last executing test programs: 4.719585967s ago: executing program 0 (id=3496): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000840)="2e00000010008188040f6fec59acbc0435a181003f00000000060000000000000e000d000d6ed60012801900121f", 0x2e}], 0x1}, 0x0) 4.545026889s ago: executing program 0 (id=3500): r0 = socket$inet_smc(0x2b, 0x1, 0x0) connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @loopback}, 0x10) shutdown(r0, 0x0) 4.436444583s ago: executing program 0 (id=3502): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000007c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$FS_IOC_GETVERSION(r1, 0x40015b0b, &(0x7f0000000040)) 4.010069255s ago: executing program 3 (id=3505): r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) fcntl$lock(r0, 0x8, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x100000001}) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) flock(r1, 0x3) fcntl$lock(r1, 0x9, &(0x7f00000001c0)={0x0, 0x0, 0xe4e, 0x2ffffffff, 0xffffffffffffffff}) 3.939054919s ago: executing program 3 (id=3506): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000ac0)={0x2c, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a80)={0x20, 0x3, 0x1, 0x1}}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$EVIOCGMASK(r1, 0x5b04, 0x0) 2.188852434s ago: executing program 1 (id=3525): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r0, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0x2, 0x4, 0x400, 0x210, 0x0, 0x108, 0x318, 0x318, 0x318, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0x108, 0x71000000, {0x15b}}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@arp={@rand_addr, @empty, 0x0, 0x0, 0x0, 0x0, {@mac=@remote}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'lo\x00', 'ip6tnl0\x00'}, 0xc0, 0x108}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}, {{@uncond, 0xc0, 0x108}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}], {{'\x00', 0xc0, 0xe8, 0x0, {0x1d000000}}, {0x28}}}}, 0x450) 2.188472401s ago: executing program 1 (id=3526): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000}) ioctl$CEC_TRANSMIT(0xffffffffffffffff, 0xc0386105, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x6, 0x0, "9067591003f0b500691408e8e04b6229"}) ioctl$KVM_RUN(r3, 0xae80, 0x0) mremap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2000, 0x0, &(0x7f0000003000/0x2000)=nil) 2.001230811s ago: executing program 1 (id=3527): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_GET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, r1, 0x701, 0x0, 0x0, {0x26}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x0) 1.926186745s ago: executing program 1 (id=3528): r0 = socket(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_BETA={0x8}]}}]}, 0x3c}}, 0x0) 1.85532778s ago: executing program 1 (id=3529): r0 = syz_usb_connect(0x0, 0x36, &(0x7f00000002c0)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0) syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x8, &(0x7f0000000980)=ANY=[@ANYBLOB="bcea"]) r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0) ioctl$EVIOCSFF(r1, 0x40304580, &(0x7f0000000100)={0x51, 0x0, 0x0, {}, {}, @period={0x5b, 0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0}}) 1.708589022s ago: executing program 2 (id=3531): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendmsg$NL80211_CMD_DEL_NAN_FUNCTION(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x64}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendto$packet(0xffffffffffffffff, &(0x7f0000000080)="e7feeeb53d72", 0x6, 0x0, 0x0, 0x0) sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r3, @ANYBLOB="01e5c300000000fb04003b1c210008000300", @ANYRES32=r2, @ANYBLOB="2c0433005000de295b3acba52ee4080211000001505050505050"], 0x448}}, 0x0) syz_usb_disconnect(0xffffffffffffffff) syz_usb_connect(0x4, 0x24, &(0x7f0000000300)=ANY=[@ANYRES8=r2], 0x0) ioctl$EVIOCRMFF(0xffffffffffffffff, 0xc0085504, &(0x7f0000000400)) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="500000000308e9030000000000000000000000002c00048008000440000000220800054000000001080001400000000008000479aca219ede984b340000000000600024000000000050003002f000000"], 0x50}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r5 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc)) r6 = syz_open_dev$tty1(0xc, 0x4, 0x1) timer_settime(0x0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x3938700}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000ffec802866f183ab91b395423a0000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r7 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$DCCPDIAG_GETSOCK(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f0000000500)=ANY=[@ANYBLOB="4c0000001300a10000000000000000000b0000760000000000000200"/56, @ANYRES32=0x0, @ANYBLOB="00000000000000800900000004000000"], 0x4c}}, 0x4000040) sendmsg$key(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="02121f77bf00f1ff29bd7000000038355f16b5f550bb6092568c0000"], 0x10}}, 0x8000) ioctl$KDSIGACCEPT(r6, 0x5607, 0x38) getegid() read$FUSE(0xffffffffffffffff, &(0x7f0000000cc0)={0x2020}, 0x2020) getresgid(&(0x7f0000002d00), &(0x7f0000002d40), &(0x7f0000002d80)) 1.37459528s ago: executing program 0 (id=3532): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'erspan0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000780)=@newlink={0x50, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x7}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x24, 0x2, 0x0, 0x1, [@IFLA_HSR_MULTICAST_SPEC={0x5}, @IFLA_HSR_SLAVE2={0x8, 0x2, r1}, @IFLA_HSR_SLAVE1={0x8, 0x1, r3}, @IFLA_HSR_VERSION={0x5, 0x6, 0x51}]}}}]}, 0x50}}, 0x0) 1.373778423s ago: executing program 0 (id=3533): mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000006380)={0x2020}, 0x2020) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.controllers\x00', 0x26e1, 0x0) syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x4a202) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x800, 0x800}, 0x48) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bd2) getpgid(0xffffffffffffffff) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) shutdown(r0, 0x2) futex(0x0, 0x0, 0x0, 0x0, &(0x7f0000048000), 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x6) futex(&(0x7f000000cffc), 0x6, 0x3d, 0x0, 0x0, 0x2) futex(0x0, 0xb, 0x1, &(0x7f0000000280)={0x77359400}, 0x0, 0x1) bpf$MAP_CREATE(0x0, 0x0, 0x0) unshare(0x22020600) r2 = fsopen(&(0x7f00000000c0)='proc\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) fsmount(r2, 0x0, 0x0) fstat(r1, &(0x7f00000002c0)) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000001340)=[{}]}) mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x300000f, 0x11, 0xffffffffffffffff, 0x6440a000) r3 = syz_clone(0x0, 0x0, 0x5a, 0x0, 0x0, 0x0) ptrace(0x10, r3) ptrace$setregset(0x18, r3, 0x0, &(0x7f00000000c0)={0x0}) 879.573658ms ago: executing program 2 (id=3534): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CAP_DISABLE_QUIRKS(r1, 0x4068aea3, &(0x7f0000000080)={0x74, 0x0, 0x18}) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000300)) 879.304187ms ago: executing program 3 (id=3535): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_time\x00', 0x26e1, 0x0) close(r0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) ioctl$SIOCSIFHWADDR(r0, 0x8b20, &(0x7f0000000000)={'wlan1\x00', @random="c30020001400"}) 795.774104ms ago: executing program 3 (id=3536): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_GET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, r1, 0x701, 0x0, 0x0, {0x26}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x0) 794.552477ms ago: executing program 3 (id=3537): r0 = socket$kcm(0xa, 0x5, 0x0) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x2a0, 0x148, 0x4c, 0x0, 0x148, 0x73, 0x278, 0x258, 0x258, 0x278, 0x258, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @local, [], [], 'wg2\x00', 'bridge0\x00'}, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz0\x00'}}}, {{@ipv6={@local, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'vxcan1\x00', 'team0\x00'}, 0x0, 0xa8, 0xe0, 0x0, {0x4000000}}, @common=@inet=@SET3={0x38}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x300) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890c, &(0x7f0000000000)) 668.763423ms ago: executing program 2 (id=3538): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000}) ioctl$CEC_TRANSMIT(0xffffffffffffffff, 0xc0386105, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x6, 0x0, "9067591003f0b500691408e8e04b6229"}) ioctl$KVM_RUN(r3, 0xae80, 0x0) mremap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2000, 0x0, &(0x7f0000003000/0x2000)=nil) 668.061173ms ago: executing program 3 (id=3539): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/tty/ldiscs\x00', 0x0, 0x0) read$char_usb(r0, &(0x7f0000000000)=""/38, 0x26) read$char_usb(r0, &(0x7f0000000100)=""/170, 0xaa) getsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040), &(0x7f00000000c0)=0x4) ioctl$SNDRV_PCM_IOCTL_REWIND(r0, 0x40084146, &(0x7f0000000200)) r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(r1, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000100)={@map=r2, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) openat$vsock(0xffffffffffffff9c, &(0x7f0000008380), 0x46c882, 0x0) socket$netlink(0x10, 0x3, 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) mkdir(&(0x7f0000002340)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r4, 0x1, 0x2f, &(0x7f0000000340)=0xfffffff9, 0x4) socket$nl_route(0x10, 0x3, 0x0) r5 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'lo\x00'}) bind$inet(r4, &(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10) connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r4, &(0x7f0000000480)="fbbf0b5044e308cb7bd572aa2b42e9678bcf30eff9f3aed14dc94a114bd2b45956aebe2b108a87e865501a5f9e0383611afdd3f8bac3d5cfd7772a3ab48d0ba4b600731e357e38716c449fae7c28548a4f2105f44b8fd9b33041270ae01f1a405e3f650fc3b0926d481c364fca00000000000000006d3a3ede9fc738b8d86209c060161d5ddb5fcf3d09001117cdb9d055aa2d89fe3458720724853a876448d4a1fe9ef0569ad98a05ab5df763923b4e2c576e00000000000000000000000000000000002090666159e3075f7244cf4ec3d7814c0c934f44e200219e6dd7bc23397d5f2f2c76a5baddd0fd8c340362691ef226f7a0ac51b74b6be5ed6737948514cd466943d08eeb3895b80499da2b209da4f3ec5e3744ce3e863b0e04d0ec2f39edf50b6e08c4b47e448a35414763d687fbe3792ee15c5b9791310a346472723c100bf77a310b0ced8004b5ac6d48c40439f512e8ef34a53d65f55563f68136a577736ca5f6f66e01ef4ec2cdc8db34f6de50713adaa3f70189958263fddc1314f8a28ccdef6e1390c5fbaeadc3035d019f0dc75de307de6c0d010000000000000027083d1d5b4b013c503b863b560688d94de886b6dc73d5da2dfeff4bed1a49a975a6c8dbb480e4415ddca5657a5a8e3b111015499e952bb5e8d8f60de3d688df7802c6e8b27b31fac4e199038b79a3999920e634a5af162a9581b0e6647e410700246548234acacf9cb43ab332a37bbc926c39897395c974fda31536be523bf4260300730ae6136fecae5f0fa6ab2df8d98128b24589e3bbe5230e07dc5e0d65cc397e3f8204d48e59e8e294a6d7008ba8fba28cd5009fe1a7c569ce740078bf1c7389a6ba0f89257f0eac417aac0d2d89b05ee5dafa2f1d936c87264d077b2c0d5abdbc64ce943f895dd4c2e9dd7393543d89b00dc6b3a25045d4ec932366c67dfad087fa8dc104644828440bdf67dd97ebccb3bd", 0xfffffea5, 0xc000, 0x0, 0xfffffcef) recvmsg(r4, &(0x7f00000033c0)={&(0x7f00000003c0)=@ethernet={0x0, @dev}, 0x80, &(0x7f0000002040)=[{&(0x7f0000000080)=""/49, 0x31}, {&(0x7f0000000f80)=""/4096, 0xffffffe1}, {0x0}, {&(0x7f0000000100)=""/102, 0x66}, {&(0x7f00000021c0)=""/4096, 0x1000}], 0x5, &(0x7f0000001f80)=""/178, 0xb2}, 0x120) 387.105439ms ago: executing program 1 (id=3540): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r5 = dup(r4) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000024d564b000000eccd"]) ioctl$KVM_RUN(r4, 0xae80, 0x0) 375.23819ms ago: executing program 2 (id=3541): r0 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$DMA_HEAP_IOCTL_ALLOC(r0, 0xc0184800, 0x0) 298.869786ms ago: executing program 2 (id=3542): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7ffffdff}]}) r0 = syz_open_dev$swradio(&(0x7f0000000080), 0x0, 0x2) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) readv(r0, &(0x7f0000002240)=[{&(0x7f00000000c0)=""/4096, 0x1000}], 0x1) stat(&(0x7f0000001100)='./bus\x00', &(0x7f0000001140)) r1 = syz_open_dev$loop(&(0x7f0000000100), 0x8000000000000, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0) write$binfmt_aout(r2, &(0x7f00000010c0)=ANY=[], 0x1a3) write$binfmt_misc(r2, &(0x7f0000001000)=ANY=[@ANYBLOB="208588e01455bc18", @ANYBLOB="588c90aadaedde6a2e64f465b0fcbcb8b6449c2f317140214a9be29c9e467325a38e1b43cddd210783f3dc083935e3b9dbfc09a3e0b8febcada80457edb6649176ddb8"], 0xe09) ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000002c0)={r2, 0x0, {0x2a00, 0x80010000, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}}) ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x3) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000012c0)={&(0x7f00000011c0)="2b96fa110809a5094ab4846d49973827982828dba625e85792aa", &(0x7f0000001200), 0x0, &(0x7f0000002280)="41dc2a99046105c099771c13956d3e255e69dbbd52338030ab38e94f2ec415a930eec38d4495698a3b0b32f498600f407fcf2e99174fa0b1ab37f111c170dbe78ed8cf935af84e80a9b54acce8c130821a770286e0cfd4f53bd0a14d72602894be65cfe5725dbfea1e2ac082fc6a4b4adbdf98e787500b00ef1db89800b5a225b7cdfb98d661a3a74f4388b18da1bd09213c33d03665fe5367330285fc81f3ebcab6897e7a73eb6f66ed0e60b2dcdced172f8365287f290d183c4e73b36024b184da9b657c10f174edbfa9f206408b92cac8651d9baee988b43856c740c98894eea14b2ad5def031558e62d2f7a1c1cfda9c1d58856fee34c78753b3b58a10fb9be9a686e344a2ce110b4db98a766bfea85d6f5ff7f2798915b83d24244ac843fd1d5f764b6c5181b1d44bf0c8c42295c2a5aca8ba376798b392252fdc2f53dd435c691dc74fa120a436c44b8b131145eaaaf9d1e4a1773f519424cf780916c38a67a7294da76d4bbff379afe89eaad790679ea572a59fbff17e9fe3d2c9b993810bb49024192f7c07484f4dca90305197ca42df836036e9cc08684cd7b17e4af3510f2ca5af997f31a0ff1fc0dfc61da7034379e81df00e23f0f76f3576d04a39b1480578ebdbde5717711c9939080b858bc0a870b2504c0710ed5acea160a7c3c1a7ccb0087f20fefa6c2791abeb8efc0de5efe65e537aa970b9f8cc09a9cb75e3e7d2dcf3b9866def207cdb903135e3f27c513cb9ca0a50538de5050576f23d0ae8ad085e1246b25b6014a174e67f9646474e1e04ffdafe34d8aeee4156649f91433661f9ad07057dc989840656dfedf75c356e30fd1c697eb59e60870253211443fd32ea6111b76da8ba3db62e742d6524f95dced71984a843a773fd47dac554f5e23bdc30dbcb24733744e10a3862b0a5cbdfc4cadab4f85911bea678be2a665e9dd7d2e1e09e17d5510d083399c2f6d8f0fb79a5d44fd2ee717fe973848276e9b6d7a8070f39e372f3da81c0ac2ad299cf5584eccafb0faf71d23b5ec0d88124970a13599f9090c27afc8bab81e4f791dd32af5ce753007f69a98597b544868c6062d2ceba67b7d16bd4a9f6c0fbf8490f510500d1c3bb62d3dc0042b6107f58f9612e2db7c9fa469425909740baa228845cf2e6c77f0923a0de2a08d420e1701c2d0e3555686006d04fb0113101bde9c9a6502e758e59317e149401f1c9947e3f7a10fe0e27b6384015cc85abb090733bf0ac7377c9f492cc0405fa2b918cdc7066af4f89edd0990c6c96920a8071fdb019a275e36df1534f6798bf4d94cbcd6c1a80e46e107844e525d0eb62682437433e4f113274c3e74e5a23cbbd006a1f269868c564c8c881d6102ac004ec201b5c5c7768f98ed8c745bd931441b7de62bde88401f4134b5d7a01028df68b1b60a8f840fd26a8f9dd992b7ad69fd2f323368dcc2e8d88531f40486fa33eb98800757d53e1f1aa5e2706e2a5f32f7143fdc2fb2de358e834d8fc0de50bc742d027c8abb17a35c8b754143585385a01626fd98cdb12e5c1ec30b44bc9b805e205d0577b8088dfc52259d3d9f97c8615e990c5bc5fd69b64aed50c0f46cae4e445e5bbf8441b4f62b59b3d458bbec3b6993e7b9903f325d22a083340eb859072d9dafa7465894ebdc57e874dc3fb329bc3a85ea9c6a97a61377bd756bd78ad45f1013b9c189c4eedc617a56c28230c76ac226a2da060c89f1c7d24058998f82325637df46f81490d0b70f5d357048658e10357398d52331d01100b27c7cc76f25da94181b35fb5ec6d5d1c207ac0b85de9b8387ad9209b3d7d4aeaa15f139995abe41eaf32a17d6076c59f29bcf425b4a23fd71d85631ad51c520287a2521e010b135246e7f8de6898a6aa386ba5e449666731dc04510bc58a3150a0e1071c51923fa288e8c365e54055d93ae27ffc8b6f6633294a3af097968e2d7dcfb9777e5ef9e1cabd309956c782b20c51fcda643c3e47e926fce449a84ac1cedccc7965de1d9a6d80ca722ef5cae75d49c0a571e2f60708aabaf2afc495ce385ff4fdef848d4fafd73c38d493b68f6c57af4141c4317b4b9b26c40425072d71f2d3d49ce9e71316a0172abc31e8822affb52a85ff95c92c44f96e19a618dd8b666185f855911cf9ae70c025715178a4e6156042bfc9c4c266216f2e315282ec0bdc29dc952cf7878b0b955e25cba50e6d1d1403b4d17c8775976946e24cd5c9eac0e146d0ff9c4f857ef1f39c620f969be409fc64c8fbd747db0b2ac612a8acc56230ffa90f5f71d92af904a2245dcb7680da1075c9cd6eb6764bb805809e49dd2039858be4e3870b3be54fbe9d70d370ff2bbb7b20f40fae1519ce2fc38f9717193eaa8b04e9f8645bc49b9ebc80470637cddbd5b7aa767f658b5e5faa15b1164ea2ab423a71889189801408986fc7b4e509e67f4a4aaf8572a0e6a99fc5d6363c9387277f2ac066ea897aa0634db92fb6896ddb6581160ac6ea54c565296daf8f27035ff9092fb593b634982e65a08798fd49a0b43be2a229d2f7a048a7361c945a5244fb66dc5fb40e3646d6bfaa0f1852d5feff5997e854aab1dc49d12ea76540396731c6ec08bea475b7d7202dce7119c249273829a1b99cf204a889d66212d766a6a64aaf36fdc87887e233226d7ebf1ab8e18939927568764e8dc6bcdf101585f49479000f34d7c17ea5aa5a3e03d5dbc4630269ea251002a1c12413258f0136cece67db078c7db174d9fbfb3dfc62a512bce1ee4a6f214fcdee5d614e2389601b77409339e54bccb439e4f83013d912127664bcc3812016a236153e802c6468df611507e01fc968695bac16d210a0cfc66e6950bd4b3331c461312a85a91b688b75d301e17df5df1eadc2722d550109f96701b3eaa7427bc96666c495848882d6f064131fdafd65ad30b5ffe55ed61f83bf46010323b9343d7347b27ee3b53cbc1216faaf1211dc9a5e74d0e3d1ea3fcf315d0ae577d84a8d9463878f53696f546621e79a61de0d447c4c6fecc35596306b68b0d0a62cf9cb0ace3ffe965a5446af69144427d38d42f39c33daf414ca56701bee97797bb90e536f951b1f4aa6da60b288e8db18ad64b058c0f82f8b65fecaa5afb713b744c31c86c15e6dfb0cb4722eba194374c4742abad3e12833ff29e9e5f70a849e514d5282c218699865f7f5fd6ff7a8d0dfb4130a863eabe7e089d471c31df9edf92cf9f3c43011bb2bd3af67cdac82e7d1ee44a838615284f11f36eb52676cdb558a345ed9c0d00143446bef923c6abc4b13392e1baa9f6a08cc209fea86bfc1a7057206eb3b78e5fd9fad80adec8c9d59978b2c7768075190a23d2820c19967d741c3cc245f0ad54a39d861139d9cab7178f335ea1f8c9d0a249049c3106c597f56ebb26904471699919647c765dfdd72d08ab5de57516b5954a0475169efd9afd7132244991b2e7bfb1d5c24ad3bef32912f803e0635e294ce1389534284ce1c55ed87bbd3cf96320b4879dcad808b3f26f63ef43f1d87b3ed3dabc02f82bac2513ae799e4f7ad2893a2e9f52be1461cf7f8adc0c5ee455dc8f95fe79408aa71a0d8272f1540e1b5aef0b078509baa62d328f430c092b6cee8b49eb13dcdd1b5c04ba6f65bebb29f685fc92438b339908e6f2c8fec9ae213b9a827b2135d815f822877ae470e074a69e1287f094f282b03b289