last executing test programs: 13.848841976s ago: executing program 0 (id=11536): r0 = io_uring_setup(0x379f, &(0x7f0000000100)={0x0, 0xffffffff, 0x2, 0x4, 0x333}) io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, &(0x7f0000001580)={0x1, 0x0, 0x0, &(0x7f00000014c0)=[{&(0x7f0000000040)=""/168, 0xa8}], 0x0}, 0x20) io_uring_register$IORING_UNREGISTER_BUFFERS(r0, 0x1, 0x0, 0x0) 13.848349826s ago: executing program 0 (id=11540): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$NL80211_CMD_REQ_SET_REG(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x28, r1, 0x1453df3c079a29df, 0x70bd2d, 0x25dfdbff, {}, [@NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x1}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x2}]}, 0x28}, 0x1, 0x0, 0x0, 0x4f1fca89955a67fd}, 0x0) 13.78477451s ago: executing program 0 (id=11543): r0 = syz_usbip_server_init(0x1) syz_usb_connect(0x0, 0x24, &(0x7f0000004200)={{0x12, 0x1, 0x0, 0xe2, 0x79, 0x3b, 0x10, 0x5d1, 0x2001, 0x900, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x4d, 0x2f, 0x9c}}]}}]}}, 0x0) write$usbip_server(r0, &(0x7f0000000380)=ANY=[@ANYBLOB="0000000300000001"], 0x34) 9.741944444s ago: executing program 0 (id=11710): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x390, 0x5230}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_AD_SELECT={0x5}]}}}]}, 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x0) 9.648969798s ago: executing program 0 (id=11714): r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x20) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000001, 0x13, r0, 0xedaa7000) 9.648409142s ago: executing program 0 (id=11717): rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x54000002, 0x0}, 0x0, 0x8, &(0x7f0000000440)) r0 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x81\x84\xb8\x92P\x99YO\xb8V\xd5p\x90X\xaaf', 0x0) fallocate(r0, 0x0, 0x400000000000000, 0x7) 8.194733441s ago: executing program 3 (id=11776): r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) setsockopt$llc_int(r0, 0x10c, 0x9, &(0x7f0000000240)=0x9, 0x4) 8.141354077s ago: executing program 3 (id=11778): r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3) connect$bt_rfcomm(r0, &(0x7f0000000040)={0x1f, @any, 0x2}, 0xa) shutdown(r0, 0x1) 7.22218875s ago: executing program 3 (id=11783): r0 = socket$nl_route(0x10, 0x3, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff}) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32=r1], 0x54}}, 0x0) 7.221911755s ago: executing program 3 (id=11784): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000180)='.\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x45110, 0x0) mount$tmpfs(0x0, &(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000300)={[{@gid}]}) 7.126243681s ago: executing program 3 (id=11785): r0 = syz_open_dev$dri(&(0x7f0000000040), 0x20, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r0, 0xc00864bf, &(0x7f0000000280)={0x0, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_WAIT(r0, 0xc02864c3, &(0x7f0000000080)={&(0x7f0000000540)=[r1], 0x80000000002, 0x1, 0xb}) 6.941949044s ago: executing program 3 (id=11791): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0xf) ioctl$TCFLSH(r0, 0x540b, 0x1) 6.881106152s ago: executing program 32 (id=11791): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0xf) ioctl$TCFLSH(r0, 0x540b, 0x1) 444.486965ms ago: executing program 1 (id=11842): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)={0x20, 0x1a, 0xa01, 0x0, 0x0, {0xa}, [@nested={0xc, 0x0, 0x0, 0x1, [@typed={0x7, 0x0, 0x0, 0x0, @str='\x1d@\x00'}]}]}, 0x20}}, 0x0) 386.257716ms ago: executing program 1 (id=11843): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000880)={0x34, r1, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x20, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x48c05}, 0x4040140) 385.963183ms ago: executing program 1 (id=11845): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=@ipv6_newroute={0x38, 0x18, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0xff, 0x0, 0xff, 0x2}, [@RTA_OIF={0x8, 0x4, r1}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x7}, @RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @SEG6_LOCAL_ACTION={0x8, 0x1, 0x1}}]}, 0x38}}, 0x0) 325.669022ms ago: executing program 1 (id=11846): r0 = socket$nl_generic(0x11, 0x3, 0x10) syz_emit_ethernet(0x2a, &(0x7f0000000000)={@broadcast, @local, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @private=0xa010105, @multicast1}, {0x17, 0x7c, 0x0, @multicast1}}}}}, 0x0) sendmsg(r0, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x36}], 0x2, 0x0, 0x0, 0x11000000}, 0x0) 271.069673ms ago: executing program 1 (id=11849): r0 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000004100), 0x2, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000004140)={0x2, 0xc6, 0x2}) close(r0) 270.712382ms ago: executing program 1 (id=11850): r0 = eventfd(0x0) read$eventfd(r0, &(0x7f0000000040), 0x8) write$eventfd(r0, &(0x7f0000000080), 0x8) 209.274445ms ago: executing program 2 (id=11852): r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r0, 0x40085112, &(0x7f0000000140)=@l={0x92, 0x0, 0xe0}) preadv(r0, &(0x7f0000000400)=[{&(0x7f0000000040)=""/185, 0x8}, {0x0, 0x4}], 0x2, 0x0, 0x0) 155.77911ms ago: executing program 2 (id=11853): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x6c, 0x2, 0x6, 0x1, 0x6000000, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xe, 0x3, 'bitmap:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0x24, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0x80ffffff}}, @IPSET_ATTR_NETMASK={0x5, 0x14, 0x2}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x6c}}, 0x0) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[], 0x90}, 0x1, 0x0, 0x0, 0x4044810}, 0x0) 155.613842ms ago: executing program 2 (id=11854): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) getsockopt$inet6_tcp_buf(r0, 0x6, 0x1f, 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x1, &(0x7f0000000300)=0x101, 0x4) 101.61897ms ago: executing program 2 (id=11855): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0x5}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @hash={{0x9}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_HASH_DREG={0x8, 0x2, 0x1, 0x0, 0xf}, @NFTA_HASH_MODULUS={0x8, 0x4, 0x1, 0x0, 0x6}, @NFTA_HASH_TYPE={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_HASH_OFFSET={0x8, 0x6, 0x1, 0x0, 0x7ff}]}}}]}]}], {0x14}}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x0) 101.43052ms ago: executing program 2 (id=11856): r0 = socket$inet(0x2, 0x3, 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='xfrm0\x00', 0x10) sendmmsg$inet(r0, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10, 0x0}}], 0x68000, 0x0) 99.231µs ago: executing program 2 (id=11857): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) read(r0, &(0x7f00000001c0)=""/36, 0x24) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1, 0x11, r0, 0x633fb000) 0s ago: executing program 4 (id=11792): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000001f00), r0) sendmsg$NLBL_UNLABEL_C_STATICLIST(r0, &(0x7f0000002340)={0x0, 0x0, &(0x7f0000002300)={&(0x7f0000002200)={0x14, r1, 0x301, 0x70bd2d, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x20004000}, 0x4040) kernel console output (not intermixed with test programs): 97][T21669] mac80211_hwsim hwsim6 : renamed from wlan1 (while UP) [ 150.931390][ T6163] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 151.123806][ T6163] usb 7-1: Using ep0 maxpacket: 32 [ 151.126534][ T6163] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32 [ 151.132053][ T6163] usb 7-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5 [ 151.134740][ T6163] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 151.136953][ T6163] usb 7-1: Product: syz [ 151.138143][ T6163] usb 7-1: Manufacturer: syz [ 151.139472][ T6163] usb 7-1: SerialNumber: syz [ 151.141815][ T6163] usb 7-1: config 0 descriptor?? [ 151.143956][T21677] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 151.148259][ T6163] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 151.363810][ T65] usb 7-1: USB disconnect, device number 8 [ 151.516262][T21671] orangefs_mount: mount request failed with -4 [ 151.520706][T21673] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 151.539783][T21680] __nla_validate_parse: 7 callbacks suppressed [ 151.539794][T21680] netlink: 172 bytes leftover after parsing attributes in process `syz.1.7695'. [ 151.565578][ T6127] Bluetooth: hci0: unexpected event for opcode 0x0419 [ 151.650637][T21698] netlink: 'syz.0.7707': attribute type 3 has an invalid length. [ 151.653364][T21698] netlink: 132 bytes leftover after parsing attributes in process `syz.0.7707'. [ 151.674246][T21700] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7704'. [ 151.708798][ T6127] Bluetooth: hci2: Unable to find connection for big 0x00 [ 151.713763][T21706] netlink: 'syz.1.7708': attribute type 4 has an invalid length. [ 151.716829][T21706] netlink: 152 bytes leftover after parsing attributes in process `syz.1.7708'. [ 151.925966][T21724] xt_CT: You must specify a L4 protocol and not use inversions on it [ 151.976698][T21734] ntfs3(nbd2): try to read out of volume at offset 0x0 [ 152.027360][T21746] macvlan0: entered promiscuous mode [ 152.104663][T21762] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7734'. [ 152.108479][T21764] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7735'. [ 152.213854][T21768] netlink: 24 bytes leftover after parsing attributes in process `syz.0.7736'. [ 152.329082][T21780] efs: device does not support 512 byte blocks [ 152.331018][T21780] device does not support 512 byte blocks [ 152.331018][T21780] [ 152.440689][T21800] IPVS: Unknown mcast interface: dvmrp1 [ 152.461416][T21807] netlink: 412 bytes leftover after parsing attributes in process `syz.2.7758'. [ 152.490291][T21814] SELinux: policydb magic number 0x0 does not match expected magic number 0xf97cff8c [ 152.496840][T21814] SELinux: failed to load policy [ 152.541892][T21825] program syz.0.7767 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 152.550431][T21828] netlink: zone id is out of range [ 152.552004][T21828] netlink: del zone limit has 4 unknown bytes [ 152.732813][T21862] futex_wake_op: syz.1.7777 tries to shift op by -1; fix this program [ 152.744730][ T6182] IPVS: starting estimator thread 0... [ 152.768040][T21868] openvswitch: netlink: IP tunnel dst address not specified [ 152.847574][T21879] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 152.855926][T21865] IPVS: using max 38 ests per chain, 91200 per kthread [ 152.885897][T21886] netlink: 108 bytes leftover after parsing attributes in process `syz.2.7793'. [ 152.889051][T21886] netlink: 108 bytes leftover after parsing attributes in process `syz.2.7793'. [ 152.913543][T21890] PM: Enabling pm_trace changes system date and time during resume. [ 152.913543][T21890] PM: Correct system time has to be restored manually after resume. [ 152.945851][T21896] netlink: 'syz.2.7800': attribute type 1 has an invalid length. [ 153.170898][T21924] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 153.173300][T21924] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 153.178776][T21927] netlink: 'syz.3.7822': attribute type 2 has an invalid length. [ 153.538778][T21973] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 153.623779][T21993] ufs: Invalid option: "grpquota" or missing value [ 153.625779][T21993] ufs: wrong mount options [ 153.692981][T22007] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 153.766727][T22023] xt_cluster: node mask cannot exceed total number of nodes [ 153.773087][T22027] netdevsim netdevsim3: Direct firmware load for . [ 153.773087][T22027] failed with error -2 [ 153.776709][T22027] netdevsim netdevsim3: Falling back to sysfs fallback for: . [ 153.776709][T22027] [ 154.229403][T22071] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 154.794311][ T40] kauditd_printk_skb: 11 callbacks suppressed [ 154.794326][ T40] audit: type=1400 audit(2000000021.590:72201): avc: denied { accept } for pid=22116 comm="syz.1.7909" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 154.885306][T22139] sock: sock_timestamping_bind_phc: sock not bind to device [ 154.924272][T22147] sp0: Synchronizing with TNC [ 154.935729][T22149] netlink: 'syz.0.7925': attribute type 1 has an invalid length. [ 155.026161][ T40] audit: type=1400 audit(2000000021.814:72202): avc: denied { connect } for pid=22166 comm="syz.2.7934" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 155.202650][T22199] netlink: 'syz.2.7950': attribute type 1 has an invalid length. [ 155.367816][ T1327] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 155.538824][ T1327] usb 8-1: Using ep0 maxpacket: 16 [ 155.546052][ T1327] usb 8-1: config 0 has an invalid interface number: 132 but max is 0 [ 155.548379][ T1327] usb 8-1: config 0 has no interface number 0 [ 155.552244][ T1327] usb 8-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25 [ 155.554826][ T1327] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 155.557123][ T1327] usb 8-1: Product: syz [ 155.558306][ T1327] usb 8-1: Manufacturer: syz [ 155.559623][ T1327] usb 8-1: SerialNumber: syz [ 155.562538][ T1327] usb 8-1: config 0 descriptor?? [ 155.571511][ T1327] hub 8-1:0.132: bad descriptor, ignoring hub [ 155.573784][ T1327] hub 8-1:0.132: probe with driver hub failed with error -5 [ 155.578667][ T1327] input: bcm5974 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.132/input/input28 [ 155.583593][ T40] audit: type=1400 audit(2000000022.329:72203): avc: denied { read } for pid=22248 comm="syz.1.7975" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 155.940636][ T40] audit: type=1400 audit(2000000022.656:72204): avc: denied { append } for pid=22280 comm="syz.2.7991" name="ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 156.090009][T22197] Bluetooth: hci0: Opcode 0x080f failed: -4 [ 156.159297][ T6163] usb 8-1: USB disconnect, device number 8 [ 156.231636][ T40] audit: type=1400 audit(2000000022.928:72205): avc: denied { lock } for pid=22302 comm="syz.0.8002" path="socket:[61905]" dev="sockfs" ino=61905 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1 [ 156.306174][T22311] QAT: failed to copy from user cfg_data. [ 156.372403][T22323] program syz.1.8011 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 156.412763][T22329] netlink: del zone limit has 4 unknown bytes [ 156.421392][T22331] : left promiscuous mode [ 156.691136][ T40] audit: type=1400 audit(2000000023.358:72206): avc: denied { setopt } for pid=22367 comm="syz.1.8034" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 156.715093][ T40] audit: type=1400 audit(2000000023.386:72207): avc: denied { write } for pid=22369 comm="syz.3.8035" name="file0" dev="tmpfs" ino=9330 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 156.785722][T22382] netlink: 'syz.3.8041': attribute type 10 has an invalid length. [ 156.904813][T22382] wlan1: mtu less than device minimum [ 156.906396][T22382] bond0: (slave wlan1): Error -22 calling dev_set_mtu [ 156.958790][ T6127] Bluetooth: hci2: unexpected event for opcode 0x080b [ 156.987632][T22406] __nla_validate_parse: 13 callbacks suppressed [ 156.987643][T22406] netlink: 276 bytes leftover after parsing attributes in process `syz.2.8052'. [ 156.999526][T22410] netlink: 32 bytes leftover after parsing attributes in process `syz.0.8054'. [ 157.002123][T22410] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 157.013840][ T6127] Bluetooth: hci0: ACL packet for unknown connection handle 201 [ 157.047483][ T40] audit: type=1400 audit(2000000023.704:72208): avc: denied { connect } for pid=22419 comm="syz.0.8059" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 157.128600][ T40] audit: type=1400 audit(2000000023.769:72209): avc: denied { bind } for pid=22435 comm="syz.3.8067" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 157.209792][T22452] netlink: 'syz.2.8073': attribute type 1 has an invalid length. [ 157.212827][T22452] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8073'. [ 157.219861][ T40] audit: type=1400 audit(2000000023.863:72210): avc: denied { audit_read } for pid=22453 comm="syz.0.8077" capability=37 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 157.247699][T22462] trusted_key: encrypted_key: keylen parameter is missing [ 157.266204][T22466] netlink: 32 bytes leftover after parsing attributes in process `syz.2.8082'. [ 157.306928][T22476] deleting an unspecified loop device is not supported. [ 157.447084][T22514] netlink: 132 bytes leftover after parsing attributes in process `syz.2.8105'. [ 157.531782][T22535] netlink: 700 bytes leftover after parsing attributes in process `syz.0.8116'. [ 157.621458][T22552] No source specified [ 157.728104][T22579] program syz.2.8135 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 157.808752][T22595] netlink: 'syz.1.8144': attribute type 1 has an invalid length. [ 157.811790][T22595] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8144'. [ 