last executing test programs: 2m13.978512485s ago: executing program 0 (id=1098): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r0) sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd7000fedbdf2531000000180001801400020064756d6d7930"], 0x2c}, 0x1, 0x0, 0x0, 0x2004c890}, 0x2000c800) 2m13.976242035s ago: executing program 0 (id=1099): r0 = syz_open_dev$vim2m(&(0x7f0000000240), 0x2000a54, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x6, 0x1, 0x1}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000140)=@multiplanar_mmap={0x4, 0x1, 0x4, 0x0, 0x800000, {}, {0x0, 0x0, 0x0, 0x0, 0xfc, 0xff, "e6dd3c3d"}, 0xb20f, 0x1, {0x0}}) 2m13.887355911s ago: executing program 0 (id=1105): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x48100) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000040)={0x0, 0x6, 0x0, 'queue1\x00', 0x200}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r0, 0xc08c5335, &(0x7f00000001c0)={0x0, 0x80, 0x1, 'queue0\x00', 0x4}) 2m13.887155506s ago: executing program 0 (id=1107): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000180)='.\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x45110, 0x0) mount$tmpfs(0x0, &(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000300)={[{@gid}]}) 2m13.83303125s ago: executing program 0 (id=1109): sendmsg$IEEE802154_START_REQ(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[], 0x6c}, 0x1, 0x0, 0x0, 0x18000}, 0x0) r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_CLEAR_HALT(r0, 0xc0105502, &(0x7f0000000300)={0x1, 0x1}) 2m13.520307151s ago: executing program 0 (id=1129): r0 = memfd_create(&(0x7f0000000480)='/dev/loop#\x00\xee\b\xce\xde\xe9\x8d\xd3\xd4\xe2\xfd\x7f\xf5R%\xe8]l\xa1s\b\xa5\xd2\xd59\xc8\xda\b\xd6\xb2\x15\xf6F\xb8\xb4{r.\xd2\xea\x16\x82\xe8=\xa3\x88sN\x83N`\xf9\xec\xe1\xbb\x05vH\xdd\x01?k\x97\xa5\xbf\xba\x89#=2G0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000007c0)=@newqdisc={0x38, 0x24, 0x3fe3aa0262d8c583, 0x70bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, r1, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x10, 0xe}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_RATE_ENABLE={0x8, 0x5, 0x1}]}}]}, 0x38}}, 0x4048000) 2m9.882701026s ago: executing program 4 (id=1254): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x15, 0x301, 0x0, 0x0, {0xa}}, 0x14}}, 0x0) sendmsg$NLBL_UNLABEL_C_STATICADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x8, 0x3000000000002}, 0x0) 2m9.818808877s ago: executing program 4 (id=1256): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8}) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) 2m9.81861283s ago: executing program 4 (id=1258): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000880), r0) sendmsg$NET_DM_CMD_STOP(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000002a80)={&(0x7f0000002a40)={0x14, r1, 0x1, 0x70bd28, 0x25dfdbfb}, 0x14}}, 0x0) 1m54.79769187s ago: executing program 33 (id=1258): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000880), r0) sendmsg$NET_DM_CMD_STOP(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000002a80)={&(0x7f0000002a40)={0x14, r1, 0x1, 0x70bd28, 0x25dfdbfb}, 0x14}}, 0x0) 327.744296ms ago: executing program 1 (id=6000): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32=r2, @ANYBLOB="08002600940900000800b7"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 324.584534ms ago: executing program 1 (id=6002): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1a00000007"], 0x50) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000000000), 0xd) 275.246743ms ago: executing program 1 (id=6005): r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x9) openat$cgroup_subtree(r1, &(0x7f0000000100), 0x2, 0x0) 271.558672ms ago: executing program 1 (id=6007): r0 = add_key$user(&(0x7f0000000000), &(0x7f0000000100)={'syz', 0x2}, &(0x7f0000000080)="03", 0x1, 0xffffffffffffffff) pipe2$watch_queue(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) keyctl$KEYCTL_WATCH_KEY(0x20, r0, r1, 0x0) keyctl$update(0x2, r0, &(0x7f0000000280)="21eeaaf3f9", 0x5) 270.476509ms ago: executing program 5 (id=6008): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f00000000c0)={0x1, 0xc, 0x3, 0xfffffffffffffffe, 0x3}) 251.221592ms ago: executing program 1 (id=6009): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=@gettaction={0x48, 0x32, 0x400, 0x70bd2a, 0x25cfdbfd, {}, [@action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1, 0x1}}, @action_gd=@TCA_ACT_TAB={0x28, 0x1, [{0xc, 0x5, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4000009}}, {0xc, 0x2, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x81f7}}, {0xc, 0x1f, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040810) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c00000010000304000000d9ff00000000000400", @ANYRES32=r1, @ANYBLOB="60bc010004a701003c00128009000100626f6e64000000002c"], 0x5c}, 0x1, 0x0, 0x0, 0x11}, 0x4000044) 223.923252ms ago: executing program 1 (id=6012): r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1, 0x0, 0x2}) ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000080)=0x2) poll(&(0x7f0000000140)=[{r0, 0x8581}], 0x1, 0x1000) 169.265162ms ago: executing program 5 (id=6016): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000440)=@newqdisc={0x40, 0x24, 0xd0f, 0x70bd26, 0x25dfdbfb, {0x60, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x14, 0x5}}, [@qdisc_kind_options=@q_etf={{0x8}, {0x14, 0x2, @TCA_ETF_PARMS={0x10, 0x1, {0xffffffc0, 0xb}}}}]}, 0x40}}, 0x0) 123.893605ms ago: executing program 5 (id=6018): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="5c00000010003958aeeffffffcdbdf250000ef6d", @ANYRES32=r1, @ANYBLOB="216100000000000014001400726f7365300000000000000000000000280016802400018014000b"], 0x5c}}, 0x4000000) 123.44887ms ago: executing program 2 (id=6019): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000600)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000002"], 0x110) setsockopt$inet_group_source_req(r0, 0x0, 0x2b, &(0x7f00000006c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @empty}}}, 0x108) 123.28136ms ago: executing program 3 (id=6020): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000180)=0xb0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000480)={@host}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a4, &(0x7f0000000000)={{@any, 0xffff7dff}, @hyper, 0x0, 0x0, 0x4000000f8, 0x8, 0x0, 0x4000000, 0x7}) 121.665258ms ago: executing program 2 (id=6021): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x28, r1, 0x1, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT={0x6, 0xa, 0x4fc0}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x48840}, 0x4) 121.527922ms ago: executing program 3 (id=6022): mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave']) chdir(&(0x7f0000000240)='./file0\x00') open(&(0x7f0000000040)='./bus\x00', 0x80242, 0x0) 115.750183ms ago: executing program 5 (id=6023): r0 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000004c0)=@newqdisc={0x8c, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x9, 0x6, 0x3c, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8]}}]}}]}, 0x8c}}, 0x0) 96.4304ms ago: executing program 3 (id=6024): r0 = io_uring_setup(0x497c, &(0x7f00000001c0)) pipe2$watch_queue(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$IOC_WATCH_QUEUE_SET_SIZE(r1, 0x5760, 0x5e) close_range(r0, 0xffffffffffffffff, 0x0) 93.342298ms ago: executing program 2 (id=6025): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14) sendmsg$nl_route_sched(r0, &(0x7f0000006280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000280)=@newtaction={0x68, 0x30, 0x1, 0x4000000, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x80000000, 0x0, 0x10000000, 0x0, 0x4}, 0x1, r2}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0) 67.037425ms ago: executing program 2 (id=6026): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_STOP_AP(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x1, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x8000) 66.690661ms ago: executing program 3 (id=6027): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000440)=@newqdisc={0x40, 0x24, 0xd0f, 0x70bd26, 0x25dfdbfb, {0x60, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x14, 0x5}}, [@qdisc_kind_options=@q_etf={{0x8}, {0x14, 0x2, @TCA_ETF_PARMS={0x10, 0x1, {0xffffffc0, 0xb}}}}]}, 0x40}}, 0x0) 66.303068ms ago: executing program 5 (id=6028): r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xb, &(0x7f0000000000)=0x40b, 0x4) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001a00)={0x14, r1, 0x1, 0x2000, 0x25dfdbfc, {0x23}}, 0x14}, 0x1, 0x0, 0x0, 0x24000815}, 0x4004844) 43.589773ms ago: executing program 3 (id=6029): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000600)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000002"], 0x110) setsockopt$inet_group_source_req(r0, 0x0, 0x2b, &(0x7f00000006c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @empty}}}, 0x108) 41.222086ms ago: executing program 5 (id=6030): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x0, 0x0, 0x0}, 0x94) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e000000020013000200000000000000ff0800ed05000600200000000a0006000000000026b900000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0) sendmsg$key(r0, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002eb0e00000000000000000105000600200000000a00000040010000000500e50000070000001f00001a000000030000a95a6e870200010000e9ff070040000200000000050005000000cc580a"], 0x80}}, 0x24000000) 39.958596ms ago: executing program 2 (id=6031): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000180)=0xb0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000480)={@host}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a4, &(0x7f0000000000)={{@any, 0xffff7dff}, @hyper, 0x0, 0x0, 0x4000000f8, 0x8, 0x0, 0x4000000, 0x7}) 109.195µs ago: executing program 3 (id=6032): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=@gettaction={0x48, 0x32, 0x400, 0x70bd2a, 0x25cfdbfd, {}, [@action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1, 0x1}}, @action_gd=@TCA_ACT_TAB={0x28, 0x1, [{0xc, 0x5, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4000009}}, {0xc, 0x2, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x81f7}}, {0xc, 0x1f, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040810) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c00000010000304000000d9ff00000000000400", @ANYRES32=r1, @ANYBLOB="60bc010004a701003c00128009000100626f6e64000000002c"], 