000) 3.398479794s ago: executing program 1 (id=31): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) pipe2$watch_queue(0x0, 0x80) mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x200800, &(0x7f0000000340)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x2000}}) ioctl$FUSE_DEV_IOC_CLONE(r1, 0x8004e500, &(0x7f0000000080)=r2) close_range(r0, 0xffffffffffffffff, 0x0) 3.331595959s ago: executing program 0 (id=32): socket$inet6(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_9p2000}]}}) write$P9_RVERSION(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="150000006bffff", @ANYRES16=r1, @ANYRESHEX=r2], 0x15) 3.331471173s ago: executing program 1 (id=33): mprotect(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0xe) r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000407d1e9c3100000000000109022400010000000009040000010300200009210000000122070009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000040)={0x24, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00\"\a'], 0x0}, 0x0) 3.261953437s ago: executing program 0 (id=34): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) pwritev(r0, &(0x7f0000000480)=[{0x0}, {0x0}, {0x0}, {0x0}, {&(0x7f0000000300)}], 0x5, 0x8, 0x20000006) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000040)={[0x5, 0x2, 0xe9b, 0x2, 0xd, 0x7f, 0x44233, 0x3ff, 0x0, 0x941, 0x8001, 0x1005, 0x4, 0x4, 0x0, 0xfffffdfffffffffd], 0x0, 0x84340}) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x52, 0x6, 0x40, '\x00', 0x10000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 3.210949406s ago: executing program 2 (id=36): r0 = syz_usb_connect$uac1(0x2, 0xb8, &(0x7f0000000100)=ANY=[@ANYBLOB="12010103000000106b1d01014000010203010902a600030156c0020904000000010100000a24010101bb02010211240601040507000a0008000300020005052405060f0f2406020504020002200a000a00040c24020203020250800009010d2406050203078887000a00000924030101010505"], &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2000000000000046}) syz_usb_control_io(r0, 0x0, &(0x7f00000008c0)={0x84, &(0x7f0000000380)={0x20, 0xe, 0x1, '6'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000003c0)={0x1c, &(0x7f0000000240)={0x0, 0xe, 0x2, "c5d0"}, 0x0, 0x0}) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000400)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x20, 0x81, 0x3, '\x00\x00\x00'}, &(0x7f0000000300)={0x20, 0x82, 0x2, "00f0"}, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, &(0x7f0000000b40)={0x84, &(0x7f0000000600)={0x40, 0x14, 0x5, "3655815828"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 3.041683594s ago: executing program 0 (id=39): socket$inet6(0xa, 0x2, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="20000000520001000000000000000000020000000c00", @ANYRES16=r0], 0x20}}, 0x0) 3.041474271s ago: executing program 0 (id=41): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xbe) 2.991543285s ago: executing program 0 (id=43): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000006000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f0000000000)="66b8010000000f01d966b9800000c00f326635000400000f3066b9800000c00f326635002000000f30baf80c66b87bd3ad8066efbafc0cb0f1ee660fef240f0866b9800000c00f326635000800000f30670f01c9670f2cc30f01c9", 0x5b}], 0x1, 0xe8, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2.021883804s ago: executing program 0 (id=51): ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000300)={'gre0\x00', 0x0}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20940, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, 0x0, 0x0) r3 = syz_usb_connect$cdc_ncm(0x2, 0x76, &(0x7f00000003c0)=ANY=[@ANYBLOB="12010000020000402505a1a44000010203010902640002010000000904010001020d0000052406000105240000000d240f0100000000000000000006241a00000008241c00000008000905810300020000000904010000020d00000904010102020d0000090582020002000000090503"], 0x0) syz_usb_control_io$cdc_ncm(r3, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r3, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r3, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20, 0x80, 0x1c, {0x2, 0x0, 0xb, 0x1, 0x1, 0x3, 0x7, 0x1040, 0x6, 0x1, 0x0, 0x1000}}, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r3, 0x0, 0x0) 1.729670726s ago: executing program 1 (id=52): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f00000001c0)="0fc7284625c87dc07148b8b9000000000000000f23d00f21f835100000070f23f848b8bcc585fc2fd3c5080f23d00f21f835000000080f23f8660fc7b374000000450fc7720ec48189c6168bc744240060000000c744240200380000ff2c2466baf80cb808122188ef66bafc0ced66ba610066ed", 0x74}], 0x1, 0xb, 0x0, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000d8ca8d40d1052120000900100001090212"], 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x80102, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) eventfd(0xbc) r5 = eventfd2(0xe5c, 0x80000) ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000000)={r5, 0x7, 0x2, r5}) ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000005700)=@vmx={0x0, 0x0, 0x2080, {0x9000}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.191043987s ago: executing program 2 (id=56): syz_usb_connect(0x0, 0x47, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000a3303910daa658744d2d010203010902"], 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) msync(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x6) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x101340, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) 1.131276149s ago: executing program 3 (id=57): syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000001300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)={0x20, 0x0, 0x10001, {0x0, 0x2}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6_vti0\x00', 0x0}) sendto$packet(r0, &(0x7f00000002c0)="05031600d3fc141100004788031c09102c28", 0xfce0, 0x4, &(0x7f0000000140)={0x11, 0x86dd, r1, 0x1, 0x0, 0x6, @multicast}, 0x14) 1.131112367s ago: executing program 3 (id=58): sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x20004050) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000100)={{0xd000, 0xe000, 0x0, 0x77, 0x0, 0x3, 0xcb, 0x4, 0x0, 0x6, 0x6}, {0xeeee0000, 0x9000, 0x10, 0xeb, 0x2, 0x0, 0x0, 0xff, 0x7, 0x0, 0x3}, {0xeeee0000, 0x1000, 0x0, 0x0, 0x7, 0xc4, 0x5, 0x1, 0x41, 0x3, 0x4, 0xfc}, {0x1, 0x0, 0x9, 0x4, 0x81, 0x0, 0x9, 0xfc, 0x3, 0x0, 0x9}, {0x0, 0xffff1000, 0x3, 0x4, 0x0, 0x4, 0x0, 0x6, 0x2, 0x34, 0x4}, {0x40000, 0x1, 0x0, 0x78, 0x8, 0x0, 0x2, 0x1c, 0xa3, 0xff, 0x5}, {0xeeee8000, 0x80a0000, 0xa, 0x4, 0x0, 