157.843554][T22599] gfs2: not a GFS2 filesystem [ 157.910761][T22613] (unnamed net_device) (uninitialized): Removing last ns target with arp_interval on [ 157.966037][T22621] netlink: 'syz.3.8157': attribute type 1 has an invalid length. [ 157.968324][T22621] netlink: 'syz.3.8157': attribute type 3 has an invalid length. [ 157.970640][T22621] netlink: 224 bytes leftover after parsing attributes in process `syz.3.8157'. [ 158.086156][T22641] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8166'. [ 158.094885][T22645] netlink: 'syz.3.8167': attribute type 21 has an invalid length. [ 158.209812][T22665] netlink: 196 bytes leftover after parsing attributes in process `syz.2.8178'. [ 158.240451][T22670] netlink: 'syz.2.8180': attribute type 11 has an invalid length. [ 158.345701][T22687] lo: entered promiscuous mode [ 158.397764][T22694] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 158.400592][T22694] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 158.403022][T22694] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 158.405908][T22694] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 158.408424][T22694] geneve3: entered promiscuous mode [ 158.410092][T22694] geneve3: entered allmulticast mode [ 158.465973][T22706] vivid-002: ================= START STATUS ================= [ 158.468202][T22706] vivid-002: Radio HW Seek Mode: Bounded [ 158.470573][T22706] vivid-002: Radio Programmable HW Seek: false [ 158.473185][T22706] vivid-002: RDS Rx I/O Mode: Block I/O [ 158.474753][T22706] vivid-002: Generate RBDS Instead of RDS: false [ 158.476527][T22706] vivid-002: RDS Reception: false [ 158.477971][T22706] vivid-002: RDS Program Type: 0 inactive [ 158.480342][T22706] vivid-002: RDS PS Name: inactive [ 158.481806][T22706] vivid-002: RDS Radio Text: inactive [ 158.483272][T22706] vivid-002: RDS Traffic Announcement: false inactive [ 158.485133][T22706] vivid-002: RDS Traffic Program: false inactive [ 158.486822][T22706] vivid-002: RDS Music: false inactive [ 158.488284][T22706] vivid-002: ================== END STATUS ================== [ 158.525366][T22714] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4. [ 158.612142][T22730] openvswitch: netlink: IP tunnel dst address not specified [ 158.641558][T22735] netdevsim netdevsim1 netdevsim0: left allmulticast mode [ 158.670316][T22742] netdevsim netdevsim3 netdevsim1: Unsupported IPsec algorithm [ 158.866460][T22790] QAT: Invalid ioctl -2110754303 [ 158.931630][T22802] IPv6: NLM_F_CREATE should be specified when creating new route [ 158.935912][T22804] dlm: no locking on control device [ 159.165900][T22839] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 159.292785][ T6127] Bluetooth: hci2: unexpected cc 0x0c12 length: 1 < 3 [ 159.294793][ T6127] Bluetooth: hci2: unexpected event for opcode 0x0c12 [ 159.814487][T22896] program syz.0.8292 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 160.098603][T22920] devtmpfs: Cannot enable quota on remount [ 160.147354][ T40] kauditd_printk_skb: 11519 callbacks suppressed [ 160.147366][ T40] audit: type=1326 audit(2000000026.604:83730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22866 comm="syz.1.8278" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcf8d169 code=0x50000 [ 160.155682][ T40] audit: type=1326 audit(2000000026.604:83731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22866 comm="syz.1.8278" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcf8d169 code=0x50000 [ 160.162244][ T40] audit: type=1326 audit(2000000026.604:83732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22866 comm="syz.1.8278" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcf8d169 code=0x50000 [ 160.169694][ T40] audit: type=1326 audit(2000000026.604:83733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22866 comm="syz.1.8278" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcf8d169 code=0x50000 [ 160.176079][ T40] audit: type=1326 audit(2000000026.604:83734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22866 comm="syz.1.8278" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcf8d169 code=0x50000 [ 160.182431][ T40] audit: type=1326 audit(2000000026.604:83735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22866 comm="syz.1.8278" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcf8d169 code=0x50000 [ 160.188680][ T40] audit: type=1326 audit(2000000026.604:83736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22866 comm="syz.1.8278" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcf8d169 code=0x50000 [ 160.195251][ T40] audit: type=1326 audit(2000000026.604:83737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22866 comm="syz.1.8278" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcf8d169 code=0x50000 [ 160.202251][ T40] audit: type=1326 audit(2000000026.604:83738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22866 comm="syz.1.8278" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcf8d169 code=0x50000 [ 160.208847][ T40] audit: type=1326 audit(2000000026.604:83739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22866 comm="syz.1.8278" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcf8d169 code=0x50000 [ 162.517704][T22942] openvswitch: netlink: Missing key (keys=40, expected=100) [ 162.558204][T22952] SET target dimension over the limit! [ 162.706028][T22979] ip6t_srh: unknown srh invflags 7863 [ 162.762706][T22992] __nla_validate_parse: 7 callbacks suppressed [ 162.762718][T22992] netlink: 412 bytes leftover after parsing attributes in process `syz.3.8340'. [ 162.825882][T22998] SELinux: policydb magic number 0x0 does not match expected magic number 0xf97cff8c [ 162.828285][T22998] SELinux: failed to load policy [ 162.884519][T23013] netlink: zone id is out of range [ 162.886282][T23013] netlink: del zone limit has 4 unknown bytes [ 163.038123][T23038] VFS: could not find a valid V7 on sr0. [ 163.076945][T23045] futex_wake_op: syz.2.8358 tries to shift op by -1; fix this program [ 163.112991][T23051] netlink: 'syz.1.8369': attribute type 1 has an invalid length. [ 163.142408][T23056] netlink: 256 bytes leftover after parsing attributes in process `syz.1.8370'. [ 163.500573][T23130] netlink: 'syz.2.8408': attribute type 3 has an invalid length. [ 163.503201][T23130] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8408'. [ 163.503348][T23132] netlink: 32 bytes leftover after parsing attributes in process `syz.1.8409'. [ 163.508406][T23132] netlink: 32 bytes leftover after parsing attributes in process `syz.1.8409'. [ 163.538880][T23137] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 163.541972][T23137] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 163.544383][T23137] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 163.546993][T23137] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 163.551524][T23137] vxlan0: entered promiscuous mode [ 163.553249][T23137] vxlan0: entered allmulticast mode [ 163.558804][T23137] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 163.561246][T23137] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 163.563631][T23137] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 163.566107][T23137] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 163.683807][T23162] xt_cgroup: path and classid specified [ 163.713220][T23168] netlink: 100 bytes leftover after parsing attributes in process `syz.0.8427'. [ 163.721262][T23170] syz.1.8428: attempt to access beyond end of device [ 163.721262][T23170] nbd1: rw=0, sector=0, nr_sectors = 1 limit=0 [ 163.738321][T23170] FAT-fs (nbd1): unable to read boot sector [ 163.742148][T23174] /dev/sg0: Can't lookup blockdev [ 163.749131][T23176] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks [ 163.800938][T23188] netlink: 'syz.3.8437': attribute type 58 has an invalid length. [ 163.804079][T23188] netlink: 20 bytes leftover after parsing attributes in process `syz.3.8437'. [ 163.818808][T23192] syz.0.8439 uses old SIOCAX25GETINFO [ 163.896202][T23206] netlink: 'syz.1.8445': attribute type 10 has an invalid length. [ 163.912696][T23206] 8021q: adding VLAN 0 to HW filter on device team0 [ 163.915850][T23206] bond0: (slave team0): Enslaving as an active interface with an up link [ 164.055913][T23238] netlink: 'syz.3.8461': attribute type 10 has an invalid length. [ 164.068528][T23238] team0: Device hsr_slave_0 failed to register rx_handler [ 164.097062][T23249] ipt_ECN: cannot use operation on non-tcp rule [ 164.132083][T23258] bridge0: port 3(veth0_to_bridge) entered blocking state [ 164.135338][T23258] bridge0: port 3(veth0_to_bridge) entered disabled state [ 164.137379][T23258] veth0_to_bridge: entered allmulticast mode [ 164.139563][T23258] veth0_to_bridge: entered promiscuous mode [ 164.141297][T23258] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 164.145468][T23258] bridge0: port 3(veth0_to_bridge) entered blocking state [ 164.147604][T23258] bridge0: port 3(veth0_to_bridge) entered forwarding state [ 164.225144][T23280] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 164.255045][T23284] program syz.0.8483 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 164.287559][T23293] ip6t_srh: unknown srh match flags B153 [ 164.332881][T23299] netlink: 'syz.1.8490': attribute type 3 has an invalid length. [ 164.335077][T23299] netlink: 'syz.1.8490': attribute type 1 has an invalid length. [ 164.338682][T23299] netlink: 112865 bytes leftover after parsing attributes in process `syz.1.8490'. [ 164.342755][T23299] nbd: couldn't find device at index 63 [ 164.361999][T23305] ipt_REJECT: TCP_RESET invalid for non-tcp [ 164.453177][T23327] openvswitch: netlink: Unexpected mask (mask=4000040, allowed=10048) [ 164.497883][T23339] xt_recent: Unsupported userspace flags (00000042) [ 164.546971][T23351] netlink: 5 bytes leftover after parsing attributes in process `syz.2.8516'. [ 164.549619][T23351] 0ªX¹¦D: renamed from macvtap0 (while UP) [ 164.556588][T23351] 0ªX¹¦D: entered allmulticast mode [ 164.558744][T23351] veth0_macvtap: entered allmulticast mode [ 164.562791][T23351] A link change request failed with some changes committed already. Interface 30ªX¹¦D may have been left with an inconsistent configuration, please check. [ 164.601020][T23363] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8522'. [ 164.734587][T23393] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null. [ 164.738038][T23393] overlayfs: overlapping lowerdir path [ 164.766366][T23399] dlm: no local IP address has been set [ 164.768756][T23399] dlm: cannot start dlm midcomms -107 [ 164.981406][T23450] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 165.121306][T23482] Unknown options in mask 5 [ 165.161674][T23490] netlink: 'syz.2.8585': attribute type 28 has an invalid length. [ 165.163974][T23490] netlink: 'syz.2.8585': attribute type 3 has an invalid length. [ 165.189518][ T6127] Bluetooth: hci2: unexpected event for opcode 0x0c5a [ 165.193025][T23497] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 165.344033][T23522] dlm: no locking on control device [ 165.403471][T23534] vivid-004: ================= START STATUS ================= [ 165.405745][T23534] vivid-004: Radio HW Seek Mode: Bounded [ 165.407511][T23534] vivid-004: Radio Programmable HW Seek: false [ 165.409301][T23534] vivid-004: RDS Rx I/O Mode: Block I/O [ 165.410868][T23534] vivid-004: Generate RBDS Instead of RDS: false [ 165.415743][T23534] vivid-004: RDS Reception: true [ 165.418050][T23534] vivid-004: RDS Program Type: 0 inactive [ 165.419782][T23534] vivid-004: RDS PS Name: inactive [ 165.421254][T23534] vivid-004: RDS Radio Text: inactive [ 165.422843][T23534] vivid-004: RDS Traffic Announcement: false inactive [ 165.424722][T23534] vivid-004: RDS Traffic Program: false inactive [ 165.426591][T23534] vivid-004: RDS Music: false inactive [ 165.428178][T23534] vivid-004: ================== END STATUS ================== [ 165.458130][T23544] rdma_rxe: rxe_newlink: rxe creation allowed on top of a real device only [ 165.558994][ T40] kauditd_printk_skb: 38489 callbacks suppressed [ 165.559007][ T40] audit: type=1400 audit(2000000031.716:122229): avc: denied { read } for pid=23562 comm="syz.2.8621" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 165.663948][T23577] NILFS (nbd3): device size too small [ 165.665532][T23579] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 165.668578][T23579] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 165.671087][T23579] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 165.678087][T23579] geneve3: entered promiscuous mode [ 165.679794][T23579] geneve3: entered allmulticast mode [ 165.807411][T23599] JFS: discard option not supported on device [ 165.809242][T23599] syz.3.8639: attempt to access beyond end of device [ 165.809242][T23599] nbd3: rw=0, sector=64, nr_sectors = 8 limit=0 [ 165.814607][T23599] syz.3.8639: attempt to access beyond end of device [ 165.814607][T23599] nbd3: rw=0, sector=120, nr_sectors = 8 limit=0 [ 165.818286][T23599] Mount JFS Failure: -5 [ 165.867493][T23451] Bluetooth: hci3: Opcode 0x0401 failed: -4 [ 165.937490][T23623] program syz.0.8650 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 165.943405][ C1] bridge0: port 3(team0) entered learning state [ 165.944039][ C1] bridge0: port 4(erspan0) entered learning state [ 165.964028][T23627] netlink: 'syz.1.8653': attribute type 12 has an invalid length. [ 166.028034][T23639] netdevsim netdevsim1 netdevsim1: entered allmulticast mode [ 166.058132][ T1108] ata1.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x0 [ 166.060407][ T1108] ata1.00: irq_stat 0x40000000 [ 166.061817][ T1108] ata1.00: failed command: ZAC MANAGEMENT OUT [ 166.063527][ T1108] ata1.00: cmd 9f/01:00:00:00:00/00:00:00:00:00/40 tag 10 [ 166.063527][ T1108] res 41/04:00:00:00:00/00:00:00:00:00/40 Emask 0x1 (device error) [ 166.067802][ T1108] ata1.00: status: { DRDY ERR } [ 166.072511][ T1108] ata1.00: error: { ABRT } [ 166.073793][ T1108] ata1.00: device reported invalid CHS sector 0 [ 166.087922][ T40] audit: type=1400 audit(2000000032.212:122230): avc: denied { create } for pid=23648 comm="syz.1.8664" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 166.089206][T23649] Invalid source name [ 166.095350][T23649] UBIFS error (pid: 23649): cannot open "./file0", error -22 [ 166.099110][ T40] audit: type=1400 audit(2000000032.212:122231): avc: denied { mounton } for pid=23648 comm="syz.1.8664" path="/2136/file0" dev="tmpfs" ino=10751 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 166.110309][ T40] audit: type=1400 audit(2000000032.230:122232): avc: denied { bind } for pid=23652 comm="syz.3.8666" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 166.194636][T23671] [U] à€E`ÞØÊ_òïÈTvß=æ¼B¥ ²›UÒôQ;Ö®Y±\9ž©Pþâ [ 166.259499][ T40] audit: type=1326 audit(2000000032.371:122233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23685 comm="syz.2.8682" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f825b58d169 code=0x7ffc0000 [ 166.270619][ T40] audit: type=1326 audit(2000000032.371:122234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23685 comm="syz.2.8682" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f825b58d169 code=0x7ffc0000 [ 166.281060][ T40] audit: type=1326 audit(2000000032.371:122235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23685 comm="syz.2.8682" exe="/syz-executor" sig=0 arch=c000003e syscall=139 compat=0 ip=0x7f825b58d169 code=0x7ffc0000 [ 166.288005][ T40] audit: type=1326 audit(2000000032.371:122236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23685 comm="syz.2.8682" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f825b58d169 code=0x7ffc0000 [ 166.415607][T23724] openvswitch: netlink: VXLAN extension message has 4 unknown bytes. [ 166.448991][T23731] bond4: entered promiscuous mode [ 166.450464][T23731] bond4: entered allmulticast mode [ 166.452099][T23731] 8021q: adding VLAN 0 to HW filter on device bond4 [ 166.458787][T23736] kAFS: unable to lookup cell '/,c¾ûL' [ 166.707073][T23792] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 166.713029][ T40] audit: type=1400 audit(2000000032.801:122237): avc: denied { getattr } for pid=23793 comm="syz.2.8736" path="socket:[67130]" dev="sockfs" ino=67130 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 166.762734][T23802] hpfs: hpfs_map_sector(): read error [ 166.791086][T23813] geneve4: entered promiscuous mode [ 166.792644][T23813] geneve4: entered allmulticast mode [ 166.840407][T23826] openvswitch: netlink: IP tunnel dst address not specified [ 166.853499][T23828] overlay: ./bus is not a directory [ 166.993161][T23859] dlm: Unknown command passed to DLM device : 8 [ 166.993161][T23859] [ 167.006386][T23862] program syz.3.8769 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 167.030023][T23868] xt_NFQUEUE: number of queues (65534) out of range (got 131068) [ 167.038405][T23870] kAFS: Can only specify source 'none' with -o dyn [ 167.230821][T23904] qrtr: Invalid version 0 [ 167.293902][ T6127] Bluetooth: hci0: unexpected cc 0x0c7a length: 2 > 1 [ 167.295897][ T6127] Bluetooth: hci0: unexpected event for opcode 0x0c7a [ 167.376647][T23930] xt_hashlimit: invalid interval [ 167.405862][T23934] syz.3.8806: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 167.411502][T23934] CPU: 1 UID: 0 PID: 23934 Comm: syz.3.8806 Not tainted 6.14.0-rc6-syzkaller-00189-gb35233e7bfa0 #0 [ 167.411524][T23934] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 167.411533][T23934] Call Trace: [ 167.411539][T23934] [ 167.411546][T23934] dump_stack_lvl+0x16c/0x1f0 [ 167.411571][T23934] warn_alloc+0x24d/0x3a0 [ 167.411591][T23934] ? __pfx_warn_alloc+0x10/0x10 [ 167.411608][T23934] ? __pfx_stack_trace_save+0x10/0x10 [ 167.411632][T23934] ? kasan_save_stack+0x42/0x60 [ 167.411646][T23934] ? kasan_save_stack+0x33/0x60 [ 167.411659][T23934] ? kasan_save_track+0x14/0x30 [ 167.411672][T23934] ? __kasan_kmalloc+0xaa/0xb0 [ 167.411685][T23934] ? xskq_create+0x52/0x1d0 [ 167.411698][T23934] ? do_sock_setsockopt+0x222/0x480 [ 167.411714][T23934] ? __sys_setsockopt+0x1a0/0x230 [ 167.411733][T23934] ? __x64_sys_setsockopt+0xbd/0x160 [ 167.411757][T23934] __vmalloc_node_range_noprof+0x10dc/0x1530 [ 167.411788][T23934] ? xskq_create+0xfb/0x1d0 [ 167.411807][T23934] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 167.411840][T23934] ? xskq_create+0xfb/0x1d0 [ 167.411854][T23934] vmalloc_user_noprof+0x6b/0x90 [ 167.411877][T23934] ? xskq_create+0xfb/0x1d0 [ 167.411909][T23934] xskq_create+0xfb/0x1d0 [ 167.411927][T23934] xsk_setsockopt+0x7b7/0xa10 [ 167.411953][T23934] ? __pfx_xsk_setsockopt+0x10/0x10 [ 167.411987][T23934] ? selinux_socket_setsockopt+0x6a/0x80 [ 167.412009][T23934] ? __pfx_xsk_setsockopt+0x10/0x10 [ 167.412031][T23934] do_sock_setsockopt+0x222/0x480 [ 167.412046][T23934] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 167.412062][T23934] ? lock_acquire+0x2f/0xb0 [ 167.412093][T23934] __sys_setsockopt+0x1a0/0x230 [ 167.412122][T23934] __x64_sys_setsockopt+0xbd/0x160 [ 167.412142][T23934] ? do_syscall_64+0x91/0x250 [ 167.412163][T23934] ? lockdep_hardirqs_on+0x7c/0x110 [ 167.412182][T23934] do_syscall_64+0xcd/0x250 [ 167.412205][T23934] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.412225][T23934] RIP: 0033:0x7f5a11f8d169 [ 167.412238][T23934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 167.412252][T23934] RSP: 002b:00007f5a12d1b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 167.412266][T23934] RAX: ffffffffffffffda RBX: 00007f5a121a5fa0 RCX: 00007f5a11f8d169 [ 167.412276][T23934] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003 [ 167.412284][T23934] RBP: 00007f5a1200e2a0 R08: 0000000000000004 R09: 0000000000000000 [ 167.412293][T23934] R10: 0000400000000000 R11: 0000000000000246 R12: 0000000000000000 [ 167.412302][T23934] R13: 0000000000000000 R14: 00007f5a121a5fa0 R15: 00007ffc4cffe0c8 [ 167.412322][T23934] [ 167.412328][T23934] Mem-Info: [ 167.443112][ T6127] Bluetooth: hci0: unexpected event for opcode 0x0c05 [ 167.445702][T23934] active_anon:21376 inactive_anon:0 isolated_anon:0 [ 167.445702][T23934] active_file:4716 inactive_file:51884 isolated_file:0 [ 167.445702][T23934] unevictable:1768 dirty:459 writeback:0 [ 167.445702][T23934] slab_reclaimable:12129 slab_unreclaimable:76900 [ 167.445702][T23934] mapped:23667 shmem:2442 pagetables:913 [ 167.445702][T23934] sec_pagetables:308 bounce:0 [ 167.445702][T23934] kernel_misc_reclaimable:0 [ 167.445702][T23934] free:440390 free_pcp:8647 free_cma:0 [ 167.517729][T23934] Node 0 active_anon:85504kB inactive_anon:0kB active_file:18808kB inactive_file:207348kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:94584kB dirty:1816kB writeback:0kB shmem:6232kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12624kB pagetables:4272kB sec_pagetables:1232kB all_unreclaimable? yes [ 167.529882][T23934] Node 1 active_anon:0kB inactive_anon:0kB active_file:56kB inactive_file:188kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:84kB dirty:20kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:112kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 167.541111][T23934] Node 0 DMA free:15128kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:216kB local_pcp:0kB free_cma:0kB [ 167.552820][T23934] lowmem_reserve[]: 0 1240 1240 1240 1240 [ 167.555521][T23934] Node 0 DMA32 free:192992kB boost:62112kB min:89720kB low:96620kB high:103520kB reserved_highatomic:0KB active_anon:85628kB inactive_anon:0kB active_file:18808kB inactive_file:207348kB unevictable:3536kB writepending:1816kB present:2080628kB managed:1270132kB mlocked:0kB bounce:0kB free_pcp:3416kB local_pcp:980kB free_cma:0kB [ 167.567863][T23934] lowmem_reserve[]: 0 0 0 0 0 [ 167.569748][T23934] Node 1 Normal free:1552248kB boost:0kB min:39632kB low:49540kB high:59448kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:56kB inactive_file:188kB unevictable:3536kB writepending:20kB present:2097152kB managed:1781924kB mlocked:0kB bounce:0kB free_pcp:31252kB local_pcp:5832kB free_cma:0kB [ 167.581198][T23934] lowmem_reserve[]: 0 0 0 0 0 [ 167.583117][T23934] Node 0 DMA: 4*4kB (U) 7*8kB (U) 5*16kB (U) 4*32kB (U) 6*64kB (U) 7*128kB (U) 7*256kB (U) 7*512kB (U) 8*1024kB (U) 0*2048kB 0*4096kB = 15128kB [ 167.589336][T23934] Node 0 DMA32: 162*4kB (UME) 102*8kB (UME) 220*16kB (UME) 242*32kB (UME) 187*64kB (UME) 157*128kB (UME) 211*256kB (UME) 110*512kB (UM) 18*1024kB (UME) 4*2048kB (UM) 3*4096kB (UM) = 194040kB [ 167.596558][T23934] Node 1 Normal: 111*4kB (UM) 142*8kB (UE) 163*16kB (UME) 235*32kB (UME) 181*64kB (UME) 135*128kB (UME) 109*256kB (UME) 94*512kB (UM) 78*1024kB (UE) 6*2048kB (U) 328*4096kB (UM) = 1552252kB [ 167.604118][T23934] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 167.608595][T23934] Node 0 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 167.612050][T23934] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 167.614716][T23934] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 167.617333][T23934] 59042 total pagecache pages [ 167.620924][T23934] 0 pages in swap cache [ 167.622654][T23934] Free swap = 124092kB [ 167.623872][T23934] Total swap = 124996kB [ 167.625098][T23934] 1048443 pages RAM [ 167.626199][T23934] 0 pages HighMem/MovableOnly [ 167.627537][T23934] 281589 pages reserved [ 167.628740][T23934] 0 pages cma reserved [ 167.701856][T23987] VFS: could not find a valid V7 on sr0. [ 167.762979][T23996] ip6t_srh: unknown srh invflags 7863 [ 168.016010][T24034] SELinux: syz.2.8855 (24034) set checkreqprot to 1. This is no longer supported. [ 168.260748][T24061] team0: Cannot enslave team device to itself [ 168.316705][T24070] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 168.319196][T24070] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 168.321610][T24070] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 168.324561][T24070] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 168.330944][T24070] vxlan0: entered promiscuous mode [ 168.332459][T24070] vxlan0: entered allmulticast mode [ 168.339136][T24070] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 168.339282][T24073] syz.0.8874: attempt to access beyond end of device [ 168.339282][T24073] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0 [ 168.341381][T24075] __nla_validate_parse: 10 callbacks suppressed [ 168.341392][T24075] netlink: 100 bytes leftover after parsing attributes in process `syz.2.8875'. [ 168.341733][T24070] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 168.346881][T24073] FAT-fs (nbd0): unable to read boot sector [ 168.347557][T24070] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 168.356951][T24070] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 168.461929][T24092] openvswitch: netlink: Geneve option length err (len 256, max 255). [ 168.516191][T24102] netlink: 172 bytes leftover after parsing attributes in process `syz.3.8888'. [ 169.399419][T24098] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 169.479444][ T1108] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1 [ 169.481958][ T1108] ata1: failed to read log page 10h (errno=-5) [ 169.484271][ T1108] ata1.00: exception Emask 0x1 SAct 0x40000000 SErr 0x0 action 0x0 [ 169.487190][ T1108] ata1.00: irq_stat 0x40000000 [ 169.489075][ T1108] ata1.00: failed command: WRITE FPDMA QUEUED [ 169.491575][ T1108] ata1.00: cmd 61/18:f0:ea:09:10/00:00:00:00:00/40 tag 30 ncq dma 12288 out [ 169.491575][ T1108] res 50/00:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error) [ 169.497801][ T1108] ata1.00: status: { DRDY } [ 169.500719][ T1108] ata1.00: configured for UDMA/100 [ 169.503290][ T1108] ata1: EH complete [ 169.508383][T24101] orangefs_mount: mount request failed with -4 [ 169.510540][ T6127] Bluetooth: hci1: unexpected event for opcode 0x0419 [ 169.622814][T24120] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8903'. [ 169.721915][T24132] xt_cgroup: path and classid specified [ 169.930585][T24156] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 169.992326][T24164] QAT: Invalid ioctl -2110754303 [ 170.013554][ T64] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 170.194916][ T64] usb 7-1: Using ep0 maxpacket: 32 [ 170.202267][ T64] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 170.211360][ T64] usb 7-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 170.214785][ T64] usb 7-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 170.221348][ T64] usb 7-1: Product: syz [ 170.221445][T24182] validate_nla: 2 callbacks suppressed [ 170.221455][T24182] netlink: 'syz.0.8934': attribute type 21 has an invalid length. [ 170.223089][ T64] usb 7-1: Manufacturer: syz [ 170.229670][ T64] usb 7-1: SerialNumber: syz [ 170.233225][ T64] usb 7-1: config 0 descriptor?? [ 170.236120][T24135] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 170.241976][ T64] hub 7-1:0.0: bad descriptor, ignoring hub [ 170.244528][ T64] hub 7-1:0.0: probe with driver hub failed with error -5 [ 170.299192][T24188] netlink: 20 bytes leftover after parsing attributes in process `syz.0.8929'. [ 170.303553][T24188] netdevsim netdevsim0 netdevsim0: entered promiscuous mode [ 170.348021][T24193] lo: entered promiscuous mode [ 170.350143][ T10] lo speed is unknown, defaulting to 1000 [ 170.355648][ T10] lo speed is unknown, defaulting to 1000 [ 170.355990][T24196] openvswitch: netlink: IP tunnel dst address not specified [ 170.391235][T24202] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8936'. [ 170.586076][ T64] usb 7-1: USB disconnect, device number 9 [ 170.619752][T24237] netlink: 32 bytes leftover after parsing attributes in process `syz.0.8954'. [ 170.726113][T24252] netlink: 'syz.0.8962': attribute type 10 has an invalid length. [ 170.862300][T24252] wlan1: mtu less than device minimum [ 170.864529][T24252] : (slave wlan1): Error -22 calling dev_set_mtu [ 171.161119][T24280] bridge0: port 4(veth0_to_bridge) entered blocking state [ 171.163216][T24280] bridge0: port 4(veth0_to_bridge) entered disabled state [ 171.165389][T24280] veth0_to_bridge: entered allmulticast mode [ 171.167977][T24280] veth0_to_bridge: entered promiscuous mode [ 171.170024][T24280] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 171.175134][T24280] bridge0: port 4(veth0_to_bridge) entered blocking state [ 171.177261][T24280] bridge0: port 4(veth0_to_bridge) entered forwarding state [ 171.351025][T24302] netlink: 'syz.2.8985': attribute type 3 has an invalid length. [ 171.354029][T24302] netlink: 'syz.2.8985': attribute type 1 has an invalid length. [ 171.357176][T24302] netlink: 112865 bytes leftover after parsing attributes in process `syz.2.8985'. [ 171.360895][T24302] nbd: couldn't find device at index 63 [ 171.397553][T24306] netlink: 24 bytes leftover after parsing attributes in process `syz.3.8994'. [ 171.477778][T24320] /dev/sg0: Can't lookup blockdev [ 171.516471][T24328] netlink: 24 bytes leftover after parsing attributes in process `syz.3.8999'. [ 171.519455][T24328] netlink: 24 bytes leftover after parsing attributes in process `syz.3.8999'. [ 171.550457][T24334] IPv6: NLM_F_CREATE should be specified when creating new route [ 171.556991][T24338] netlink: 'syz.2.9003': attribute type 21 has an invalid length. [ 171.560264][T24338] netlink: 'syz.2.9003': attribute type 4 has an invalid length. [ 171.562504][T24338] netlink: 'syz.2.9003': attribute type 5 has an invalid length. [ 171.597803][T24342] 9pnet: Found fid 0 not clunked [ 171.615062][ T40] audit: type=1400 audit(2000000037.375:122238): avc: denied { name_bind } for pid=24343 comm="syz.3.9007" src=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1 [ 171.732125][T24360] syz.1.9015 (24360): drop_caches: 0 [ 171.785479][ T6127] Bluetooth: hci1: unexpected event for opcode 0x200b [ 172.071294][T24406] vivid-007: ================= START STATUS ================= [ 172.073930][T24406] vivid-007: Enable Output Cropping: true [ 172.078343][T24406] vivid-007: Enable Output Composing: true [ 172.080054][T24406] vivid-007: Enable Output Scaler: true [ 172.081711][T24406] vivid-007: Tx RGB Quantization Range: Automatic [ 172.083564][T24406] vivid-007: Transmit Mode: HDMI [ 172.084984][T24406] vivid-007: Hotplug Present: 0x00000000 [ 172.087903][T24406] vivid-007: RxSense Present: 0x00000000 [ 172.089689][T24406] vivid-007: EDID Present: 0x00000000 [ 172.091319][T24406] vivid-007: ================== END STATUS ================== [ 172.282082][ T40] audit: type=1400 audit(2000000038.011:122239): avc: denied { write } for pid=24437 comm="syz.2.9053" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 172.452417][ T6127] Bluetooth: hci1: Received unexpected HCI Event 0x00 [ 172.511405][ T40] audit: type=1400 audit(2000000038.217:122240): avc: denied { ioctl } for pid=24471 comm="syz.3.9070" path="socket:[69033]" dev="sockfs" ino=69033 ioctlcmd=0x8954 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 172.985059][T24524] dns_resolver: Unsupported server list version (0) [ 173.118172][T24541] SELinux: Context system_u:object_r:ssh_agent_exec_t:s0 is not valid (left unmapped). [ 173.123233][ T40] audit: type=1400 audit(2000000038.788:122241): avc: denied { mac_admin } for pid=24539 comm="syz.2.9099" capability=33 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 173.129368][ T40] audit: type=1400 audit(2000000038.788:122242): avc: denied { relabelto } for pid=24539 comm="syz.2.9099" name="file0" dev="tmpfs" ino=11729 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:ssh_agent_exec_t:s0" [ 173.130116][T24544] vlan0: entered promiscuous mode [ 173.139925][ T40] audit: type=1400 audit(2000000038.788:122243): avc: denied { associate } for pid=24539 comm="syz.2.9099" name="file0" dev="tmpfs" ino=11729 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:ssh_agent_exec_t:s0" [ 173.223542][T24559] openvswitch: netlink: Missing key (keys=40, expected=80) [ 173.245846][T24562] 9pnet_fd: p9_fd_create_unix (24562): problem connecting socket: ./file2: -2 [ 173.341957][ T40] audit: type=1400 audit(2000000039.003:122244): avc: denied { read } for pid=24580 comm="syz.1.9119" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 173.438244][ T40] audit: type=1400 audit(2000000039.087:122245): avc: denied { read } for pid=24594 comm="syz.2.9127" name="ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 173.475265][T24599] overlay: ./bus is not a directory [ 173.490183][T24600] delete_channel: no stack [ 173.518878][ T40] audit: type=1326 audit(2000000039.162:122246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24604 comm="syz.1.9130" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcf8d169 code=0x7ffc0000 [ 173.525847][ T40] audit: type=1326 audit(2000000039.162:122247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24604 comm="syz.1.9130" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcf8d169 code=0x7ffc0000 [ 173.578470][T24615] openvswitch: netlink: IP tunnel dst address not specified [ 173.627177][T24622] ip6tnl1: entered promiscuous mode [ 173.629323][T24622] ip6tnl1: entered allmulticast mode [ 173.635541][T24626] tmpfs: Bad value for 'mpol' [ 173.688878][T24634] ieee802154 phy1 wpan1: encryption failed: -22 [ 173.746446][T24644] __nla_validate_parse: 8 callbacks suppressed [ 173.746463][T24644] netlink: 16 bytes leftover after parsing attributes in process `syz.1.9149'. [ 173.912833][T24684] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9166'. [ 173.938612][T24687] netlink: 'syz.2.9168': attribute type 13 has an invalid length. [ 173.952571][T24687] gretap0: refused to change device tx_queue_len [ 173.954801][T24687] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 173.999570][T24704] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 174.065757][T24716] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 174.139782][T24735] openvswitch: netlink: IP tunnel dst address not specified [ 174.385082][T24788] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9214'. [ 174.575871][T24833] netlink: 'syz.3.9232': attribute type 12 has an invalid length. [ 174.699985][T24865] /dev/sg0: Can't