0x5c}, 0x1, 0x0, 0x0, 0x11}, 0x4000044) 0s ago: executing program 2 (id=6033): mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave']) chdir(&(0x7f0000000240)='./file0\x00') open(&(0x7f0000000040)='./bus\x00', 0x80242, 0x0) kernel console output (not intermixed with test programs): [ T9998] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.785569][ T9998] bridge_slave_0: entered allmulticast mode [ 86.793491][ T9998] bridge_slave_0: entered promiscuous mode [ 86.800032][ T9998] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.802326][ T9998] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.804954][ T9998] bridge_slave_1: entered allmulticast mode [ 86.813149][ T9998] bridge_slave_1: entered promiscuous mode [ 86.824005][ T13] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.870935][ T9998] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.871886][T10059] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 86.875421][ T9998] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.916281][ T13] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.921760][T10063] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1820'. [ 86.944898][T10069] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1823'. [ 86.947732][T10069] openvswitch: netlink: nsh attribute has unmatched MD type 0. [ 86.950080][T10069] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 86.963271][ T9998] team0: Port device team_slave_0 added [ 86.969838][ T9998] team0: Port device team_slave_1 added [ 87.014756][ T9998] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.016943][ T9998] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.025067][ T9998] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.040111][ T13] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.044658][T10078] binder: 10077:10078 ioctl 4018620d 0 returned -22 [ 87.049146][ T9998] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.051307][ T9998] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.060029][ T9998] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.129359][ T9998] hsr_slave_0: entered promiscuous mode [ 87.132896][ T9998] hsr_slave_1: entered promiscuous mode [ 87.134962][ T9998] debugfs: 'hsr0' already exists in 'hsr' [ 87.136692][ T9998] Cannot create hsr debugfs directory [ 87.169701][T10090] sp0: Synchronizing with TNC [ 87.273374][ T13] bridge_slave_1: left allmulticast mode [ 87.275225][ T13] bridge_slave_1: left promiscuous mode [ 87.277102][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.283390][ T13] bridge_slave_0: left allmulticast mode [ 87.285178][ T13] bridge_slave_0: left promiscuous mode [ 87.286378][ T40] kauditd_printk_skb: 2 callbacks suppressed [ 87.286387][ T40] audit: type=1400 audit(1754257704.834:454): avc: denied { connect } for pid=10102 comm="syz.3.1840" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 87.286993][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.506174][T10123] [U] [ 87.507180][T10123] [U] [ 87.508096][T10123] [U] [ 87.508972][T10123] [U] [ 87.510252][T10123] [U] [ 87.511149][T10123] [U] [ 87.512036][T10123] [U] [ 87.512910][T10123] [U] [ 87.514691][T10123] [U] [ 87.515573][T10123] [U] [ 87.516442][T10123] [U] [ 87.517317][T10123] [U] [ 87.518263][T10123] [U] [ 87.519152][T10123] [U] [ 87.520037][T10123] [U] [ 87.520923][T10123] [U] [ 87.521900][T10123] [U] [ 87.522814][T10123] [U] [ 87.523699][T10123] [U] [ 87.524588][T10123] [U] [ 87.526579][T10123] [U] [ 87.527551][T10123] [U] [ 87.528444][T10123] [U] [ 87.529339][T10123] [U] [ 87.532703][T10123] [U] [ 87.533790][T10123] [U] [ 87.534675][T10123] [U] [ 87.535551][T10123] [U] [ 87.536532][T10123] [U] [ 87.537476][T10123] [U] [ 87.538356][T10123] [U] [ 87.539232][T10123] [U] [ 87.540201][T10123] [U] [ 87.541088][T10123] [U] [ 87.541964][T10123] [U] [ 87.542861][T10123] [U] [ 87.544101][T10123] [U] [ 87.545008][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 87.547652][T10123] [U] [ 87.548544][T10123] [U] [ 87.549447][T10123] [U] [ 87.550582][T10123] [U] [ 87.551522][T10123] [U] [ 87.552416][T10123] [U] [ 87.553324][T10123] [U] [ 87.554591][T10123] [U] [ 87.554746][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 87.555499][T10123] [U] [ 87.559060][T10123] [U] [ 87.559948][T10123] [U] [ 87.561166][T10123] [U] [ 87.561711][ T13] bond0 (unregistering): Released all slaves [ 87.562083][T10123] [U] [ 87.564863][T10123] [U] [ 87.565749][T10123] [U] [ 87.566969][T10123] [U] [ 87.567870][T10123] [U] [ 87.568756][T10123] [U] [ 87.569644][T10123] [U] [ 87.570685][T10123] [U] [ 87.571584][T10123] [U] [ 87.572478][T10123] [U] [ 87.573485][T10123] [U] [ 87.576383][T10123] [U] [ 87.577335][T10123] [U] [ 87.578249][T10123] [U] [ 87.579131][T10123] [U] [ 87.580090][T10123] [U] [ 87.580985][T10123] [U] [ 87.581901][T10123] [U] [ 87.582856][T10123] [U] [ 87.585652][T10123] [U] [ 87.586958][T10123] [U] [ 87.587857][T10123] [U] [ 87.588770][T10123] [U] [ 87.590397][T10123] [U] [ 87.591353][T10123] [U] [ 87.592263][T10123] [U] [ 87.593176][T10123] [U] [ 87.595590][T10123] [U] [ 87.596511][T10123] [U] [ 87.597409][T10123] [U] [ 87.598306][T10123] [U] [ 87.599460][T10123] [U] [ 87.600355][T10123] [U] [ 87.601251][T10123] [U] [ 87.602140][T10123] [U] [ 87.605130][T10123] [U] [ 87.606043][T10123] [U] [ 87.606930][T10123] [U] [ 87.607814][T10123] [U] [ 87.609096][T10123] [U] [ 87.610004][T10123] [U] [ 87.610886][T10123] [U] [ 87.611772][T10123] [U] [ 87.615210][T10123] [U] [ 87.616121][T10123] [U] [ 87.617004][T10123] [U] [ 87.617901][T10123] [U] [ 87.619039][T10123] [U] [ 87.619928][T10123] [U] [ 87.620805][T10123] [U] [ 87.621702][T10123] [U] [ 87.624703][T10123] [U] [ 87.625640][T10123] [U] [ 87.626691][T10123] [U] [ 87.627611][T10123] [U] [ 87.637236][T10123] [U] [ 87.638162][T10123] [U] [ 87.639045][T10123] [U] [ 87.640243][T10123] [U] [ 87.645523][T10123] [U] [ 87.646437][T10123] [U] [ 87.647324][T10123] [U] [ 87.648219][T10123] [U] [ 87.648782][ T9998] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 87.649195][T10123] [U] [ 87.652062][T10123] [U] [ 87.652959][T10123] [U] [ 87.653854][T10123] [U] [ 87.656302][T10123] [U] [ 87.657237][T10123] [U] [ 87.657663][ T9998] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 87.658144][T10123] [U] [ 87.661088][T10123] [U] [ 87.666140][T10123] [U] [ 87.667059][T10123] [U] [ 87.667962][T10123] [U] [ 87.668842][T10123] [U] [ 87.669797][T10123] [U] [ 87.670682][T10123] [U] [ 87.671587][T10123] [U] [ 87.677152][ T9998] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 87.681736][ T9998] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 87.697710][T10122] [U] [ 87.846496][ T9998] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.853974][ T13] hsr_slave_0: left promiscuous mode [ 87.856546][ T13] hsr_slave_1: left promiscuous mode [ 87.858562][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 87.860878][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 87.868013][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 87.870357][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 87.895988][ T13] veth1_macvtap: left promiscuous mode [ 87.897793][ T13] veth0_macvtap: left promiscuous mode [ 87.899623][ T13] veth1_vlan: left promiscuous mode [ 87.901317][ T13] veth0_vlan: left promiscuous mode [ 88.089189][T10182] loop6: detected capacity change from 0 to 524287999 [ 88.367152][ T13] team0 (unregistering): Port device team_slave_1 removed [ 88.414272][ T13] team0 (unregistering): Port device team_slave_0 removed [ 88.503756][ T5970] Bluetooth: hci0: command tx timeout [ 88.776939][T10171] __nla_validate_parse: 1 callbacks suppressed [ 88.776949][T10171] netlink: 144 bytes leftover after parsing attributes in process `syz.3.1864'. [ 88.783390][ T9998] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.810594][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.812918][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.824691][ T1066] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.827723][ T1066] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.951575][ T9998] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.111312][ T9998] veth0_vlan: entered promiscuous mode [ 89.118326][ T9998] veth1_vlan: entered promiscuous mode [ 89.136093][ T40] audit: type=1326 audit(1754257706.684:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10233 comm="syz.2.1881" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f52ccf8eb69 code=0x0 [ 89.136816][ T9998] veth0_macvtap: entered promiscuous mode [ 89.148886][ T9998] veth1_macvtap: entered promiscuous mode [ 89.157678][ T9998] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.164788][ T9998] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.170307][ T54] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.176217][ T54] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.181789][ T54] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.185848][ T54] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.231158][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.239271][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.253780][ T1179] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.256288][ T1179] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.639190][ T40] audit: type=1400 audit(1754257707.184:456): avc: denied { map } for pid=10289 comm="syz.5.1893" path="/dev/dri/card0" dev="devtmpfs" ino=635 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 89.646511][ T40] audit: type=1400 audit(1754257707.184:457): avc: denied { execute } for pid=10289 comm="syz.5.1893" path="/dev/dri/card0" dev="devtmpfs" ino=635 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 89.673456][T10294] futex_wake_op: syz.1.1895 tries to shift op by 32; fix this program [ 89.724639][T10301] loop6: detected capacity change from 0 to 524287999 [ 90.435861][ T40] audit: type=1400 audit(1754257707.984:458): avc: denied { ioctl } for pid=10401 comm="syz.1.1935" path="socket:[26696]" dev="sockfs" ino=26696 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 90.449218][ T40] audit: type=1400 audit(1754257707.994:459): avc: denied { create } for pid=10405 comm="syz.2.1937" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 90.459220][ T40] audit: type=1400 audit(1754257708.004:460): avc: denied { listen } for pid=10405 