d8fcdb47ac6c08fe3df920be62bac8b5b1208470dc05753f099db67886840435f97a6014ceb23a8c4bbbe01775d7dfb8cb6ea80e73fa88a3689e0ed206af0bea98c7da669959d8984beb1f131be6183d33c10c8e286b6a9af6637acc730e4ce40515835afdad5927429b86867dc6f4b60f9270a436faeffa23b521921299a25d737f2866c69d74f94983d97a5749f5353d8a9a72ce625652f0e70310fdb6ee6dc18df8c10498ae91816fa79b556f668dc8e00f9520bd7a8247c3adb50e22f9991f5fa0a5e07f549f678b07df6d7e59e9539ebb9e6b40166fb7f5b19245df7a1f881e8eeadc884e56d4a9d60486e3113145f985ffda09b7171e5be43c35728caeb65a2fef901edaa54578f7495424f676b9eab7071b5cd4d6aabfe1f1ada763001604a4758f13f0c7a776790b03bae2ddf6ca7ba45839a1cdc9b6772c2aae06fa626ad9b0db949a72292860b5d879b5f72610add80547d98684d88978aaa6128fa53b129c3066948b5b8fca510d37da704410eace93d60e6dc5de47f7ff71fcdfd69c2f7ac8c743b30a900ea0e8fe4c0b61ba95c1f75de53c5f28604c4ae1fed38d8ef6f4c66eaaa7bbdfc0b3e711d93207dcbb74bd21f5d23ebc5ed92c84f0a494fdc2a3633347cec5cb91ca0afba9b46ceef5d3b129f9314ce717460564bd4d2970256f8ca9ecd69f39af74e480c614047fccb77d7f724382b5f0f3fb7e90d2f7343fe2c8d4689eac270555dd0e99bcc3f63ce49d81ce53f5e0235a1c7c1926364ca085efd0fa8614789196b2f94d595c02b744ddefdd15005aaf0a9a72e772ca91ad8f5e016154e12638d6ae5226b5427172241abdbc1a7c79508bb88a028ef3025859450e45167fa497ec33735bc4af29abefa2a5a69d29120850d5126dd4eba425b980ce625a28a6f5bccfde29c74e7eaba275516aab521863154ff4e8e4d33b212e1bd0f630287e3c7b32621e3294991c1f603109a00b36ac34c134f5de488b37b8211749386ec443dca0213b003604a2f99e532d6b84e65ea363ac591d339554bc70262342b426616e90fa9afbd8c4e2f3d2e3fcdcbea249ad2bd2ee88a1fd41d0502c10f3b329514563620c59b207ca5fa04356b06159dc1478d6a8b81b649c1c64f22136dffdbf91d976666cc5f2eb0cc6053fb27bc50ad7752d19d578ebec94cd2c46b1bfd75f36edaba32d6b50918799151880afc5626e483b01dd0f71600342f562019374c2a5afae01bc78ab0973b619e4f0d660964493967472c9549f3b02926d4d14a31e0b0bb8f0639e67497ef3229c2b109fd2206bd5d88b32272f87370fc494d3b2ce3c8e05ec0ff581142775f4577a09b1f7e72145f1c46ea7364d85f4bd642fd587b96b9ca539ef3359cb8e2f840f16b5bb424d9c00119d657e6bc0e10638fc938647a1afb8bad8c8574c1a5562836b1572ac508ecd278acfb9a9627c8bb8bc7f5531be0405f5655d71fef246ff4fb012037dc95306a05675ab2d93e8121b7bf324e610228b14a711374e465d246d1ef743c5f696c390dcea6277b5b2dcdfeb2b3aee573c411d5444a26a134070c967afca5bb57d7d9b62ab33595b02b4c5a7b51b3f7ce2f7c5d34c55fe84114858e2b6cede22c8d537081931f943b09ff86967f7493ee0f0d07481997d2adfa86da8c4adb87df32bbaf44cf6a77f54777d5249758173918a1afda44b4944f32a400d243d86c69194e0114ddb5935bb0bd61fa09d2a5a7d0aa1ee1a97d8f22c92e67738265ccbd87090de14ecda9af189acb60b718b2077644e904808f3bc2a8d585160a8d63c8a948bf6faf7721d10868a01a790a50e6fc162c1a6ee19da6b1c96ee68b31765b4e34d809d1593153c7e6d14f3eea39e04543da5f96e4981c1549602da978793693fbfaafccda77469a0d8948065d3bf90919c54bfde345bb28f9b8135d865c145c5e31a9615f296243323f2b8f42dbec1d630a22c0ad39db2b2161f83c99316249b13297069baf0a5482855a147a75588359a2af426f7ff83621bbe743e6c7657b568bb611567a97191674408fa9a642120970b85d390bd98d42743b5b7bebc746e9a8b5da88e", 0x7, r2, 0x4}, 0x38) socket$inet6(0xa, 0x3, 0x0) userfaultfd(0x801) 26.755128ms ago: executing program 2 (id=3543): r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000004000000000000000000190095"], &(0x7f00000001c0)='syzkaller\x00'}, 0x90) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000001840)={r0, r2, 0x25, 0x0, @val=@netfilter}, 0x40) syz_emit_ethernet(0xe, &(0x7f0000001540)={@empty, @remote, @void}, 0x0) 0s ago: executing program 0 (id=3544): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000013000100000000000000000007000000", @ANYRES32=r1, @ANYBLOB="000000000000000014001a80100004800c000580080001"], 0x34}}, 0x0) kernel console output (not intermixed with test programs): ready exists on: batadv_slave_0 [ 246.193445][T11060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.194327][T11181] input: syz1 as /devices/virtual/input/input24 [ 246.197497][T11060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 246.204947][T11060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.210792][T11060] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 246.226168][T11060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 246.234099][T11060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.239455][T11060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 246.243214][T11060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.247362][T11060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 246.252657][T11060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.256532][T11060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 246.260905][T11060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.264980][T11060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 246.269204][T11060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.279361][T11060] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 246.288371][T11060] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 246.291347][T11060] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 246.294428][T11060] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 246.298493][T11060] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 246.422991][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 246.426655][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 246.463902][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 246.467489][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 246.736854][ T827] kernel write not supported for file /adsp1 (pid: 827 comm: kworker/0:3) [ 246.739507][T11194] netlink: 'syz.2.2314': attribute type 2 has an invalid length. [ 246.745068][T11194] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2314'. [ 246.895993][ T39] audit: type=1400 audit(1720714460.410:722): avc: denied { read } for pid=11209 comm="syz.1.2320" path="socket:[38582]" dev="sockfs" ino=38582 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 247.257964][ T828] usb 16-1: device descriptor read/8, error -110 [ 247.352487][T11222] netlink: 'syz.2.2326': attribute type 2 has an invalid length. [ 247.357557][T11222] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2326'. [ 247.489245][ T5242] kernel write not supported for file /adsp1 (pid: 5242 comm: kworker/3:3) [ 247.703500][ T828] usb usb16-port1: attempt power cycle [ 248.120281][ T829] usb 7-1: new high-speed USB device number 16 using dummy_hcd [ 248.248271][ T39] audit: type=1400 audit(1720714461.760:723): avc: denied { bind } for pid=11247 comm="syz.1.2337" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 248.313271][ T829] usb 7-1: too many configurations: 65, using maximum allowed: 8 [ 248.333922][ T829] usb 7-1: config index 0 descriptor too short (expected 35451, got 36) [ 248.337767][ T829] usb 7-1: config 255 has too many interfaces: 248, using maximum allowed: 32 [ 248.346557][ T829] usb 7-1: config 255 has an invalid descriptor of length 0, skipping remainder of the config [ 248.352329][ T829] usb 7-1: config 255 has 0 interfaces, different from the descriptor's value: 248 [ 248.359596][ T829] usb 7-1: config index 1 descriptor too short (expected 35451, got 36) [ 248.360602][ T827] kernel write not supported for file /adsp1 (pid: 827 comm: kworker/0:3) [ 248.363437][ T829] usb 7-1: config 255 has too many interfaces: 248, using maximum allowed: 32 [ 248.382455][ T828] usb usb16-port1: unable to enumerate USB device [ 248.385860][ T829] usb 7-1: config 255 has an invalid descriptor of length 0, skipping remainder of the config [ 248.392266][ T829] usb 7-1: config 255 has 0 interfaces, different from the descriptor's value: 248 [ 248.398597][ T829] usb 7-1: config index 2 descriptor too short (expected 35451, got 36) [ 248.402432][ T829] usb 7-1: config 255 has too many interfaces: 248, using maximum allowed: 32 [ 248.405909][ T829] usb 7-1: config 255 has an invalid descriptor of length 0, skipping remainder of the config [ 248.412978][ T829] usb 7-1: config 255 has 0 interfaces, different from the descriptor's value: 248 [ 248.417876][ T829] usb 7-1: config index 3 descriptor too short (expected 35451, got 36) [ 248.421490][ T829] usb 7-1: config 255 has too many interfaces: 248, using maximum allowed: 32 [ 248.426457][ T829] usb 7-1: config 255 has an invalid descriptor of length 0, skipping remainder of the config [ 248.432214][ T829] usb 7-1: config 255 has 0 interfaces, different from the descriptor's value: 248 [ 248.438984][ T829] usb 7-1: config index 4 descriptor too short (expected 35451, got 36) [ 248.442755][ T829] usb 7-1: config 255 has too many interfaces: 248, using maximum allowed: 32 [ 248.447068][ T829] usb 7-1: config 255 has an invalid descriptor of length 0, skipping remainder of the config [ 248.452356][ T829] usb 7-1: config 255 has 0 interfaces, different from the descriptor's value: 248 [ 248.457691][ T829] usb 7-1: config index 5 descriptor too short (expected 35451, got 36) [ 248.462833][ T829] usb 7-1: config 255 has too many interfaces: 248, using maximum allowed: 32 [ 248.466844][ T829] usb 7-1: config 255 has an invalid descriptor of length 0, skipping remainder of the config [ 248.471535][ T829] usb 7-1: config 255 has 0 interfaces, different from the descriptor's value: 248 [ 248.476943][ T829] usb 7-1: config index 6 descriptor too short (expected 35451, got 36) [ 248.481265][ T829] usb 7-1: config 255 has too many interfaces: 248, using maximum allowed: 32 [ 248.485396][ T829] usb 7-1: config 255 has an invalid descriptor of length 0, skipping remainder of the config [ 248.490083][ T829] usb 7-1: config 255 has 0 interfaces, different from the descriptor's value: 248 [ 248.495484][ T829] usb 7-1: config index 7 descriptor too short (expected 35451, got 36) [ 248.499253][ T829] usb 7-1: config 255 has too many interfaces: 248, using maximum allowed: 32 [ 248.503134][ T829] usb 7-1: config 255 has an invalid descriptor of length 0, skipping remainder of the config [ 248.507525][ T829] usb 7-1: config 255 has 0 interfaces, different from the descriptor's value: 248 [ 248.512116][ T829] usb 7-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d [ 248.516093][ T829] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 248.682865][T11277] netlink: 'syz.1.2348': attribute type 2 has an invalid length. [ 248.686547][T11277] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2348'. [ 248.766153][ T5242] usb 7-1: USB disconnect, device number 16 [ 248.887175][ T829] kernel write not supported for file /adsp1 (pid: 829 comm: kworker/2:3) [ 248.916327][T11290] netlink: 248 bytes leftover after parsing attributes in process `syz.0.2355'. [ 248.922202][T11290] NCSI netlink: No device for ifindex 0 [ 249.146078][T11302] netlink: 'syz.0.2359': attribute type 2 has an invalid length. [ 249.149900][T11302] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2359'. [ 249.195938][T11307] pimreg: entered allmulticast mode [ 249.328273][T11309] nbd: socks must be embedded in a SOCK_ITEM attr [ 249.362982][T11312] syz.1.2362[11312] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 249.363149][T11312] syz.1.2362[11312] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 249.393693][T11315] netlink: 248 bytes leftover after parsing attributes in process `syz.2.2365'. [ 249.403338][T11315] NCSI netlink: No device for ifindex 0 [ 249.476016][ T39] audit: type=1400 audit(1720714462.990:724): avc: denied { read } for pid=11317 comm="syz.2.2367" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 249.535020][ T39] audit: type=1400 audit(1720714463.050:725): avc: denied { bind } for pid=11322 comm="syz.2.2368" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 249.718133][T11333] netlink: 'syz.2.2374': attribute type 3 has an invalid length. [ 249.733812][T11335] support for the xor transformation has been removed. [ 249.748967][T11333] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2374'. [ 250.691399][ T5206] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 250.695790][ T5206] Bluetooth: hci2: Injecting HCI hardware error event [ 250.708243][ T5206] Bluetooth: hci2: hardware error 0x00 [ 251.197134][ T39] audit: type=1400 audit(1720714464.710:726): avc: denied { connect } for pid=11371 comm="syz.1.2390" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 251.208324][ T39] audit: type=1400 audit(1720714464.730:727): avc: denied { write } for pid=11371 comm="syz.1.2390" path="socket:[40310]" dev="sockfs" ino=40310 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 251.872455][T11394] support for the xor transformation has been removed. [ 252.412304][T11419] ipt_rpfilter: unknown options [ 252.515497][T11423] netlink: 9 bytes leftover after parsing attributes in process `syz.1.2410'. [ 252.523490][T11423] gretap0: entered promiscuous mode [ 252.551032][T11423] netlink: 5 bytes leftover after parsing attributes in process `syz.1.2410'. [ 252.564632][T11423] 0ªX¹¦D: renamed from gretap0 [ 252.574181][T11423] 0ªX¹¦D: left promiscuous mode [ 252.577333][T11423] 0ªX¹¦D: entered allmulticast mode [ 252.582723][T11423] A link change request failed with some changes committed already. Interface 30ªX¹¦D may have been left with an inconsistent configuration, please check. [ 252.661618][ T39] audit: type=1326 audit(1720714466.180:728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz.1.2410" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feb69775bd9 code=0x0 [ 252.853948][ T5206] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 253.112629][T11441] pimreg: entered allmulticast mode [ 253.293442][T11443] syz.0.2416[11443] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 253.294346][T11443] syz.0.2416[11443] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 253.493500][T11459] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 253.513242][T11459] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 253.625697][T11466] netlink: 9 bytes leftover after parsing attributes in process `syz.2.2427'. [ 253.634050][T11466] gretap0: entered promiscuous mode [ 253.654183][T11466] netlink: 5 bytes leftover after parsing attributes in process `syz.2.2427'. [ 253.658415][T11466] 0ªX¹¦D: renamed from gretap0 [ 253.663192][T11466] 0ªX¹¦D: left promiscuous mode [ 253.665768][T11466] 0ªX¹¦D: entered allmulticast mode [ 253.670089][T11466] A link change request failed with some changes committed already. Interface 30ªX¹¦D may have been left with an inconsistent configuration, please check. [ 253.709614][ T39] audit: type=1326 audit(1720714467.230:729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11465 comm="syz.2.2427" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f127f575bd9 code=0x0 [ 253.891559][T11478] kvm: emulating exchange as write [ 255.439817][T11521] pimreg: entered allmulticast mode [ 255.533622][T11526] syz.2.2449[11526] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 255.533778][T11526] syz.2.2449[11526] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 256.584348][T11572] mmap: syz.0.2469 (11572): VmData 33267712 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 258.620938][ T39] audit: type=1400 audit(1720714472.140:730): avc: denied { watch } for pid=11647 comm="syz.3.2494" path="/proc/1510/task" dev="proc" ino=40646 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 258.958093][ T828] usb 7-1: new high-speed USB device number 17 using dummy_hcd [ 259.137960][ T828] usb 7-1: Using ep0 maxpacket: 32 [ 259.149829][ T828] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 259.154795][ T828] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 259.160058][ T828] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 259.167941][ T828] usb 7-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00 [ 259.171433][ T828] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 259.188002][ T828] usb 7-1: config 0 descriptor?? [ 259.516228][ T39] audit: type=1400 audit(1720714473.030:731): avc: denied { unlink } for pid=5201 comm="syz-executor" name="file0" dev="tmpfs" ino=3445 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 259.626911][ T828] ntrig 0003:1B96:000A.000E: hidraw1: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.2-1/input0 [ 259.966495][ T39] audit: type=1400 audit(1720714473.470:732): avc: denied { create } for pid=11697 comm="syz.1.2515" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=blk_file permissive=1 [ 260.088392][T11709] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2519'. [ 260.431101][ T828] usb 7-1: USB disconnect, device number 17 [ 260.466569][ T39] audit: type=1400 audit(1720714473.980:733): avc: denied { bind } for pid=11724 comm="syz.1.2526" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 260.479709][ T39] audit: type=1400 audit(1720714474.000:734): avc: denied { getopt } for pid=11724 comm="syz.1.2526" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 261.426490][T11757] syzkaller0: entered promiscuous mode [ 261.427834][ T39] audit: type=1326 audit(1720714474.940:735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11758 comm="syz.0.2539" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f81e7375bd9 code=0x0 [ 261.429073][T11757] syzkaller0: entered allmulticast mode [ 261.564478][T11772] netlink: 308 bytes leftover after parsing attributes in process `syz.1.2544'. [ 261.585010][T11772] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2544'. [ 261.655540][T11774] hpfs: Bad magic ... probably not HPFS [ 262.061090][ T1361] ieee802154 phy0 wpan0: encryption failed: -22 [ 262.063725][ T1361] ieee802154 phy1 wpan1: encryption failed: -22 [ 265.455996][T11805] hpfs: Bad magic ... probably not HPFS [ 265.579176][ T827] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 265.731960][T11822] usb usb8: usbfs: process 11822 (syz.1.2560) did not claim interface 0 before use [ 265.783333][ T827] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 265.793684][ T827] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 265.803026][ T827] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 265.808984][ T827] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 265.813028][ T827] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 265.820892][ T39] audit: type=1400 audit(1720714479.330:736): avc: denied { ioctl } for pid=11815 