lookup blockdev [ 174.789014][T24892] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9256'. [ 174.864729][T24910] overlayfs: failed to resolve './file0': -2 [ 174.924706][T24925] tmpfs: Bad value for 'mpol' [ 175.109087][T24969] openvswitch: netlink: IP tunnel TTL not specified. [ 175.118722][T24971] xt_CHECKSUM: unsupported CHECKSUM operation f4 [ 175.170595][T24981] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT [ 175.188283][T24984] netlink: 20 bytes leftover after parsing attributes in process `syz.2.9302'. [ 175.254008][T24996] trusted_key: encrypted_key: master key parameter is missing [ 175.314316][T25012] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 175.405870][T25036] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9326'. [ 175.406392][T25031] hfs: unable to load iocharset "io#harset" [ 175.436661][T25039] netlink: 'syz.1.9327': attribute type 4 has an invalid length. [ 175.483783][ T6127] Bluetooth: hci1: unexpected event for opcode 0x2024 [ 175.835173][T25120] netlink: 52 bytes leftover after parsing attributes in process `syz.2.9366'. [ 175.840701][T25120] bridge9: the hash_elasticity option has been deprecated and is always 16 [ 175.861354][T25124] netlink: 'syz.3.9368': attribute type 13 has an invalid length. [ 175.874573][T25128] netlink: 4768 bytes leftover after parsing attributes in process `syz.1.9370'. [ 176.005103][T25156] overlayfs: missing 'lowerdir' [ 176.065154][T25164] netlink: 'syz.3.9387': attribute type 13 has an invalid length. [ 176.067541][T25164] netlink: 152 bytes leftover after parsing attributes in process `syz.3.9387'. [ 176.070482][T25164] syz_tun: refused to change device tx_queue_len [ 176.072502][T25164] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 176.968351][T25236] netlink: 'syz.3.9421': attribute type 1 has an invalid length. [ 177.028574][T25242] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9425'. [ 177.284028][T25202] Bluetooth: hci0: Opcode 0x0c20 failed: -4 [ 177.312987][T25256] netlink: 'syz.2.9430': attribute type 10 has an invalid length. [ 177.440458][T25256] : mtu less than device minimum [ 177.442964][T25256] bond0: (slave ): Error -22 calling dev_set_mtu [ 178.001264][T25293] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 178.004858][T25293] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 178.008424][T25293] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 178.014555][T25293] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 178.018268][T25293] geneve3: entered promiscuous mode [ 178.020723][T25293] geneve3: entered allmulticast mode [ 178.024638][T25295] lo: entered promiscuous mode [ 178.082985][T25300] openvswitch: netlink: IP tunnel dst address not specified [ 178.169521][ T6130] Bluetooth: hci2: command 0x0406 tx timeout [ 178.187772][T25309] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 178.493336][T25332] IPv6: NLM_F_CREATE should be specified when creating new route [ 178.772281][T25358] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 178.818963][T25364] ipt_REJECT: TCP_RESET invalid for non-tcp [ 178.850933][T25369] 9pnet: Found fid 0 not clunked [ 178.905761][T25376] /dev/sg0: Can't lookup blockdev [ 179.078531][T25404] xt_hashlimit: invalid interval [ 179.146572][T25411] qrtr: Invalid version 0 [ 179.225251][T25423] kAFS: Can only specify source 'none' with -o dyn [ 179.231703][T25426] xt_NFQUEUE: number of queues (65534) out of range (got 131068) [ 179.280348][T25431] program syz.0.9516 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 179.408520][T25457] bond7: entered promiscuous mode [ 179.411649][T25457] bond7: entered allmulticast mode [ 179.413919][T25457] 8021q: adding VLAN 0 to HW filter on device bond7 [ 179.416870][T25459] __nla_validate_parse: 5 callbacks suppressed [ 179.416883][T25459] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9529'. [ 179.579661][T25488] netdevsim netdevsim2 netdevsim2: entered allmulticast mode [ 179.616826][T25494] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 179.620118][T25494] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 179.623687][T25494] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 179.627098][T25494] geneve3: entered promiscuous mode [ 179.629106][T25494] geneve3: entered allmulticast mode [ 179.696750][T25506] JFS: discard option not supported on device [ 179.700312][T25506] syz.1.9553: attempt to access beyond end of device [ 179.700312][T25506] nbd1: rw=0, sector=64, nr_sectors = 8 limit=0 [ 179.702543][T25508] NILFS (nbd2): device size too small [ 179.703964][T25506] syz.1.9553: attempt to access beyond end of device [ 179.703964][T25506] nbd1: rw=0, sector=120, nr_sectors = 8 limit=0 [ 179.710479][T25510] IPv6: Can't replace route, no match found [ 179.711091][T25506] Mount JFS Failure: -5 [ 180.148456][T25574] xt_recent: Unsupported userspace flags (00000042) [ 180.246836][T25590] ipt_ECN: cannot use operation on non-tcp rule [ 180.317289][T25598] netlink: 'syz.2.9599': attribute type 58 has an invalid length. [ 180.319785][T25598] netlink: 20 bytes leftover after parsing attributes in process `syz.2.9599'. [ 180.589936][T25650] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9622'. [ 180.739128][T25682] netlink: 'syz.3.9641': attribute type 13 has an invalid length. [ 180.756604][T25686] ieee802154 phy1 wpan1: encryption failed: -22 [ 180.760354][T25682] gretap0: refused to change device tx_queue_len [ 180.762135][T25682] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 180.965141][T25728] netlink: 'syz.2.9664': attribute type 6 has an invalid length. [ 180.989192][T25732] set match dimension is over the limit! [ 181.062172][T25751] openvswitch: netlink: ct_state flags 010000e0 unsupported [ 181.121835][ T40] kauditd_printk_skb: 9 callbacks suppressed [ 181.121844][ T40] audit: type=1400 audit(2000000046.281:122257): avc: denied { ioctl } for pid=25766 comm="syz.2.9683" path="socket:[75783]" dev="sockfs" ino=75783 ioctlcmd=0x89e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 181.132459][T25771] netlink: 'syz.1.9684': attribute type 1 has an invalid length. [ 181.134616][T25771] netlink: 224 bytes leftover after parsing attributes in process `syz.1.9684'. [ 181.159525][T25778] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9688'. [ 181.162170][T25778] erspan0: left allmulticast mode [ 181.165033][T25778] erspan0: left promiscuous mode [ 181.166657][T25778] bridge0: port 4(erspan0) entered disabled state [ 181.170202][T25778] team0: left allmulticast mode [ 181.171604][T25778] team_slave_0: left allmulticast mode [ 181.173207][T25778] team_slave_1: left allmulticast mode [ 181.174801][T25778] team0: left promiscuous mode [ 181.176201][T25778] team_slave_0: left promiscuous mode [ 181.177989][T25778] team_slave_1: left promiscuous mode [ 181.179806][T25778] bridge0: port 3(team0) entered disabled state [ 181.183169][T25778] bridge_slave_1: left allmulticast mode [ 181.185971][T25778] bridge_slave_1: left promiscuous mode [ 181.187613][T25778] bridge0: port 2(bridge_slave_1) entered disabled state [ 181.192685][T25778] ªªªªªª: left allmulticast mode [ 181.194146][T25778] ªªªªªª: left promiscuous mode [ 181.195839][T25778] bridge0: port 1(ªªªªªª) entered disabled state [ 181.337691][T25800] netlink: 172 bytes leftover after parsing attributes in process `syz.0.9699'. [ 181.373738][T25803] openvswitch: netlink: Unexpected mask (mask=440, allowed=10048) [ 181.413744][T25810] netlink: 'syz.2.9703': attribute type 10 has an invalid length. [ 181.417692][T25810] veth0_macvtap: left allmulticast mode [ 181.422145][T25810] veth0_macvtap: left promiscuous mode [ 181.494792][T25810] 0ªX¹¦D: left allmulticast mode [ 181.495572][T25822] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9710'. [ 181.499568][T25822] openvswitch: netlink: Key 0 has unexpected len 4 expected 0 [ 181.552208][T25831] syz.1.9716: attempt to access beyond end of device [ 181.552208][T25831] nbd1: rw=0, sector=1, nr_sectors = 1 limit=0 [ 181.555068][T25832] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long [ 181.557432][T25831] VFS: unable to read V7 FS superblock on device nbd1. [ 181.562877][T25831] VFS: could not find a valid V7 on nbd1. [ 181.670409][T25846] ufs: You didn't specify the type of your ufs filesystem [ 181.670409][T25846] [ 181.670409][T25846] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 181.670409][T25846] [ 181.670409][T25846] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 181.684870][T25846] ufs: failed to set blocksize [ 181.903485][T25873] erspan0: left allmulticast mode [ 181.904851][T25873] erspan0: left promiscuous mode [ 181.906189][T25873] bridge0: port 3(erspan0) entered disabled state [ 181.922709][T25873] team0: Port device batadv0 removed [ 181.925706][T25873] ªªªªªª: left allmulticast mode [ 181.926942][T25873] ªªªªªª: left promiscuous mode [ 181.928275][T25873] bridge0: port 1(ªªªªªª) entered disabled state [ 181.936036][T25873] bridge_slave_1: left allmulticast mode [ 181.937690][T25873] bridge_slave_1: left promiscuous mode [ 181.939426][T25873] bridge0: port 2(bridge_slave_1) entered disabled state [ 181.945852][T25873] : (slave bond_slave_0): Releasing backup interface [ 182.007339][T25873] : (slave bond_slave_1): Releasing backup interface [ 182.086305][T25873] team0: Port device team_slave_0 removed [ 182.094692][T25873] team0: Port device team_slave_1 removed [ 182.096825][T25873] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 182.098823][T25873] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 182.102135][T25873] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 182.104260][T25873] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 182.109710][T25843] syz.1.9721 (25843): drop_caches: 2 [ 182.236765][T25902] hfs: unable to load iocharset "io#harset" [ 182.240321][T25905] blktrace: Concurrent blktraces are not allowed on sg0 [ 182.309171][T25920] openvswitch: netlink: IPv4 tunnel dst address is zero [ 182.419638][ T40] audit: type=1400 audit(2000000047.488:122258): avc: denied { read } for pid=25944 comm="syz.1.9772" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 182.420645][T25947] netlink: 16186 bytes leftover after parsing attributes in process `syz.2.9770'. [ 182.426980][ T40] audit: type=1400 audit(2000000047.488:122259): avc: denied { bind } for pid=25946 comm="syz.0.9771" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 182.500907][T25962] ieee802154 phy1 wpan1: encryption failed: -22 [ 182.605488][ T40] audit: type=1326 audit(2000000047.656:122260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25983 comm="syz.1.9789" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcf8d169 code=0x7ffc0000 [ 182.614490][ T40] audit: type=1326 audit(2000000047.656:122261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25983 comm="syz.1.9789" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcf8d169 code=0x7ffc0000 [ 182.623123][ T40] audit: type=1326 audit(2000000047.665:122262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25983 comm="syz.1.9789" exe="/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7f70fcf8d169 code=0x7ffc0000 [ 182.632750][ T40] audit: type=1326 audit(2000000047.665:122263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25983 comm="syz.1.9789" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcf8d169 code=0x7ffc0000 [ 182.641320][ T40] audit: type=1326 audit(2000000047.665:122264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25983 comm="syz.1.9789" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcf8d169 code=0x7ffc0000 [ 182.705821][T26000] program syz.3.9800 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 182.708998][T26000] ata1.00: invalid service action 31 [ 182.765631][T26012] netlink: 4768 bytes leftover after parsing attributes in process `syz.0.9804'. [ 182.909772][T26043] trusted_key: encrypted_key: master key parameter is missing [ 183.029107][T26073] netlink: 68 bytes leftover after parsing attributes in process `syz.2.9833'. [ 183.231278][T26109] xt_nfacct: accounting object `syz1' does not exists [ 183.307600][T26119] xt_l2tp: v2 tid > 0xffff: 150994944 [ 183.380355][T26135] program syz.3.9865 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 183.571519][T26180] netlink: 'syz.1.9887': attribute type 11 has an invalid length. [ 183.572800][T26181] netlink: 'syz.3.9888': attribute type 3 has an invalid length. [ 183.576252][T26181] netlink: 'syz.3.9888': attribute type 2 has an invalid length. [ 183.599333][T26186] openvswitch: netlink: Mixed IPv4 and IPv6 tunnel attributes [ 183.685173][T26209] ata1.00: invalid multi_count 128 ignored [ 183.720927][T26217] ksmbd: Unknown IPC event: 1, ignore. [ 183.956072][ T40] audit: type=1400 audit(2000000048.928:122265): avc: denied { checkpoint_restore } for pid=26251 comm="syz.1.9923" capability=40 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 184.067637][T26270] program syz.1.9932 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 184.144256][ T40] audit: type=1400 audit(2000000049.097:122266): avc: denied { write } for pid=26281 comm="syz.0.9938" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 184.146629][T26280] lo speed is unknown, defaulting to 1000 [ 184.201650][T26289] IPVS: length: 184 != 24 [ 184.492619][T26330] xt_TCPMSS: Only works on TCP SYN packets [ 184.796210][T26371] __nla_validate_parse: 6 callbacks suppressed [ 184.796222][T26371] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9981'. [ 184.981975][T26415] bridge10: entered promiscuous mode [ 184.983541][T26415] bridge10: entered allmulticast mode [ 185.021192][T26421] syz.2.10005: attempt to access beyond end of device [ 185.021192][T26421] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0 [ 185.031707][T26425] openvswitch: netlink: Tunnel attr 6 has unexpected len 16 expected 0 [ 185.405930][T26509] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 185.507141][T26531] xt_connbytes: Forcing CT accounting to be enabled [ 185.581139][T26549] netlink: 'syz.3.10069': attribute type 9 has an invalid length. [ 185.690116][T26562] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 185.692210][T26562] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 185.695752][T26562] vhci_hcd vhci_hcd.0: Device attached [ 185.698938][T26563] vhci_hcd: unknown pdu 1 [ 185.700527][ T12] vhci_hcd: stop threads [ 185.702217][ T12] vhci_hcd: release socket [ 185.703965][ T12] vhci_hcd: disconnect device [ 185.918337][T26587] netlink: 28 bytes leftover after parsing attributes in process `syz.2.10084'. [ 186.106259][T26597] netlink: 16 bytes leftover after parsing attributes in process `syz.2.10089'. [ 186.177744][T26601] xt_socket: unknown flags 0x8 [ 186.222695][T26603] mkiss: ax0: crc mode is auto. [ 186.298749][T26607] netlink: 'syz.3.10094': attribute type 1 has an invalid length. [ 186.301073][T26607] netlink: 168864 bytes leftover after parsing attributes in process `syz.3.10094'. [ 186.322101][T26609] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=26609 comm=syz.2.10095 [ 186.327137][T26609] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=26609 comm=syz.2.10095 [ 186.371029][T26613] netlink: 'syz.2.10097': attribute type 1 has an invalid length. [ 186.373354][T26613] netlink: 224 bytes leftover after parsing attributes in process `syz.2.10097'. [ 186.483853][T26624] netlink: 'syz.2.10101': attribute type 32 has an invalid length. [ 186.573523][T26635] : entered promiscuous mode [ 186.686641][T26652] netlink: 48 bytes leftover after parsing attributes in process `syz.1.10115'. [ 186.724765][ T40] kauditd_printk_skb: 6 callbacks suppressed [ 186.724777][ T40] audit: type=1400 audit(2000000051.519:122273): avc: denied { execute } for pid=26655 comm="syz.3.10117" path="/dev/video8" dev="devtmpfs" ino=976 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 186.765665][T26658] bridge5: entered promiscuous mode [ 186.771785][T26660] ubi31: attaching mtd0 [ 186.776161][T26660] ubi31: scanning is finished [ 186.778000][T26660] ubi31: empty MTD device detected [ 186.857910][T26660] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 186.861831][T26660] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 186.864510][T26660] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 186.867155][T26660] ubi31: VID header offset: 64 (aligned 64), data offset: 128 [ 186.870971][T26660] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 186.872998][T26660] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 186.875263][T26660] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2919388417 [ 186.878035][T26660] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 186.880879][T26665] ubi31: background thread "ubi_bgt31d" started, PID 26665 [ 187.693121][T26664] Bluetooth: hci0: Opcode 0x0c20 failed: -4 [ 188.730222][T26677] netlink: 'syz.1.10126': attribute type 10 has an invalid length. [ 188.864159][T26677] wlan1: mtu less than device minimum [ 188.865801][T26677] bond0: (slave wlan1): Error -22 