comm="syz.2.1937" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 90.467848][ T40] audit: type=1400 audit(1754257708.014:461): avc: denied { accept } for pid=10405 comm="syz.2.1937" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 90.542866][T10415] netlink: 'syz.5.1941': attribute type 62 has an invalid length. [ 90.571885][T10417] netlink: 72 bytes leftover after parsing attributes in process `syz.5.1943'. [ 90.592712][ T5970] Bluetooth: hci0: command tx timeout [ 90.802508][T10314] comedi comedi2: reset error (fatal) [ 90.858260][T10450] delete_channel: no stack [ 90.908645][T10454] tipc: Started in network mode [ 90.910231][T10454] tipc: Node identity 2, cluster identity 4711 [ 90.912144][T10454] tipc: Node number set to 2 [ 91.311217][T10478] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1968'. [ 91.350675][T10487] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1980'. [ 91.395907][ T40] audit: type=1800 audit(1754257708.944:462): pid=10495 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.1.1977" name="file0" dev="tmpfs" ino=3158 res=0 errno=0 [ 91.405549][ T40] audit: type=1804 audit(1754257708.954:463): pid=10495 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.1.1977" name="/newroot/622/file0" dev="tmpfs" ino=3158 res=1 errno=0 [ 91.728926][T10528] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=10528 comm=syz.1.1991 [ 92.357160][T10538] netlink: 14593 bytes leftover after parsing attributes in process `syz.1.2004'. [ 92.379331][T10540] sp0: Synchronizing with TNC [ 92.487920][T10540] mkiss: ax0: crc mode is auto. [ 92.664327][T10555] random: crng reseeded on system resumption [ 92.740029][T10561] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2008'. [ 92.742927][T10561] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2008'. [ 92.784775][T10565] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2017'. [ 92.834429][ T5970] Bluetooth: hci0: command tx timeout [ 92.845616][T10565] team0: Port device team_slave_1 removed [ 92.905544][T10571] program syz.5.2012 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 92.930990][T10573] Bluetooth: MGMT ver 1.23 [ 93.005402][T10583] tmpfs: Bad value for 'mpol' [ 93.053253][T10591] IPVS: Error connecting to the multicast addr [ 93.508586][T10643] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 93.701461][ T40] audit: type=1326 audit(1754257711.244:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10671 comm="syz.5.2061" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9d3c58eb69 code=0x0 [ 93.766270][T10682] binder_alloc: binder_alloc_mmap_handler: 10681 200000ff9000-200000ffd000 already mapped failed -16 [ 93.910653][T10695] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2073'. [ 94.326892][T10739] mkiss: ax0: crc mode is auto. [ 94.630879][T10776] tipc: Started in network mode [ 94.634248][T10776] tipc: Node identity 2, cluster identity 4711 [ 94.636166][T10776] tipc: Node number set to 2 [ 94.659835][T10781] tmpfs: Cannot disable swap on remount [ 94.783185][ T40] audit: type=1400 audit(1754257712.324:465): avc: denied { setopt } for pid=10803 comm="syz.2.2126" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 94.912545][ T6050] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 95.072538][ T6050] usb 6-1: Using ep0 maxpacket: 8 [ 95.075992][ T6050] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 95.079361][ T6050] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 95.082134][ T6050] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 95.086976][ T6050] usb 6-1: config 0 descriptor?? [ 95.233777][T10845] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2142'. [ 95.419538][T10872] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 95.504369][ T6050] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 95.512152][ T6050] usb 6-1: USB disconnect, device number 2 [ 95.518517][T10885] binder: 10884:10885 ioctl 4018620d 0 returned -22 [ 95.744162][T10900] sp0: Synchronizing with TNC [ 95.747683][T10902] netlink: 52 bytes leftover after parsing attributes in process `syz.2.2176'. [ 96.307960][T10967] usb usb8: usbfs: process 10967 (syz.2.2199) did not claim interface 0 before use [ 96.598658][T11021] netlink: 504 bytes leftover after parsing attributes in process `syz.5.2224'. [ 96.626985][T11026] usb usb8: usbfs: process 11026 (syz.1.2225) did not claim interface 0 before use [ 96.719160][T11047] netlink: 504 bytes leftover after parsing attributes in process `syz.1.2235'. [ 96.988850][T11095] netlink: 72 bytes leftover after parsing attributes in process `syz.1.2259'. [ 97.117429][ T40] audit: type=1400 audit(1754257714.664:466): avc: denied { connect } for pid=11119 comm="syz.2.2271" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 97.188189][ T34] libceph: connect (1)[c::]:6789 error -101 [ 97.190392][ T34] libceph: mon0 (1)[c::]:6789 connect error [ 97.463857][ T34] libceph: connect (1)[c::]:6789 error -101 [ 97.465860][ T34] libceph: mon0 (1)[c::]:6789 connect error [ 97.972767][ T34] libceph: connect (1)[c::]:6789 error -101 [ 97.974769][ T34] libceph: mon0 (1)[c::]:6789 connect error [ 98.010870][T11129] ceph: No mds server is up or the cluster is laggy [ 98.045823][T11183] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2307'. [ 98.615093][ T40] audit: type=1400 audit(1754257716.164:467): avc: denied { lock } for pid=11294 comm="syz.3.2354" path="socket:[30827]" dev="sockfs" ino=30827 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 98.787189][T11326] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 98.900517][T11337] sp0: Synchronizing with TNC [ 98.904598][T11337] sp0: Found TNC [ 98.906727][T11335] [U] ` [ 99.023561][ T40] audit: type=1400 audit(1754257716.574:468): avc: denied { ioctl } for pid=11354 comm="syz.1.2383" path="socket:[30895]" dev="sockfs" ino=30895 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 99.359322][ T40] audit: type=1400 audit(1754257716.904:469): avc: denied { setopt } for pid=11398 comm="syz.1.2400" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 99.923511][ T840] libceph: connect (1)[c::]:6789 error -101 [ 99.925498][ T840] libceph: mon0 (1)[c::]:6789 connect error [ 100.082541][ T40] audit: type=1400 audit(1754257717.624:470): avc: denied { execute } for pid=11425 comm="syz.5.2409" path="/dev/comedi4" dev="devtmpfs" ino=1306 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 100.183345][ T840] libceph: connect (1)[c::]:6789 error -101 [ 100.192214][ T840] libceph: mon0 (1)[c::]:6789 connect error [ 100.237745][T11442] [U] N{st3 )Lbo7UюNQʈ tQZ4s [ 100.257162][T11444] random: crng reseeded on system resumption [ 100.264856][T11444] Restarting kernel threads ... [ 100.266966][T11444] Done restarting kernel threads. [ 100.395253][ T40] audit: type=1400 audit(1754257717.944:471): avc: denied { bind } for pid=11461 comm="syz.5.2425" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 100.475319][T11479] netlink: 52 bytes leftover after parsing attributes in process `syz.5.2433'. [ 100.712767][ T840] libceph: connect (1)[c::]:6789 error -101 [ 100.714792][ T840] libceph: mon0 (1)[c::]:6789 connect error [ 100.754199][T11408] ceph: No mds server is up or the cluster is laggy [ 101.022964][T11512] [U] N{st3 )Lbo7UюNQʈ tQZ4s [ 101.117816][T11522] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 101.463492][T11553] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 102.042539][T11517] comedi comedi2: reset error (fatal) [ 102.463152][ T40] audit: type=1400 audit(1754257720.014:472): avc: denied { create } for pid=11602 comm="syz.1.2474" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1 [ 102.471078][ T40] audit: type=1400 audit(1754257720.014:473): avc: denied { bind } for pid=11602 comm="syz.1.2474" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1 [ 102.611922][ T40] audit: type=1800 audit(1754257720.154:474): pid=11626 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.5.2486" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0 [ 102.674280][T11635] smc: net device bond0 applied user defined pnetid SYZ0 [ 102.768555][T11655] tipc: Started in network mode [ 102.770280][T11655] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 102.775938][T11655] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00aa [ 102.778876][T11655] tipc: Enabled bearer , priority 10 [ 102.840735][T11667] [U]  [ 102.939052][T11687] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2515'. [ 102.961260][T11691] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2517'. [ 103.051791][ T40] audit: type=1400 audit(1754257720.594:475): avc: denied { ioctl } for pid=11709 comm="syz.5.2525" path="mnt:[4026532870]" dev="nsfs" ino=4026532870 ioctlcmd=0x940c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 103.065601][T11713] netlink: 596 bytes leftover after parsing attributes in process `syz.1.2527'. [ 103.103825][T11722] netlink: 'syz.3.2531': attribute type 13 has an invalid length. [ 103.108610][T11722] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2531'. [ 103.235997][T11744] netlink: 596 bytes leftover after parsing attributes in process `syz.3.2540'. [ 103.498208][T11779] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2556'. [ 103.498230][T11779] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2556'. [ 103.500940][T11779] gretap0: entered promiscuous mode [ 103.507196][T11779] gretap0: left promiscuous mode [ 103.720114][T11789] vim2m vim2m.0: vidioc_s_fmt queue busy [ 103.783537][ T6050] tipc: Node number set to 1 [ 104.121972][T11823] pim6reg9: entered allmulticast mode [ 104.173209][T11832] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2582'. [ 104.173222][T11832] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2582'. [ 104.173237][T11832] netlink: 'syz.3.2582': attribute type 12 has an invalid length. [ 104.266998][T11850] random: crng reseeded on system resumption [ 104.393621][T11877] pim6reg9: entered allmulticast mode [ 104.453017][ T40] audit: type=1400 audit(1754257721.994:476): avc: denied { ioctl } for pid=11889 comm="syz.1.2610" path="socket:[32142]" dev="sockfs" ino=32142 ioctlcmd=0x8b36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 104.465113][ T40] audit: type=1400 audit(1754257722.014:477): avc: denied { ioctl } for pid=11893 comm="syz.3.2612" path="socket:[31303]" dev="sockfs" ino=31303 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 104.471368][T11890] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.569462][T11917] netlink: 