comm="syz.3.2559" path="socket:[43103]" dev="sockfs" ino=43103 ioctlcmd=0x64b2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 265.849506][ T827] usb 5-1: config 0 descriptor?? [ 266.135231][ T39] audit: type=1400 audit(1720714479.650:737): avc: denied { setattr } for pid=11795 comm="syz.0.2551" name="NETLINK" dev="sockfs" ino=41270 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 266.469842][T11836] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2563'. [ 266.488552][T11836] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2563'. [ 266.515609][T11836] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2563'. [ 266.528324][T11836] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2563'. [ 266.532768][T11836] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2563'. [ 266.584454][T11836] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2563'. [ 266.590811][T11836] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2563'. [ 266.595116][T11836] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2563'. [ 266.599634][T11836] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2563'. [ 266.603842][T11836] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2563'. [ 266.624742][T11837] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=55 sclass=netlink_route_socket pid=11837 comm=syz.2.2563 [ 266.630130][ T827] usbhid 5-1:0.0: can't add hid device: -71 [ 266.630432][T11837] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=55 sclass=netlink_route_socket pid=11837 comm=syz.2.2563 [ 266.635496][ T827] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 266.652422][ T827] usb 5-1: USB disconnect, device number 12 [ 267.062787][T11861] No control pipe specified [ 267.110464][T11865] Bluetooth: MGMT ver 1.22 [ 267.343206][T11882] hpfs: Bad magic ... probably not HPFS [ 267.410793][T11886] No control pipe specified [ 267.737933][ T827] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 267.956980][ T827] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 267.962430][ T827] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 267.969105][ T827] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 267.986308][ T827] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 267.991014][ T827] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 268.001272][ T39] audit: type=1400 audit(1720714481.520:738): avc: denied { read } for pid=11909 comm="syz.3.2594" name="file0" dev="9p" ino=35922766 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 268.006362][ T827] usb 5-1: config 0 descriptor?? [ 268.018241][ T39] audit: type=1400 audit(1720714481.530:739): avc: denied { open } for pid=11909 comm="syz.3.2594" path="/686/file0/file0" dev="9p" ino=35922766 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 268.066686][T11910] syz.3.2594 (11910) used greatest stack depth: 20000 bytes left [ 268.199871][T11916] binder: 11915:11916 ioctl 400c620e 20000380 returned -22 [ 268.824409][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.831970][ T39] audit: type=1400 audit(1720714482.350:740): avc: denied { ioctl } for pid=11959 comm="syz.3.2618" path="/dev/uhid" dev="devtmpfs" ino=1111 ioctlcmd=0x7439 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 268.853605][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.859598][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.861938][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.864890][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.868696][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.871987][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.875049][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.878502][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.882782][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.886966][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.891530][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.896202][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.899541][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.902724][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.905959][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.910045][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.913509][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.918229][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.922372][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.928328][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.934836][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.938386][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.942318][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.945913][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.949425][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.953097][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.958627][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.962584][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.967555][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.971387][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.975006][ T5265] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 268.988776][ T5265] hid-generic 0000:0000:0000.000F: hidraw1: HID v0.00 Device [syz0] on syz0 [ 269.016994][ T827] usbhid 5-1:0.0: can't add hid device: -71 [ 269.021719][ T827] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 269.030515][ T827] usb 5-1: USB disconnect, device number 13 [ 269.038685][T11966] No control pipe specified [ 269.277982][ T39] audit: type=1400 audit(1720714482.770:741): avc: denied { read } for pid=11970 comm="syz.1.2621" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 269.296144][ T39] audit: type=1400 audit(1720714482.770:742): avc: denied { open } for pid=11970 comm="syz.1.2621" path="/186/file0/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 269.315465][ T39] audit: type=1400 audit(1720714482.770:743): avc: denied { ioctl } for pid=11970 comm="syz.1.2621" path="/186/file0/file0" dev="fuse" ino=0 ioctlcmd=0x125f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 269.680809][T11984] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=55 sclass=netlink_route_socket pid=11984 comm=syz.1.2626 [ 269.689911][T11984] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=55 sclass=netlink_route_socket pid=11984 comm=syz.1.2626 [ 269.967007][T12004] [U]  [ 270.009765][ T39] audit: type=1400 audit(1720714483.530:744): avc: denied { create } for pid=12006 comm="syz.1.2636" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 270.018308][ T39] audit: type=1400 audit(1720714483.530:745): avc: denied { connect } for pid=12006 comm="syz.1.2636" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 270.135955][T12009] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=55 sclass=netlink_route_socket pid=12009 comm=syz.1.2637 [ 270.143480][T12009] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=55 sclass=netlink_route_socket pid=12009 comm=syz.1.2637 [ 270.168590][ T827] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 270.371556][ T827] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 270.376802][ T827] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 270.381189][ T827] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 270.386941][ T827] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 270.391970][ T827] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 270.399254][ T827] usb 5-1: config 0 descriptor?? [ 270.833543][T12047] netlink: 'syz.1.2654': attribute type 4 has an invalid length. [ 271.075164][ T827] usbhid 5-1:0.0: can't add hid device: -71 [ 271.078060][ T827] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 271.095610][ T827] usb 5-1: USB disconnect, device number 14 [ 271.713421][ T39] audit: type=1400 audit(1720714485.230:746): avc: denied { listen } for pid=12069 comm="syz.2.2663" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 271.760967][ T39] audit: type=1400 audit(1720714485.230:747): avc: denied { setopt } for pid=12069 comm="syz.2.2663" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 271.867176][ T39] audit: type=1400 audit(1720714485.380:748): avc: denied { shutdown } for pid=12078 comm="syz.0.2667" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 271.884587][T12081] fuse: Unknown parameter 'váô(.Kt³?¥lɦ*+Wð{#o0÷Qš9¯©.kM}Z' [ 271.886408][ T39] audit: type=1400 audit(1720714485.380:749): avc: denied { write } for pid=12078 comm="syz.0.2667" path="socket:[44090]" dev="sockfs" ino=44090 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 271.964029][T12083] netlink: 'syz.3.2669': attribute type 9 has an invalid length. [ 272.245072][T12112] netlink: 'syz.3.2683': attribute type 9 has an invalid length. [ 272.787425][T12132] fuse: Unknown parameter 'váô(.Kt³?¥lɦ*+Wð{#o0÷Qš9¯©.kM}Z' [ 273.152234][T12150] tmpfs: Unknown parameter 'uid<00000000000000060929' [ 273.711438][ T39] audit: type=1400 audit(1720714487.230:750): avc: denied { map } for pid=12155 comm="syz.0.2699" path="/dev/nullb0" dev="devtmpfs" ino=691 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 273.739901][ T39] audit: type=1400 audit(1720714487.230:751): avc: denied { execute } for pid=12155 comm="syz.0.2699" path="/dev/nullb0" dev="devtmpfs" ino=691 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 274.539476][T12172] fuse: Unknown parameter 'váô(.Kt³?¥lɦ*+Wð{#o0÷Qš9¯©.kM}Z' [ 274.579458][T12178] tmpfs: Unknown parameter 'uid<00000000000000060929' [ 274.951776][T12198] __nla_validate_parse: 54 callbacks suppressed [ 274.951800][T12198] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2715'. [ 275.042306][T12200] tmpfs: Unknown parameter 'uid<00000000000000060929' [ 275.818978][ T25] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 276.059521][ T25] usb 5-1: Using ep0 maxpacket: 8 [ 276.078109][ T25] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 276.083706][ T25] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 276.090520][ T25] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 276.096761][ T25] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 276.104552][ T25] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 276.111462][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 276.401459][ T25] usb 5-1: GET_CAPABILITIES returned 0 [ 276.405045][ T25] usbtmc 5-1:16.0: can't read capabilities [ 276.620170][ T25] usb 5-1: USB disconnect, device number 15 [ 277.189783][T12228] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2724'. [ 277.545375][ T39] audit: type=1400 audit(1720714491.060:752): avc: denied { bind } for pid=12244 comm="syz.3.2732" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 277.609483][T12235] overlay: filesystem on ./bus not supported as upperdir [ 278.037989][ T25] usb 7-1: new high-speed USB device number 18 using dummy_hcd [ 278.237990][ T25] usb 7-1: Using ep0 maxpacket: 8 [ 278.244767][ T25] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 278.250179][ T25] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 278.254912][ T25] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 278.259236][ T25] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 278.264647][ T25] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 278.270558][ T25] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 278.502396][ T25] usb 7-1: GET_CAPABILITIES returned 0 [ 278.504912][ T25] usbtmc 7-1:16.0: can't read capabilities [ 278.720860][ T5265] usb 7-1: USB disconnect, device number 18 [ 279.012885][ T39] audit: type=1400 audit(1720714492.530:753): avc: denied { create } for pid=12263 comm="syz.0.2737" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 279.022161][ T39] audit: type=1400 audit(1720714492.540:754): avc: denied { setopt } for pid=12263 comm="syz.0.2737" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 279.103894][ T1094] Bluetooth: hci4: Frame reassembly failed (-84) [ 279.114024][T12266] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 280.168202][ T5265] usb 7-1: new high-speed USB device number 19 using dummy_hcd [ 280.358068][ T5265] usb 7-1: Using ep0 maxpacket: 8 [ 280.365861][ T5265] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 280.373842][ T5265] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 280.378255][ T5265] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 280.382915][ T5265] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 280.388441][ T5265] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 280.392621][ T5265] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 280.628466][ T5265] usb 7-1: GET_CAPABILITIES returned 0 [ 280.632599][ T5265] usbtmc 7-1:16.0: can't read capabilities [ 280.693266][ T39] audit: type=1400 audit(1720714494.200:755): avc: denied { write } for pid=12295 comm="syz.3.2752" name="task" dev="proc" ino=44414 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 280.723323][ T39] audit: type=1400 audit(1720714494.210:756): avc: denied { add_name } for pid=12295 comm="syz.3.2752" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 280.748342][ T39] audit: type=1400 audit(1720714494.210:757): avc: denied { create } for pid=12295 comm="syz.3.2752" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=file permissive=1 [ 280.757138][ T39] audit: type=1400 audit(1720714494.210:758): avc: denied { associate } for pid=12295 comm="syz.3.2752" name="bus" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 280.843988][ T5265] usb 7-1: USB disconnect, device number 19 [ 281.168249][ T5214] Bluetooth: hci4: command 0x1003 tx timeout [ 281.173065][ T5206] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 281.872176][T12345] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2770'. [ 281.881481][T12345] openvswitch: netlink: Flow key attr not present in new flow. [ 282.257988][ T39] audit: type=1400 audit(1720714495.710:759): avc: denied { listen } for pid=12348 comm="syz.1.2772" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 282.298689][ T39] audit: type=1400 audit(1720714495.720:760): avc: denied { accept } for pid=12348 comm="syz.1.2772" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 282.308002][ T39] audit: type=1400 audit(1720714495.720:761): avc: denied { read } for pid=12348 comm="syz.1.2772" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 282.950463][T12366] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2779'. [ 282.954687][T12366] openvswitch: netlink: Flow key attr not present in new flow. [ 283.687319][T12389] binder: 12387:12389 ioctl c0306201 20000080 returned -14 [ 283.772893][ T39] audit: type=1400 audit(1720714497.290:762): avc: denied { execmem } for pid=12393 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 283.896153][T12396] SELinux: security_context_str_to_sid ( ) failed with errno=-22 [ 284.100138][ T5214] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 284.106128][ T5214] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 284.112486][ T5214] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 284.120919][ T5214] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 284.129369][ T5214] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 284.133808][ T5214] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 284.791798][ T1094] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 284.914133][T12399] chnl_net:caif_netlink_parms(): no params data found [ 285.172943][ T1094] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 285.244477][T12423] binder: 12422:12423 ioctl c0306201 20000080 returned -14 [ 285.354648][ T1094] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 285.365357][T12399] bridge0: port 1(bridge_slave_0) entered blocking state [ 285.369270][T12399] bridge0: port 1(bridge_slave_0) entered disabled state [ 285.378487][T12399] bridge_slave_0: entered allmulticast mode [ 285.381219][T12429] netlink: 'syz.3.2803': attribute type 1 has an invalid length. [ 285.382881][T12399] bridge_slave_0: entered promiscuous mode [ 285.384740][T12429] netlink: 9348 bytes leftover after parsing attributes in process `syz.3.2803'. [ 285.392993][T12429] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2803'. [ 285.405536][T12399] bridge0: port 2(bridge_slave_1) entered blocking state [ 285.414168][T12399] bridge0: port 2(bridge_slave_1) entered disabled state [ 285.425232][T12399] bridge_slave_1: entered allmulticast mode [ 285.430127][T12399] bridge_slave_1: entered promiscuous mode [ 285.442890][T12431] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2804'. [ 285.452288][T12431] openvswitch: netlink: IP tunnel attribute has 3040 unknown bytes. [ 285.481269][ T1094] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 285.596814][T12399] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 285.604665][T12399] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 285.727178][T12399] team0: Port device team_slave_0 added [ 285.747646][T12399] team0: Port device team_slave_1 added [ 286.227068][ T5214] Bluetooth: hci4: command tx timeout [ 287.754751][T12456] netlink: 'syz.3.2812': attribute type 1 has an invalid length. [ 287.759214][T12456] netlink: 9348 bytes leftover after parsing attributes in process `syz.3.2812'. [ 287.788806][T12456] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2812'. [ 287.942996][T12460] overlayfs: failed to get inode (-116) [ 287.946497][T12460] overlayfs: failed to get inode (-116) [ 288.299920][ T5214] Bluetooth: hci4: command tx timeout [ 289.813798][T12448] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2810'. [ 289.887468][T12450] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2810'. [ 289.931231][T12482] ALSA: seq fatal error: cannot create timer (-16) [ 290.054765][T12399] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 290.058560][T12399] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 290.074202][T12399] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 290.108744][T12399] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 290.113097][T12399] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 290.128477][T12399] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 290.211926][ T1094] bridge_slave_1: left allmulticast mode [ 290.214547][ T1094] bridge_slave_1: left promiscuous mode [ 290.217220][ T1094] bridge0: port 2(bridge_slave_1) entered disabled state [ 290.227008][ T1094] bridge_slave_0: left allmulticast mode [ 290.229480][ T1094] bridge_slave_0: left promiscuous mode [ 290.232377][ T1094] bridge0: port 1(bridge_slave_0) entered disabled state [ 290.361005][T12492] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2823'. [ 290.398059][ T5214] Bluetooth: hci4: command tx timeout [ 290.546246][T12497] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 290.578342][ T39] audit: type=1400 audit(1720714504.090:763): avc: denied { append } for pid=12496 comm="syz.2.2826" name="rtc0" dev="devtmpfs" ino=865 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 290.665227][T12502] ALSA: seq fatal error: cannot create timer (-16) [ 291.039581][ T1094] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 291.053091][ T1094] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 291.061096][ T1094] bond0 (unregistering): Released all slaves [ 291.130540][T12399] hsr_slave_0: entered promiscuous mode [ 291.143800][T12399] hsr_slave_1: entered promiscuous mode [ 291.149506][T12399] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 291.153219][T12399] Cannot create hsr debugfs directory [ 291.253225][T12516] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2832'. [ 292.448117][ T5214] Bluetooth: hci4: command tx timeout [ 292.581077][ C2] vkms_vblank_simulate: vblank timer overrun [ 293.315585][ T39] audit: type=1326 audit(1720714506.819:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12537 comm="syz.2.2841" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f127f575bd9 code=0x0 [ 293.646453][T12541] input: syz1 as /devices/virtual/input/input30 [ 293.741346][T12474] udevd[12474]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory [ 294.109003][T12548] netlink: 'syz.2.2844': attribute type 8 has an invalid length. [ 294.405562][T12556] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2848'. [ 294.682129][ T39] audit: type=1400 audit(1720714508.199:765): avc: denied { bind } for pid=12570 comm="syz.2.2854" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 294.755304][ T39] audit: type=1400 audit(1720714508.259:766): avc: denied { map } for pid=12574 comm="syz.2.2856" path="/dev/video0" dev="devtmpfs" ino=876 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 295.821083][T12584] netlink: 'syz.1.2859': attribute type 8 has an invalid length. [ 295.832390][ T39] audit: type=1326 audit(1720714509.349:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12585 comm="syz.3.2860" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5a3b775bd9 code=0x0 [ 295.918485][ T1094] hsr_slave_0: left promiscuous mode [ 295.921951][ T1094] hsr_slave_1: left promiscuous mode [ 295.941424][ T1094] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 295.944549][ T1094] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 295.950200][ T1094] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 295.953412][ T1094] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 296.013005][ T1094] veth1_macvtap: left promiscuous mode [ 296.015476][ T1094] veth0_macvtap: left promiscuous mode [ 296.019806][ T1094] veth1_vlan: left promiscuous mode [ 296.022464][ T1094] veth0_vlan: left promiscuous mode [ 296.221183][T12590] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 296.355464][ T1094] pimreg (unregistering): left allmulticast mode [ 296.530947][ T5243] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 296.740370][ T5243] usb 6-1: too many configurations: 12, using maximum allowed: 8 [ 296.801658][ T5243] usb 6-1: New USB device found, idVendor=5bd3, idProduct=317c, bcdDevice= 4.5e [ 296.806775][ T5243] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 296.811620][ T39] audit: type=1400 audit(1720714510.329:768): avc: denied { create } for pid=12592 comm="syz.3.2862" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 296.831919][ T39] audit: type=1400 audit(1720714510.329:769): avc: denied { write } for pid=12592 comm="syz.3.2862" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 296.840496][ T39] audit: type=1400 audit(1720714510.329:770): avc: denied { nlmsg_write } for pid=12592 comm="syz.3.2862" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 296.852607][ T5243] usb 6-1: config 0 descriptor?? [ 297.142307][T12591] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(10) [ 297.145093][T12591] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 297.152718][T12591] vhci_hcd vhci_hcd.0: Device attached [ 297.361091][ T25] vhci_hcd: vhci_device speed not set [ 297.427928][ T25] usb 15-2: new full-speed USB device number 2 using vhci_hcd [ 297.952192][T12598] vhci_hcd: connection reset by peer [ 297.963102][ T42] vhci_hcd: stop threads [ 297.964983][ T42] vhci_hcd: release socket [ 297.967517][ T5243] usb 6-1: string descriptor 0 read error: -71 [ 297.970780][ T42] vhci_hcd: disconnect device [ 297.974972][ T5243] usb 6-1: USB disconnect, device number 14 [ 298.969676][ T1094] team0 (unregistering): Port device team_slave_1 removed [ 299.205488][ T1094] team0 (unregistering): Port device team_slave_0 removed [ 300.750207][T12594] pim6reg: entered allmulticast mode [ 300.753349][T12595] pim6reg: left allmulticast mode [ 300.926031][ T39] audit: type=1326 audit(1720714514.439:771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12614 comm="syz.1.2869" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feb69775bd9 code=0x0 [ 301.065201][ T39] audit: type=1326 audit(1720714514.579:772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12619 comm="syz.3.2872" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5a3b775bd9 code=0x0 [ 301.425917][T12399] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 301.434948][T12399] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 301.445259][T12399] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 301.452535][T12399] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 301.586472][T12399] 8021q: adding VLAN 0 to HW filter on device bond0 [ 301.615512][T12399] 8021q: adding VLAN 0 to HW filter on device team0 [ 301.630076][ T56] bridge0: port 1(bridge_slave_0) entered blocking state [ 301.633834][ T56] bridge0: port 1(bridge_slave_0) entered forwarding state [ 301.653357][ T829] bridge0: port 2(bridge_slave_1) entered blocking state [ 301.657271][ T829] bridge0: port 2(bridge_slave_1) entered forwarding state [ 301.835663][T12619] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 301.923242][T12399] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 302.104246][T12399] veth0_vlan: entered promiscuous mode [ 302.119389][T12399] veth1_vlan: entered promiscuous mode [ 302.173276][T12399] veth0_macvtap: entered promiscuous mode [ 302.194218][T12399] veth1_macvtap: entered promiscuous mode [ 302.226635][T12399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 302.233270][T12399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.240597][T12399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 302.246685][T12399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.256935][T12399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 302.262241][T12399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.266872][T12399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 302.272460][T12399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.277073][T12399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 302.281778][T12399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.288362][T12399] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 302.299127][T12399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 302.303491][T12399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.308545][T12399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 302.321543][T12399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.326726][T12399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 302.331833][T12399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.336830][T12399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 302.341435][T12399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.353061][T12399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 302.358303][T12399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.383636][T12399] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 302.430733][T12399] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 302.434958][T12399] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 302.439782][T12399] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 302.443642][T12399] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 302.531356][ T25] vhci_hcd: vhci_device speed not set [ 302.531983][ T786] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 302.537053][ T786] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 302.580189][ T786] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 302.583335][ T786] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 303.474941][ T5243] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 303.708037][ T5243] usb 5-1: Using ep0 maxpacket: 8 [ 303.713074][ T5243] usb 5-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 303.717388][ T5243] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 303.727446][ T5243] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 303.741015][ T5243] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 303.744729][ T5243] usb 5-1: Product: syz [ 303.746664][ T5243] usb 5-1: Manufacturer: syz [ 303.752201][ T5243] usb 5-1: SerialNumber: syz [ 304.223283][ T39] audit: type=1400 audit(1720714517.739:773): avc: denied { getopt } for pid=12681 comm="syz.1.2891" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 304.420519][ T39] audit: type=1400 audit(1720714517.939:774): avc: denied { cmd } for pid=12687 comm="syz.1.2893" path="socket:[47250]" dev="sockfs" ino=47250 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 305.133260][ T5243] usb 5-1: 0:2 : does not exist [ 305.176653][ T5243] usb 5-1: USB disconnect, device number 16 [ 305.363771][ T39] audit: type=1400 audit(1720714518.879:775): avc: denied { unmount } for pid=10301 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 305.464408][T12474] udevd[12474]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 306.215376][T12723] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 306.377953][T12731] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 307.355878][ T39] audit: type=1400 audit(1720714520.869:776): avc: denied { getopt } for pid=12762 comm="syz.1.2918" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 307.768200][ T56] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 307.947945][ T56] usb 6-1: Using ep0 maxpacket: 16 [ 307.978073][ T56] usb 6-1: config 0 has an invalid interface number: 8 but max is 0 [ 307.981479][ T56] usb 6-1: config 0 has no interface number 0 [ 307.984275][ T56] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 307.997915][ T56] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 308.005400][ T56] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 308.010162][ T56] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 308.013758][ T56] usb 6-1: Product: syz [ 308.015600][ T56] usb 6-1: SerialNumber: syz [ 308.024901][ T56] usb 6-1: config 0 descriptor?? [ 308.034345][ T56] cm109 6-1:0.8: invalid payload size 0, expected 4 [ 308.038403][ T56] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.8/input/input31 [ 308.150377][ T5206] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 308.158650][ T5206] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 308.164332][ T5206] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 308.174059][ T5206] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 308.188028][ T5206] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 308.192945][ T5206] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 308.264937][ C3] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 308.279016][ C3] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 308.281765][ C3] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 308.285119][ C3] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 308.288793][ C3] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 308.294727][ C3] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 308.299698][ C3] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 308.302941][ C3] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 308.308199][ C3] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 308.311424][ C3] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 308.315496][ T5242] usb 6-1: USB disconnect, device number 15 [ 308.318108][ C3] cm109 6-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 308.351105][ T5242] cm109 6-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 308.551077][T12799] chnl_net:caif_netlink_parms(): no params data found [ 308.724854][T12799] bridge0: port 1(bridge_slave_0) entered blocking state [ 308.728129][T12799] bridge0: port 1(bridge_slave_0) entered disabled state [ 308.731190][T12799] bridge_slave_0: entered allmulticast mode [ 308.735328][T12799] bridge_slave_0: entered promiscuous mode [ 308.741207][T12799] bridge0: port 2(bridge_slave_1) entered blocking state [ 308.744381][T12799] bridge0: port 2(bridge_slave_1) entered disabled state [ 308.747438][T12799] bridge_slave_1: entered allmulticast mode [ 308.751072][T12799] bridge_slave_1: entered promiscuous mode [ 308.811576][T12799] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 308.823059][T12799] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 308.905583][T12827] sch_fq: defrate 4294967292 ignored. [ 308.952062][T12799] team0: Port device team_slave_0 added [ 308.970036][T12799] team0: Port device team_slave_1 added [ 309.066442][ T39] audit: type=1326 audit(1720714522.579:777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12836 comm="syz.1.2944" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feb69775bd9 code=0x0 [ 309.085171][T12799] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 309.089277][T12799] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 309.101694][T12799] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 309.109860][T12799] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 309.113129][T12799] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 309.127953][T12799] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 309.205253][T12799] hsr_slave_0: entered promiscuous mode [ 309.212972][T12799] hsr_slave_1: entered promiscuous mode [ 309.220077][T12799] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 309.223420][T12799] Cannot create hsr debugfs directory [ 309.469983][T12799] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 309.573799][T12799] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 309.656929][T12799] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 309.787228][T12799] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 309.990740][ T39] audit: type=1400 audit(1720714523.509:778): avc: denied { watch_reads } for pid=12852 comm="syz.2.2948" path="/153/file0" dev="tmpfs" ino=819 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 310.037185][T12799] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 310.044486][T12799] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 310.052526][T12799] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 310.068819][T12799] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 310.159726][T12799] 8021q: adding VLAN 0 to HW filter on device bond0 [ 310.202227][T12799] 8021q: adding VLAN 0 to HW filter on device team0 [ 310.212560][ T10] bridge0: port 1(bridge_slave_0) entered blocking state [ 310.212849][ T5214] Bluetooth: hci3: command tx timeout [ 310.216164][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state [ 310.233916][ T10] bridge0: port 2(bridge_slave_1) entered blocking state [ 310.237543][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state [ 310.307996][ T5264] usb 7-1: new high-speed USB device number 20 using dummy_hcd [ 310.446351][T12799] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 310.489002][ T5264] usb 7-1: Using ep0 maxpacket: 16 [ 310.496717][T12799] veth0_vlan: entered promiscuous mode [ 310.501073][ T5264] usb 7-1: config 0 has an invalid interface number: 8 but max is 0 [ 310.504836][ T5264] usb 7-1: config 0 has no interface number 0 [ 310.507155][T12799] veth1_vlan: entered promiscuous mode [ 310.507667][ T5264] usb 7-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 310.515559][ T5264] usb 7-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 310.522458][ T5264] usb 7-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 310.526462][ T5264] usb 7-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 310.530080][ T5264] usb 7-1: Product: syz [ 310.531912][ T5264] usb 7-1: SerialNumber: syz [ 310.536962][ T5264] usb 7-1: config 0 descriptor?? [ 310.542664][ T5264] cm109 7-1:0.8: invalid payload size 0, expected 4 [ 310.543976][T12799] veth0_macvtap: entered promiscuous mode [ 310.547568][ T5264] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.8/input/input32 [ 310.558082][T12799] veth1_macvtap: entered promiscuous mode [ 310.571995][T12799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 310.576607][T12799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.581163][T12799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 310.585217][T12799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.589556][T12799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 310.593530][T12799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.599022][T12799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 310.603362][T12799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.606979][T12799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 310.611184][T12799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.615378][T12799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 310.619804][T12799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.626527][T12799] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 