calling dev_set_mtu [ 188.903470][T26690] netlink: 20 bytes leftover after parsing attributes in process `syz.3.10129'. [ 188.909104][T26690] netdevsim netdevsim3 netdevsim0: entered promiscuous mode [ 188.966716][T26702] netlink: 16 bytes leftover after parsing attributes in process `syz.1.10135'. [ 188.981892][T26705] set match dimension is over the limit! [ 189.012974][T26709] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10140'. [ 189.015642][T26709] openvswitch: netlink: Key 0 has unexpected len 4 expected 0 [ 189.059335][T26717] openvswitch: netlink: Unexpected mask (mask=440, allowed=10048) [ 189.080064][T26721] netlink: 100 bytes leftover after parsing attributes in process `syz.1.10148'. [ 189.083438][T26723] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 189.086666][T26723] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 189.089239][T26723] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 189.091835][T26723] vxlan0: entered promiscuous mode [ 189.093305][T26723] vxlan0: entered allmulticast mode [ 189.098856][T26723] netdevsim netdevsim0 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 189.101370][T26723] netdevsim netdevsim0 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 189.103841][T26723] netdevsim netdevsim0 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 189.302616][T26731] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long [ 189.356633][T26745] netlink: 'syz.0.10159': attribute type 10 has an invalid length. [ 189.362765][T26745] veth0_macvtap: left promiscuous mode [ 189.417420][T26747] veth0_to_bridge: left allmulticast mode [ 189.419139][T26747] veth0_to_bridge: left promiscuous mode [ 189.420722][T26747] bridge0: port 4(veth0_to_bridge) entered disabled state [ 189.424849][T26747] erspan0: left allmulticast mode [ 189.427983][T26747] erspan0: left promiscuous mode [ 189.437066][T26747] bridge0: port 3(erspan0) entered disabled state [ 189.440034][T26747] bridge_slave_1: left allmulticast mode [ 189.441574][T26747] bridge_slave_1: left promiscuous mode [ 189.443197][T26747] bridge0: port 2(bridge_slave_1) entered disabled state [ 189.450818][T26747] bridge_slave_0: left allmulticast mode [ 189.452447][T26747] bridge_slave_0: left promiscuous mode [ 189.454037][T26747] bridge0: port 1(bridge_slave_0) entered disabled state [ 189.469895][T26759] syz.0.10166: attempt to access beyond end of device [ 189.469895][T26759] nbd0: rw=0, sector=1, nr_sectors = 1 limit=0 [ 189.473938][T26759] VFS: unable to read V7 FS superblock on device nbd0. [ 189.476088][T26759] VFS: could not find a valid V7 on nbd0. [ 189.629879][T26772] openvswitch: netlink: VXLAN extension message has 4 unknown bytes. [ 189.639047][T26773] netlink: 'syz.0.10173': attribute type 13 has an invalid length. [ 189.656809][T26773] gretap0: refused to change device tx_queue_len [ 189.658690][T26773] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 189.716989][T26783] overlayfs: failed to resolve './file0': -2 [ 189.865431][T26818] netlink: 'syz.2.10193': attribute type 13 has an invalid length. [ 189.870140][T26818] syz_tun: refused to change device tx_queue_len [ 189.872017][T26818] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 189.964521][T26841] bridge6: the hash_elasticity option has been deprecated and is always 16 [ 190.180139][T26898] __nla_validate_parse: 5 callbacks suppressed [ 190.180151][T26898] netlink: 20 bytes leftover after parsing attributes in process `syz.0.10226'. [ 190.237473][T26914] tmpfs: Bad value for 'mpol' [ 190.293981][T26933] /dev/sg0: Can't lookup blockdev [ 190.313097][T26938] netlink: 'syz.1.10251': attribute type 12 has an invalid length. [ 190.524007][T26983] openvswitch: netlink: IP tunnel dst address not specified [ 190.621448][T27003] tmpfs: Bad value for 'mpol' [ 190.659205][T27010] openvswitch: netlink: IP tunnel dst address not specified [ 190.686997][T27019] netlink: 68 bytes leftover after parsing attributes in process `syz.3.10286'. [ 190.908214][T27062] xt_hashlimit: invalid interval [ 190.927031][ T6130] Bluetooth: hci1: unexpected event for opcode 0x0c05 [ 191.239331][T27102] [U] à€E`ÞØÊ_òïÈTvß=æ¼B¥ ²›UÒôQ;Ö®Y±\9ž©Pþâ [ 191.345539][T27123] hfs: unable to load iocharset "io#harset" [ 191.357355][T27127] netlink: 28 bytes leftover after parsing attributes in process `syz.2.10339'. [ 191.359981][T27127] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10339'. [ 191.379256][T27129] blktrace: Concurrent blktraces are not allowed on sg0 [ 191.551926][T27150] openvswitch: netlink: IPv4 tunnel dst address is zero [ 191.584055][T27156] dlm: no locking on control device [ 191.604728][ T40] audit: type=1400 audit(2000000056.066:122274): avc: denied { lock } for pid=27158 comm="syz.3.10355" path="socket:[80047]" dev="sockfs" ino=80047 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1 [ 191.612419][T27161] netlink: 'syz.2.10357': attribute type 2 has an invalid length. [ 191.623758][T27163] netdevsim netdevsim0: Firmware load for './cgroup/../file0' refused, path contains '..' component [ 191.625493][T27165] netlink: 32 bytes leftover after parsing attributes in process `syz.3.10358'. [ 191.629864][T27165] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10358'. [ 191.652089][ T40] audit: type=1400 audit(2000000056.131:122275): avc: denied { name_bind } for pid=27168 comm="syz.2.10361" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 191.689490][ T6130] Bluetooth: hci0: unexpected event for opcode 0x2042 [ 191.700201][T27181] netlink: 16 bytes leftover after parsing attributes in process `syz.3.10366'. [ 191.769471][T27194] xt_ecn: cannot match TCP bits for non-tcp packets [ 191.786068][ T40] audit: type=1400 audit(2000000056.253:122276): avc: denied { connect } for pid=27198 comm="syz.2.10375" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 191.907833][T27227] gre2: entered promiscuous mode [ 191.926380][T27231] tmpfs: Bad value for 'mpol' [ 192.026919][T27250] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10399'. [ 192.099840][T27257] wireguard0: entered promiscuous mode [ 192.101951][T27257] wireguard0: entered allmulticast mode [ 192.396650][T27289] hpfs: Bad magic ... probably not HPFS [ 192.419980][ T6181] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 192.512910][T27305] kAFS: No cell specified [ 192.576716][T27314] netlink: 'syz.2.10431': attribute type 1 has an invalid length. [ 192.602420][ T6181] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 192.605465][ T6181] usb 8-1: config 0 has no interfaces? [ 192.612774][ T6181] usb 8-1: New USB device found, idVendor=067b, idProduct=2303, bcdDevice=53.f5 [ 192.615622][ T6181] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 192.618576][ T6181] usb 8-1: Product: syz [ 192.618587][ T6181] usb 8-1: Manufacturer: syz [ 192.618596][ T6181] usb 8-1: SerialNumber: syz [ 192.632033][ T6181] usb 8-1: config 0 descriptor?? [ 192.748001][T27342] netlink: 'syz.2.10443': attribute type 30 has an invalid length. [ 192.855162][T27272] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 192.860622][T27272] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 192.864669][ T1327] usb 8-1: USB disconnect, device number 9 [ 192.906995][T27364] BTRFS info: 'norecovery' is for compatibility only, recommended to use 'rescue=nologreplay' [ 192.979913][T27377] netlink: 666 bytes leftover after parsing attributes in process `syz.2.10459'. [ 193.026262][T27383] program syz.1.10463 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 193.047074][T27385] CIFS mount error: No usable UNC path provided in device string! [ 193.047074][T27385] [ 193.051991][T27385] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 194.210201][ T40] audit: type=1400 audit(2000000058.517:122277): avc: denied { write } for pid=27442 comm="syz.1.10493" name="net" dev="proc" ino=78542 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 194.216977][ T40] audit: type=1400 audit(2000000058.517:122278): avc: denied { add_name } for pid=27442 comm="syz.1.10493" name="pfkey" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 194.223561][ T40] audit: type=1400 audit(2000000058.517:122279): avc: denied { create } for pid=27442 comm="syz.1.10493" name="pfkey" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=file permissive=1 [ 194.240324][T27449] openvswitch: netlink: IP tunnel dst address not specified [ 194.247487][ T40] audit: type=1400 audit(2000000058.517:122280): avc: denied { associate } for pid=27442 comm="syz.1.10493" name="pfkey" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 194.360833][T27475] xt_hashlimit: max too large, truncated to 1048576 [ 194.417617][T27489] (unnamed net_device) (uninitialized): Unable to set down delay as MII monitoring is disabled [ 194.430493][T27491] lo speed is unknown, defaulting to 1000 [ 194.587650][ T40] audit: type=1400 audit(2000000058.872:122281): avc: denied { map } for pid=27519 comm="syz.1.10531" path="/dev/zero" dev="devtmpfs" ino=6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1 [ 194.604514][T27527] sctp: [Deprecated]: syz.1.10535 (pid 27527) Use of int in maxseg socket option. [ 194.604514][T27527] Use struct sctp_assoc_value instead [ 194.604817][T27526] cgroup: release_agent respecified [ 194.755435][T27559] usb usb9: check_ctrlrecip: process 27559 (syz.1.10550) requesting ep 01 but needs 81 [ 194.758139][T27559] usb usb9: usbfs: process 27559 (syz.1.10550) did not claim interface 0 before use [ 194.836717][T27571] netlink: 96 bytes leftover after parsing attributes in process `syz.2.10556'. [ 194.924577][T27587] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 194.926453][T27587] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 194.929260][T27587] vhci_hcd vhci_hcd.0: Device attached [ 194.935009][T27588] vhci_hcd: cannot find a urb of seqnum 7 max seqnum 0 [ 194.938197][ T78] vhci_hcd: stop threads [ 194.939694][ T78] vhci_hcd: release socket [ 194.941470][ T78] vhci_hcd: disconnect device [ 194.960895][T27596] netlink: 'syz.2.10567': attribute type 1 has an invalid length. [ 194.963159][T27596] netlink: 'syz.2.10567': attribute type 3 has an invalid length. [ 194.965454][T27596] NCSI netlink: No device for ifindex 0 [ 195.137011][T27616] netlink: 'syz.3.10576': attribute type 1 has an invalid length. [ 195.139346][T27616] nbd: couldn't find a device at index 20 [ 195.174606][T27603] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 195.178809][T27603] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 195.181347][T27603] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 195.190367][T27603] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 195.194006][T27603] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 195.196387][T27603] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 195.207658][T27626] qnx6: unable to set blocksize [ 195.322681][ T40] audit: type=1400 audit(2000000059.555:122282): avc: denied { connect } for pid=27645 comm="syz.3.10591" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 195.331264][T27648] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 195.635174][T27712] xt_cgroup: invalid path, errno=-2 [ 195.717470][T27728] netdevsim netdevsim0: loading /lib/firmware// failed with error -22 [ 195.720297][T27728] netdevsim netdevsim0: Direct firmware load for / failed with error -22 [ 195.725255][T27728] netdevsim netdevsim0: Falling back to sysfs fallback for: / [ 195.762163][T27739] xt_policy: input policy not valid in POSTROUTING and OUTPUT [ 195.796271][T27745] netlink: 'syz.3.10640': attribute type 1 has an invalid length. [ 195.842590][T27751] program syz.3.10643 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 195.846148][T27751] ata1.00: invalid transfer count 0 [ 195.850157][ T40] audit: type=1400 audit(2000000060.051:122283): avc: denied { ioctl } for pid=27753 comm="syz.1.10644" path="socket:[78790]" dev="sockfs" ino=78790 ioctlcmd=0x8971 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 195.927591][T27770] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 195.954061][T27776] Timeout policy `syz1' can only be used by L3 protocol number 35064 [ 196.011250][T27786] netlink: 'syz.2.10659': attribute type 1 has an invalid length. [ 196.013851][T27786] NCSI netlink: No device for ifindex 0 [ 196.102016][T27804] __nla_validate_parse: 4 callbacks suppressed [ 196.102028][T27804] netlink: 16 bytes leftover after parsing attributes in process `syz.2.10668'. [ 196.190403][T27820] rtc_cmos 00:05: Alarms can be up to one day in the future [ 196.339281][T27852] sctp: [Deprecated]: syz.2.10692 (pid 27852) Use of int in max_burst socket option. [ 196.339281][T27852] Use struct sctp_assoc_value instead [ 196.409693][ T40] audit: type=1400 audit(2000000060.584:122284): avc: denied { name_bind } for pid=27866 comm="syz.2.10700" src=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 196.493592][T27882] netlink: 'syz.1.10707': attribute type 3 has an invalid length. [ 196.496441][T27882] netlink: 'syz.1.10707': attribute type 1 has an invalid length. [ 196.499201][T27882] netlink: 216 bytes leftover after parsing attributes in process `syz.1.10707'. [ 196.591128][T27896] tmpfs: Unknown parameter 'm' [ 196.616835][T27900] netlink: 28 bytes leftover after parsing attributes in process `syz.2.10716'. [ 196.619476][T27900] netlink: 72 bytes leftover after parsing attributes in process `syz.2.10716'. [ 196.637559][T27904] Debayer A: ================= START STATUS ================= [ 196.639764][T27904] Debayer A: Debayer Mean Window Size: 3 [ 196.641538][T27904] Debayer A: ================== END STATUS ================== [ 196.821606][ T6127] Bluetooth: hci0: Malformed HCI Event [ 196.867461][T27944] : renamed from hsr0 (while UP) [ 196.886412][T27946] xt_NFQUEUE: number of total queues is 0 [ 196.932920][T27954] set match dimension is over the limit! [ 196.956818][T27958] netlink: 'syz.2.10745': attribute type 29 has an invalid length. [ 196.984543][T27960] program syz.2.10746 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 197.041032][T27970] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 197.044595][T27970] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 197.077178][ T40] audit: type=1400 audit(2000000061.201:122285): avc: denied { module_load } for pid=27975 comm="syz.0.10754" path="/sys/power/pm_test" dev="sysfs" ino=864 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1 [ 197.096429][T27974] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32 [ 197.194525][ T40] audit: type=1400 audit(2000000061.314:122286): avc: denied { write } for pid=27995 comm="syz.2.10764" name="urandom" dev="devtmpfs" ino=9 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1 [ 197.323087][T28021] netlink: 16 bytes leftover after parsing attributes in process `syz.3.10777'. [ 197.326129][ T6127] Bluetooth: hci1: command 0x0406 tx timeout [ 197.385498][T28031] netlink: 'syz.0.10780': attribute type 2 has an invalid length. [ 197.408925][T28037] mmap: syz.0.10784 (28037): VmData 37462016 exceed data ulimit 4. Update limits or use boot option ignore_rlimit_data. [ 197.412311][ T6127] Bluetooth: hci2: command 0x0406 tx timeout [ 197.555862][T28055] tmpfs: Bad value for 'mpol' [ 198.064356][T28087] netlink: 'syz.1.10805': attribute type 13 has an invalid length. [ 198.065970][T28089] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10816'. [ 198.073398][T28087] gretap0: refused to change device tx_queue_len [ 198.076205][T28087] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 198.135666][T28105] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 198.179901][T28115] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10822'. [ 198.396084][T28165] overlayfs: missing 'lowerdir' [ 198.428759][T28173] netlink: 152 bytes leftover after parsing attributes in process `syz.1.10850'. [ 198.431637][T28173] syz_tun: refused to change device tx_queue_len [ 198.433404][T28173] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 199.562300][ T6127] Bluetooth: hci1: command 0x0406 tx timeout [ 199.634910][ T6127] Bluetooth: hci2: command 0x0406 tx timeout [ 199.653031][T28230] Bluetooth: hci0: Opcode 0x0c20 failed: -4 [ 199.691938][T28245] syz.2.10893: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 199.695631][T28245] CPU: 2 UID: 0 PID: 28245 Comm: syz.2.10893 Not tainted 6.14.0-rc6-syzkaller-00189-gb35233e7bfa0 #0 [ 199.695646][T28245] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 199.695653][T28245] Call Trace: [ 199.695656][T28245] [ 199.695662][T28245] dump_stack_lvl+0x16c/0x1f0 [ 199.695678][T28245] warn_alloc+0x24d/0x3a0 [ 199.695692][T28245] ? __pfx_warn_alloc+0x10/0x10 [ 199.695703][T28245] ? __pfx_stack_trace_save+0x10/0x10 [ 199.695719][T28245] ? kasan_save_stack+0x42/0x60 [ 199.695729][T28245] ? kasan_save_stack+0x33/0x60 [ 199.695738][T28245] ? kasan_save_track+0x14/0x30 [ 199.695747][T28245] ? __kasan_kmalloc+0xaa/0xb0 [ 199.695755][T28245] ? xskq_create+0x52/0x1d0 [ 199.695764][T28245] ? do_sock_setsockopt+0x222/0x480 [ 