0x0, 0x7, 0x20}, {0x0, 0x6000, 0xa, 0x0, 0xa4, 0x7, 0x8, 0x40, 0x26, 0x0, 0x0, 0xfe}, {0x80aa000, 0x3}, {0x3000, 0xfffd}, 0xddf8ffdb, 0x0, 0x0, 0x120, 0x0, 0xf801, 0xdddd1000, [0x80000001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffe]}) 961.556971ms ago: executing program 3 (id=59): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)) mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000540)={0x4, 0x0, &(0x7f0000000000)=[@register_looper], 0x50, 0x0, &(0x7f0000000440)="b9875771d51d5c5f87d6dc6a90163555383a5da0d444d84bc2a731fa13a1a41fd7d25c9c7ce5d0b7880f8da98225354941adc08ac2adabbb9ee6469717fb8b9804bffcacce90238c0b20b0de494e7fcc"}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f00000001c0)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x400}], 0x0, 0x0, 0x0}) 261.67473ms ago: executing program 1 (id=60): r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x10, 0x56a, 0xbc, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x5, "", [{{0x9, 0x4, 0x0, 0x0, 0xfe, 0x3, 0x0, 0x3, 0x0, {0x9, 0x21, 0x1, 0xfc, 0x1, {0x22, 0x28}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x3, 0x81, 0x2}}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB=' #(\x00'], 0x0, 0x0, 0x0, 0x0}, 0x0) 121.758623ms ago: executing program 3 (id=61): r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) setns(r1, 0x24020000) r2 = syz_clone(0x10000011, 0x0, 0x0, 0x0, 0x0, 0x0) waitid(0x2, 0x0, 0x0, 0x4, 0x0) r3 = syz_pidfd_open(r2, 0x0) pidfd_send_signal(r3, 0x2, 0x0, 0x0) r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r4) ptrace$cont(0x20, r4, 0xffffffffffffff68, 0x0) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz1\x00', {0x3, 0x2, 0x6, 0xff7a}, 0x3a, [0x8000, 0x3, 0xf, 0x8, 0x80, 0x2, 0x3, 0x7f, 0x20000006, 0x20000000, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xfffefef9, 0x6, 0x3, 0x0, 0x5, 0x4, 0x0, 0xa, 0x3c1b, 0x1, 0x24, 0x800000d, 0x1, 0x0, 0xffffffff, 0xe661, 0x4, 0x7, 0x3, 0x8, 0x4c74, 0x80000000, 0x242, 0x3, 0xc, 0x0, 0x8071, 0x7, 0x6, 0xffffffff, 0x7, 0x5, 0x3e, 0x8f, 0x6, 0x6, 0x0, 0x5, 0x0, 0x8, 0x6, 0x80, 0xfffffff9, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8002012d, 0x8004, 0x5, 0xfffffff3, 0x129432e2, 0xc8, 0xf9, 0xe, 0x2ff, 0x1, 0x9, 0xfffffffc, 0x4, 0x10001, 0x0, 0x3, 0x2f, 0xe, 0x6, 0x78, 0xea4, 0x0, 0x3, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x7fffffff, 0xff, 0x5, 0x1000005, 0x5f31, 0x1000f, 0x4e0, 0x2, 0x4, 0xb, 0x4, 0x9, 0x4, 0xf, 0xffff8001, 0x47, 0x31f0, 0x1, 0xfe000000, 0xfffe, 0x202, 0x4, 0x9, 0x3, 0x3, 0x9, 0x1, 0x3, 0x3, 0xbc45, 0x14, 0x42, 0x3], [0x5, 0x408, 0xd, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x2, 0x5, 0x8, 0x4, 0x5, 0x3, 0x7, 0x1ef, 0x2, 0x8, 0x86, 0x3, 0x303c, 0x3e7, 0xb, 0xc, 0x2, 0x2, 0x3, 0x20000008, 0x4004, 0xffffff11, 0x6, 0x38, 0x800003, 0x200, 0x83, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x3, 0xa9, 0x5, 0x1, 0xac5, 0xbf, 0x4002, 0x3, 0x800, 0x12b, 0x4, 0x40000001, 0xa, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x1, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0x80000b9, 0x9, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x9, 0x7fff, 0xffff, 0xa620, 0x1, 0x78b, 0x8, 0x2, 0x5, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x1, 0xc8, 0x1, 0xfffff000, 0x5, 0x3, 0x0, 0x100, 0x9601, 0xb, 0xaf, 0x8, 0x6, 0x8db, 0x2000005, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf44, 0xdced, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff343e, 0xfff]}, 0x45c) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) 268.716µs ago: executing program 3 (id=62): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x100}) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}, @flat=@weak_binder={0x77622a85, 0x100}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000004a40)={0x44, 0x0, &(0x7f00000049c0)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) 82.596µs ago: executing program 2 (id=63): setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, 0x0, 0x0) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x4) writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="580000001400add427323b470c45b45602067fffffff81004e22030d00ff0028925aa8002000eaa57b00090080020efffeffe809020000ff0004f03a04000800ffffffffffffffffffffffe7ee0000000000000000020000", 0x58}], 0x1) 0s ago: executing program 3 (id=64): openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000046c000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f00000000c0)="470f01c8c421d9e1e30e05e2c7442400c2000000c74424026e0000008ff264450f01c9460f7979000f17565db9800000c0453235002000000f300f323647d03e", 0x40}], 0x1, 0x56, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f00000000c0)=0x1, 0x8af6a083558a9093) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2e, &(0x7f0000000000)=0x10000027, 0x4) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x1000000000, 0x5, 0x41, 0x2000000, 0x0, 0x2004cb, 0x0, 0xa1d, 0x68ff, 0x5, 0x0, 0x3, 0x2], 0x10000, 0x202}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 0s ago: executing program 2 (id=65): r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2) r1 = memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xcda\x9b\x11X\x0e\xa1\xcf\x1a\x98S7\xc9\x00'/47, 0x2) ftruncate(r1, 0xfffe) fcntl$addseals(r1, 0x409, 0x7) r2 = ioctl$UDMABUF_CREATE_LIST(r0, 0x40087543, &(0x7f0000000280)=ANY=[@ANYBLOB="0100000001000000", @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00\x00@\x00\x00\x00\x00\x00\x00\x00@']) mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2000003, 0x11, r2, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:9956' (ED25519) to the list of known hosts. [ 54.941766][ T40] kauditd_printk_skb: 17 callbacks suppressed [ 54.941783][ T40] audit: type=1400 audit(1780496244.457:138): avc: denied { name_bind } for pid=5723 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 54.983952][ T40] audit: type=1400 audit(1780496244.497:139): avc: denied { execute } for pid=5724 comm="sh" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 54.990966][ T40] audit: type=1400 audit(1780496244.497:140): avc: denied { execute_no_trans } for pid=5724 comm="sh" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 57.241739][ T40] audit: type=1400 audit(1780496246.757:141): avc: denied { mounton } for pid=5724 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 57.250342][ T40] audit: type=1400 audit(1780496246.767:142): avc: denied { mount } for pid=5724 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 57.252566][ T5724] cgroup: Unknown subsys name 'net' [ 57.263276][ T40] audit: type=1400 audit(1780496246.777:143): avc: denied { unmount } for pid=5724 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 57.433943][ T5724] cgroup: Unknown subsys name 'cpuset' [ 57.440416][ T5724] cgroup: Unknown subsys name 'rlimit' [ 57.624279][ T40] audit: type=1400 audit(1780496247.137:144): avc: denied { setattr } for pid=5724 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=850 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 57.633087][ T40] audit: type=1400 audit(1780496247.137:145): avc: denied { create } for pid=5724 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 57.641364][ T40] audit: type=1400 audit(1780496247.137:146): avc: denied { write } for pid=5724 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 57.649767][ T40] audit: type=1400 audit(1780496247.137:147): avc: denied { read } for pid=5724 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 57.687399][ T5729] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 58.424353][ T5724] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 62.498360][ T40] kauditd_printk_skb: 10 callbacks suppressed [ 62.498371][ T40] audit: type=1400 audit(1780496252.007:158): avc: denied { execmem } for pid=5733 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 62.748057][ T40] audit: type=1400 audit(1780496252.257:159): avc: denied { create } for pid=5737 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 62.755996][ T40] audit: type=1400 audit(1780496252.267:160): avc: denied { read write } for pid=5737 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1292 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 62.765173][ T40] audit: type=1400 audit(1780496252.267:161): avc: denied { open } for pid=5737 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1292 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 62.766691][ T5740] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 62.773183][ T40] audit: type=1400 audit(1780496252.267:162): avc: denied { ioctl } for pid=5737 comm="syz-executor" path="socket:[2012]" dev="sockfs" ino=2012 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 62.799667][ T62] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 62.803418][ T62] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 62.806408][ T5752] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 62.806963][ T62] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 62.810234][ T5752] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 62.819965][ T5755] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 62.820092][ T5752] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 62.824223][ T5755] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 62.825126][ T5754] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 62.828202][ T5753] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 62.828897][ T5752] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 62.830729][ T5754] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 62.831525][ T5753] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 62.834175][ T5753] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 62.836684][ T5752] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 62.840589][ T5755] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 62.841417][ T5753] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 62.842136][ T40] audit: type=1400 audit(1780496252.357:163): avc: denied { read } for pid=5737 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 62.842175][ T40] audit: type=1400 audit(1780496252.357:164): avc: denied { open } for pid=5737 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 62.842603][ T40] audit: type=1400 audit(1780496252.357:165): avc: denied { mounton } for pid=5737 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 62.843558][ T5752] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 62.846265][ T40] audit: type=1400 audit(1780496252.357:166): avc: denied { module_request } for pid=5737 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 62.865148][ T40] audit: type=1400 audit(1780496252.377:167): avc: denied { sys_module } for pid=5737 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 62.888137][ T5753] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 63.284512][ T5737] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.289126][ T5737] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.291684][ T5737] bridge_slave_0: entered allmulticast mode [ 63.294878][ T5737] bridge_slave_0: entered promiscuous mode [ 63.313728][ T5737] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.316155][ T5737] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.318596][ T5737] bridge_slave_1: entered allmulticast mode [ 63.321861][ T5737] bridge_slave_1: entered promiscuous mode [ 63.350728][ T5737] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.361452][ T5737] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 63.394073][ T5737] team0: Port device team_slave_0 added [ 63.413839][ T5737] team0: Port device team_slave_1 added [ 63.452185][ T5737] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 63.454479][ T5737] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 63.462917][ T5737] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 63.484664][ T5737] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 63.487059][ T5737] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 63.500929][ T5737] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 63.593588][ T5737] hsr_slave_0: entered promiscuous mode [ 63.596298][ T5737] hsr_slave_1: entered promiscuous mode [ 63.674249][ T5738] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.677902][ T5738] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.681414][ T5738] bridge_slave_0: entered allmulticast mode [ 63.685531][ T5738] bridge_slave_0: entered promiscuous mode [ 63.712519][ T5738] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.715688][ T5738] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.719766][ T5738] bridge_slave_1: entered allmulticast mode [ 63.722559][ T5738] bridge_slave_1: entered promiscuous mode [ 63.771220][ T5746] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.774469][ T5746] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.777820][ T5746] bridge_slave_0: entered allmulticast mode [ 63.781980][ T5746] bridge_slave_0: entered promiscuous mode [ 63.787561][ T5746] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.790996][ T5746] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.793521][ T5746] bridge_slave_1: entered allmulticast mode [ 63.796519][ T5746] bridge_slave_1: entered promiscuous mode [ 63.815892][ T5741] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.819635][ T5741] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.822922][ T5741] bridge_slave_0: entered allmulticast mode [ 63.826741][ T5741] bridge_slave_0: entered promiscuous mode [ 63.849101][ T5738] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.855940][ T5738] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 63.859829][ T5741] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.863133][ T5741] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.866651][ T5741] bridge_slave_1: entered allmulticast mode [ 63.871101][ T5741] bridge_slave_1: entered promiscuous mode [ 63.926625][ T5746] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.934296][ T5746] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 63.983434][ T5741] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.999688][ T5738] team0: Port device team_slave_0 added [ 64.010240][ T5738] team0: Port device team_slave_1 added [ 64.015304][ T5741] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 64.046080][ T5746] team0: Port device team_slave_0 added [ 64.067041][ T5741] team0: Port device team_slave_0 added [ 64.071589][ T5746] team0: Port device team_slave_1 added [ 64.093896][ T5741] team0: Port device team_slave_1 added [ 64.107357][ T5738] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 64.110323][ T5738] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 64.121457][ T5738] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 64.142968][ T5738] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 64.146014][ T5738] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 64.157104][ T5738] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 64.176633][ T5746] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 64.178835][ T5746] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 64.187970][ T5746] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 64.193194][ T5746] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 64.196145][ T5746] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 64.204685][ T5746] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 64.219730][ T5741] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 64.222577][ T5741] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 64.234260][ T5741] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 64.267573][ T5741] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 64.271016][ T5741] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 64.281882][ T5741] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 64.345863][ T5746] hsr_slave_0: entered promiscuous mode [ 64.348929][ T5746] hsr_slave_1: entered promiscuous mode [ 64.351947][ T5746] debugfs: 'hsr0' already exists in 'hsr' [ 64.354301][ T5746] Cannot create hsr debugfs directory [ 64.362207][ T5738] hsr_slave_0: entered promiscuous mode [ 64.364385][ T5738] hsr_slave_1: entered promiscuous mode [ 64.366381][ T5738] debugfs: 'hsr0' already exists in 'hsr' [ 64.368132][ T5738] Cannot create hsr debugfs directory [ 64.417076][ T5741] hsr_slave_0: entered promiscuous mode [ 64.419426][ T5741] hsr_slave_1: entered promiscuous mode [ 64.421471][ T5741] debugfs: 'hsr0' already exists in 'hsr' [ 64.423214][ T5741] Cannot create hsr debugfs directory [ 64.431375][ T5737] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 64.440809][ T5737] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 64.446745][ T5737] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 64.451096][ T5737] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 64.459101][ T5737] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 64.464459][ T5737] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 64.467365][ T5737] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 64.471842][ T5737] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 64.772613][ T5746] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 64.780038][ T5746] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 64.784101][ T5746] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 64.788943][ T5746] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 64.793508][ T5746] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 64.799605][ T5746] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 64.803000][ T5746] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 64.807145][ T5746] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 64.882785][ T5738] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 64.891850][ T5738] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 64.895706][ T5738] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 64.900281][ T5743] Bluetooth: hci2: command tx timeout [ 64.904974][ T5738] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 64.909622][ T5743] Bluetooth: hci1: command tx timeout [ 64.913037][ T5753] Bluetooth: hci3: command tx timeout [ 64.913231][ T5740] Bluetooth: hci0: command tx timeout [ 64.915251][ T5738] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 64.924306][ T5738] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 64.930893][ T5737] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.935404][ T5738] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 64.942955][ T5738] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 65.004143][ T5737] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.021665][ T5741] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 65.025628][ T5741] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 65.035154][ T1173] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.037885][ T1173] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.041580][ T5741] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 65.045804][ T5741] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 65.048880][ T5741] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 65.053556][ T5741] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 65.059807][ T1173] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.062094][ T1173] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.068814][ T5741] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 65.073965][ T5741] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 65.119810][ T5746] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.161808][ T5746] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.178203][ T1173] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.181533][ T1173] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.191169][ T1173] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.194323][ T1173] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.232647][ T5738] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.259892][ T5738] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.276230][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.278673][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.285012][ T5741] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.290075][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.292403][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.307022][ T5741] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.314508][ T1163] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.317170][ T1163] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.337407][ T1173] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.339720][ T1173] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.447455][ T5737] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.483677][ T5737] veth0_vlan: entered promiscuous mode [ 65.499130][ T5737] veth1_vlan: entered promiscuous mode [ 65.525172][ T5737] veth0_macvtap: entered promiscuous mode [ 65.533638][ T5737] veth1_macvtap: entered promiscuous mode [ 65.542403][ T5746] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.558745][ T5737] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.569847][ T5737] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.583321][ T71] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.588359][ T71] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.597727][ T71] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.614782][ T71] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.643560][ T5746] veth0_vlan: entered promiscuous mode [ 65.663479][ T5746] veth1_vlan: entered promiscuous mode [ 65.694108][ T97] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.697903][ T97] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.698457][ T5738] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.724172][ T5741] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.746169][ T1163] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.746689][ T5746] veth0_macvtap: entered promiscuous mode [ 65.749108][ T1163] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.762755][ T5746] veth1_macvtap: entered promiscuous mode [ 65.796640][ T5746] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.805174][ T5737] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 65.811087][ T5738] veth0_vlan: entered promiscuous mode [ 65.819046][ T5746] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.825397][ T5741] veth0_vlan: entered promiscuous mode [ 65.834732][ T5738] veth1_vlan: entered promiscuous mode [ 65.841732][ T46] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.845559][ T46] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.857862][ T46] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.863014][ T46] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.868220][ T5741] veth1_vlan: entered promiscuous mode [ 65.952064][ T5738] veth0_macvtap: entered promiscuous mode [ 65.962775][ T5741] veth0_macvtap: entered promiscuous mode [ 65.965962][ T5738] veth1_macvtap: entered promiscuous mode [ 65.972372][ T97] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.978179][ T97] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.979775][ T5738] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.984542][ T5741] veth1_macvtap: entered promiscuous mode [ 65.997574][ T5738] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.018415][ T60] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.022616][ T60] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.034355][ T60] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.037198][ T60] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.042153][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.046560][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.060782][ T5741] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.073559][ T5741] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.088734][ T60] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.091739][ T60] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.108474][ T60] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.114696][ T60] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.124585][ T1163] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.127841][ T1163] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.168142][ T97] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.171918][ T97] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.179729][ T5847] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 66.206500][ T1163] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.211653][ T1163] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.241419][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.244116][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.339452][ T5847] usb 6-1: Using ep0 maxpacket: 32 [ 66.346821][ T5847] usb 6-1: config 0 has an invalid interface number: 184 but max is 0 [ 66.350768][ T5847] usb 6-1: config 0 has no interface number 0 [ 66.353714][ T5847] usb 6-1: config 0 interface 184 has no altsetting 0 [ 66.357941][ T5847] usb 6-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 66.361165][ T5847] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 66.364102][ T5847] usb 6-1: Product: syz [ 66.365673][ T5847] usb 6-1: Manufacturer: syz [ 66.367657][ T5847] usb 6-1: SerialNumber: syz [ 66.373481][ T5847] usb 6-1: config 0 descriptor?? [ 66.572877][ T5919] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 66.605203][ T5919] kvm: pic: non byte read [ 66.609707][ T5919] kvm: pic: level sensitive irq not supported [ 66.610625][ T5919] kvm: pic: non byte read [ 66.615869][ T5919] kvm: pic: level sensitive irq not supported [ 66.616141][ T5919] kvm: pic: non byte read [ 66.622260][ T5919] kvm: pic: level sensitive irq not supported [ 66.622541][ T5919] kvm: pic: non byte read [ 66.627455][ T5919] kvm: pic: level sensitive irq not supported [ 66.627815][ T5919] kvm: pic: non byte read [ 66.633417][ T5919] kvm: pic: level sensitive irq not supported [ 