'syz.1.2622': attribute type 12 has an invalid length. [ 104.595488][ T40] audit: type=1400 audit(1754257722.144:478): avc: denied { read } for pid=11921 comm="syz.5.2626" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 104.602633][ T40] audit: type=1400 audit(1754257722.144:479): avc: denied { open } for pid=11921 comm="syz.5.2626" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 104.607773][T11925] gretap0: entered promiscuous mode [ 104.609706][ T40] audit: type=1400 audit(1754257722.144:480): avc: denied { write } for pid=11921 comm="syz.5.2626" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 104.624707][T11928] random: crng reseeded on system resumption [ 104.628684][T11925] gretap0: left promiscuous mode [ 104.824949][ T5970] Bluetooth: hci3: Malformed HCI Event [ 104.896788][T11972] openvswitch: netlink: Message has 5 unknown bytes. [ 104.938154][ T40] audit: type=1400 audit(1754257722.484:481): avc: denied { connect } for pid=11978 comm="syz.1.2653" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 104.960180][ T40] audit: type=1400 audit(1754257722.504:482): avc: denied { mount } for pid=11983 comm="syz.3.2655" name="/" dev="ramfs" ino=32235 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 104.970319][ T40] audit: type=1400 audit(1754257722.514:483): avc: denied { unmount } for pid=5964 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 104.990408][ T40] audit: type=1400 audit(1754257722.534:484): avc: denied { create } for pid=11989 comm="syz.3.2658" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 104.992599][ T5970] Bluetooth: hci2: Received unexpected HCI Event 0x00 [ 105.103966][ T40] audit: type=1400 audit(1754257722.654:485): avc: denied { mount } for pid=12012 comm="syz.5.2669" name="/" dev="configfs" ino=3098 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 105.199400][T12029] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 105.466544][T12081] syz_tun: refused to change device tx_queue_len [ 105.507901][T12087] netlink: 'syz.1.2704': attribute type 1 has an invalid length. [ 105.510400][T12087] __nla_validate_parse: 8 callbacks suppressed [ 105.510410][T12087] netlink: 232 bytes leftover after parsing attributes in process `syz.1.2704'. [ 105.515391][T12087] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2704'. [ 105.706938][T12111] netlink: 152 bytes leftover after parsing attributes in process `syz.3.2715'. [ 105.757675][ T5970] Bluetooth: hci2: Malformed HCI Event [ 106.183955][T12141] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2727'. [ 106.331870][T12169] delete_channel: no stack [ 106.489632][T12199] ptrace attach of "/syz-executor exec"[12201] was attempted by "/syz-executor exec"[12199] [ 106.849644][T12247] vivid-003: disconnect [ 106.851547][T12246] vivid-003: reconnect [ 106.977785][T12269] openvswitch: netlink: VXLAN extension 149 out of range max 1 [ 107.068626][T12281] raw_sendmsg: syz.5.2796 forgot to set AF_INET. Fix it! [ 107.122554][ T6032] usb 7-1: new low-speed USB device number 3 using dummy_hcd [ 107.196615][T12290] program syz.1.2806 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 107.294589][ T6032] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 107.294617][ T6032] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 107.294631][ T6032] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 107.294644][ T6032] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 107.294657][ T6032] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 107.298987][ T6032] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 107.299011][ T6032] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 107.299025][ T6032] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 107.299038][ T6032] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 107.299051][ T6032] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 107.299958][ T6032] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 107.299980][ T6032] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 107.299993][ T6032] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 107.300006][ T6032] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 107.300019][ T6032] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 107.307619][ T6032] usb 7-1: string descriptor 0 read error: -22 [ 107.307676][ T6032] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 107.307689][ T6032] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 107.316521][ T6032] adutux 7-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 107.346340][T12312] ptrace attach of "/syz-executor exec"[12313] was attempted by "/syz-executor exec"[12312] [ 107.420547][T12324] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2816'. [ 107.465105][T12327] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2817'. [ 107.520754][T12340] program syz.5.2821 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 107.531121][ T838] usb 7-1: USB disconnect, device number 3 [ 107.561741][T12346] devpts: Bad value for 'max' [ 107.608917][T12350] openvswitch: netlink: VXLAN extension 149 out of range max 1 [ 107.632528][T12354] random: crng reseeded on system resumption [ 107.691196][T12360] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 107.719560][T12364] tmpfs: Cannot change global quota limit on remount [ 107.841833][T12376] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2840'. [ 108.085853][T12399] [U] v3f"S/4:XTzWtlW= [ 108.087993][T12399] [U] J"e:" [ 108.156968][T12410] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 108.234764][T12425] program syz.2.2864 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 108.330188][T12435] devpts: Bad value for 'max' [ 108.447054][T12451] tipc: Started in network mode [ 108.448931][T12451] tipc: Node identity ac14140f, cluster identity 4711 [ 108.451434][T12451] tipc: New replicast peer: 255.255.255.255 [ 108.452522][ T6050] usb 6-1: new low-speed USB device number 3 using dummy_hcd [ 108.456768][T12451] tipc: Enabled bearer , priority 10 [ 108.613913][ T6050] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 108.616290][ T6050] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 108.621972][ T6050] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 108.625700][ T6050] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 108.629591][ T6050] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 108.633979][ T6050] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 108.636332][ T6050] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 108.639646][ T6050] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 108.643594][ T6050] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 108.646968][ T6050] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 108.654160][ T6050] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 108.656691][ T6050] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 108.656708][ T6050] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 108.656722][ T6050] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 108.656735][ T6050] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 108.669646][ T6050] usb 6-1: string descriptor 0 read error: -22 [ 108.675585][ T6050] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 108.675600][ T6050] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 108.686713][ T6050] adutux 6-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 108.720593][T12494] netlink: 'syz.5.2897': attribute type 7 has an invalid length. [ 108.720605][T12494] netlink: 'syz.5.2897': attribute type 8 has an invalid length. [ 108.756148][T12500] usb usb5: usbfs: interface 0 claimed by hub while 'syz.2.2901' resets device [ 108.893933][ T6050] usb 6-1: USB disconnect, device number 3 [ 109.123000][ T29] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 109.427404][T12572] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 109.430268][T12572] overlayfs: missing 'lowerdir' [ 109.593629][ T6032] tipc: Node number set to 2886997007 [ 109.652590][ T29] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 109.802544][ T29] usb 6-1: Using ep0 maxpacket: 32 [ 109.806352][ T29] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 109.809332][ T29] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 109.812279][ T29] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 109.815546][ T29] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 109.818527][ T29] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 109.822760][ T29] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 109.825544][ T29] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.829222][ T29] usb 6-1: config 0 descriptor?? [ 110.036989][ T29] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 4 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 112.436717][ T838] usb 6-1: USB disconnect, device number 4 [ 112.441184][ T838] usblp0: removed [ 119.407327][T12596] ALSA: seq fatal error: cannot create timer (-19) [ 119.447422][T12606] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2935'. [ 119.681887][T12642] can0: slcan on ptm0. [ 119.743869][T12640] can0 (unregistered): slcan off ptm0. [ 119.962398][T12671] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2965'. [ 120.116291][T12683] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 120.340611][ T40] kauditd_printk_skb: 9 callbacks suppressed [ 120.340622][ T40] audit: type=1800 audit(1754257737.884:495): pid=12695 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.1.2976" name="SYSV00000000" dev="tmpfs" ino=4 res=0 errno=0 [ 120.393684][T12703] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0) [ 120.409918][T12705] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 120.418728][ T40] audit: type=1400 audit(1754257737.964:496): avc: denied { read } for pid=12706 comm="syz.3.2982" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 120.456117][T12713] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 120.607005][T12737] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 121.406144][ T40] audit: type=1326 audit(1754257738.954:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12732 comm="syz.2.2995" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52ccf8eb69 code=0x7fc00000 [ 122.000778][T12759] tipc: Enabling of bearer rejected, media not registered [ 122.017309][ T40] audit: type=1400 audit(1754257739.564:498): avc: denied { ioctl } for pid=12760 comm="syz.2.3007" path="socket:[34746]" dev="sockfs" ino=34746 ioctlcmd=0x8b32 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 122.201270][T12780] mkiss: ax0: crc mode is auto. [ 122.311956][T12788] macvlan2: entered promiscuous mode [ 122.313784][T12788] macvlan2: entered allmulticast mode [ 122.332061][T12790] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3021'. [ 122.411452][ T40] audit: type=1326 audit(1754257739.954:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12749 comm="syz.1.3002" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5aef38eb69 code=0x7fc00000 [ 122.539764][T12829] openvswitch: netlink: IPv6 tunnel dst address is zero [ 122.562366][T12832] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3041'. [ 122.567241][T12832] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3041'. [ 122.856099][T12870] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3060'. [ 122.966621][T12889] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3069'. [ 123.081037][T12905] netdevsim netdevsim5: Firmware load for '../file0/../file0/../file0' refused, path contains '..' component [ 123.118846][T12913] netlink: 84 bytes leftover after parsing attributes in process `syz.1.3078'. [ 123.131183][T12916] netlink: 'syz.2.3079': attribute type 1 has an invalid length. [ 123.137403][T12916] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3079'. [ 123.161269][ T40] audit: type=1400 audit(1754257740.704:500): avc: denied { write } for pid=12920 comm="syz.5.3082" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 123.205146][T12933] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes. [ 123.222083][ T40] audit: type=1400 audit(1754257740.764:501): avc: denied { map } for pid=12934 comm="syz.1.3089" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 123.229674][ T40] audit: type=1400 audit(1754257740.764:502): avc: denied { execute } for pid=12934 comm="syz.1.3089" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 123.295938][T12949] program syz.2.3094 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 123.333637][ T40] audit: type=1400 audit(1754257740.874:503): avc: denied { validate_trans } for pid=12954 comm="syz.2.3099" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 123.371048][T12965] 9pnet_fd: p9_fd_create_unix (12965): problem connecting socket: qY3aK: -91 [ 123.371339][ T40] audit: type=1400 audit(1754257740.914:504): avc: denied { mounton } for pid=12958 comm="syz.2.3101" path=2F3738332FE91F7189591E9233614B dev="tmpfs" ino=3972 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1 [ 123.386907][T12963] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 123.389531][T12963] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 123.392014][T12963] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 123.394527][T12963] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 123.397009][T12963] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 123.445280][ T6032] hid_parser_main: 156 callbacks suppressed [ 123.445293][ T6032] hid-generic 0000:0004:0009.0006: unknown main item tag 0x0 [ 123.449512][ T6032] hid-generic 0000:0004:0009.0006: unknown main item tag 0x0 [ 123.451900][ T6032] hid-generic 0000:0004:0009.0006: unknown main item tag 0x0 [ 123.455788][ T6032] hid-generic 0000:0004:0009.0006: hidraw1: HID v0.04 Device [syz0] on syz1 [ 123.481816][T12980] fido_id[12980]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 123.485367][T12982] sp0: Synchronizing with TNC [ 123.642528][ T838] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 123.792941][ T838] usb 6-1: Using ep0 maxpacket: 8 [ 123.795915][ T838] usb 6-1: config 0 has an invalid interface number: 55 but max is 0 [ 123.798532][ T838] usb 6-1: config 0 has no interface number 0 [ 123.800556][ T838] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 123.804344][ T838] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 123.808489][ T838] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 123.812114][ T838] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 123.816587][ T838] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 123.819484][ T838] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 123.825411][ T838] usb 6-1: config 0 descriptor?? [ 123.830692][ T838] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 123.873211][T13024] nbd: must specify at least one socket [ 124.038771][ T838] usb 6-1: USB disconnect, device number 5 [ 124.044908][ T838] ldusb 6-1:0.55: LD USB Device #0 now disconnected [ 125.384883][T13133] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3183'. [ 125.387810][T13133] net_ratelimit: 49 callbacks suppressed [ 125.387818][T13133] openvswitch: netlink: Invalid MD length 0 for MD type 0 [ 125.392612][T13133] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 125.412585][T13137] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3185'. [ 125.415341][T13137] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3185'. [ 125.498348][T13155] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 126.120855][ T40] kauditd_printk_skb: 4 callbacks suppressed [ 126.120866][ T40] audit: type=1400 audit(1754257743.664:509): avc: denied { read } for pid=13221 comm="syz.1.3225" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 126.260529][T13236] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 126.308203][T13244] program syz.2.3235 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 126.344705][T13248] genirq: Flags mismatch irq 4. 00200000 (pcl812) vs. 00200080 (ttyS0) [ 126.371938][T13254] CUSE: unknown device info "<5\z0z,~XY+A}sF'%:Ij!@QmߑRGQq 6*5p)x?," [ 126.386986][T13254] CUSE: unknown device info "&b%ZW)3\my " [ 126.389632][T13254] CUSE: unknown device info "ҭSmMi_0˱ݯ;q]{i79{0Եt~>VZ\.9OCU&qmsfkc"" [ 126.393217][T13257] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3242'. [ 126.395401][T13254] CUSE: DEVNAME unspecified [ 126.397111][T13257] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3242'. [ 126.401295][T13257] netlink: 'syz.3.3242': attribute type 11 has an invalid length. [ 126.405872][T13260] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3243'. [ 126.623079][ T40] audit: type=1326 audit(1754257744.174:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13303 comm="syz.2.3265" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f52ccf8eb69 code=0x0 [ 126.641450][T13310] program syz.5.3267 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 126.712524][ T40] audit: type=1400 audit(1754257744.254:511): avc: denied { write } for pid=13317 comm="syz.3.3272" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 126.759060][T13323] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 127.213450][T13374] netlink: 'syz.5.3298': attribute type 1 has an invalid length. [ 127.418069][T13396] "syz.5.3309" (13396) uses obsolete ecb(arc4) skcipher [ 127.481832][T13411] trusted_key: encrypted_key: key trusted:8sX not found [ 127.578641][T13424] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3321'. [ 127.583783][T13424] netlink: 5 bytes leftover after parsing attributes in process `syz.2.3321'. [ 127.682301][T13435] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3326'. [ 127.781216][T13444] netlink: 'syz.2.3330': attribute type 10 has an invalid length. [ 127.787133][T13444] batman_adv: batadv0: Adding interface: team0 [ 127.789126][T13444] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 127.796948][T13444] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 127.804082][T13444] netlink: 'syz.2.3330': attribute type 10 has an invalid length. [ 127.806483][T13444] netlink: 2 bytes leftover after parsing attributes in process `syz.2.3330'. [ 127.812190][T13444] team0: entered promiscuous mode [ 127.813954][T13444] team_slave_0: entered promiscuous mode [ 127.816963][T13444] 8021q: adding VLAN 0 to HW filter on device team0 [ 127.819225][T13444] batman_adv: batadv0: Interface activated: team0 [ 127.821301][T13444] batman_adv: batadv0: Interface deactivated: team0 [ 127.823611][T13444] batman_adv: batadv0: Removing interface: team0 [ 127.826407][T13444] bridge0: port 3(team0) entered blocking state [ 127.828442][T13444] bridge0: port 3(team0) entered disabled state [ 127.830443][T13444] team0: entered allmulticast mode [ 127.832047][T13444] team_slave_0: entered allmulticast mode [ 127.835374][T13444] bridge0: port 3(team0) entered blocking state [ 127.838253][T13444] bridge0: port 3(team0) entered forwarding state [ 127.916403][ T40] audit: type=1400 audit(1754257745.464:512): avc: denied { bind } for pid=13453 comm="syz.2.3335" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 127.922342][ T40] audit: type=1400 audit(1754257745.464:513): avc: denied { name_bind } for pid=13453 comm="syz.2.3335" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 127.931732][ T40] audit: type=1400 audit(1754257745.464:514): avc: denied { node_bind } for pid=13453 comm="syz.2.3335" saddr=172.20.20.170 src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1 [ 127.970642][T13468] netlink: 'syz.3.3342': attribute type 30 has an invalid length. [ 128.005476][T13474] mkiss: ax0: crc mode is auto. [ 128.028438][ T40] audit: type=1400 audit(1754257745.574:515): avc: denied { create } for pid=13475 comm="syz.3.3346" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 128.035122][ T40] audit: type=1400 audit(1754257745.584:516): avc: denied { write } for pid=13475 comm="syz.3.3346" name="file0" dev="tmpfs" ino=3663 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 128.041996][ T40] audit: type=1400 audit(1754257745.584:517): avc: denied { open } for pid=13475 comm="syz.3.3346" path="/721/file0" dev="tmpfs" ino=3663 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 128.049297][ T40] audit: type=1400 audit(1754257745.584:518): avc: denied { ioctl } for pid=13475 comm="syz.3.3346" path="/721/file0" dev="tmpfs" ino=3663 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 128.151380][T13499] sp0: Synchronizing with TNC [ 128.490194][T13559] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 128.495201][T13559] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 128.510942][T13556] bridge0: port 2(bridge_slave_1) entered disabled state [ 128.616793][T13582] mkiss: ax0: crc mode is auto. [ 128.751086][T13607] netlink: 'syz.1.3409': attribute type 23 has an invalid length. [ 128.913597][T13642] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4) [ 