199.695775][T28245] ? __sys_setsockopt+0x1a0/0x230 [ 199.695793][T28245] ? __x64_sys_setsockopt+0xbd/0x160 [ 199.695809][T28245] __vmalloc_node_range_noprof+0x10dc/0x1530 [ 199.695830][T28245] ? xskq_create+0xfb/0x1d0 [ 199.695842][T28245] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 199.695862][T28245] ? xskq_create+0xfb/0x1d0 [ 199.695871][T28245] vmalloc_user_noprof+0x6b/0x90 [ 199.695887][T28245] ? xskq_create+0xfb/0x1d0 [ 199.695896][T28245] xskq_create+0xfb/0x1d0 [ 199.695906][T28245] xsk_setsockopt+0x7b7/0xa10 [ 199.695922][T28245] ? __pfx_xsk_setsockopt+0x10/0x10 [ 199.695942][T28245] ? selinux_socket_setsockopt+0x6a/0x80 [ 199.695957][T28245] ? __pfx_xsk_setsockopt+0x10/0x10 [ 199.695972][T28245] do_sock_setsockopt+0x222/0x480 [ 199.695982][T28245] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 199.695993][T28245] ? lock_acquire+0x2f/0xb0 [ 199.696014][T28245] __sys_setsockopt+0x1a0/0x230 [ 199.696030][T28245] __x64_sys_setsockopt+0xbd/0x160 [ 199.696045][T28245] ? do_syscall_64+0x91/0x250 [ 199.696059][T28245] ? lockdep_hardirqs_on+0x7c/0x110 [ 199.696071][T28245] do_syscall_64+0xcd/0x250 [ 199.696085][T28245] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 199.696099][T28245] RIP: 0033:0x7f825b58d169 [ 199.696107][T28245] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 199.696117][T28245] RSP: 002b:00007f825c3f3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 199.696126][T28245] RAX: ffffffffffffffda RBX: 00007f825b7a5fa0 RCX: 00007f825b58d169 [ 199.696132][T28245] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003 [ 199.696138][T28245] RBP: 00007f825b60e2a0 R08: 0000000000000004 R09: 0000000000000000 [ 199.696144][T28245] R10: 0000400000000000 R11: 0000000000000246 R12: 0000000000000000 [ 199.696149][T28245] R13: 0000000000000000 R14: 00007f825b7a5fa0 R15: 00007ffc8a4d38c8 [ 199.696161][T28245] [ 199.696165][T28245] Mem-Info: [ 199.750512][T28251] set match dimension is over the limit! [ 199.754005][T28245] active_anon:21659 inactive_anon:0 isolated_anon:0 [ 199.754005][T28245] active_file:4734 inactive_file:51896 isolated_file:0 [ 199.754005][T28245] unevictable:1768 dirty:489 writeback:0 [ 199.754005][T28245] slab_reclaimable:9103 slab_unreclaimable:79970 [ 199.754005][T28245] mapped:23944 shmem:2473 pagetables:912 [ 199.754005][T28245] sec_pagetables:310 bounce:0 [ 199.754005][T28245] kernel_misc_reclaimable:0 [ 199.754005][T28245] free:437529 free_pcp:8966 free_cma:0 [ 199.795079][T28245] Node 0 active_anon:86636kB inactive_anon:0kB active_file:18880kB inactive_file:207400kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:95632kB dirty:1888kB writeback:0kB shmem:6356kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12848kB pagetables:3648kB sec_pagetables:1240kB all_unreclaimable? yes [ 199.816126][T28245] Node 1 active_anon:0kB inactive_anon:0kB active_file:56kB inactive_file:184kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:132kB dirty:68kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:112kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 199.827364][T28245] Node 0 DMA free:15128kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:216kB local_pcp:56kB free_cma:0kB [ 199.837494][T28245] lowmem_reserve[]: 0 1240 1240 1240 1240 [ 199.839898][T28245] Node 0 DMA32 free:182040kB boost:62112kB min:89720kB low:96620kB high:103520kB reserved_highatomic:0KB active_anon:86672kB inactive_anon:0kB active_file:18880kB inactive_file:207400kB unevictable:3536kB writepending:1888kB present:2080628kB managed:1270132kB mlocked:0kB bounce:0kB free_pcp:5220kB local_pcp:928kB free_cma:0kB [ 199.852181][T28245] lowmem_reserve[]: 0 0 0 0 0 [ 199.854075][T28245] Node 1 Normal free:1552692kB boost:0kB min:39632kB low:49540kB high:59448kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:56kB inactive_file:184kB unevictable:3536kB writepending:68kB present:2097152kB managed:1781924kB mlocked:0kB bounce:0kB free_pcp:30776kB local_pcp:10580kB free_cma:0kB [ 199.865144][T28245] lowmem_reserve[]: 0 0 0 0 0 [ 199.867093][T28245] Node 0 DMA: 4*4kB (U) 7*8kB (U) 5*16kB (U) 4*32kB (U) 6*64kB (U) 7*128kB (U) 7*256kB (U) 7*512kB (U) 8*1024kB (U) 0*2048kB 0*4096kB = 15128kB [ 199.873414][T28245] Node 0 DMA32: 182*4kB (UE) 260*8kB (UME) 183*16kB (UME) 208*32kB (UME) 172*64kB (UME) 142*128kB (UME) 228*256kB (UME) 104*512kB (UME) 25*1024kB (UME) 2*2048kB (U) 0*4096kB = 182888kB [ 199.878519][T28259] netlink: 48 bytes leftover after parsing attributes in process `syz.0.10894'. [ 199.880792][T28245] Node 1 Normal: 119*4kB (UM) 145*8kB (UME) 163*16kB (UME) 235*32kB (UE) 181*64kB (UE) 136*128kB (UME) 114*256kB (UE) 96*512kB (UM) 80*1024kB (UE) 4*2048kB (U) 328*4096kB (UM) = 1552692kB [ 199.890863][T28245] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 199.894711][T28245] Node 0 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 199.898168][T28245] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 199.901765][T28245] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 199.906448][T28245] 59105 total pagecache pages [ 199.908280][T28245] 0 pages in swap cache [ 199.909882][T28245] Free swap = 124252kB [ 199.911462][T28245] Total swap = 124996kB [ 199.913174][T28245] 1048443 pages RAM [ 199.914556][T28245] 0 pages HighMem/MovableOnly [ 199.916292][T28245] 281589 pages reserved [ 199.917901][T28245] 0 pages cma reserved [ 199.951171][T28268] : entered promiscuous mode [ 199.974144][T28272] netlink: 224 bytes leftover after parsing attributes in process `syz.1.10900'. [ 199.983920][T28276] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=28276 comm=syz.3.10901 [ 199.987561][T28276] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=28276 comm=syz.3.10901 [ 200.108738][T28300] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 200.225394][T28326] bridge7: entered promiscuous mode [ 200.226942][T28326] bridge7: entered allmulticast mode [ 200.388771][T28364] xt_TCPMSS: Only works on TCP SYN packets [ 200.501706][T28383] IPVS: length: 184 != 24 [ 200.538395][T28389] program syz.0.10957 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 200.595500][T28401] ata1.00: invalid multi_count 128 ignored [ 200.935914][T28449] program syz.0.10991 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 200.938596][T28449] ata1.00: invalid service action 31 [ 201.258164][T28491] syz.2.11008: attempt to access beyond end of device [ 201.258164][T28491] nbd2: rw=0, sector=1, nr_sectors = 1 limit=0 [ 201.262526][T28491] VFS: unable to read V7 FS superblock on device nbd2. [ 201.264622][T28491] VFS: could not find a valid V7 on nbd2. [ 201.268552][T28495] openvswitch: netlink: ct_state flags 010000e0 unsupported [ 201.277894][T28497] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long [ 201.307248][T28503] tmpfs: Bad value for 'mpol' [ 201.331536][T28509] veth0_to_bridge: left allmulticast mode [ 201.333224][T28509] veth0_to_bridge: left promiscuous mode [ 201.337282][T28509] bridge0: port 3(veth0_to_bridge) entered disabled state [ 201.344608][T28509] bridge_slave_1: left allmulticast mode [ 201.346487][T28509] bridge_slave_1: left promiscuous mode [ 201.348189][T28509] bridge0: port 2(bridge_slave_1) entered disabled state [ 201.353944][T28509] bridge_slave_0: left allmulticast mode [ 201.356555][T28509] bridge0: port 1(bridge_slave_0) entered disabled state [ 201.518594][T28525] __nla_validate_parse: 2 callbacks suppressed [ 201.518611][T28525] netlink: 96 bytes leftover after parsing attributes in process `syz.1.11028'. [ 201.705905][T28567] devpts: called with bogus options [ 201.738145][T28577] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 201.783987][ T6130] Bluetooth: hci1: command 0x0406 tx timeout [ 201.836610][T28599] netlink: 20 bytes leftover after parsing attributes in process `syz.0.11061'. [ 201.839262][ T40] audit: type=1326 audit(2000000065.663:122287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28597 comm="syz.1.11060" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcf8d169 code=0x50000 [ 201.845555][ T40] audit: type=1326 audit(2000000065.663:122288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28597 comm="syz.1.11060" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcf8d169 code=0x50000 [ 201.852733][ T40] audit: type=1326 audit(2000000065.663:122289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28597 comm="syz.1.11060" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcf8d169 code=0x50000 [ 201.859232][ T40] audit: type=1326 audit(2000000065.663:122290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28597 comm="syz.1.11060" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcf8d169 code=0x50000 [ 201.860434][ T6130] Bluetooth: hci2: command 0x0406 tx timeout [ 201.865848][ T40] audit: type=1326 audit(2000000065.663:122291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28597 comm="syz.1.11060" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcf8d169 code=0x50000 [ 201.875592][ T40] audit: type=1326 audit(2000000065.663:122292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28597 comm="syz.1.11060" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcf8d169 code=0x50000 [ 201.882144][ T40] audit: type=1326 audit(2000000065.663:122293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28597 comm="syz.1.11060" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcf8d169 code=0x50000 [ 201.888551][ T40] audit: type=1326 audit(2000000065.663:122294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28597 comm="syz.1.11060" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcf8d169 code=0x50000 [ 201.895067][ T40] audit: type=1326 audit(2000000065.663:122295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28597 comm="syz.1.11060" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcf8d169 code=0x50000 [ 201.904316][ T40] audit: type=1326 audit(2000000065.663:122296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28597 comm="syz.1.11060" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fcf8d169 code=0x50000 [ 202.078745][T28632] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11078'. [ 202.266882][T28661] netlink: 16 bytes leftover after parsing attributes in process `syz.3.11092'. [ 202.319475][T28664] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11099'. [ 202.321967][T28664] netlink: 24 bytes leftover after parsing attributes in process `syz.2.11099'. [ 202.327725][T28664] vxcan3: entered promiscuous mode [ 202.329759][T28664] vxcan3: entered allmulticast mode [ 202.613726][T28698] hsr_slave_0: left promiscuous mode [ 202.615822][T28698] hsr_slave_1: left promiscuous mode [ 202.673369][T28705] validate_nla: 4 callbacks suppressed [ 202.673380][T28705] netlink: 'syz.0.11114': attribute type 9 has an invalid length. [ 202.828065][T28725] cgroup: Need name or subsystem set [ 202.858329][T28728] xt_policy: input policy not valid in POSTROUTING and OUTPUT [ 202.955531][T28717] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 202.957416][T28717] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 202.959213][T28717] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 202.995571][T28740] QAT: Device 7 not found [ 203.009122][T28738] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11128'. [ 203.280481][T28774] netlink: 16 bytes leftover after parsing attributes in process `syz.0.11145'. [ 203.329268][T28784] netlink: 76 bytes leftover after parsing attributes in process `syz.2.11150'. [ 203.420938][T28792] netlink: 'syz.3.11155': attribute type 3 has an invalid length. [ 203.423143][T28792] netlink: 'syz.3.11155': attribute type 1 has an invalid length. [ 203.425327][T28792] netlink: 216 bytes leftover after parsing attributes in process `syz.3.11155'. [ 203.568893][ C3] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 203.574318][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 203.575549][T28820] wg1 speed is unknown, defaulting to 1000 [ 203.577746][T28820] wg1 speed is unknown, defaulting to 1000 [ 203.590465][T28820] wg1 speed is unknown, defaulting to 1000 [ 203.595996][T28820] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 203.603506][T28820] wg1 speed is unknown, defaulting to 1000 [ 203.606139][T28820] wg1 speed is unknown, defaulting to 1000 [ 203.608320][T28820] wg1 speed is unknown, defaulting to 1000 [ 203.611259][T28820] wg1 speed is unknown, defaulting to 1000 [ 203.978130][T28881] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 204.017451][T28887] netlink: 'syz.2.11201': attribute type 1 has an invalid length. [ 204.023911][T28887] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 204.172757][T28909] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 204.298221][T28929] ipvlan0: entered promiscuous mode [ 204.299889][T28929] ipvlan0: entered allmulticast mode [ 204.301471][T28929] veth0_vlan: entered allmulticast mode [ 204.497309][T28955] netlink: 'syz.0.11233': attribute type 2 has an invalid length. [ 204.767215][T28973] cdrom: dropping to single frame dma [ 205.073151][T29033] ata1.00: invalid multi_count 1 ignored [ 205.076252][T29035] SET target dimension over the limit! [ 205.108268][ T6130] Bluetooth: hci2: command 0x0406 tx timeout [ 205.108283][ T6127] Bluetooth: hci1: command 0x0406 tx timeout [ 205.195273][T29055] netlink: 'syz.3.11283': attribute type 6 has an invalid length. [ 205.510711][T29092] xt_l2tp: missing protocol rule (udp|l2tpip) [ 205.949497][T29146] lo speed is unknown, defaulting to 1000 [ 206.024569][T29146] wg1 speed is unknown, defaulting to 1000 [ 206.476320][T29101] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 206.480414][T29101] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 206.486907][T29101] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 206.489466][T29101] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 206.493192][T29101] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 206.495406][T29101] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 207.308566][T29202] sctp: [Deprecated]: syz.1.11321 (pid 29202) Use of struct sctp_assoc_value in delayed_ack socket option. [ 207.308566][T29202] Use struct sctp_sack_info instead [ 207.404336][T29215] sch_tbf: peakrate 8 is lower than or equals to rate 12 ! [ 207.477810][ T40] kauditd_printk_skb: 38002 callbacks suppressed [ 207.477821][ T40] audit: type=1400 audit(2000000070.930:160299): avc: denied { read } for pid=29225 comm="syz.2.11329" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 207.600199][T29251] ucma_write: process 5932 (syz.2.11338) changed security contexts after opening file descriptor, this is not allowed. [ 207.614381][T29254] CIFS: Unable to determine destination address [ 207.626293][T29259] random: crng reseeded on system resumption [ 207.752844][T29283] __nla_validate_parse: 2 callbacks suppressed [ 207.752855][T29283] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11348'. [ 207.758226][T29283] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11348'. [ 207.764025][T29283] netlink: 'syz.3.11348': attribute type 12 has an invalid length. [ 207.791201][T29290] netlink: 4 bytes leftover after parsing attributes in process `syz.1.11352'. [ 207.828349][ T40] audit: type=1400 audit(2000000071.258:160300): avc: denied { ioctl } for pid=29257 comm="syz.2.11341" path="/dev/snapshot" dev="devtmpfs" ino=98 ioctlcmd=0x3304 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 207.858046][T29309] Bluetooth: MGMT ver 1.23 [ 207.861005][T29310] netlink: 'syz.0.11359': attribute type 11 has an invalid length. [ 207.915710][T29318] lo speed is unknown, defaulting to 1000 [ 207.939199][ T40] audit: type=1400 audit(2000000071.360:160301): avc: denied { remount } for pid=29325 comm="syz.1.11365" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 207.959768][T29318] wg1 speed is unknown, defaulting to 1000 [ 208.315146][ T1923] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 208.496881][ T1923] usb 8-1: Using ep0 maxpacket: 16 [ 208.500388][ T1923] usb 8-1: config 0 has an invalid interface number: 8 but max is 0 [ 208.502661][ T1923] usb 8-1: config 0 has no interface number 0 [ 208.504500][ T1923] usb 8-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 208.508354][ T1923] usb 8-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 208.512346][ T1923] usb 8-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 208.514911][ T1923] usb 8-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 208.517180][ T1923] usb 8-1: Product: syz [ 208.518627][ T1923] usb 8-1: SerialNumber: syz [ 208.526713][ T1923] usb 8-1: config 0 descriptor?? [ 208.537074][ T1923] cm109 8-1:0.8: invalid payload size 0, expected 4 [ 208.540790][ T1923] input: CM109 USB driver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.8/input/input40 [ 208.548204][ T40] audit: type=1400 audit(2000000071.931:160302): avc: denied { ioctl } for pid=5340 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=3082 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 208.757400][ C2] cm109 