310.639393][T12799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 310.643793][T12799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.648399][T12799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 310.652679][T12799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.657144][T12799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 310.664011][T12799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.668404][T12799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 310.673206][T12799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.677647][T12799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 310.682216][T12799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.686654][T12799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 310.691259][T12799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.697388][T12799] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 310.709861][T12799] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 310.713917][T12799] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 310.718265][T12799] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 310.721647][T12799] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 310.776982][ T5264] usb 7-1: USB disconnect, device number 20 [ 310.779855][ C2] cm109 7-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 310.805847][ C1] vkms_vblank_simulate: vblank timer overrun [ 310.816658][ T1099] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 310.822392][ T1099] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 310.834642][ T5264] cm109 7-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 310.871193][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 310.874695][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 310.962939][ T5214] Bluetooth: hci3: SCO packet for unknown connection handle 0 [ 311.742152][ T39] audit: type=1326 audit(1720714525.259:779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12875 comm="syz.1.2954" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feb69775bd9 code=0x0 [ 312.327929][ T5214] Bluetooth: hci3: command tx timeout [ 312.658061][ T8] usb 7-1: new high-speed USB device number 21 using dummy_hcd [ 312.840938][ T8] usb 7-1: Using ep0 maxpacket: 16 [ 312.844502][ T8] usb 7-1: config 0 has an invalid interface number: 8 but max is 0 [ 312.847660][ T8] usb 7-1: config 0 has no interface number 0 [ 312.850342][ T8] usb 7-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 312.855271][ T8] usb 7-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 312.867274][ T8] usb 7-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 312.871114][ T8] usb 7-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 312.875136][ T8] usb 7-1: Product: syz [ 312.877288][ T8] usb 7-1: SerialNumber: syz [ 312.885054][ T8] usb 7-1: config 0 descriptor?? [ 312.893810][ T8] cm109 7-1:0.8: invalid payload size 0, expected 4 [ 312.905611][ T8] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.8/input/input33 [ 313.142592][ T10] usb 7-1: USB disconnect, device number 21 [ 313.145418][ C0] cm109 7-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 313.168440][ T10] cm109 7-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 313.286294][T12922] PKCS7: Unknown OID: [4] 0.38.35.0.951690.11253 [ 313.296900][T12922] PKCS7: Only support pkcs7_signedData type [ 313.587604][ T39] audit: type=1804 audit(1720714527.099:780): pid=12929 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.2974" name="/" dev="pidfs" ino=13230 res=1 errno=0 [ 313.779319][T12944] PKCS7: Unknown OID: [4] 0.38.35.0.951690.11253 [ 313.782398][T12944] PKCS7: Only support pkcs7_signedData type [ 314.097464][ T39] audit: type=1804 audit(1720714527.609:781): pid=12959 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.2985" name="/" dev="pidfs" ino=13261 res=1 errno=0 [ 314.157922][ T8] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 314.364386][ T8] usb 5-1: Using ep0 maxpacket: 16 [ 314.369047][ T8] usb 5-1: config 0 has an invalid interface number: 8 but max is 0 [ 314.372483][ T8] usb 5-1: config 0 has no interface number 0 [ 314.374848][ T8] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 314.379806][ T5214] Bluetooth: hci3: command tx timeout [ 314.382614][ T8] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 314.389200][ T8] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 314.392749][ T8] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 314.396241][ T8] usb 5-1: Product: syz [ 314.398373][ T8] usb 5-1: SerialNumber: syz [ 314.404642][ T8] usb 5-1: config 0 descriptor?? [ 314.409852][ T8] cm109 5-1:0.8: invalid payload size 0, expected 4 [ 314.415156][ T8] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.8/input/input34 [ 314.631601][ C0] cm109_urb_ctl_callback: 21 callbacks suppressed [ 314.631629][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 314.637481][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 314.640740][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 314.643812][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 314.646713][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 314.650161][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 314.652911][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 314.656091][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 314.659231][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 314.661751][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 314.665156][ T8] usb 5-1: USB disconnect, device number 17 [ 314.667799][ C0] cm109 5-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 314.673637][ T8] cm109 5-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 314.785404][T12971] netlink: 134744 bytes leftover after parsing attributes in process `syz.2.2989'. [ 314.828111][T12976] PKCS7: Unknown OID: [4] 0.38.35.0.951690.11253 [ 314.831233][T12976] PKCS7: Only support pkcs7_signedData type [ 314.883871][ C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 315.010720][ T39] audit: type=1400 audit(1720714528.519:782): avc: denied { execute } for pid=12969 comm="syz.2.2989" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=47925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 316.451713][T13019] netlink: 134744 bytes leftover after parsing attributes in process `syz.1.3004'. [ 316.459156][ T5214] Bluetooth: hci3: command tx timeout [ 316.468847][T13022] xt_limit: Overflow, try lower: 0/0 [ 316.708343][T13025] 9pnet_fd: p9_fd_create_tcp (13025): problem connecting socket to 127.0.0.1 [ 316.850400][T13030] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3007'. [ 317.754335][T13025] 9pnet_fd: p9_fd_create_tcp (13025): problem connecting socket to 127.0.0.1 [ 317.834110][T13046] PKCS7: Unknown OID: [4] 0.38.35.0.951690.11253 [ 317.837221][T13046] PKCS7: Only support pkcs7_signedData type [ 318.029015][T13059] xt_limit: Overflow, try lower: 0/0 [ 318.114633][T13042] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 318.118634][T13042] Bluetooth: hci4: Error when powering off device on rfkill (-4) [ 318.224407][T13042] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 318.227973][T13042] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 318.717990][ T5264] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 318.910113][ T5264] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 318.916972][ T5264] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 318.921327][ T5264] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 318.924798][ T5264] usb 5-1: SerialNumber: syz [ 319.471937][ T5243] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 319.557363][ T5264] cdc_ether 5-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 319.669858][ T5243] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 319.678597][ T5243] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 319.682217][ T5243] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 319.685358][ T5243] usb 6-1: Product: syz [ 319.687300][ T5243] usb 6-1: Manufacturer: syz [ 319.690802][ T5243] usb 6-1: SerialNumber: syz [ 319.907376][T13089] kvm: pic: non byte write [ 319.916571][T13089] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3832186367 (7664372734 ns) > initial count (4194304 ns). Using initial count to start timer. [ 319.946214][ T62] usb 5-1: USB disconnect, device number 18 [ 319.957752][ T62] cdc_ether 5-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [ 320.371243][ T56] usb 7-1: new high-speed USB device number 22 using dummy_hcd [ 320.553833][ T56] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 320.559110][ T56] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 320.563192][ T56] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 320.575040][ T56] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 320.579203][ T56] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 320.586484][ T56] usb 7-1: config 0 descriptor?? [ 320.728709][ T5243] cdc_ncm 6-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 320.731751][ T5243] cdc_ncm 6-1:1.0: dwNtbInMaxSize=16 is too small. Using 2048 [ 320.734962][ T5243] cdc_ncm 6-1:1.0: setting rx_max = 2048 [ 321.008682][ T56] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 321.013312][ T56] plantronics 0003:047F:FFFF.0010: No inputs registered, leaving [ 321.025250][ T56] plantronics 0003:047F:FFFF.0010: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 321.130783][ T5243] cdc_ncm 6-1:1.0: setting tx_max = 88 [ 321.151937][ T5243] cdc_ncm 6-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.1-1, CDC NCM (NO ZLP), 42:42:42:42:42:42 [ 321.161101][ T5243] usb 6-1: USB disconnect, device number 16 [ 321.164543][ T5243] cdc_ncm 6-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.1-1, CDC NCM (NO ZLP) [ 321.242724][ T39] audit: type=1326 audit(1720714534.759:783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13107 comm="syz.0.3039" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f885e775bd9 code=0x7ffc0000 [ 321.253421][ T39] audit: type=1326 audit(1720714534.759:784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13107 comm="syz.0.3039" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f885e775bd9 code=0x7ffc0000 [ 321.262825][ T39] audit: type=1326 audit(1720714534.779:785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13107 comm="syz.0.3039" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f885e775bd9 code=0x7ffc0000 [ 321.284983][ T39] audit: type=1326 audit(1720714534.799:786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13107 comm="syz.0.3039" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f885e775bd9 code=0x7ffc0000 [ 321.296064][ T39] audit: type=1326 audit(1720714534.799:787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13107 comm="syz.0.3039" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f885e775bd9 code=0x7ffc0000 [ 321.309822][ T39] audit: type=1326 audit(1720714534.829:788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13107 comm="syz.0.3039" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f885e775bd9 code=0x7ffc0000 [ 321.320314][ T39] audit: type=1326 audit(1720714534.839:789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13107 comm="syz.0.3039" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f885e775bd9 code=0x7ffc0000 [ 321.330225][ T39] audit: type=1326 audit(1720714534.839:790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13107 comm="syz.0.3039" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f885e775bd9 code=0x7ffc0000 [ 321.339983][ T39] audit: type=1326 audit(1720714534.839:791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13107 comm="syz.0.3039" exe="/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7f885e775bd9 code=0x7ffc0000 [ 321.352293][ T39] audit: type=1326 audit(1720714534.839:792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13107 comm="syz.0.3039" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f885e775bd9 code=0x7ffc0000 [ 322.111616][T13118] kvm: pic: non byte write [ 322.125683][T13118] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3832186367 (7664372734 ns) > initial count (4194304 ns). Using initial count to start timer. [ 322.647998][ T5264] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 322.867242][ T5264] usb 6-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 322.872485][ T5264] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 322.889240][ T5264] usb 6-1: Product: syz [ 322.891098][ T5264] usb 6-1: Manufacturer: syz [ 322.893506][ T5264] usb 6-1: SerialNumber: syz [ 322.898371][ T5264] usb 6-1: config 0 descriptor?? [ 323.133825][ T5264] usb 6-1: USB disconnect, device number 17 [ 323.194777][ T5243] usb 7-1: USB disconnect, device number 22 [ 323.491613][ T1361] ieee802154 phy0 wpan0: encryption failed: -22 [ 323.494829][ T1361] ieee802154 phy1 wpan1: encryption failed: -22 [ 323.525335][T13163] ipt_REJECT: ECHOREPLY no longer supported. [ 323.893488][T13172] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 323.962958][ T829] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 324.085962][ T5242] usb 7-1: new high-speed USB device number 23 using dummy_hcd [ 324.158360][ T829] usb 5-1: Using ep0 maxpacket: 8 [ 324.164431][ T829] usb 5-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 324.172675][ T829] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 324.180359][ T829] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 324.185323][ T829] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 324.189443][ T829] usb 5-1: Product: syz [ 324.191538][ T829] usb 5-1: Manufacturer: syz [ 324.193890][ T829] usb 5-1: SerialNumber: syz [ 324.270450][ T5242] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 324.276732][ T5242] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 324.284478][ T5242] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 324.296794][ T5242] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 324.301726][ T5242] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 324.310833][ T5242] usb 7-1: config 0 descriptor?? [ 324.750906][ T5242] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 324.755172][ T5242] plantronics 0003:047F:FFFF.0011: No inputs registered, leaving [ 324.779255][ T5242] plantronics 0003:047F:FFFF.0011: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 324.780429][ T829] usb 5-1: 0:2 : does not exist [ 324.803876][ T829] usb 5-1: USB disconnect, device number 19 [ 325.059622][T12474] udevd[12474]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 325.165671][T13195] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 325.646340][T13208] mkiss: ax0: crc mode is auto. [ 325.844855][T13216] kvm: kvm [13215]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010015) = 0x20000200 [ 325.964449][T13224] netlink: 134744 bytes leftover after parsing attributes in process `syz.1.3085'. [ 326.204855][T13231] 9pnet_fd: p9_fd_create_tcp (13231): problem connecting socket to 127.0.0.1 [ 326.228032][ T829] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 326.408039][ T829] usb 5-1: Using ep0 maxpacket: 8 [ 326.413651][ T829] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 326.425456][ T829] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 326.433997][ T829] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 326.439425][ T829] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 326.443822][ T829] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 326.450546][ T829] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 326.457032][ T829] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 326.686082][ T829] usb 5-1: usb_control_msg returned -32 [ 326.690073][ T829] usbtmc 5-1:16.0: can't read capabilities [ 326.858852][T13253] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter' [ 326.900882][ T5264] usb 7-1: USB disconnect, device number 23 [ 327.046129][T13260] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: invalid value (0) [ 327.051742][T13260] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: allowed values 1 - 65535 [ 327.153868][T13263] block nbd1: shutting down sockets [ 327.257275][T13271] netlink: 'syz.3.3103': attribute type 21 has an invalid length. [ 327.261020][T13271] netlink: 'syz.3.3103': attribute type 5 has an invalid length. [ 327.379833][T13273] netlink: 134744 bytes leftover after parsing attributes in process `syz.1.3105'. [ 327.588147][T13281] 9pnet_fd: p9_fd_create_tcp (13281): problem connecting socket to 127.0.0.1 [ 328.638362][T13281] 9pnet_fd: p9_fd_create_tcp (13281): problem connecting socket to 127.0.0.1 [ 328.972750][ T10] usb 5-1: USB disconnect, device number 20 [ 329.029072][T13299] block nbd1: shutting down sockets [ 329.050817][T13301] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: invalid value (0) [ 329.054681][T13301] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: allowed values 1 - 65535 [ 329.096220][T13303] netlink: 'syz.1.3115': attribute type 21 has an invalid length. [ 329.100557][T13303] netlink: 'syz.1.3115': attribute type 5 has an invalid length. [ 329.470323][T13320] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter' [ 329.498067][ T5264] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 329.513626][T13322] netlink: 'syz.1.3124': attribute type 1 has an invalid length. [ 329.553459][T13324] netlink: 'syz.1.3125': attribute type 21 has an invalid length. [ 329.557240][T13324] netlink: 'syz.1.3125': attribute type 5 has an invalid length. [ 329.578037][ T829] usb 7-1: new high-speed USB device number 24 using dummy_hcd [ 329.680959][ T5264] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 329.685767][ T5264] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 329.690968][ T5264] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 329.695088][ T5264] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 329.701908][ T5264] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 329.706046][ T5264] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 329.709953][ T5264] usb 5-1: Manufacturer: syz [ 329.714435][ T5264] usb 5-1: config 0 descriptor?? [ 329.768123][ T829] usb 7-1: Using ep0 maxpacket: 8 [ 329.774188][ T829] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 329.778702][ T829] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 329.783852][ T829] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 329.788810][ T829] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 329.794047][ T829] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 329.802897][ T829] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 329.817948][ T829] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 330.048371][ T829] usb 7-1: usb_control_msg returned -32 [ 330.053683][ T829] usbtmc 7-1:16.0: can't read capabilities [ 330.145828][ T5264] appleir 0003:05AC:8243.0012: unknown main item tag 0x0 [ 330.150028][ T5264] appleir 0003:05AC:8243.0012: No inputs registered, leaving [ 330.157709][ T5264] appleir 0003:05AC:8243.0012: hiddev1,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0 [ 330.398775][ T10] usb 5-1: USB disconnect, device number 21 [ 330.410159][T13337] usbtmc 7-1:16.0: INITIATE_ABORT_BULK_OUT returned 0 [ 330.613700][ T8] usb 7-1: USB disconnect, device number 24 [ 330.937947][T13339] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3129'. [ 331.124184][T13348] netlink: 2036 bytes leftover after parsing attributes in process `syz.1.3132'. [ 331.128925][T13348] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3132'. [ 331.173998][T13352] netlink: 'syz.2.3134': attribute type 21 has an invalid length. [ 331.176964][ T39] kauditd_printk_skb: 26 callbacks suppressed [ 331.176983][ T39] audit: type=1400 audit(1720714544.689:819): avc: denied { write } for pid=13350 comm="syz.0.3135" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 331.177194][T13352] netlink: 'syz.2.3134': attribute type 5 has an invalid length. [ 331.178615][T13351] random: crng reseeded on system resumption [ 331.398550][T13365] netlink: 1096 bytes leftover after parsing attributes in process `syz.3.3141'. [ 331.708308][ T56] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 331.713592][ T10] usb 7-1: new high-speed USB device number 25 using dummy_hcd [ 331.898263][ T56] usb 5-1: Using ep0 maxpacket: 32 [ 331.908605][ T56] usb 5-1: New USB device found, idVendor=046d, idProduct=0928, bcdDevice=26.52 [ 331.909732][ T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 255, changing to 11 [ 331.912792][ T56] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 331.912819][ T56] usb 5-1: Product: syz [ 331.912834][ T56] usb 5-1: Manufacturer: syz [ 331.917404][ T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024 [ 331.922393][ T56] usb 5-1: SerialNumber: syz [ 331.925729][ T56] usb 5-1: config 0 descriptor?? [ 331.931083][ T10] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 331.935281][ T56] gspca_main: spca561-2.14.0 probing 046d:0928 [ 331.940840][ T10] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 331.940870][ T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 331.943585][ T10] usb 7-1: config 0 descriptor?? [ 331.954273][T13359] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 331.960148][T13369] netlink: 'syz.1.3143': attribute type 1 has an invalid length. [ 332.012000][T13371] netlink: 112860 bytes leftover after parsing attributes in process `syz.1.3144'. [ 332.216884][ T39] audit: type=1326 audit(1720714545.729:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13374 comm="syz.1.3146" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb69775bd9 code=0x7ffc0000 [ 332.227467][ T39] audit: type=1326 audit(1720714545.729:821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13374 comm="syz.1.3146" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb69775bd9 code=0x7ffc0000 [ 332.237492][ T39] audit: type=1326 audit(1720714545.729:822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13374 comm="syz.1.3146" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7feb69775bd9 code=0x7ffc0000 [ 332.247461][ T39] audit: type=1326 audit(1720714545.729:823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13374 comm="syz.1.3146" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb69775bd9 code=0x7ffc0000 [ 332.258983][ T39] audit: type=1326 audit(1720714545.729:824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13374 comm="syz.1.3146" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb69775bd9 code=0x7ffc0000 [ 332.269418][ T39] audit: type=1326 audit(1720714545.729:825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13374 comm="syz.1.3146" exe="/syz-executor" sig=0 arch=c000003e syscall=5 compat=0 ip=0x7feb69775bd9 code=0x7ffc0000 [ 332.280667][ T39] audit: type=1326 audit(1720714545.729:826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13374 comm="syz.1.3146" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb69775bd9 code=0x7ffc0000 [ 332.290955][ T39] audit: type=1326 audit(1720714545.729:827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13374 comm="syz.1.3146" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb69775bd9 code=0x7ffc0000 [ 332.363539][ T39] audit: type=1400 audit(1720714545.879:828): avc: denied { write } for pid=13378 comm="syz.1.3148" lport=40846 faddr=::ffff:10.1.1.2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 332.373210][ T10] plantronics 0003:047F:FFFF.0013: unknown main item tag 0xd [ 332.375399][ T10] plantronics 0003:047F:FFFF.0013: No inputs registered, leaving [ 332.389295][ T10] plantronics 0003:047F:FFFF.0013: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 332.463405][ T56] spca561 5-1:0.0: probe with driver spca561 failed with error -22 [ 332.475387][ T56] usb 5-1: USB disconnect, device number 22 [ 332.655118][ T5242] usb 7-1: USB disconnect, device number 25 [ 332.858057][ T829] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 333.010393][T13389] validate_nla: 2 callbacks suppressed [ 333.010421][T13389] netlink: 'syz.0.3153': attribute type 1 has an invalid length. [ 333.016093][T13389] netlink: 'syz.0.3153': attribute type 1 has an invalid length. [ 333.019008][T13389] netlink: 112860 bytes leftover after parsing attributes in process `syz.0.3153'. [ 333.038067][ T829] usb 6-1: Using ep0 maxpacket: 8 [ 333.043660][ T829] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 333.047488][ T829] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 333.052236][ T829] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 333.056263][ T829] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 333.060306][ T829] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 333.065306][ T829] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 333.069489][ T829] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 333.292340][ T829] usb 6-1: GET_CAPABILITIES returned 0 [ 333.294976][ T829] usbtmc 6-1:16.0: can't read capabilities [ 333.488234][T13404] netlink: 134744 bytes leftover after parsing attributes in process `syz.0.3160'. [ 333.492475][ T5242] usb 7-1: new high-speed USB device number 26 using dummy_hcd [ 333.496942][ T10] usb 6-1: USB disconnect, device number 18 [ 333.582641][ C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 333.677937][ T5242] usb 7-1: Using ep0 maxpacket: 32 [ 333.682416][ T5242] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 333.687080][ T5242] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 333.692090][ T5242] usb 7-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 333.696690][ T5242] usb 7-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 333.700865][ T5242] usb 7-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 333.704779][ T5242] usb 7-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 [ 333.711258][ T5242] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 333.714921][ T5242] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 333.718269][ T5242] usb 7-1: Product: syz [ 333.720327][ T5242] usb 7-1: Manufacturer: syz [ 333.722610][ T5242] usb 7-1: SerialNumber: syz [ 333.934629][ T5242] cdc_ncm 7-1:1.0: bind() failure [ 333.941633][ T5242] cdc_ncm 7-1:1.1: CDC Union missing and no IAD found [ 333.944297][ T5242] cdc_ncm 7-1:1.1: bind() failure [ 333.949893][ T5242] usb 7-1: USB disconnect, device number 26 [ 334.926284][T13434] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 335.088347][ T56] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 335.268031][ T56] usb 5-1: Using ep0 maxpacket: 8 [ 335.275435][ T56] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 335.285313][ T56] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 335.295372][ T56] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 335.300205][ T56] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 335.307848][ T56] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 335.327093][ T56] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 335.331426][ T56] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 335.555349][ T56] usb 5-1: GET_CAPABILITIES returned 0 [ 335.558680][ T56] usbtmc 5-1:16.0: can't read capabilities [ 335.784562][ T56] usb 5-1: USB disconnect, device number 23 [ 336.411248][T13475] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3180'. [ 336.415753][T13475] netlink: 'syz.0.3180': attribute type 30 has an invalid length. [ 336.827714][T13490] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3185'. [ 336.872340][T13492] sp0: Synchronizing with TNC [ 337.226780][ T56] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 337.237048][T13509] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3193'. [ 337.424979][ T56] usb 6-1: Using ep0 maxpacket: 8 [ 337.429601][ T56] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 337.433975][ T56] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 337.438962][ T56] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 337.442984][ T56] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 337.447281][ T56] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 337.454926][ T56] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 337.460048][ T56] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 337.715967][ T56] usb 6-1: GET_CAPABILITIES returned 0 [ 337.725141][ T56] usbtmc 6-1:16.0: can't read capabilities [ 337.808651][T13517] netlink: 'syz.3.3197': attribute type 1 has an invalid length. [ 337.866921][T13519] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3198'. [ 337.933070][ T5242] usb 6-1: USB disconnect, device number 19 [ 338.357468][T13537] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 338.493969][T13545] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3209'. [ 338.495728][T13542] block device autoloading is deprecated and will be removed. [ 338.706626][ T39] kauditd_printk_skb: 2 callbacks suppressed [ 338.706645][ T39] audit: type=1400 audit(1720714552.219:831): avc: denied { write } for pid=13552 comm="syz.0.3214" name="loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 338.933516][T13569] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3221'. [ 339.322726][ T829] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 339.530984][ T829] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 339.536137][ T829] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 339.547911][ T829] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 339.552129][ T829] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 339.565217][ T829] usb 5-1: config 0 descriptor?? [ 339.576954][T13600] netlink: 134744 bytes leftover after parsing attributes in process `syz.1.3235'. [ 339.824105][T13603] 9pnet_fd: p9_fd_create_tcp (13603): problem connecting socket to 127.0.0.1 [ 339.928732][T13610] sp0: Synchronizing with TNC [ 339.991771][ T829] cm6533_jd 0003:0D8C:0022.0014: unknown main item tag 0x0 [ 339.995250][ T829] cm6533_jd 0003:0D8C:0022.0014: unknown main item tag 0x0 [ 340.005900][ T829] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:0D8C:0022.0014/input/input37 [ 340.031621][ T829] cm6533_jd 0003:0D8C:0022.0014: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.0-1/input0 [ 340.167247][T13614] kvm: kvm [13613]: vcpu0, guest rIP: 0xfff0 Unhandled RDMSR(0x40000005) [ 340.211058][ T829] usb 5-1: USB disconnect, device number 24 [ 340.469396][T13639] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3250'. [ 340.494775][T13640] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3249'. [ 340.504550][T13640] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0) [ 341.113433][ T39] audit: type=1400 audit(1720714554.629:832): avc: denied { block_suspend } for pid=13674 comm="syz.2.3266" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 341.538281][ T30] usb 7-1: new full-speed USB device number 27 using dummy_hcd [ 341.769847][ T30] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 341.774847][ T30] usb 7-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 341.805669][ T30] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 341.826076][ T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 341.833398][ T30] usb 7-1: SerialNumber: syz [ 341.852317][T13678] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 342.149498][ T39] audit: type=1400 audit(1720714555.659:833): avc: denied { connect } for pid=13719 comm="syz.3.3285" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 342.456072][T13737] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 342.937954][ T10] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 343.138192][ T10] usb 5-1: Using ep0 maxpacket: 8 [ 343.143145][ T10] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 343.146884][ T10] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 343.151227][ T10] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 343.162249][ T10] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 343.169054][ T10] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 343.175403][ T10] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 343.179751][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 343.435166][ T10] usb 5-1: GET_CAPABILITIES returned 0 [ 343.437564][ T10] usbtmc 5-1:16.0: can't read capabilities [ 343.449727][T13756] netlink: 80 bytes leftover after parsing attributes in process `syz.1.3298'. [ 343.541551][T13762] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3300'. [ 343.545718][T13762] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0) [ 343.652454][ T10] usb 5-1: USB disconnect, device number 25 [ 343.694969][ T39] audit: type=1400 audit(1720714557.209:834): avc: denied { accept } for pid=13765 comm="syz.3.3302" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 344.207424][T13779] netlink: 80 bytes leftover after parsing attributes in process `syz.3.3308'. [ 344.272821][ T30] cdc_ether 7-1:1.0: probe with driver cdc_ether failed with error -71 [ 344.297443][ T30] usb 7-1: USB disconnect, device number 27 [ 344.314601][T13781] netlink: 134744 bytes leftover after parsing attributes in process `syz.3.3309'. [ 344.410601][ C2] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 344.579628][T13798] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3315'. [ 344.823316][T13810] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3320'. [ 344.830658][T13810] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0) [ 344.988039][ T10] usb 5-1: new full-speed USB device number 26 using dummy_hcd [ 345.184851][ T10] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 345.191492][ T10] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 345.199700][ T10] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 345.205553][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 345.210015][ T10] usb 5-1: SerialNumber: syz [ 345.222006][T13804] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 345.467362][T13826] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3326'. [ 345.803100][T13838] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 345.803325][T13836] netlink: 134744 bytes leftover after parsing attributes in process `syz.2.3330'. [ 345.938630][ C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 346.358092][ T5264] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 346.548775][ T5264] usb 6-1: too many configurations: 9, using maximum allowed: 8 [ 346.554391][ T5264] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 346.558432][ T5264] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 346.562925][ T5264] usb 6-1: config 0 interface 0 has no altsetting 0 [ 346.569393][ T5264] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 346.573708][ T5264] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 346.578613][ T5264] usb 6-1: config 0 interface 0 has no altsetting 0 [ 346.582636][ T5264] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 346.586408][ T5264] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 346.591384][ T5264] usb 6-1: config 0 interface 0 has no altsetting 0 [ 346.595046][ T5264] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 346.599219][ T5264] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 346.604042][ T5264] usb 6-1: config 0 interface 0 has no altsetting 0 [ 346.608238][ T5264] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 346.612284][ T5264] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 346.617003][ T5264] usb 6-1: config 0 interface 0 has no altsetting 0 [ 346.621452][ T5264] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 346.625098][ T5264] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 346.629919][ T5264] usb 6-1: config 0 interface 0 has no altsetting 0 [ 346.633695][ T5264] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 346.637267][ T5264] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 346.641919][ T5264] usb 6-1: config 0 interface 0 has no altsetting 0 [ 346.645748][ T5264] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 346.649585][ T5264] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 346.653867][ T5264] usb 6-1: config 0 interface 0 has no altsetting 0 [ 346.659884][ T5264] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 346.663584][ T5264] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 346.666907][ T5264] usb 6-1: Product: syz [ 346.669394][ T5264] usb 6-1: Manufacturer: syz [ 346.671424][ T5264] usb 6-1: SerialNumber: syz [ 346.677407][ T5264] usb 6-1: config 0 descriptor?? [ 346.689933][ T5264] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0 [ 347.015598][ C2] usb 6-1: yurex_control_callback - control failed: -71 [ 347.017086][ T5242] usb 6-1: USB disconnect, device number 20 [ 347.024389][ T5242] yurex 6-1:0.0: USB YUREX #0 now disconnected [ 347.705344][ T10] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -71 [ 347.716457][ T10] usb 5-1: USB disconnect, device number 26 [ 348.368057][ T5264] usb 7-1: new full-speed USB device number 28 using dummy_hcd [ 348.550124][ T5264] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 348.555256][ T5264] usb 7-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 348.562329][ T5264] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 348.566362][ T5264] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 348.570011][ T5264] usb 7-1: SerialNumber: syz [ 348.575268][T13896] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 348.638456][ T30] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 348.837983][ T30] usb 6-1: too many configurations: 9, using maximum allowed: 8 [ 348.844010][ T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 348.848019][ T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 348.852779][ T30] usb 6-1: config 0 interface 0 has no altsetting 0 [ 348.857627][ T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 348.861796][ T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 348.866376][ T30] usb 6-1: config 0 interface 0 has no altsetting 0 [ 348.870726][ T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 348.880021][ T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 348.897054][ T30] usb 6-1: config 0 interface 0 has no altsetting 0 [ 348.903440][ T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 348.909985][ T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 348.914308][ T30] usb 6-1: config 0 interface 0 has no altsetting 0 [ 348.918716][ T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 348.922658][ T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 348.928509][ T30] usb 6-1: config 0 interface 0 has no altsetting 0 [ 348.934808][ T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 348.939192][ T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 348.944100][ T30] usb 6-1: config 0 interface 0 has no altsetting 0 [ 348.948505][ T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 348.952474][ T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 348.956933][ T30] usb 6-1: config 0 interface 0 has no altsetting 0 [ 348.964659][ T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 348.968575][ T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 348.973238][ T30] usb 6-1: config 0 interface 0 has no altsetting 0 [ 348.982097][ T30] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 348.986476][ T30] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 348.989892][ T30] usb 6-1: Product: syz [ 348.991474][ T30] usb 6-1: Manufacturer: syz [ 348.993228][ T30] usb 6-1: SerialNumber: syz [ 349.010384][ T30] usb 6-1: config 0 descriptor?? [ 349.040206][ T30] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0 [ 349.152189][T13921] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 349.377691][ C1] usb 6-1: yurex_control_callback - control failed: -71 [ 349.384302][ T30] usb 6-1: USB disconnect, device number 21 [ 349.400105][ T30] yurex 6-1:0.0: USB YUREX #0 now disconnected [ 349.952328][T13940] vivid-000: ================= START STATUS ================= [ 349.956422][T13940] vivid-000: Test Pattern: 75% Colorbar [ 349.962621][T13940] vivid-000: Fill Percentage of Frame: 100 [ 349.965014][T13940] vivid-000: Horizontal Movement: No Movement [ 349.967514][T13940] vivid-000: Vertical Movement: No Movement [ 349.970217][T13940] vivid-000: OSD Text Mode: All [ 349.972237][T13940] vivid-000: Show Border: false [ 349.974088][T13940] vivid-000: Show Square: false [ 349.975851][T13940] vivid-000: Sensor Flipped Horizontally: false [ 349.978601][T13940] vivid-000: Sensor Flipped Vertically: false [ 349.981815][T13940] vivid-000: Insert SAV Code in Image: false [ 349.984246][T13940] vivid-000: Insert EAV Code in Image: false [ 349.994025][T13940] vivid-000: Insert Video Guard Band: false [ 349.996802][T13940] vivid-000: Reduced Framerate: false [ 349.999514][T13940] vivid-000: Enable Capture Cropping: true grabbed [ 350.002526][T13940] vivid-000: Enable Capture Composing: true grabbed [ 350.005630][T13940] vivid-000: Enable Capture Scaler: true grabbed [ 350.008711][T13940] vivid-000: Timestamp Source: End of Frame [ 350.011469][T13940] vivid-000: Colorspace: sRGB [ 350.013653][T13940] vivid-000: Transfer Function: Default [ 350.016915][T13940] vivid-000: Y'CbCr Encoding: Default [ 350.019526][T13940] vivid-000: HSV Encoding: Hue 0-179 [ 350.022032][T13940] vivid-000: Quantization: Default [ 350.024477][T13940] vivid-000: Apply Alpha To Red Only: false [ 350.027658][T13940] vivid-000: Standard Aspect Ratio: 4x3 [ 350.030397][T13940] vivid-000: DV Timings Signal Mode: Current DV Timings inactive [ 350.034082][T13940] vivid-000: DV Timings: 640x480p59 inactive [ 350.036714][T13940] vivid-000: DV Timings Aspect Ratio: Source Width x Height [ 350.039817][T13940] vivid-000: Maximum EDID Blocks: 2 [ 350.042311][T13940] vivid-000: Limited RGB Range (16-235): false [ 350.045066][T13940] vivid-000: Rx RGB Quantization Range: Automatic [ 350.047708][T13940] vivid-000: Power Present: 0x00000001 [ 350.050412][T13940] tpg source WxH: 320x180 (R'G'B) [ 350.052839][T13940] tpg field: 1 [ 350.054464][T13940] tpg crop: 320x180@0x0 [ 350.056439][T13940] tpg compose: 320x180@0x0 [ 350.058764][T13940] tpg colorspace: 8 [ 350.060735][T13940] tpg transfer function: 0/2 [ 350.063147][T13940] tpg quantization: 0/1 [ 350.065087][T13940] tpg RGB range: 0/2 [ 350.066891][T13940] vivid-000: ================== END STATUS ================== [ 350.272878][ T39] audit: type=1404 audit(1720714563.789:835): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1 [ 350.305644][ T39] audit: type=1404 audit(1720714563.819:836): enforcing=0 old_enforcing=1 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1 [ 350.353892][ T39] audit: type=1400 audit(1720714563.869:837): avc: denied { read } for pid=13956 comm="syz.1.3371" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 350.369012][ T39] audit: type=1400 audit(1720714563.869:838): avc: denied { open } for pid=13956 comm="syz.1.3371" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 350.398162][ T39] audit: type=1400 audit(1720714563.879:839): avc: denied { ioctl } for pid=13956 comm="syz.1.3371" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 350.569813][ T39] audit: type=1400 audit(1720714564.079:840): avc: denied { read } for pid=13965 comm="syz.3.3374" dev="nsfs" ino=4026533320 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 350.585435][ T39] audit: type=1400 audit(1720714564.079:841): avc: denied { open } for pid=13965 comm="syz.3.3374" path="net:[4026533320]" dev="nsfs" ino=4026533320 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 350.669105][ T39] audit: type=1400 audit(1720714564.079:842): avc: denied { create } for pid=13965 comm="syz.3.3374" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 350.676421][ T39] audit: type=1400 audit(1720714564.089:843): avc: denied { ioctl } for pid=13965 comm="syz.3.3374" path="socket:[57051]" dev="sockfs" ino=57051 ioctlcmd=0x8b32 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 350.694979][ T39] audit: type=1400 audit(1720714564.099:844): avc: denied { create } for pid=13968 comm="syz.3.3376" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 350.761115][T13973] netlink: 'syz.1.3377': attribute type 1 has an invalid length. [ 350.810947][T13973] 8021q: adding VLAN 0 to HW filter on device bond1 [ 350.815923][T13973] bond0: (slave bond1): Enslaving as an active interface with an up link [ 351.092858][ T5264] cdc_ether 7-1:1.0: probe with driver cdc_ether failed with error -71 [ 351.119577][ T5264] usb 7-1: USB disconnect, device number 28 [ 351.162446][T13987] xt_NFQUEUE: number of total queues is 0 [ 351.436113][T13994] pic_ioport_write: 2 callbacks suppressed [ 351.436136][T13994] kvm: pic: level sensitive irq not supported [ 351.442530][T13994] picdev_read: 6 callbacks suppressed [ 351.442552][T13994] kvm: pic: non byte read [ 351.571563][T13996] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 351.594781][T14000] netlink: 'syz.2.3387': attribute type 1 has an invalid length. [ 351.640727][T14000] 8021q: adding VLAN 0 to HW filter on device bond1 [ 351.645998][T14000] bond0: (slave bond1): Enslaving as an active interface with an up link [ 351.806770][T14006] 9pnet: p9_errstr2errno: server reported unknown error Ý@íÎhQI¸¥ŠteœkKzEËxÐBAšÁbà¹lpΆ²vxÝé*óÍDŽ‘àò}‘©Ù’ñ;5ÏÇ–3OŲ"`õͶ [ 351.945381][T14012] xt_NFQUEUE: number of total queues is 0 [ 352.883027][T14041] 9pnet: p9_errstr2errno: server reported unknown error Ý@íÎhQI¸¥ŠteœkKzEËxÐBAšÁbà¹lpΆ²vxÝé*óÍDŽ‘àò}‘©Ù’ñ;5ÏÇ–3OŲ"`õͶ [ 353.260389][T14051] kvm: pic: level sensitive irq not supported [ 353.260818][T14051] kvm: pic: non byte read [ 353.563266][T14067] netdevsim netdevsim0 @: renamed from netdevsim0 (while UP) [ 353.854894][T14072] xt_NFQUEUE: number of total queues is 0 [ 354.719378][T14088] kvm: pic: level sensitive irq not supported [ 354.719932][T14088] kvm: pic: non byte read [ 354.773657][T14096] xt_NFQUEUE: number of total queues is 0 [ 354.913405][T14101] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 354.917456][T14101] overlayfs: failed to set xattr on upper [ 354.920297][T14101] overlayfs: ...falling back to redirect_dir=nofollow. [ 354.923351][T14101] overlayfs: ...falling back to index=off. [ 354.925919][T14101] overlayfs: ...falling back to uuid=null. [ 354.932303][T14101] overlayfs: NFS export requires "index=on", falling back to nfs_export=off. [ 355.827637][T14131] trusted_key: syz.1.3434 sent an empty control message without MSG_MORE. [ 355.865447][T14132] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3435'. [ 356.108794][ T39] kauditd_printk_skb: 66 callbacks suppressed [ 356.108815][ T39] audit: type=1400 audit(1720714569.629:911): avc: denied { create } for pid=14142 comm="syz.0.3440" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 356.141527][ T39] audit: type=1400 audit(1720714569.659:912): avc: denied { connect } for pid=14142 comm="syz.0.3440" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 356.150711][ T39] audit: type=1400 audit(1720714569.659:913): avc: denied { ioctl } for pid=14142 comm="syz.0.3440" path="socket:[54082]" dev="sockfs" ino=54082 ioctlcmd=0xb100 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 356.161487][ T39] audit: type=1400 audit(1720714569.669:914): avc: denied { create } for pid=14144 comm="syz.2.3441" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 356.169696][ T39] audit: type=1400 audit(1720714569.669:915): avc: denied { connect } for pid=14144 comm="syz.2.3441" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 356.177988][ T39] audit: type=1400 audit(1720714569.669:916): avc: denied { bind } for pid=14144 comm="syz.2.3441" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 356.192857][ T39] audit: type=1400 audit(1720714569.699:917): avc: denied { write } for pid=14144 comm="syz.2.3441" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 356.201217][ T39] audit: type=1400 audit(1720714569.709:918): avc: denied { getopt } for pid=14144 comm="syz.2.3441" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 356.217971][ T5264] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 356.435141][ T39] audit: type=1400 audit(1720714569.949:919): avc: denied { unmount } for pid=12799 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 356.747703][ T39] audit: type=1400 audit(1720714570.259:920): avc: denied { write } for pid=14156 comm="syz.3.3445" name="ip_tables_matches" dev="proc" ino=4026533399 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 356.868114][ T5264] usb 6-1: Using ep0 maxpacket: 8 [ 356.879490][ T5264] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 356.884408][ T5264] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 356.889315][ T5264] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 356.893678][ T5264] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 356.899462][ T5264] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 356.903231][ T5264] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 357.133518][ T5264] usb 6-1: usb_control_msg returned -32 [ 357.136141][ T5264] usbtmc 6-1:16.0: can't read capabilities [ 357.187639][T14183] netlink: 'syz.3.3456': attribute type 1 has an invalid length. [ 357.191864][T14183] netlink: 'syz.3.3456': attribute type 1 has an invalid length. [ 357.195221][T14183] netlink: 9328 bytes leftover after parsing attributes in process `syz.3.3456'. [ 357.200428][T14183] netlink: 'syz.3.3456': attribute type 1 has an invalid length. [ 357.998129][T14211] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 358.086017][T14213] trusted_key: encrypted_key: master key parameter '' is invalid [ 358.634037][T14236] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280 [ 358.963489][ T828] usb 6-1: USB disconnect, device number 22 [ 359.038615][T14258] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280 [ 360.078053][ T829] usb 7-1: new high-speed USB device number 29 using dummy_hcd [ 360.260379][ T829] usb 7-1: Using ep0 maxpacket: 8 [ 360.264221][ T829] usb 7-1: config 0 has an invalid interface number: 1 but max is 0 [ 360.267334][ T829] usb 7-1: config 0 has no interface number 0 [ 360.269702][ T829] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 360.273655][ T829] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 360.277002][ T829] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 360.283746][ T829] usb 7-1: config 0 descriptor?? [ 360.293635][ T829] iowarrior 7-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 361.034400][T14300] netlink: 'syz.0.3496': attribute type 13 has an invalid length. [ 361.058371][T14300] veth0_macvtap: left promiscuous mode [ 361.095630][T14300] macvtap0: entered allmulticast mode [ 361.106261][T14300] macvtap0: refused to change device tx_queue_len [ 361.291745][ T39] kauditd_printk_skb: 17 callbacks suppressed [ 361.291765][ T39] audit: type=1400 audit(1720714574.809:938): avc: denied { mount } for pid=14309 comm="syz.1.3501" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 361.588209][ T827] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 361.660991][ T5265] usb 7-1: USB disconnect, device number 29 [ 361.672596][ T5265] iowarrior 7-1:0.1: I/O-Warror #0 now disconnected [ 361.778126][ T827] usb 5-1: Using ep0 maxpacket: 8 [ 361.795043][ T827] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 361.808462][ T827] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 361.819218][ T827] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 361.826464][ T827] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 361.831937][ T827] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 361.836055][ T827] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 362.086850][ T827] usb 5-1: usb_control_msg returned -32 [ 362.094411][ T827] usbtmc 5-1:16.0: can't read capabilities [ 362.399553][T14339] syzkaller0: entered allmulticast mode [ 362.466133][ T39] audit: type=1400 audit(1720714575.979:939): avc: denied { read } for pid=14343 comm="syz.1.3515" name="usbmon0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 362.477749][ T39] audit: type=1400 audit(1720714575.979:940): avc: denied { open } for pid=14343 comm="syz.1.3515" path="/dev/usbmon0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 362.878610][ T30] usb 7-1: new high-speed USB device number 30 using dummy_hcd [ 363.068117][ T30] usb 7-1: Using ep0 maxpacket: 8 [ 363.073806][ T30] usb 7-1: config 0 has an invalid interface number: 1 but max is 0 [ 363.078063][ T30] usb 7-1: config 0 has no interface number 0 [ 363.084029][ T30] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 363.088947][ T30] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 363.093954][ T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 363.100902][ T30] usb 7-1: config 0 descriptor?? [ 363.109236][ T30] iowarrior 7-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior1 [ 363.112298][ T39] audit: type=1400 audit(1720714576.629:941): avc: denied { name_bind } for pid=14355 comm="syz.1.3521" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 363.319716][ T5242] usb 7-1: USB disconnect, device number 30 [ 363.332444][ T5242] iowarrior 7-1:0.1: I/O-Warror #1 now disconnected [ 364.139614][ T827] usb 6-1: new high-speed USB device number 23 using dummy_hcd [ 364.200996][T14379] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3531'. [ 364.318513][ T827] usb 6-1: Using ep0 maxpacket: 8 [ 364.318621][ T5242] usb 5-1: USB disconnect, device number 27 [ 364.324189][ T827] usb 6-1: config 179 has an invalid interface number: 65 but max is 0 [ 364.328646][ T827] usb 6-1: config 179 has no interface number 0 [ 364.331201][ T827] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 364.335255][ T827] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 364.339808][ T827] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 364.344385][ T827] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 364.348851][ T827] usb 6-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 364.353846][ T827] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 364.357400][ T827] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 364.364090][T14377] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22 [ 364.730960][ T8] input: Generic X-Box pad as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:179.65/input/input38 [ 364.779744][ T829] usb 6-1: USB disconnect, device number 23 [ 364.779747][ C0] xpad 6-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 364.780036][ C0] xpad 6-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 364.805004][ T39] audit: type=1400 audit(1720714578.319:942): avc: denied { read } for pid=4675 comm="acpid" name="js0" dev="devtmpfs" ino=2767 