128.915657][T13642] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 128.918078][T13642] vhci_hcd vhci_hcd.0: Device attached [ 128.922329][T13643] vhci_hcd: connection closed [ 128.924597][ T1066] vhci_hcd: stop threads [ 128.927618][ T1066] vhci_hcd: release socket [ 128.929116][ T1066] vhci_hcd: disconnect device [ 129.475817][T13688] netlink: zone id is out of range [ 129.490649][T13688] netlink: set zone limit has 4 unknown bytes [ 129.594991][T13711] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes. [ 129.705306][T13732] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes. [ 129.711532][T13734] support for cryptoloop has been removed. Use dm-crypt instead. [ 129.823941][T13749] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 129.826037][T13749] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 129.828441][T13749] vhci_hcd vhci_hcd.0: Device attached [ 129.831872][T13750] usbip_core: unknown command [ 129.834374][T13750] vhci_hcd: unknown pdu 0 [ 129.835838][T13750] usbip_core: unknown command [ 129.838372][ T46] vhci_hcd: stop threads [ 129.839794][ T46] vhci_hcd: release socket [ 129.841231][ T46] vhci_hcd: disconnect device [ 130.125128][T13791] program syz.5.3495 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 130.500360][T13811] ptrace attach of "/syz-executor exec"[5963] was attempted by " b\x0a\x0c ! \x07    ?j}6ٱĞ Dl\x0a9:$VQ\x09d'ZbWzr‘Q``V\x5c4fL\x0a6\x0az^k`q0ȟ [ 130.548977][T13815] hub 9-0:1.0: USB hub found [ 130.576588][ C2] vkms_vblank_simulate: vblank timer overrun [ 130.580699][T13815] hub 9-0:1.0: 1 port detected [ 130.660946][T13822] "syz.2.3509" (13822) uses obsolete ecb(arc4) skcipher [ 131.185140][T13881] fuse: blksize only supported for fuseblk [ 131.225853][ T40] kauditd_printk_skb: 10 callbacks suppressed [ 131.225865][ T40] audit: type=1400 audit(2000000003.099:529): avc: denied { firmware_load } for pid=13886 comm="syz.1.3540" path="/lib/firmware/regulatory.db" dev="sda1" ino=448 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1 [ 131.246935][T13887] syz.1.3540 (13887) used greatest stack depth: 19576 bytes left [ 131.422405][T13909] __nla_validate_parse: 6 callbacks suppressed [ 131.422417][T13909] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3550'. [ 131.427261][T13909] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3550'. [ 131.431484][ T5970] Bluetooth: Unknown BR/EDR signaling command 0x0e [ 131.433972][ T5970] Bluetooth: Wrong link type (-22) [ 131.734213][ T29] usb 10-1: new high-speed USB device number 2 using dummy_hcd [ 131.847831][ T40] audit: type=1400 audit(2000000003.719:530): avc: denied { write } for pid=13951 comm="syz.3.3571" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 131.877945][ T40] audit: type=1400 audit(2000000003.749:531): avc: denied { getopt } for pid=13942 comm="syz.1.3567" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 131.883574][ T29] usb 10-1: Using ep0 maxpacket: 32 [ 131.887833][ T29] usb 10-1: config index 0 descriptor too short (expected 35577, got 27) [ 131.890535][ T29] usb 10-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 131.893431][ T29] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 131.896288][ T29] usb 10-1: config 1 has no interface number 0 [ 131.898283][ T29] usb 10-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 131.901652][ T29] usb 10-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 131.905894][ T29] usb 10-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 131.908743][ T29] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 131.915677][ T29] snd_usb_pod 10-1:1.1: Line 6 Pocket POD found [ 132.000368][ T40] audit: type=1400 audit(2000000003.869:532): avc: denied { read } for pid=13964 comm="syz.1.3576" name="file0" dev="9p" ino=35913836 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 132.095075][T13976] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3582'. [ 132.098179][T13976] openvswitch: netlink: nsh attr 0 has unexpected len 4 expected 0 [ 132.100625][T13976] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 132.109534][T13978] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3579'. [ 132.190159][T13996] bond_slave_0: entered promiscuous mode [ 132.192137][T13996] bond_slave_1: entered promiscuous mode [ 132.197104][T13996] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 132.200390][T13996] bond_slave_0: left promiscuous mode [ 132.202158][T13996] bond_slave_1: left promiscuous mode [ 132.301954][T14010] program syz.2.3597 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 132.308151][T13987] Process accounting resumed [ 132.308292][ T60] Process accounting resumed [ 132.354617][T14022] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3603'. [ 132.449253][T14032] genirq: Flags mismatch irq 31. 00200000 (comedi_parport) vs. 00200000 (virtio0-cursor) [ 132.483386][T14038] openvswitch: netlink: Duplicate key (type 0). [ 132.505811][ T1423] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.673426][ T839] hid-generic 0792:10000:0097.0007: item fetching failed at offset 5/6 [ 132.676351][ T839] hid-generic 0792:10000:0097.0007: probe with driver hid-generic failed with error -22 [ 132.730768][ T40] audit: type=1400 audit(2000000004.599:533): avc: denied { name_connect } for pid=14087 comm="syz.2.3634" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1 [ 133.202522][ T840] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 133.354603][ T840] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 133.357332][ T840] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 133.360489][ T840] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 133.363385][ T840] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 133.366747][ T840] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 133.371368][ T840] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 133.374359][ T840] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 133.376881][ T840] usb 6-1: Product: syz [ 133.378198][ T840] usb 6-1: Manufacturer: syz [ 133.382961][ T840] cdc_wdm 6-1:1.0: skipping garbage [ 133.385397][ T840] cdc_wdm 6-1:1.0: skipping garbage [ 133.388931][ T840] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 133.390789][ T840] cdc_wdm 6-1:1.0: Unknown control protocol [ 133.588519][ T40] audit: type=1400 audit(2000000005.459:534): avc: denied { read write } for pid=14120 comm="syz.1.3649" name="cdc-wdm0" dev="devtmpfs" ino=2983 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:modem_device_t tclass=chr_file permissive=1 [ 133.596315][ T40] audit: type=1400 audit(2000000005.459:535): avc: denied { open } for pid=14120 comm="syz.1.3649" path="/dev/cdc-wdm0" dev="devtmpfs" ino=2983 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:modem_device_t tclass=chr_file permissive=1 [ 133.936390][T14162] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3668'. [ 133.966186][ T40] audit: type=1400 audit(2000000005.839:536): avc: denied { getopt } for pid=14165 comm="syz.3.3670" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 134.396740][T14196] CIFS: Unable to determine destination address [ 134.513150][ T29] snd_usb_pod 10-1:1.1: set_interface failed [ 134.515946][ T29] snd_usb_pod 10-1:1.1: Line 6 Pocket POD now disconnected [ 134.518449][ T29] snd_usb_pod 10-1:1.1: probe with driver snd_usb_pod failed with error -71 [ 134.530417][ T29] usb 10-1: USB disconnect, device number 2 [ 134.773507][T14227] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3698'. [ 134.776711][T14227] netlink: 'syz.5.3698': attribute type 1 has an invalid length. [ 134.779346][T14227] nbd: error processing sock list [ 134.931996][ T40] audit: type=1400 audit(2000000006.799:537): avc: denied { accept } for pid=14246 comm="syz.5.3707" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 134.938025][ T40] audit: type=1400 audit(2000000006.809:538): avc: denied { write } for pid=14246 comm="syz.5.3707" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 135.784167][T14290] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3727'. [ 135.819087][T14294] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 135.972808][ T8673] usb 6-1: USB disconnect, device number 6 [ 136.041050][T14318] openvswitch: netlink: Tunnel attr 16370 out of range max 16 [ 136.219773][T14345] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input7 [ 136.239240][T14349] kvm: kvm [14348]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010015) = 0xf6a7 [ 136.343930][ T40] kauditd_printk_skb: 5 callbacks suppressed [ 136.343940][ T40] audit: type=1326 audit(2000000008.219:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14368 comm="syz.2.3763" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52ccf8eb69 code=0x7ffc0000 [ 136.356133][ T40] audit: type=1326 audit(2000000008.219:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14368 comm="syz.2.3763" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52ccf8eb69 code=0x7ffc0000 [ 136.363373][ T40] audit: type=1326 audit(2000000008.229:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14368 comm="syz.2.3763" exe="/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f52ccf8eb69 code=0x7ffc0000 [ 136.370476][ T40] audit: type=1326 audit(2000000008.229:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14368 comm="syz.2.3763" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52ccf8eb69 code=0x7ffc0000 [ 136.377842][ T40] audit: type=1326 audit(2000000008.229:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14368 comm="syz.2.3763" exe="/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f52ccf8eb69 code=0x7ffc0000 [ 136.384994][ T40] audit: type=1326 audit(2000000008.229:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14368 comm="syz.2.3763" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52ccf8eb69 code=0x7ffc0000 [ 136.391984][ T40] audit: type=1326 audit(2000000008.229:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14368 comm="syz.2.3763" exe="/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f52ccf8eb69 code=0x7ffc0000 [ 136.400221][ T40] audit: type=1326 audit(2000000008.229:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14368 comm="syz.2.3763" exe="/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000 [ 136.407925][ T40] audit: type=1326 audit(2000000008.229:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14368 