8-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 208.758717][ T31] usb 8-1: USB disconnect, device number 10 [ 208.759651][ C2] cm109 8-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 208.799543][ T31] cm109 8-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 210.360355][T29424] Bluetooth: hci0: Opcode 0x0c20 failed: -22 [ 210.434232][T29440] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 210.436781][T29440] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 210.439722][T29440] vhci_hcd vhci_hcd.0: Device attached [ 210.445729][T29441] vhci_hcd: unknown pdu 1 [ 210.449001][ T12] vhci_hcd: stop threads [ 210.450680][ T12] vhci_hcd: release socket [ 210.452530][ T12] vhci_hcd: disconnect device [ 210.614504][T29470] netlink: 'syz.2.11427': attribute type 1 has an invalid length. [ 210.642127][T29476] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 210.644025][T29476] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 210.647388][T29476] vhci_hcd vhci_hcd.0: Device attached [ 210.650911][T29477] vhci_hcd: cannot find a urb of seqnum 7 max seqnum 0 [ 210.653656][ T12] vhci_hcd: stop threads [ 210.654896][ T12] vhci_hcd: release socket [ 210.656263][ T12] vhci_hcd: disconnect device [ 210.718992][T29486] qnx6: unable to set blocksize [ 210.761624][T29492] netlink: 'syz.1.11438': attribute type 1 has an invalid length. [ 210.765605][T29492] nbd: couldn't find a device at index 20 [ 210.882603][T29504] cgroup: release_agent respecified [ 210.902305][T29506] sctp: [Deprecated]: syz.3.11446 (pid 29506) Use of int in maxseg socket option. [ 210.902305][T29506] Use struct sctp_assoc_value instead [ 211.320324][T29563] netlink: 'syz.3.11475': attribute type 2 has an invalid length. [ 211.352468][T29569] dlm: no locking on control device [ 211.385065][T29571] ubi: mtd0 is already attached to ubi31 [ 211.416618][T29576] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=29576 comm=syz.1.11485 [ 211.421493][T29576] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=29576 comm=syz.1.11485 [ 211.470743][T29581] : entered promiscuous mode [ 211.504146][T29587] netlink: 'syz.2.11486': attribute type 1 has an invalid length. [ 211.507201][T29587] netlink: 168864 bytes leftover after parsing attributes in process `syz.2.11486'. [ 211.560466][T29595] xt_socket: unknown flags 0x8 [ 212.548472][ T6127] Bluetooth: hci0: command tx timeout [ 214.411967][T29661] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11520'. [ 214.529655][T29663] netlink: 16 bytes leftover after parsing attributes in process `syz.2.11523'. [ 214.533510][T29667] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 214.558108][ T40] audit: type=1400 audit(2000000077.553:160303): avc: denied { execute } for pid=29672 comm="syz.1.11529" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=86627 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 214.743953][T29703] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 214.745909][T29703] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 214.748780][T29703] vhci_hcd vhci_hcd.0: Device attached [ 214.766385][T29708] netlink: 'syz.3.11545': attribute type 1 has an invalid length. [ 214.794959][ T40] audit: type=1400 audit(2000000077.778:160304): avc: denied { write } for pid=29709 comm="syz.2.11546" name="/" dev="9p" ino=36831347 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 214.796683][T29712] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 214.802572][ T40] audit: type=1400 audit(2000000077.778:160305): avc: denied { add_name } for pid=29709 comm="syz.2.11546" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 214.810131][ T40] audit: type=1400 audit(2000000077.778:160306): avc: denied { create } for pid=29709 comm="syz.2.11546" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 214.816906][ T40] audit: type=1400 audit(2000000077.778:160307): avc: denied { associate } for pid=29709 comm="syz.2.11546" name="file0" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 214.823300][ T40] audit: type=1400 audit(2000000077.778:160308): avc: denied { read write } for pid=29709 comm="syz.2.11546" name="file0" dev="9p" ino=36831360 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 214.833218][ T40] audit: type=1400 audit(2000000077.778:160309): avc: denied { open } for pid=29709 comm="syz.2.11546" path="/3000/file0/file0" dev="9p" ino=36831360 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 214.841100][ T40] audit: type=1800 audit(2000000077.778:160310): pid=29710 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.2.11546" name="file0" dev="9p" ino=36831360 res=0 errno=0 [ 214.847467][ T40] audit: type=1400 audit(2000000077.815:160311): avc: denied { setopt } for pid=29713 comm="syz.3.11549" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 214.948419][T29723] CUSE: info not properly terminated [ 215.018760][ T31] usb 37-1: new low-speed USB device number 2 using vhci_hcd [ 215.183600][T29759] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11569'. [ 215.216122][ T40] audit: type=1400 audit(2000000078.171:160312): avc: denied { connect } for pid=29763 comm="syz.1.11572" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 215.460431][T29797] program syz.3.11588 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 215.581746][T29821] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=29821 comm=syz.1.11599 [ 215.749874][T29850] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11613'. [ 215.758265][T29849] can0: slcan on ptm0. [ 215.820421][T29846] can0 (unregistered): slcan off ptm0. [ 215.836475][T29860] program syz.1.11618 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 215.979499][ T1923] Process accounting resumed [ 215.999005][T29874] Process accounting resumed [ 216.344533][T29911] netlink: 188 bytes leftover after parsing attributes in process `syz.2.11643'. [ 216.347213][T29911] netlink: 'syz.2.11643': attribute type 1 has an invalid length. [ 216.587088][T29935] netlink: 16 bytes leftover after parsing attributes in process `syz.3.11655'. [ 216.765836][T29943] tmpfs: Bad value for 'mpol' [ 217.111735][T29973] netlink: 'syz.2.11673': attribute type 2 has an invalid length. [ 217.115780][T29973] netlink: 16138 bytes leftover after parsing attributes in process `syz.2.11673'. [ 217.148573][T29977] lo speed is unknown, defaulting to 1000 [ 217.189168][T29977] wg1 speed is unknown, defaulting to 1000 [ 217.396148][T30001] netlink: 12 bytes leftover after parsing attributes in process `syz.2.11686'. [ 217.576253][T30011] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 217.580602][T30011] qnx6: wrong signature (magic) in superblock #1. [ 217.582485][T30011] qnx6: unable to read the first superblock [ 217.695541][ T1923] hid-generic 00EC:0003:0000.0002: unknown main item tag 0x0 [ 217.697792][ T1923] hid-generic 00EC:0003:0000.0002: unknown main item tag 0x0 [ 217.704503][ T1923] hid-generic 00EC:0003:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz1 [ 217.808784][ T64] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 217.963030][T29705] vhci_hcd: connection reset by peer [ 217.968778][ T12] vhci_hcd: stop threads [ 217.970612][ T12] vhci_hcd: release socket [ 217.974236][ T12] vhci_hcd: disconnect device [ 218.810867][T30050] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11710'. [ 218.814465][T30050] netlink: 12 bytes leftover after parsing attributes in process `syz.0.11710'. [ 219.081254][T30082] sp0: Synchronizing with TNC [ 219.469517][T30123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 219.473471][T30123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 219.477989][T30123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 219.481203][T30123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 219.484863][T30123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 219.488119][T30123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 219.767399][T30150] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 5, id = 0 [ 219.767712][T30151] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 5, id = 1 [ 219.773806][T30152] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 5, id = 2 [ 219.774255][T30153] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 5, id = 3 [ 219.774634][T30149] IPVS: stopping backup sync thread 30153 ... [ 219.783117][T30149] IPVS: stopping backup sync thread 30152 ... [ 219.794065][T30149] IPVS: stopping backup sync thread 30151 ... [ 219.800979][T30149] IPVS: stopping backup sync thread 30150 ... [ 220.312402][T30184] netlink: 1268 bytes leftover after parsing attributes in process `syz.1.11775'. [ 220.318994][T30184] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 220.491439][ T31] vhci_hcd: vhci_device speed not set [ 220.747585][ T834] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 220.932564][ T834] usb 6-1: Using ep0 maxpacket: 16 [ 220.935285][ T834] usb 6-1: config 0 has an invalid interface number: 8 but max is 0 [ 220.937568][ T834] usb 6-1: config 0 has no interface number 0 [ 220.939354][ T834] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 220.942543][ T834] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 220.946456][ T834] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 220.949052][ T834] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 220.954601][ T834] usb 6-1: Product: syz [ 220.955852][ T834] usb 6-1: SerialNumber: syz [ 220.963031][ T834] usb 6-1: config 0 descriptor?? [ 220.968243][ T834] cm109 6-1:0.8: invalid payload size 0, expected 4 [ 220.977075][ T834] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.8/input/input41 [ 221.182356][ C0] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 221.186000][ C0] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 221.188242][ C0] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 221.190332][ C0] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 221.192398][ T834] usb 6-1: USB disconnect, device number 9 [ 221.194086][ C0] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 221.194098][ C0] cm109 6-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 221.240528][ T834] cm109 6-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 221.290048][T30204] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11783'. [ 221.468330][T29773] bond0: (slave syz_tun): Releasing backup interface [ 221.657735][ T40] kauditd_printk_skb: 33 callbacks suppressed [ 221.657752][ T40] audit: type=1400 audit(211.063:160346): avc: denied { execute } for pid=30217 comm="syz-executor" name="syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 221.669356][ T40] audit: type=1400 audit(211.063:160347): avc: denied { execute_no_trans } for pid=30217 comm="syz-executor" path="/syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 221.788583][ T6130] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 221.793073][ T6130] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 221.796319][ T6130] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 221.799188][ T6130] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 221.801486][ T6130] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 221.803657][ T6130] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 221.813600][ T6127] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 221.815630][ T6127] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 221.817806][ T6127] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 221.820815][ T6127] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 221.822838][ T6127] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 221.824695][ T6127] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 221.832678][ T40] audit: type=1400 audit(211.222:160348): avc: denied { mounton } for pid=30220 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 221.843611][ T1343] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 221.931573][T30229] xt_hashlimit: size too large, truncated to 1048576 [ 221.998936][ T1343] usb 7-1: Using ep0 maxpacket: 16 [ 222.003788][ T1343] usb 7-1: config 0 has an invalid interface number: 8 but max is 0 [ 222.006237][ T1343] usb 7-1: config 0 has no interface number 0 [ 222.008016][ T1343] usb 7-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 222.011563][ T1343] usb 7-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 222.015715][ T1343] usb 7-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 222.018460][ T1343] usb 7-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 222.021210][ T1343] usb 7-1: Product: syz [ 222.022401][ T1343] usb 7-1: SerialNumber: syz [ 222.028959][ T1343] usb 7-1: config 0 descriptor?? [ 222.033384][ T1343] cm109 7-1:0.8: invalid payload size 0, expected 4 [ 222.036164][ T1343] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.8/input/input42 [ 222.047704][ T1173] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 222.050943][ T1173] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 222.096042][T30220] lo speed is unknown, defaulting to 1000 [ 222.142375][T30220] wg1 speed is unknown, defaulting to 1000 [ 222.251407][ T1173] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 222.253495][ C3] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 222.255020][ T1173] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 222.256541][ C3] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 222.256969][ T834] usb 7-1: USB disconnect, device number 10 [ 222.263601][ C3] cm109 7-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 222.277970][ T834] cm109 7-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 222.302249][T30240] xt_hashlimit: max too large, truncated to 1048576 [ 222.306963][T30220] chnl_net:caif_netlink_parms(): no params data found [ 222.460061][ T1173] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 222.463011][ T1173] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 222.490359][T30220] bridge0: port 1(bridge_slave_0) entered blocking state [ 222.492435][T30220] bridge0: port 1(bridge_slave_0) entered disabled state [ 222.494713][T30220] bridge_slave_0: entered allmulticast mode [ 222.496936][T30220] bridge_slave_0: entered promiscuous mode [ 222.499877][T30220] bridge0: port 2(bridge_slave_1) entered blocking state [ 222.502935][T30220] bridge0: port 2(bridge_slave_1) entered disabled state [ 222.505052][T30220] bridge_slave_1: entered allmulticast mode [ 222.507265][T30220] bridge_slave_1: entered promiscuous mode [ 222.532541][T30220] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 222.581188][T30220] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 222.607863][T30220] team0: Port device team_slave_0 added [ 222.611222][T30220] team0: Port device team_slave_1 added [ 222.636270][T30220] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 222.638242][T30220] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 222.646751][T30220] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 222.651918][T30220] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 222.653945][T30220] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 222.662263][T30220] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 222.674410][T30258] IPVS: Scheduler module ip_vs_non not found [ 222.695005][T30220] hsr_slave_0: entered promiscuous mode [ 222.696914][T30220] hsr_slave_1: entered promiscuous mode [ 222.783922][T30220] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 222.787735][T30220] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 222.792793][T30220] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 222.797993][T30220] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 222.822547][T30220] bridge0: port 2(bridge_slave_1) entered blocking state [ 222.824822][T30220] bridge0: port 2(bridge_slave_1) entered forwarding state [ 224.009002][ T6130] Bluetooth: hci3: command tx timeout [ 224.329357][ T1173] dvmrp0 (unregistering): left allmulticast mode [ 226.231628][ T6130] Bluetooth: hci3: command tx timeout [ 226.500210][ T1173] bond0 (unregistering): (slave 3@0ÿ): Releasing backup interface [ 226.544635][ T1173] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 226.608752][ T1173] bond0 (unregistering): Released all slaves [ 226.616106][ T1173] bond1 (unregistering): Released all slaves [ 227.579898][ T1173] bond2 (unregistering): Released all slaves [ 227.584086][ T1173] bond3 (unregistering): Released all slaves [ 227.588404][ T1173] bond4 (unregistering): Released all slaves [ 227.592885][ T1173] bond5 (unregistering): Released all slaves [ 227.598821][ T1173] bond6 (unregistering): Released all slaves [ 227.605543][ T1173] bond7 (unregistering): Released all slaves [ 227.617199][T30220] 8021q: adding VLAN 0 to HW filter on device bond0 [ 227.620147][T30288] tipc: Started in network mode [ 227.622154][T30288] tipc: Node identity , cluster identity 4711 [ 227.624337][T30288] tipc: Failed to set node id, please configure manually [ 227.626452][T30288] tipc: Enabling of bearer rejected, failed to enable media [ 227.632613][ T78] bridge0: port 2(bridge_slave_1) entered