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 364.815420][ T39] audit: type=1400 audit(1720714578.319:943): avc: denied { open } for pid=4675 comm="acpid" path="/dev/input/js0" dev="devtmpfs" ino=2767 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 364.835928][ T39] audit: type=1400 audit(1720714578.339:944): avc: denied { ioctl } for pid=4675 comm="acpid" path="/dev/input/js0" dev="devtmpfs" ino=2767 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 364.854032][ T829] xpad 6-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 365.457163][ T39] audit: type=1400 audit(1720714578.969:945): avc: denied { read } for pid=14404 comm="syz.2.3542" name="loop8" dev="devtmpfs" ino=666 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 365.471446][ T39] audit: type=1400 audit(1720714578.969:946): avc: denied { open } for pid=14404 comm="syz.2.3542" path="/dev/loop8" dev="devtmpfs" ino=666 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 365.486509][ T39] audit: type=1400 audit(1720714578.999:947): avc: denied { ioctl } for pid=14404 comm="syz.2.3542" path="/dev/loop8" dev="devtmpfs" ino=666 ioctlcmd=0x4c0a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 365.502367][T14405] loop8: detected capacity change from 0 to 7 [ 365.513478][T14405] loop8: [POWERTEC] p1 [ 365.523998][T14405] loop8: p1 size 1969368878 extends beyond EOD, truncated [ 365.773525][T14414] ================================================================== [ 365.777220][T14414] BUG: KASAN: slab-use-after-free in cpu_map_enqueue+0x33b/0x3b0 [ 365.780407][T14414] Read of size 8 at addr ffff8880481a1208 by task syz.2.3543/14414 [ 365.783724][T14414] [ 365.784526][T14414] CPU: 2 PID: 14414 Comm: syz.2.3543 Not tainted 6.10.0-rc7-syzkaller-00076-g9d9a2f29aefd #0 [ 365.788102][T14414] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 365.792359][T14414] Call Trace: [ 365.794465][T14414] [ 365.797991][T14414] dump_stack_lvl+0x116/0x1f0 [ 365.800146][T14414] print_report+0xc3/0x620 [ 365.802125][T14414] ? __virt_addr_valid+0x5e/0x590 [ 365.804316][T14414] ? __phys_addr+0xc6/0x150 [ 365.806308][T14414] kasan_report+0xd9/0x110 [ 365.808393][T14414] ? cpu_map_enqueue+0x33b/0x3b0 [ 365.810535][T14414] ? cpu_map_enqueue+0x33b/0x3b0 [ 365.812561][T14414] cpu_map_enqueue+0x33b/0x3b0 [ 365.814637][T14414] xdp_do_redirect+0x72e/0xb10 [ 365.817073][T14414] tun_xdp_act+0xd3/0xc30 [ 365.819020][T14414] ? __pfx_tun_xdp_act+0x10/0x10 [ 365.821081][T14414] ? __pfx___cant_migrate+0x10/0x10 [ 365.823412][T14414] tun_build_skb.constprop.0+0xd7c/0x1250 [ 365.826059][T14414] ? __pfx_tun_build_skb.constprop.0+0x10/0x10 [ 365.828772][T14414] ? __lock_acquire+0xc5d/0x3b30 [ 365.831219][T14414] tun_get_user+0x888/0x3c30 [ 365.833346][T14414] ? __pfx_tun_get_user+0x10/0x10 [ 365.835598][T14414] ? find_held_lock+0x2d/0x110 [ 365.837577][T14414] ? __pfx_lock_release+0x10/0x10 [ 365.839723][T14414] tun_chr_write_iter+0xe8/0x210 [ 365.841293][T14414] vfs_write+0x6b6/0x1140 [ 365.842618][T14414] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 365.844669][T14414] ? __pfx_vfs_write+0x10/0x10 [ 365.846727][T14414] ? do_futex+0x123/0x350 [ 365.848579][T14414] ? __fget_files+0x256/0x400 [ 365.850749][T14414] ? __fget_light+0x173/0x210 [ 365.852838][T14414] ksys_write+0x12f/0x260 [ 365.854918][T14414] ? __pfx_ksys_write+0x10/0x10 [ 365.857107][T14414] do_syscall_64+0xcd/0x250 [ 365.859275][T14414] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 365.861906][T14414] RIP: 0033:0x7f127f57475f [ 365.863695][T14414] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48 [ 365.871412][T14414] RSP: 002b:00007f12803a3010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 365.874656][T14414] RAX: ffffffffffffffda RBX: 00007f127f703f60 RCX: 00007f127f57475f [ 365.877754][T14414] RDX: 000000000000000e RSI: 0000000020001540 RDI: 00000000000000c8 [ 365.880725][T14414] RBP: 00007f127f5e4e60 R08: 0000000000000000 R09: 0000000000000000 [ 365.883787][T14414] R10: 000000000000000e R11: 0000000000000293 R12: 0000000000000000 [ 365.887061][T14414] R13: 000000000000000b R14: 00007f127f703f60 R15: 00007fff84e65848 [ 365.889903][T14414] [ 365.891039][T14414] [ 365.891905][T14414] Allocated by task 13957: [ 365.893600][T14414] kasan_save_stack+0x33/0x60 [ 365.895392][T14414] kasan_save_track+0x14/0x30 [ 365.896947][T14414] __kasan_kmalloc+0xaa/0xb0 [ 365.898817][T14414] kvm_arch_vcpu_create+0x36a/0xaa0 [ 365.900813][T14414] kvm_vm_ioctl+0xf77/0x3de0 [ 365.902862][T14414] __x64_sys_ioctl+0x193/0x220 [ 365.904658][T14414] do_syscall_64+0xcd/0x250 [ 365.906563][T14414] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 365.908834][T14414] [ 365.909789][T14414] Freed by task 13956: [ 365.911375][T14414] kasan_save_stack+0x33/0x60 [ 365.912904][T14414] kasan_save_track+0x14/0x30 [ 365.914804][T14414] kasan_save_free_info+0x3b/0x60 [ 365.916923][T14414] poison_slab_object+0xf7/0x160 [ 365.919172][T14414] __kasan_slab_free+0x32/0x50 [ 365.921301][T14414] kfree+0x12a/0x3b0 [ 365.923046][T14414] kvm_arch_vcpu_destroy+0x108/0x2a0 [ 365.924888][T14414] kvm_destroy_vcpus+0x114/0x2a0 [ 365.926739][T14414] kvm_arch_destroy_vm+0x2ec/0x490 [ 365.928957][T14414] kvm_put_kvm+0x510/0xb80 [ 365.930673][T14414] kvm_vm_release+0x42/0x60 [ 365.932627][T14414] __fput+0x408/0xbb0 [ 365.934353][T14414] task_work_run+0x14e/0x250 [ 365.936321][T14414] syscall_exit_to_user_mode+0x275/0x2a0 [ 365.938743][T14414] do_syscall_64+0xda/0x250 [ 365.940786][T14414] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 365.943068][T14414] [ 365.944135][T14414] The buggy address belongs to the object at ffff8880481a1200 [ 365.944135][T14414] which belongs to the cache kmalloc-cg-256 of size 256 [ 365.949945][T14414] The buggy address is located 8 bytes inside of [ 365.949945][T14414] freed 256-byte region [ffff8880481a1200, ffff8880481a1300) [ 365.954939][T14414] [ 365.955907][T14414] The buggy address belongs to the physical page: [ 365.958719][T14414] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880481a0000 pfn:0x481a0 [ 365.962982][T14414] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 365.966608][T14414] memcg:ffff88802ba7b501 [ 365.968552][T14414] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 365.971955][T14414] page_type: 0xffffefff(slab) [ 365.973843][T14414] raw: 00fff00000000040 ffff88801544dcc0 dead000000000122 0000000000000000 [ 365.978485][T14414] raw: ffff8880481a0000 000000008010000f 00000001ffffefff ffff88802ba7b501 [ 365.982335][T14414] head: 00fff00000000040 ffff88801544dcc0 dead000000000122 0000000000000000 [ 365.985903][T14414] head: ffff8880481a0000 000000008010000f 00000001ffffefff ffff88802ba7b501 [ 365.989848][T14414] head: 00fff00000000001 ffffea0001206801 ffffffffffffffff 0000000000000000 [ 365.994110][T14414] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 365.998045][T14414] page dumped because: kasan: bad access detected [ 366.000778][T14414] page_owner tracks the page as allocated [ 366.003262][T14414] page last allocated via order 1, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 9264, tgid 9259 (syz.3.1554), ts 187687736540, free_ts 187646811035 [ 366.014021][T14414] post_alloc_hook+0x2d1/0x350 [ 366.016147][T14414] get_page_from_freelist+0x1353/0x2e50 [ 366.018589][T14414] __alloc_pages_noprof+0x22b/0x2460 [ 366.020969][T14414] alloc_slab_page+0x56/0x110 [ 366.023030][T14414] new_slab+0x84/0x260 [ 366.024809][T14414] ___slab_alloc+0xdac/0x1870 [ 366.026896][T14414] __slab_alloc.constprop.0+0x56/0xb0 [ 366.029299][T14414] kmalloc_trace_noprof+0x2b4/0x300 [ 366.031758][T14414] fuse_file_alloc+0x51/0x2d0 [ 366.033920][T14414] fuse_file_open+0x197/0x780 [ 366.035874][T14414] fuse_open+0x1e8/0x920 [ 366.037695][T14414] do_dentry_open+0x91f/0x15f0 [ 366.039540][T14414] vfs_open+0x82/0x3f0 [ 366.040934][T14414] path_openat+0x21fc/0x2e50 [ 366.042837][T14414] do_filp_open+0x1dc/0x430 [ 366.045017][T14414] do_sys_openat2+0x17a/0x1e0 [ 366.047003][T14414] page last free pid 4690 tgid 4690 stack trace: [ 366.049673][T14414] free_unref_page+0x64a/0xe40 [ 366.051499][T14414] qlist_free_all+0x4e/0x140 [ 366.053331][T14414] kasan_quarantine_reduce+0x192/0x1e0 [ 366.055532][T14414] __kasan_slab_alloc+0x69/0x90 [ 366.057639][T14414] __kmalloc_noprof+0x19d/0x410 [ 366.059624][T14414] tomoyo_realpath_from_path+0xb9/0x720 [ 366.062021][T14414] tomoyo_path_perm+0x273/0x450 [ 366.064146][T14414] security_inode_getattr+0xf4/0x160 [ 366.066559][T14414] vfs_fstat+0x53/0xd0 [ 366.068334][T14414] vfs_fstatat+0x134/0x150 [ 366.070076][T14414] __do_sys_newfstatat+0xa6/0x130 [ 366.072276][T14414] do_syscall_64+0xcd/0x250 [ 366.074269][T14414] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 366.076591][T14414] [ 366.077611][T14414] Memory state around the buggy address: [ 366.079967][T14414] ffff8880481a1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 366.083239][T14414] ffff8880481a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 366.086827][T14414] >ffff8880481a1200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 366.090353][T14414] ^ [ 366.091958][T14414] ffff8880481a1280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 366.095493][T14414] ffff8880481a1300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 366.099084][T14414] ================================================================== [ 366.102957][T14414] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 366.106005][T14414] CPU: 2 PID: 14414 Comm: syz.2.3543 Not tainted 6.10.0-rc7-syzkaller-00076-g9d9a2f29aefd #0 [ 366.109940][T14414] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 366.113875][T14414] Call Trace: [ 366.115143][T14414] [ 366.116316][T14414] dump_stack_lvl+0x3d/0x1f0 [ 366.118456][T14414] panic+0x6f5/0x7a0 [ 366.120228][T14414] ? __pfx_panic+0x10/0x10 [ 366.122267][T14414] ? irqentry_exit+0x3b/0x90 [ 366.124195][T14414] ? lockdep_hardirqs_on+0x7c/0x110 [ 366.126132][T14414] check_panic_on_warn+0xab/0xb0 [ 366.128295][T14414] end_report+0x117/0x180 [ 366.130262][T14414] kasan_report+0xe9/0x110 [ 366.132136][T14414] ? cpu_map_enqueue+0x33b/0x3b0 [ 366.134128][T14414] ? cpu_map_enqueue+0x33b/0x3b0 [ 366.136418][T14414] cpu_map_enqueue+0x33b/0x3b0 [ 366.138917][T14414] xdp_do_redirect+0x72e/0xb10 [ 366.141678][T14414] tun_xdp_act+0xd3/0xc30 [ 366.143716][T14414] ? __pfx_tun_xdp_act+0x10/0x10 [ 366.145915][T14414] ? __pfx___cant_migrate+0x10/0x10 [ 366.148174][T14414] tun_build_skb.constprop.0+0xd7c/0x1250 [ 366.150261][T14414] ? __pfx_tun_build_skb.constprop.0+0x10/0x10 [ 366.152707][T14414] ? __lock_acquire+0xc5d/0x3b30 [ 366.154756][T14414] tun_get_user+0x888/0x3c30 [ 366.156485][T14414] ? __pfx_tun_get_user+0x10/0x10 [ 366.158205][T14414] ? find_held_lock+0x2d/0x110 [ 366.159834][T14414] ? __pfx_lock_release+0x10/0x10 [ 366.161583][T14414] tun_chr_write_iter+0xe8/0x210 [ 366.164038][T14414] vfs_write+0x6b6/0x1140 [ 366.167007][T14414] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 366.169864][T14414] ? __pfx_vfs_write+0x10/0x10 [ 366.172314][T14414] ? do_futex+0x123/0x350 [ 366.174723][T14414] ? __fget_files+0x256/0x400 [ 366.176747][T14414] ? __fget_light+0x173/0x210 [ 366.179228][T14414] ksys_write+0x12f/0x260 [ 366.181549][T14414] ? __pfx_ksys_write+0x10/0x10 [ 366.183833][T14414] do_syscall_64+0xcd/0x250 [ 366.185973][T14414] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 366.189079][T14414] RIP: 0033:0x7f127f57475f [ 366.191116][T14414] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48 [ 366.200442][T14414] RSP: 002b:00007f12803a3010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 366.204493][T14414] RAX: ffffffffffffffda RBX: 00007f127f703f60 RCX: 00007f127f57475f [ 366.209069][T14414] RDX: 000000000000000e RSI: 0000000020001540 RDI: 00000000000000c8 [ 366.213893][T14414] RBP: 00007f127f5e4e60 R08: 0000000000000000 R09: 0000000000000000 [ 366.217578][T14414] R10: 000000000000000e R11: 0000000000000293 R12: 0000000000000000 [ 366.221205][T14414] R13: 000000000000000b R14: 00007f127f703f60 R15: 00007fff84e65848 [ 366.225930][T14414] [ 366.228956][T14414] Kernel Offset: disabled [ 366.230865][T14414] Rebooting in 86400 seconds.. VM DIAGNOSIS: 16:16:19 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=0000000000000000 RCX=ffffffff8adabd14 RDX=ffff88802bf8c880 RSI=0000000000000000 RDI=0000000000000000 RBP=0000000000000000 RSP=ffffc90003296de8 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000002 R12=0000000000000000 R13=ffff88802741f330 R14=0000000000000000 R15=ffffc90003296f90 RIP=ffffffff818ddf68 RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007f885f5706c0 ffffffff 00c00000 GS =0000 ffff88806b000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055558a36c808 CR3=0000000039f86000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000040001 Opmask01=0000000001000003 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000010000 0000000000030000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feb697e4325 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feb697e4332 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feb697e432c ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feb697e4340 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feb697e43c6 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feb697e44a4 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feb698d4488 00007feb698d4480 00007feb698d4478 00007feb698d4450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feb6a43d100 00007feb698d4440 00007feb698d4458 00007feb698d44a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007feb698d4498 00007feb698d4490 00007feb698d4488 00007feb698d4480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000000d 0000000000000000 0000000000000000 00000000000004f0 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000007 RBX=0000000000080000 RCX=0000000000000000 RDX=0000000000000000 RSI=ffff888017eb5344 RDI=ffff888017eb5384 RBP=0000000000000000 RSP=ffffc900008b0b00 R8 =0000000000000001 R9 =0000000000000001 R10=0000000000000000 R11=0000000000000001 R12=0000000000000002 R13=0000000000000000 R14=ffff888017eb5360 R15=00000000000000b2 RIP=ffffffff816b9113 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806b100000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00005646986998e8 CR3=000000002e8f0000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000c0fffc00 Opmask01=00000000000000ff Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=000000003c0f0000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000015 000000000001df8a ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555587490688 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555587496856 00005555874965f0 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd60d600010 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd6148074b8 0000002000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0502800404a4e608 0001000000080606 0124d20000305f65 76616c735f656764 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00080008900303ff ffffff0408800300 0800061000201000 06043efc0802a002 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100130000003428 0803800303800407 800307800408a003 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100100008800401 0000040806060138 9200080008e00300 100008d003001000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 08c00302100008b0 0368100007900301 00088005000c8004 0010801a00140000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000002e08 03b0030100000208 0603a80300000007 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0001001300000034 2808038003038004 07800307800408a0 0300080008900303 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00080061a8030008 0061a00300080061 98034a0800619003 0000000408066188 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000034 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84fd6b85 RDI=ffffffff94dda1a0 RBP=ffffffff94dda160 RSP=ffffc90003c87228 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=5128204350206148 R12=0000000000000000 R13=0000000000000034 R14=ffffffff84fd6b20 R15=0000000000000000 RIP=ffffffff84fd6baf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f12803a36c0 ffffffff 00c00000 GS =0000 ffff88806b200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000001b2f218ff8 CR3=00000000314dc000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000040001 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f127f5e4325 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f127f5e4332 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f127f5e432c ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f127f5e4340 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f127f5e43c6 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f127f5e44a4 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f127f6d4488 00007f127f6d4480 00007f127f6d4478 00007f127f6d4450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f128023d100 00007f127f6d4440 00007f127f6d4458 00007f127f6d44a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f127f6d4498 00007f127f6d4490 00007f127f6d4488 00007f127f6d4480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000001 RBX=ffff88806b246580 RCX=ffffffff8181acfb RDX=0000000000000001 RSI=0000000000000000 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc9000430f900 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000006 R12=ffffed100d648cb1 R13=0000000000000001 R14=ffff88806b246588 R15=ffff88806b33fd80 RIP=ffffffff818dde60 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806b300000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f885f4356b8 CR3=000000000d97a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff77200c50 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f885e7e4325 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f885e7e4332 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f885e7e432c ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f885e7e4340 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f885e7e43c6 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f885e7e44a4 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 00000000000000a0 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000