comm="syz.2.3763" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52ccf8eb69 code=0x7ffc0000 [ 136.435327][T14379] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3768'. [ 136.442334][T14383] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3770'. [ 137.243923][T14449] batadv_slave_0: entered promiscuous mode [ 137.246635][T14449] batadv_slave_0: left promiscuous mode [ 137.308967][ T40] audit: type=1400 audit(2000000009.179:553): avc: denied { read write } for pid=14458 comm="syz.1.3806" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 137.701791][T14505] netlink: 256 bytes leftover after parsing attributes in process `syz.1.3828'. [ 137.882961][T14526] netlink: 'syz.1.3838': attribute type 1 has an invalid length. [ 137.885405][T14526] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 138.294676][T14569] netlink: 68 bytes leftover after parsing attributes in process `syz.2.3859'. [ 138.297652][T14569] netem: invalid attributes len -21 [ 138.299330][T14569] netem: change failed [ 138.525896][T14591] MPI: mpi too large (16392 bits) [ 138.622736][ T8673] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 138.777513][ T8673] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 138.780535][ T8673] usb 7-1: config 0 interface 0 has no altsetting 0 [ 138.785784][ T8673] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 138.788602][ T8673] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 138.791139][ T8673] usb 7-1: Product: syz [ 138.792837][ T8673] usb 7-1: Manufacturer: syz [ 138.794300][ T8673] usb 7-1: SerialNumber: syz [ 138.802934][ T8673] usb 7-1: config 0 descriptor?? [ 138.807764][ T8673] usb 7-1: selecting invalid altsetting 0 [ 138.854418][ T5375] udevd[5375]: worker [12674] terminated by signal 33 (Unknown signal 33) [ 138.857083][ T5375] udevd[5375]: worker [12674] failed while handling '/devices/platform/dummy_hcd.2/usb7/7-1' [ 139.027800][ T838] usb 7-1: USB disconnect, device number 4 [ 139.086677][T14646] input: syz1 as /devices/virtual/input/input10 [ 139.088699][T14646] input: failed to attach handler leds to device input10, error: -6 [ 139.119742][T14648] openvswitch: netlink: VXLAN extension message has 1 unknown bytes. [ 139.194260][T14654] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3898'. [ 139.676825][T14668] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 2 [ 139.680192][ T13] Bluetooth: hci4: Frame reassembly failed (-84) [ 140.018125][T14689] overlayfs: missing 'workdir' [ 140.150682][T14699] netlink: 'syz.2.3919': attribute type 2 has an invalid length. [ 140.188427][T14701] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3920'. [ 140.307290][T14713] SELinux: security_context_str_to_sid () failed with errno=-22 [ 140.482190][T14746] Context (ID=0x0) not attached to queue pair (handle=0x4d9:0x0) [ 140.508461][T14750] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3944'. [ 140.763511][T14786] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 140.766024][T14786] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 140.770767][ C2] IPv4: Oversized IP packet from 172.20.20.24 [ 140.822955][ T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 140.826442][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 140.832863][ T6032] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 140.835588][ C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 140.961069][T14804] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 141.051240][ T5966] Bluetooth: hci3: link tx timeout [ 141.057778][ T5966] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 141.070889][ T5966] Bluetooth: hci3: link tx timeout [ 141.072951][ T5966] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 141.414969][ T40] kauditd_printk_skb: 13 callbacks suppressed [ 141.414980][ T40] audit: type=1400 audit(2000000013.289:567): avc: denied { lock } for pid=14836 comm="syz.2.3980" path=2F7365637265746D656D202864656C6574656429 dev="secretmem" ino=45254 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 141.425723][ T40] audit: type=1400 audit(2000000013.289:568): avc: denied { open } for pid=14836 comm="syz.2.3980" path=2F7365637265746D656D202864656C6574656429 dev="secretmem" ino=45254 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 141.461898][T14841] input: syz0 as /devices/virtual/input/input11 [ 141.516149][ T40] audit: type=1400 audit(2000000013.389:569): avc: denied { create } for pid=14851 comm="syz.2.3987" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 141.523526][ T40] audit: type=1400 audit(2000000013.389:570): avc: denied { getopt } for pid=14851 comm="syz.2.3987" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 141.549892][T14860] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 141.551818][T14860] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 141.556288][T14860] vhci_hcd vhci_hcd.0: Device attached [ 141.564362][T14862] usbip_core: unknown command [ 141.565774][T14862] vhci_hcd: unknown pdu 0 [ 141.567363][T14862] usbip_core: unknown command [ 141.569509][ T1066] vhci_hcd: stop threads [ 141.570900][ T1066] vhci_hcd: release socket [ 141.572420][ T1066] vhci_hcd: disconnect device [ 141.577268][T14867] support for cryptoloop has been removed. Use dm-crypt instead. [ 141.702590][ T5966] Bluetooth: hci4: command 0x1003 tx timeout [ 141.704829][ T5970] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 141.866098][T14910] fuse: blksize only supported for fuseblk [ 142.140699][T14938] "syz.3.4027" (14938) uses obsolete ecb(arc4) skcipher [ 142.198290][T14949] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4031'. [ 142.201108][T14949] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4031'. [ 142.257442][ T5970] Bluetooth: Unknown BR/EDR signaling command 0x0e [ 142.261100][ T5970] Bluetooth: Wrong link type (-22) [ 142.520816][T15009] fuse: blksize only supported for fuseblk [ 142.704088][T15030] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4070'. [ 142.707539][T15030] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4070'. [ 142.764808][ T5970] Bluetooth: Unknown BR/EDR signaling command 0x0e [ 142.767481][ T5970] Bluetooth: Wrong link type (-22) [ 142.792728][T15041] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4075'. [ 143.144297][ T5970] Bluetooth: hci3: command 0x0406 tx timeout [ 143.243363][T15105] genirq: Flags mismatch irq 31. 00200000 (comedi_parport) vs. 00200000 (virtio0-cursor) [ 143.382651][ T29] net_ratelimit: 10 callbacks suppressed [ 143.382664][ T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 143.450351][T15116] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 2 [ 144.032877][ T838] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 144.053499][ T29] hid-generic 0792:10000:0097.0008: item fetching failed at offset 5/6 [ 144.056309][ T29] hid-generic 0792:10000:0097.0008: probe with driver hid-generic failed with error -22 [ 144.101817][T15145] Context (ID=0x0) not attached to queue pair (handle=0x4dd:0x0) [ 144.284401][T15169] program syz.1.4140 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 144.421845][ T6050] Process accounting resumed [ 144.424453][ T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 144.432282][T15186] Process accounting resumed [ 144.546332][T15206] bond_slave_0: entered promiscuous mode [ 144.549139][T15206] bond_slave_1: entered promiscuous mode [ 144.551932][T15206] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 144.557558][T15206] bond_slave_0: left promiscuous mode [ 144.559173][T15206] bond_slave_1: left promiscuous mode [ 144.565418][ T40] audit: type=1400 audit(2000000016.439:571): avc: denied { create } for pid=15207 comm="syz.2.4151" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 144.701822][ T6050] Process accounting resumed [ 144.712784][T15219] Process accounting resumed [ 145.462676][ T5970] Bluetooth: hci4: command 0x1003 tx timeout [ 145.462702][ T5325] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 145.464882][ T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 145.734384][ T40] audit: type=1400 audit(2000000017.609:572): avc: denied { write } for pid=15303 comm="syz.1.4198" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 145.737777][T15304] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4198'. [ 145.740105][ T40] audit: type=1400 audit(2000000017.609:573): avc: denied { nlmsg_write } for pid=15303 comm="syz.1.4198" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 146.146175][T15367] CIFS: Unable to determine destination address [ 146.234466][T15381] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4234'. [ 146.238160][T15381] netlink: 'syz.2.4234': attribute type 1 has an invalid length. [ 146.241179][T15381] nbd: error processing sock list [ 146.334164][T15398] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 146.505655][ T839] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 147.233684][T15436] openvswitch: netlink: Tunnel attr 16370 out of range max 16 [ 147.542846][ T839] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 147.872602][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 147.875264][ C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 148.347706][ T40] audit: type=1326 audit(2000000020.219:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15473 comm="syz.5.4276" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d3c58eb69 code=0x7ffc0000 [ 148.355014][ T40] audit: type=1326 audit(2000000020.219:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15473 comm="syz.5.4276" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d3c58eb69 code=0x7ffc0000 [ 148.362944][ T40] audit: type=1326 audit(2000000020.219:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15473 comm="syz.5.4276" exe="/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f9d3c58eb69 code=0x7ffc0000 [ 148.369998][ T40] audit: type=1326 audit(2000000020.219:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15473 comm="syz.5.4276" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d3c58eb69 code=0x7ffc0000 [ 148.377062][ T40] audit: type=1326 audit(2000000020.219:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15473 comm="syz.5.4276" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d3c58eb69 code=0x7ffc0000 [ 148.384439][ T40] audit: type=1326 audit(2000000020.219:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15473 comm="syz.5.4276" exe="/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f9d3c58eb69 