66.633675][ T5919] kvm: pic: non byte read [ 66.638048][ T5919] kvm: pic: level sensitive irq not supported [ 66.638313][ T5919] kvm: pic: non byte read [ 66.643803][ T5919] kvm: pic: level sensitive irq not supported [ 66.644061][ T5919] kvm: pic: non byte read [ 66.648904][ T5919] kvm: pic: level sensitive irq not supported [ 66.649935][ T5919] kvm: pic: non byte read [ 66.769414][ T5838] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 66.839334][ T5886] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 66.864938][ T5926] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 66.919430][ T5838] usb 7-1: Using ep0 maxpacket: 16 [ 66.922623][ T5838] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 66.926559][ T5838] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 66.932565][ T5838] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 66.935736][ T5838] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 66.938891][ T5838] usb 7-1: Product: syz [ 66.940465][ T5838] usb 7-1: Manufacturer: syz [ 66.941949][ T5838] usb 7-1: SerialNumber: syz [ 66.953917][ T5838] usb 7-1: 0:2 : does not exist [ 66.980022][ T5740] Bluetooth: hci3: command tx timeout [ 66.980072][ T5753] Bluetooth: hci1: command tx timeout [ 66.980961][ T5743] Bluetooth: hci2: command tx timeout [ 66.989935][ T5740] Bluetooth: hci0: command tx timeout [ 66.992168][ T5847] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32 [ 66.997695][ T5847] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 66.999263][ T5886] usb 8-1: Using ep0 maxpacket: 16 [ 67.005054][ T5886] usb 8-1: config 0 has no interfaces? [ 67.007329][ T5886] usb 8-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00 [ 67.010986][ T5886] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 67.016953][ T5886] usb 8-1: config 0 descriptor?? [ 67.119270][ T5891] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 67.155322][ T5838] usb 7-1: 5:0: failed to get current value for ch 0 (-22) [ 67.181025][ T5838] usb 7-1: USB disconnect, device number 2 [ 67.209848][ T5920] udevd[5920]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 67.226919][ T5886] usb 8-1: USB disconnect, device number 2 [ 67.289588][ T5891] usb 5-1: Using ep0 maxpacket: 8 [ 67.292940][ T5891] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 67.296872][ T5891] usb 5-1: New USB device found, idVendor=258a, idProduct=6a88, bcdDevice= 0.00 [ 67.299991][ T5891] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 67.306545][ T5891] usb 5-1: config 0 descriptor?? [ 67.722110][ T5891] usbhid 5-1:0.0: can't add hid device: -71 [ 67.724988][ T5891] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 67.732806][ T5891] usb 5-1: USB disconnect, device number 2 [ 67.751658][ T40] kauditd_printk_skb: 37 callbacks suppressed [ 67.751675][ T40] audit: type=1400 audit(1780496257.267:205): avc: denied { write } for pid=5932 comm="syz.2.17" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 67.806435][ T5847] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 67.810599][ T5847] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71 [ 67.813812][ T5847] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 67.817230][ T5937] netlink: 'syz.2.19': attribute type 4 has an invalid length. [ 67.817236][ T5847] smsc75xx 6-1:0.184: probe with driver smsc75xx failed with error -71 [ 67.819450][ T5847] usb 6-1: USB disconnect, device number 2 [ 67.905609][ T40] audit: type=1400 audit(1780496257.417:206): avc: denied { name_bind } for pid=5941 comm="syz.2.21" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 67.915484][ T40] audit: type=1400 audit(1780496257.417:207): avc: denied { node_bind } for pid=5941 comm="syz.2.21" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 67.969924][ T40] audit: type=1400 audit(1780496257.487:208): avc: denied { write } for pid=5943 comm="syz.2.22" name="001" dev="devtmpfs" ino=765 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 68.051690][ T40] audit: type=1400 audit(1780496257.567:209): avc: denied { read write } for pid=5947 comm="syz.3.24" name="loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 68.062486][ T40] audit: type=1400 audit(1780496257.567:210): avc: denied { ioctl open } for pid=5947 comm="syz.3.24" path="/dev/loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 68.100801][ T40] audit: type=1400 audit(1780496257.617:211): avc: denied { create } for pid=5950 comm="syz.3.25" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 68.108686][ T40] audit: type=1400 audit(1780496257.617:212): avc: denied { create } for pid=5950 comm="syz.3.25" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 68.118556][ T40] audit: type=1400 audit(1780496257.617:213): avc: denied { setopt } for pid=5950 comm="syz.3.25" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 68.127298][ T40] audit: type=1400 audit(1780496257.637:214): avc: denied { append } for pid=5950 comm="syz.3.25" name="ptp0" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 68.463493][ T5967] 9pnet: p9_errstr2errno: server reported unknown error 0x0000000 [ 68.575072][ T5972] kvm: pic: non byte write [ 68.689490][ T5847] usb 6-1: new full-speed USB device number 3 using dummy_hcd [ 68.799838][ T5829] usb 7-1: new full-speed USB device number 3 using dummy_hcd [ 68.829548][ T5997] netlink: 104 bytes leftover after parsing attributes in process `syz.3.45'. [ 68.841566][ T5847] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 68.846409][ T5847] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 68.851186][ T5847] usb 6-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00 [ 68.854755][ T5847] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 68.863583][ T5847] usb 6-1: config 0 descriptor?? [ 68.976314][ T5829] usb 7-1: unable to get BOS descriptor or descriptor too short [ 68.980673][ T5829] usb 7-1: not running at top speed; connect to a high speed hub [ 68.986604][ T5829] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 68.990677][ T5829] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 68.997134][ T5829] usb 7-1: string descriptor 0 read error: -22 [ 69.000746][ T5829] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 69.003710][ T5829] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 69.019986][ T5829] usb 7-1: 0:2 : does not exist [ 69.059451][ T5740] Bluetooth: hci1: command tx timeout [ 69.059501][ T5753] Bluetooth: hci0: command tx timeout [ 69.061625][ T5740] Bluetooth: hci3: command tx timeout [ 69.069304][ T5740] Bluetooth: hci2: command tx timeout [ 69.117575][ T6007] tipc: Started in network mode [ 69.119366][ T6007] tipc: Node identity 7f000001, cluster identity 4711 [ 69.122997][ T6007] tipc: Enabled bearer , priority 10 [ 69.290063][ T5847] isku 0003:1E7D:319C.0002: unknown main item tag 0x0 [ 69.292706][ T5847] isku 0003:1E7D:319C.0002: unknown main item tag 0x0 [ 69.294835][ T5847] isku 0003:1E7D:319C.0002: unknown main item tag 0x0 [ 69.297025][ T5847] isku 0003:1E7D:319C.0002: unknown main item tag 0x0 [ 69.300795][ T5847] isku 0003:1E7D:319C.0002: unknown main item tag 0x0 [ 69.302958][ T5847] isku 0003:1E7D:319C.0002: unknown main item tag 0x0 [ 69.305087][ T5847] isku 0003:1E7D:319C.0002: unknown main item tag 0x0 [ 69.315817][ T5847] isku 0003:1E7D:319C.0002: hidraw1: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.1-1/input0 [ 69.399326][ T5886] usb 8-1: new full-speed USB device number 3 using dummy_hcd [ 69.490235][ T1044] usb 6-1: USB disconnect, device number 3 [ 69.561595][ T5886] usb 8-1: unable to get BOS descriptor or descriptor too short [ 69.569972][ T5886] usb 8-1: not running at top speed; connect to a high speed hub [ 69.573723][ T5886] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10 [ 69.577537][ T5886] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 69.580575][ T5886] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0xC has invalid maxpacket 65535, setting to 64 [ 69.583792][ T5886] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 69.586723][ T5886] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 69.591353][ T5886] usb 8-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice=5f.84 [ 69.594575][ T5886] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 69.597527][ T5886] usb 8-1: Product: syz [ 69.598993][ T5886] usb 8-1: Manufacturer: syz [ 69.600687][ T5886] usb 8-1: SerialNumber: syz [ 69.604412][ T5886] usb 8-1: config 0 descriptor?? [ 69.606686][ T6009] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22 [ 69.989328][ T5525] usb 5-1: new full-speed USB device number 3 using dummy_hcd [ 70.032387][ T5829] usb 7-1: 5:0: failed to get current value for ch 0 (-22) [ 70.041934][ T5829] usb 7-1: 5:0: cannot get min/max values for control 3 (id 5) [ 70.048540][ T5829] usb 7-1: 5:0: failed to get current value for ch 1 (-22) [ 70.065846][ T5829] usb 7-1: 5:0: cannot get min/max values for control 3 (id 5) [ 70.079273][ T5886] usb 8-1: Quirk or no altset; falling back to MIDI 1.0 [ 70.080663][ T5829] usb 7-1: USB disconnect, device number 3 [ 70.140543][ T5525] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 70.143660][ T5525] usb 5-1: config 1 has no interface number 0 [ 70.145634][ T5525] usb 5-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 70.148999][ T5525] usb 5-1: config 1 interface 1 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64 [ 70.153527][ T5525] usb 5-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 70.156364][ T5525] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 70.159955][ T5525] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has an invalid bInterval 0, changing to 10 [ 70.164418][ T5525] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 192, setting to 64 [ 70.165050][ T5886] usb 8-1: USB disconnect, device number 3 [ 70.171136][ T5525] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 70.174704][ T5525] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 70.178009][ T5525] usb 5-1: Product: syz [ 70.181280][ T5525] usb 5-1: Manufacturer: syz [ 70.183341][ T5525] usb 5-1: SerialNumber: syz [ 70.183940][ T5751] udevd[5751]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/sound/card4/controlC4/../uevent} for writing: No such file or directory [ 70.187848][ T6012] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 70.261864][ T844] tipc: Node number set to 2130706433 [ 70.279323][ T1044] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 70.385895][ T6020] ======================================================= [ 70.385895][ T6020] WARNING: The mand mount option has been deprecated and [ 70.385895][ T6020] and is ignored by this kernel. Remove the mand [ 70.385895][ T6020] option from the mount to silence this warning. [ 70.385895][ T6020] ======================================================= [ 70.400440][ T6012] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 70.402800][ T6012] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 70.431737][ T1044] usb 6-1: config index 0 descriptor too short (expected 55314, got 18) [ 70.434462][ T1044] usb 6-1: config 0 has an invalid descriptor of length 216, skipping remainder of the config [ 70.437910][ T1044] usb 6-1: config 0 has no interfaces? [ 70.441167][ T1044] usb 6-1: New USB device found, idVendor=05d1, idProduct=2021, bcdDevice= 9.00 [ 70.445110][ T1044] usb 6-1: New USB device strings: Mfr=0, Product=16, SerialNumber=0 [ 70.447661][ T1044] usb 6-1: Product: syz [ 70.450828][ T1044] usb 6-1: config 0 descriptor?? [ 70.609906][ T6012] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 70.819578][ T5838] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 70.842807][ T5886] usb 6-1: USB disconnect, device number 4 [ 70.989418][ T5838] usb 7-1: Using ep0 maxpacket: 16 [ 70.993640][ T5838] usb 7-1: config 0 has no interfaces? [ 70.998249][ T5838] usb 7-1: New USB device found, idVendor=a6da, idProduct=7458, bcdDevice=2d.4d [ 71.001131][ T5838] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 71.003610][ T5838] usb 7-1: Product: syz [ 71.004975][ T5838] usb 7-1: Manufacturer: syz [ 71.006502][ T5838] usb 7-1: SerialNumber: syz [ 71.010654][ T5838] usb 7-1: config 0 descriptor?? [ 71.015214][ T6012] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 71.017645][ T6012] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 71.022085][ T5525] cdc_ncm 5-1:1.1: bind() failure [ 71.150074][ T5740] Bluetooth: hci2: command tx timeout [ 71.150294][ T5743] Bluetooth: hci3: command tx timeout [ 71.150363][ T5748] Bluetooth: hci1: command tx timeout [ 71.151990][ T5753] Bluetooth: hci0: command tx timeout [ 71.224473][ T5822] usb 5-1: USB disconnect, device number 3 [ 71.394842][ T5847] usb 7-1: USB disconnect, device number 4 [ 71.729286][ T5525] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 71.812195][ T6050] ------------[ cut here ]------------ [ 71.814791][ T6050] ((d_inode(path->dentry))->i_flags & (1 << 19)) && !