disabled state [ 227.669158][T30220] 8021q: adding VLAN 0 to HW filter on device team0 [ 227.675458][ T190] bridge0: port 1(bridge_slave_0) entered blocking state [ 227.677586][ T190] bridge0: port 1(bridge_slave_0) entered forwarding state [ 227.686635][ T190] bridge0: port 2(bridge_slave_1) entered blocking state [ 227.688665][ T190] bridge0: port 2(bridge_slave_1) entered forwarding state [ 227.735217][ T1173] : left promiscuous mode [ 227.853955][T30220] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 227.881528][ T1173] IPVS: stopping backup sync thread 11394 ... [ 227.965042][T30350] xt_hashlimit: size too large, truncated to 1048576 [ 227.993392][T30220] veth0_vlan: entered promiscuous mode [ 228.005823][T30220] veth1_vlan: entered promiscuous mode [ 228.028207][T30220] veth0_macvtap: entered promiscuous mode [ 228.033263][T30220] veth1_macvtap: entered promiscuous mode [ 228.094561][T30220] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 228.097434][T30220] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.100032][T30220] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 228.105605][T30220] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.109073][T30220] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 228.112606][T30220] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.117930][T30220] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 228.122614][T30220] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 228.133803][T30220] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.137390][T30220] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 228.140253][T30220] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.142908][T30220] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 228.150672][T30220] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.158234][T30220] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 228.170800][T30372] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 228.172865][T30372] IPv6: NLM_F_CREATE should be set when creating new route [ 228.182887][T30220] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.186772][T30220] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.198818][T30374] usb usb8: usbfs: process 30374 (syz.2.11847) did not claim interface 0 before use [ 228.202470][T30220] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.204910][T30220] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.307024][ T190] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 228.309262][ T190] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 228.408882][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 228.411826][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 228.424219][ T40] audit: type=1400 audit(217.396:160349): avc: denied { mounton } for pid=30220 comm="syz-executor" path="/syzkaller.9swCbm/syz-tmp" dev="sda1" ino=1951 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 228.439836][ T40] audit: type=1400 audit(217.396:160350): avc: denied { mounton } for pid=30220 comm="syz-executor" path="/syzkaller.9swCbm/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 228.449336][ T40] audit: type=1400 audit(217.396:160351): avc: denied { mounton } for pid=30220 comm="syz-executor" path="/syzkaller.9swCbm/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=92281 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 228.456591][ T40] audit: type=1400 audit(217.396:160352): avc: denied { unmount } for pid=30220 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 228.461885][ T40] audit: type=1400 audit(217.396:160353): avc: denied { mounton } for pid=30220 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=2777 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 228.469513][ T6130] Bluetooth: hci3: command tx timeout [ 228.471600][ T40] audit: type=1400 audit(217.415:160354): avc: denied { mounton } for pid=30220 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 228.478074][ T40] audit: type=1400 audit(217.415:160355): avc: denied { mount } for pid=30220 comm="syz-executor" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 228.536828][T30406] ================================================================== [ 228.539942][T30406] BUG: KASAN: vmalloc-out-of-bounds in tpg_fill_plane_buffer+0x21c5/0x4380 [ 228.543025][T30406] Write of size 3840 at addr ffffc9000440f000 by task vivid-000-vid-c/30406 [ 228.546456][T30406] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 228.548040][T30406] CPU: 3 UID: 0 PID: 30406 Comm: vivid-000-vid-c Not tainted 6.14.0-rc6-syzkaller-00189-gb35233e7bfa0 #0 [ 228.548054][T30406] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 228.548060][T30406] Call Trace: [ 228.548064][T30406] [ 228.548069][T30406] dump_stack_lvl+0x116/0x1f0 [ 228.548085][T30406] print_report+0xc3/0x670 [ 228.548097][T30406] ? __virt_addr_valid+0x5e/0x590 [ 228.548109][T30406] kasan_report+0xd9/0x110 [ 228.548119][T30406] ? tpg_fill_plane_buffer+0x21c5/0x4380 [ 228.548132][T30406] ? tpg_fill_plane_buffer+0x21c5/0x4380 [ 228.548145][T30406] kasan_check_range+0xef/0x1a0 [ 228.548159][T30406] __asan_memcpy+0x3c/0x60 [ 228.548173][T30406] tpg_fill_plane_buffer+0x21c5/0x4380 [ 228.548191][T30406] ? __pfx_tpg_fill_plane_buffer+0x10/0x10 [ 228.548205][T30406] vivid_fillbuff+0x8e0/0x41f0 [ 228.548218][T30406] ? hlock_class+0x4e/0x130 [ 228.548229][T30406] ? __lock_acquire+0x15a9/0x3c40 [ 228.548246][T30406] ? __pfx_vivid_fillbuff+0x10/0x10 [ 228.548259][T30406] ? vivid_thread_vid_cap_tick+0x7ab/0x15d0 [ 228.548272][T30406] ? v4l2_ctrl_request_setup+0x45c/0xa60 [ 228.548288][T30406] ? lockdep_hardirqs_on+0x7c/0x110 [ 228.548301][T30406] ? vivid_thread_vid_cap_tick+0x81b/0x15d0 [ 228.548312][T30406] vivid_thread_vid_cap_tick+0x81b/0x15d0 [ 228.548324][T30406] ? lock_acquire+0x2f/0xb0 [ 228.548339][T30406] vivid_thread_vid_cap+0x5b8/0xb90 [ 228.548351][T30406] ? lockdep_hardirqs_on+0x7c/0x110 [ 228.548363][T30406] ? __pfx_vivid_thread_vid_cap+0x10/0x10 [ 228.548374][T30406] ? __kthread_parkme+0x148/0x220 [ 228.548385][T30406] ? __pfx_vivid_thread_vid_cap+0x10/0x10 [ 228.548396][T30406] kthread+0x3af/0x750 [ 228.548408][T30406] ? __pfx_kthread+0x10/0x10 [ 228.548421][T30406] ? __pfx_kthread+0x10/0x10 [ 228.548432][T30406] ret_from_fork+0x45/0x80 [ 228.548445][T30406] ? __pfx_kthread+0x10/0x10 [ 228.548457][T30406] ret_from_fork_asm+0x1a/0x30 [ 228.548470][T30406] [ 228.548474][T30406] [ 228.550642][ T40] audit: type=1400 audit(217.490:160356): avc: denied { write } for pid=5924 comm="syz-executor" path="pipe:[2980]" dev="pipefs" ino=2980 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 228.552334][T30406] The buggy address belongs to the virtual mapping at [ 228.552334][T30406] [ffffc900043d3000, ffffc90004410000) created by: [ 228.552334][T30406] vb2_vmalloc_alloc+0x11e/0x3d0 [ 228.552367][T30406] [ 228.552371][T30406] Memory state around the buggy address: [ 228.552380][T30406] ffffc9000440ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 228.627450][T30406] ffffc9000440ef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 228.629773][T30406] >ffffc9000440f000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 228.631990][T30406] ^ [ 228.633251][T30406] ffffc9000440f080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 228.635926][T30406] ffffc9000440f100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 228.638615][T30406] ================================================================== [ 228.641997][T30406] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 228.643982][T30406] CPU: 3 UID: 0 PID: 30406 Comm: vivid-000-vid-c Not tainted 6.14.0-rc6-syzkaller-00189-gb35233e7bfa0 #0 [ 228.647623][T30406] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 228.651307][T30406] Call Trace: [ 228.652341][T30406] [ 228.653328][T30406] dump_stack_lvl+0x3d/0x1f0 [ 228.654890][T30406] panic+0x71d/0x800 [ 228.656123][T30406] ? __pfx_panic+0x10/0x10 [ 228.657619][T30406] ? irqentry_exit+0x3b/0x90 [ 228.658928][T30406] ? lockdep_hardirqs_on+0x7c/0x110 [ 228.660525][T30406] ? preempt_schedule_thunk+0x1a/0x30 [ 228.662268][T30406] ? preempt_schedule_common+0x44/0xc0 [ 228.664210][T30406] ? check_panic_on_warn+0x1f/0xb0 [ 228.665998][T30406] check_panic_on_warn+0xab/0xb0 [ 228.667424][T30406] end_report+0x117/0x180 [ 228.668849][T30406] kasan_report+0xe9/0x110 [ 228.670422][T30406] ? tpg_fill_plane_buffer+0x21c5/0x4380 [ 228.672172][T30406] ? tpg_fill_plane_buffer+0x21c5/0x4380 [ 228.673751][T30406] kasan_check_range+0xef/0x1a0 [ 228.675124][T30406] __asan_memcpy+0x3c/0x60 [ 228.676572][T30406] tpg_fill_plane_buffer+0x21c5/0x4380 [ 228.678469][T30406] ? __pfx_tpg_fill_plane_buffer+0x10/0x10 [ 228.680557][T30406] vivid_fillbuff+0x8e0/0x41f0 [ 228.682254][T30406] ? hlock_class+0x4e/0x130 [ 228.683635][T30406] ? __lock_acquire+0x15a9/0x3c40 [ 228.685430][T30406] ? __pfx_vivid_fillbuff+0x10/0x10 [ 228.687032][T30406] ? vivid_thread_vid_cap_tick+0x7ab/0x15d0 [ 228.688881][T30406] ? v4l2_ctrl_request_setup+0x45c/0xa60 [ 228.690396][T30406] ? lockdep_hardirqs_on+0x7c/0x110 [ 228.692151][T30406] ? vivid_thread_vid_cap_tick+0x81b/0x15d0 [ 228.694124][T30406] vivid_thread_vid_cap_tick+0x81b/0x15d0 [ 228.695911][T30406] ? lock_acquire+0x2f/0xb0 [ 228.697477][T30406] vivid_thread_vid_cap+0x5b8/0xb90 [ 228.699286][T30406] ? lockdep_hardirqs_on+0x7c/0x110 [ 228.700998][T30406] ? __pfx_vivid_thread_vid_cap+0x10/0x10 [ 228.702801][T30406] ? __kthread_parkme+0x148/0x220 [ 228.704648][T30406] ? __pfx_vivid_thread_vid_cap+0x10/0x10 [ 228.706635][T30406] kthread+0x3af/0x750 [ 228.708156][T30406] ? __pfx_kthread+0x10/0x10 [ 228.709683][T30406] ? __pfx_kthread+0x10/0x10 [ 228.711388][T30406] ret_from_fork+0x45/0x80 [ 228.712886][T30406] ? __pfx_kthread+0x10/0x10 [ 228.714528][T30406] ret_from_fork_asm+0x1a/0x30 [ 228.716101][T30406] [ 228.717876][T30406] Kernel Offset: disabled [ 228.719373][T30406] Rebooting in 86400 seconds.. VM DIAGNOSIS: 22:34:42 Registers: info registers vcpu 0 CPU#0 RAX=dffffc0000000000 RBX=ffff88802153a440 RCX=ffff88806a63ec00 RDX=1ffff110042a76f3 RSI=0000000000000000 RDI=ffff88802153b798 RBP=0000000000000000 RSP=ffffc90000007ca8 R8 =0000000000000000 R9 =0000000000000001 R10=0000000000000000 R11=0000000000000001 R12=0000000000000004 R13=0000000000000000 R14=ffff88804d9fe800 R15=ffffffff90629634 RIP=ffffffff8194bf30 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007ff9b3297280 ffffffff 00c00000 GS =0000 ffff88806a600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fffa796c850 CR3=0000000040482000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=000000001003e004 Opmask01=0000000000010000 Opmask02=00000000fffffdff Opmask03=0000000000000000 Opmask04=00000000ffffffff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4b5f5455504e495f 4449006b636f6c62 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc61a61c30 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffff0f0e0d ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00204b4e494c0020 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1c1f115c435d4316 10120300161e121d ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5c431d1c1a141601 5c43000611171d5c ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 73202c297325286b 636f6c66206f7420 656c62616e55006e 6f69746974726170 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6f742079617272 6120656c75722079 7261726f706d6574 002a3f005b3f2a00 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a4a51055c445757 440540495057055c 5744574a55484051 000f1a005b1a0f00 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000231 0000386d69737700 34706f6f6c2f6b63 6f6c622f6c617574 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff9b2fb8d4c 00007ff9b2fb8d47 00000000000000c1 0000000000003631 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055952b246c10 000055952b246bd0 000055952b21c680 000055952b232930 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 26483b3a3a264b3b 3a0a00307f617930 382433273f397b27 697a787c69303b7e ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4652002e3d454d41 4e534c4c49494646 00006c616b663d3d 4d4554534c4c424b ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 312f002e3d313d00 3053303d49490041 00003d4b434f3d3d 4400003831353831 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 info registers vcpu 1 CPU#1 RAX=0000000080000002 RBX=ffff88801dcf9eb8 RCX=ffffffff82289f86 RDX=ffff888022acc880 RSI=0000000000000000 RDI=0000000000000005 RBP=ffff88801dcf9e70 RSP=ffffc90007f3f650 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000007 R12=0000000000000000 R13=0000000000000001 R14=0000000000000000 R15=dffffc0000000000 RIP=ffffffff81b9ebb8 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 000055556bff0500 ffffffff 00c00000 GS =0000 ffff88806a700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f4b05676b30 CR3=0000000033f66000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffef3662d20 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4b0480f282 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4b0480f28f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4b0480f289 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4b0480f29d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4b0480f323 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4b0480f401 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000048 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000048 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffff88801dc79f90 RCX=ffffffff8228a878 RDX=ffff888027424880 RSI=ffffffff8228a9e0 RDI=ffff88801dc79f90 RBP=ffff88801dc79f90 RSP=ffffc90005d6f758 R8 =0000000000000006 R9 =0000000000000001 R10=0000000000000001 R11=0000000000000003 R12=0000000000000001 R13=0000000000000001 R14=0000000000000001 R15=dffffc0000000000 RIP=ffffffff81b9f26c RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffca9123658 CR3=00000000599c8000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fdc0c0d0 Opmask01=000000000000001c Opmask02=000000000000001f Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff 0000000100000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000008888 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a002075676f0087 868a898482818388 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6362696c5f5f0045 5441564952505f43 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3d3d3d3d3d3d3d3d 3d3d3d3d3d3d3d3d 3d3d3d3d3d3d3d3d 3d3d3d3d3d3d3d3d ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 c794f00000000000 000031000000006f 6863650000000000 883d746c75736572 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 c794cd0000000000 00000c0000000052 555e580000000000 88004951484e584f ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00733d6e6f682d5f 66690064636c6166 3d2f645f66630035 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000036 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8540b815 RDI=ffffffff9ab837c0 RBP=ffffffff9ab83780 RSP=ffffc90005def240 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=666f206574697257 R12=0000000000000000 R13=0000000000000036 R14=ffffffff9ab83780 R15=0000000000000000 RIP=ffffffff8540b83f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a900000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055ca521cf000 CR3=000000002d616000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000002000000 Opmask01=0000000001100000 Opmask02=000000000fffffff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ff00ff00ff00ff00 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e2e2e2e2e2e2e2e 2e2e2e2e2e2e2e2e ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e2e2e2e2e2e2e2e 2e2e2e2e2e2e2e2e ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff00ffffffff ff00000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ff00ff00ff00ff00 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff00ffffffff ff00000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 25002f74656e2f73 73616c632f737973 2f002f74656e2f73 79732f636f72702f ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0030303700000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000d0d0a0c0d0d0d 0d0d0d0f0d45514a 0043000d004e5850 5c535b5413495853 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4978098994dc99d9 000055cf0ebf44a6 0000000000000181 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055cf0ebf1973 0000000000000041 000000326e616c77 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 000055ca377e9233 73656d5f70636864 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 725f0ff4dbd7a661 72610feffff9f37f 656775fb777fffff 7f7f7d7f75777965 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 0000000000000031 0000726565666965 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 0000000000000031 00006d5f65636864 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbf2b313423342c ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 262821df2e2e33df 3228df3232202b22 df312e232d2435bf 2324353124322431 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020