(path->mnt->mnt_sb->s_iflags & 0x00000002) [ 71.814804][ T6050] WARNING: fs/exec.c:118 at path_noexec+0x1cf/0x230, CPU#0: syz.2.65/6050 [ 71.821764][ T6050] Modules linked in: [ 71.823201][ T6050] CPU: 0 UID: 0 PID: 6050 Comm: syz.2.65 Not tainted syzkaller #0 PREEMPT(full) [ 71.826274][ T6050] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 71.829761][ T6050] RIP: 0010:path_noexec+0x1cf/0x230 [ 71.831899][ T6050] Code: 58 31 ff 83 e3 02 48 89 de 48 d1 eb e8 4a 52 7d ff 83 e3 01 e8 62 57 7d ff 89 d8 5b 5d 41 5c e9 97 53 01 09 e8 52 57 7d ff 90 <0f> 0b 90 e9 46 ff ff ff e8 d4 3b eb ff e9 a3 fe ff ff e8 ca 3b eb [ 71.839110][ T6050] RSP: 0018:ffffc90005aefbd8 EFLAGS: 00010283 [ 71.841608][ T6050] RAX: 00000000000000ab RBX: 0000000000000000 RCX: ffffc90006ef1000 [ 71.843960][ T6050] RDX: 0000000000080000 RSI: ffffffff828b590e RDI: ffff88802b85ca80 [ 71.847227][ T6050] RBP: ffff88801bf29a60 R08: 0000000000000007 R09: 0000000000000000 [ 71.850553][ T6050] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000080000 [ 71.853070][ T6050] R13: 0000000000000001 R14: ffff88802c2518c8 R15: 0000000000000000 [ 71.855597][ T6050] FS: 00007f605a5e86c0(0000) GS:ffff8880d6383000(0000) knlGS:0000000000000000 [ 71.858391][ T6050] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 71.861134][ T6050] CR2: 000000110c2bdc43 CR3: 00000000396bf000 CR4: 0000000000352ef0 [ 71.864123][ T6050] Call Trace: [ 71.865195][ T6050] [ 71.866148][ T6050] do_mmap+0x857/0x12f0 [ 71.867679][ T6050] ? __pfx_do_mmap+0x10/0x10 [ 71.869638][ T6050] ? __pfx_down_write_killable+0x10/0x10 [ 71.871416][ T6050] vm_mmap_pgoff+0x29e/0x470 [ 71.872896][ T6050] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 71.874505][ T6050] ? __fget_files+0x215/0x3d0 [ 71.875980][ T6050] ? __fget_files+0x21f/0x3d0 [ 71.877509][ T6050] ksys_mmap_pgoff+0x3cb/0x610 [ 71.879011][ T6050] ? __x64_sys_futex+0x358/0x4d0 [ 71.880717][ T6050] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 71.882377][ T6050] ? xfd_validate_state+0x129/0x190 [ 71.883996][ T6050] ? selinux_file_ioctl+0xb6/0x290 [ 71.885611][ T6050] __x64_sys_mmap+0x125/0x190 [ 71.887108][ T6050] do_syscall_64+0x115/0x870 [ 71.888517][ T6050] ? clear_bhb_loop+0x40/0x90 [ 71.890144][ T6050] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 71.892022][ T6050] RIP: 0033:0x7f605979ce59 [ 71.893518][ T6050] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 71.899540][ T6050] RSP: 002b:00007f605a5e8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 71.902208][ T6050] RAX: ffffffffffffffda RBX: 00007f6059a15fa0 RCX: 00007f605979ce59 [ 71.904942][ T6050] RDX: 0000000002000003 RSI: 0000000000001000 RDI: 0000200000fff000 [ 71.907697][ T6050] RBP: 00007f6059832d6f R08: 0000000000000005 R09: 0000000000000000 [ 71.910432][ T6050] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000000 [ 71.912879][ T6050] R13: 00007f6059a16038 R14: 00007f6059a15fa0 R15: 00007fff959e58f8 [ 71.915472][ T6050] [ 71.916510][ T6050] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 71.918991][ T6050] CPU: 0 UID: 0 PID: 6050 Comm: syz.2.65 Not tainted syzkaller #0 PREEMPT(full) [ 71.921830][ T6050] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 71.924909][ T6050] Call Trace: [ 71.925952][ T6050] [ 71.926887][ T6050] dump_stack_lvl+0x100/0x190 [ 71.928861][ T6050] vpanic+0x552/0x970 [ 71.930585][ T6050] ? __pfx_vpanic+0x10/0x10 [ 71.932076][ T6050] panic+0xd1/0xe0 [ 71.933256][ T6050] ? __pfx_panic+0x10/0x10 [ 71.934644][ T6050] check_panic_on_warn.cold+0x19/0x34 [ 71.936286][ T6050] ? path_noexec+0x1cf/0x230 [ 71.937752][ T6050] __warn.cold+0x191/0x328 [ 71.939126][ T6050] __report_bug+0x296/0x3d0 [ 71.940530][ T6050] ? path_noexec+0x1cf/0x230 [ 71.941952][ T6050] ? __pfx___report_bug+0x10/0x10 [ 71.943499][ T6050] ? arch_get_unmapped_area_topdown+0x559/0xa50 [ 71.945420][ T6050] ? path_noexec+0x1cf/0x230 [ 71.946843][ T6050] report_bug+0xb2/0x220 [ 71.948189][ T6050] ? path_noexec+0x1cf/0x230 [ 71.949760][ T6050] handle_bug+0x16a/0x2a0 [ 71.951129][ T6050] exc_invalid_op+0x17/0x50 [ 71.952726][ T6050] asm_exc_invalid_op+0x1a/0x20 [ 71.954230][ T6050] RIP: 0010:path_noexec+0x1cf/0x230 [ 71.955815][ T6050] Code: 58 31 ff 83 e3 02 48 89 de 48 d1 eb e8 4a 52 7d ff 83 e3 01 e8 62 57 7d ff 89 d8 5b 5d 41 5c e9 97 53 01 09 e8 52 57 7d ff 90 <0f> 0b 90 e9 46 ff ff ff e8 d4 3b eb ff e9 a3 fe ff ff e8 ca 3b eb [ 71.961605][ T6050] RSP: 0018:ffffc90005aefbd8 EFLAGS: 00010283 [ 71.963441][ T6050] RAX: 00000000000000ab RBX: 0000000000000000 RCX: ffffc90006ef1000 [ 71.965829][ T6050] RDX: 0000000000080000 RSI: ffffffff828b590e RDI: ffff88802b85ca80 [ 71.968244][ T6050] RBP: ffff88801bf29a60 R08: 0000000000000007 R09: 0000000000000000 [ 71.970703][ T6050] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000080000 [ 71.973091][ T6050] R13: 0000000000000001 R14: ffff88802c2518c8 R15: 0000000000000000 [ 71.975472][ T6050] ? path_noexec+0x1ce/0x230 [ 71.976914][ T6050] ? path_noexec+0x1ce/0x230 [ 71.978347][ T6050] do_mmap+0x857/0x12f0 [ 71.979629][ T6050] ? __pfx_do_mmap+0x10/0x10 [ 71.981116][ T6050] ? __pfx_down_write_killable+0x10/0x10 [ 71.982832][ T6050] vm_mmap_pgoff+0x29e/0x470 [ 71.984259][ T6050] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 71.985825][ T6050] ? __fget_files+0x215/0x3d0 [ 71.987288][ T6050] ? __fget_files+0x21f/0x3d0 [ 71.988780][ T6050] ksys_mmap_pgoff+0x3cb/0x610 [ 71.990291][ T6050] ? __x64_sys_futex+0x358/0x4d0 [ 71.991821][ T6050] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 71.993445][ T6050] ? xfd_validate_state+0x129/0x190 [ 71.995191][ T6050] ? selinux_file_ioctl+0xb6/0x290 [ 71.996789][ T6050] __x64_sys_mmap+0x125/0x190 [ 71.998743][ T6050] do_syscall_64+0x115/0x870 [ 72.000245][ T6050] ? clear_bhb_loop+0x40/0x90 [ 72.001826][ T6050] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.003830][ T6050] RIP: 0033:0x7f605979ce59 [ 72.005240][ T6050] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 72.011317][ T6050] RSP: 002b:00007f605a5e8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 72.014014][ T6050] RAX: ffffffffffffffda RBX: 00007f6059a15fa0 RCX: 00007f605979ce59 [ 72.016476][ T6050] RDX: 0000000002000003 RSI: 0000000000001000 RDI: 0000200000fff000 [ 72.018918][ T6050] RBP: 00007f6059832d6f R08: 0000000000000005 R09: 0000000000000000 [ 72.021587][ T6050] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000000 [ 72.024201][ T6050] R13: 00007f6059a16038 R14: 00007f6059a15fa0 R15: 00007fff959e58f8 [ 72.026998][ T6050] [ 72.029039][ T6050] Kernel Offset: disabled [ 72.030427][ T6050] Rebooting in 86400 seconds..