code=0x7ffc0000 [ 148.391427][ T40] audit: type=1326 audit(2000000020.219:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15473 comm="syz.5.4276" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d3c58eb69 code=0x7ffc0000 [ 148.399136][ T40] audit: type=1326 audit(2000000020.219:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15473 comm="syz.5.4276" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d3c58eb69 code=0x7ffc0000 [ 148.406204][ T40] audit: type=1326 audit(2000000020.219:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15473 comm="syz.5.4276" exe="/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f9d3c58eb69 code=0x7ffc0000 [ 148.413315][ T40] audit: type=1326 audit(2000000020.219:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15473 comm="syz.5.4276" exe="/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000 [ 148.584344][ T839] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 149.095449][T15477] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4277'. [ 149.119499][T15479] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4278'. [ 149.253654][T15505] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4289'. [ 149.428247][T15511] kvm: kvm [15510]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010015) = 0xf6a7 [ 149.622975][ T839] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 150.602584][ T34] usb 10-1: new high-speed USB device number 3 using dummy_hcd [ 150.665819][ T839] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 150.753778][ T34] usb 10-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 150.757379][ T34] usb 10-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 150.761398][ T34] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 150.766767][ T34] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 150.771092][ T34] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 150.777734][ T34] usb 10-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 150.781347][ T34] usb 10-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 150.784791][ T34] usb 10-1: Product: syz [ 150.786553][ T34] usb 10-1: Manufacturer: syz [ 150.791873][ T34] cdc_wdm 10-1:1.0: skipping garbage [ 150.794605][ T34] cdc_wdm 10-1:1.0: skipping garbage [ 150.797427][ T34] cdc_wdm 10-1:1.0: cdc-wdm0: USB WDM device [ 150.799837][ T34] cdc_wdm 10-1:1.0: Unknown control protocol [ 150.996262][ T34] usb 10-1: USB disconnect, device number 3 [ 151.703440][ T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 151.928694][T15647] batadv_slave_0: entered promiscuous mode [ 151.932229][T15647] batadv_slave_0: left promiscuous mode [ 152.079697][T15673] input: syz1 as /devices/virtual/input/input13 [ 152.081944][T15673] input: failed to attach handler leds to device input13, error: -6 [ 152.125525][T15681] openvswitch: netlink: VXLAN extension message has 1 unknown bytes. [ 152.468551][T15724] MPI: mpi too large (16392 bits) [ 152.788607][T15767] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 2 [ 152.793461][ T71] Bluetooth: hci4: Frame reassembly failed (-84) [ 152.894233][T15776] overlayfs: missing 'workdir' [ 152.923834][T15780] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4417'. [ 153.034410][T15790] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4423'. [ 154.267672][ C3] IPv4: Oversized IP packet from 172.20.20.24 [ 154.325066][T15908] input: syz0 as /devices/virtual/input/input14 [ 154.425410][ C0] IPv4: Oversized IP packet from 172.20.20.24 [ 154.822530][ T5325] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 154.822618][ T5966] Bluetooth: hci4: command 0x1003 tx timeout [ 154.859699][T15935] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4486'. [ 154.885349][T15939] netlink: 'syz.1.4487': attribute type 2 has an invalid length. [ 154.911145][T15941] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4488'. [ 154.934921][T15943] SELinux: security_context_str_to_sid () failed with errno=-22 [ 154.998538][T15957] netlink: 'syz.3.4501': attribute type 2 has an invalid length. [ 155.035876][T15965] netlink: 36 bytes leftover after parsing attributes in process `syz.5.4503'. [ 155.074585][ T40] kauditd_printk_skb: 14 callbacks suppressed [ 155.074595][ T40] audit: type=1326 audit(2000000026.949:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15973 comm="syz.1.4508" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5aef38eb69 code=0x0 [ 155.117147][T15978] netlink: 'syz.3.4510': attribute type 12 has an invalid length. [ 155.119808][T15978] netlink: 120 bytes leftover after parsing attributes in process `syz.3.4510'. [ 155.968793][T16006] netlink: 292 bytes leftover after parsing attributes in process `syz.1.4524'. [ 156.131969][T16033] sch_tbf: peakrate 5120 is lower than or equals to rate 4294927007 ! [ 156.282317][T16055] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4547'. [ 156.331456][T16063] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 156.336112][T16067] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4553'. [ 156.371474][ T40] audit: type=1400 audit(2000000028.239:599): avc: denied { read } for pid=16072 comm="syz.2.4555" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 156.566245][T16102] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4570'. [ 156.682220][T16128] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4583'. [ 156.750783][T16138] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4595'. [ 156.960690][T16165] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 157.010682][ T40] audit: type=1326 audit(2000000028.879:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16172 comm="syz.5.4605" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9d3c58eb69 code=0x0 [ 158.026760][T16197] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 158.097952][T16197] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 158.109557][T16207] tap0: tun_chr_ioctl cmd 1074025675 [ 158.111243][T16207] tap0: persist enabled [ 158.188263][T16197] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 158.274096][T16197] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 158.372029][ T40] audit: type=1400 audit(2000000030.239:601): avc: denied { bind } for pid=16220 comm="syz.3.4628" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 158.427853][ T13] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 158.436182][ T13] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 158.450127][ T13] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 158.452958][ T12] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 158.553250][T16241] tap0: tun_chr_ioctl cmd 1074025676 [ 158.555084][T16241] tap0: owner set to 27 [ 158.573840][T16235] nbd1: detected capacity change from 0 to 549764202496 [ 158.577433][ T5325] block nbd1: Receive control failed (result -32) [ 158.606097][T16249] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes. [ 158.673547][ T40] audit: type=1400 audit(2000000030.549:602): avc: denied { map } for pid=16259 comm="syz.5.4647" path="socket:[50573]" dev="sockfs" ino=50573 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1 [ 158.778650][T16280] tap0: tun_chr_ioctl cmd 1074025676 [ 158.780467][T16280] tap0: owner set to 27 [ 158.892575][T16279] nbd2: detected capacity change from 0 to 549764202496 [ 158.897821][ T5325] block nbd2: Receive control failed (result -32) [ 159.044681][T16318] tap1: tun_chr_ioctl cmd 1074025676 [ 159.046382][T16318] tap1: owner set to 27 [ 159.082735][T16305] nbd3: detected capacity change from 0 to 549764202496 [ 159.087995][ T5325] block nbd3: Receive control failed (result -32) [ 159.199651][T16333] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes. [ 159.250420][T16344] 9p: Unknown uid 00000000004294967295 [ 159.399423][T16359] bridge0: port 2(bridge_slave_1) entered disabled state [ 159.408300][T16364] syz.5.4706: attempt to access beyond end of device [ 159.408300][T16364] nbd5: rw=0, sector=64, nr_sectors = 1 limit=0 [ 159.414331][T16364] syz.5.4706: attempt to access beyond end of device [ 159.414331][T16364] nbd5: rw=0, sector=256, nr_sectors = 1 limit=0 [ 159.418756][T16364] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256 [ 159.421816][T16364] syz.5.4706: attempt to access beyond end of device [ 159.421816][T16364] nbd5: rw=0, sector=512, nr_sectors = 1 limit=0 [ 159.426868][T16364] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512 [ 159.429747][T16368] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes. [ 159.434495][T16364] syz.5.4706: attempt to access beyond end of device [ 159.434495][T16364] nbd5: rw=0, sector=64, nr_sectors = 2 limit=0 [ 159.438562][T16364] syz.5.4706: attempt to access beyond end of device [ 159.438562][T16364] nbd5: rw=0, sector=512, nr_sectors = 2 limit=0 [ 159.442958][T16364] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256 [ 159.445938][T16364] syz.5.4706: attempt to access beyond end of device [ 159.445938][T16364] nbd5: rw=0, sector=1024, nr_sectors = 2 limit=0 [ 159.449892][T16364] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512 [ 159.453589][T16364] syz.5.4706: attempt to access beyond end of device [ 159.453589][T16364] nbd5: rw=0, sector=64, nr_sectors = 4 limit=0 [ 159.457581][T16364] syz.5.4706: attempt to access beyond end of device [ 159.457581][T16364] nbd5: rw=0, sector=1024, nr_sectors = 4 limit=0 [ 159.461540][T16364] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256 [ 159.465051][T16364] syz.5.4706: attempt to access beyond end of device [ 159.465051][T16364] nbd5: rw=0, sector=2048, nr_sectors = 4 limit=0 [ 159.469605][T16364] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512 [ 159.473320][T16364] syz.5.4706: attempt to access beyond end of device [ 159.473320][T16364] nbd5: rw=0, sector=64, nr_sectors = 8 limit=0 [ 159.478941][T16364] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256 [ 159.482050][T16364] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512 [ 159.485513][T16364] UDF-fs: warning (device nbd5): udf_fill_super: No partition found (1) [ 159.513585][T16374] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 159.538992][ T40] audit: type=1400 audit(2000000031.409:603): avc: denied { getopt } for pid=16378 comm="syz.2.4702" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 160.372860][ T6011] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 160.497161][T16438] loop9: detected capacity change from 0 to 8 [ 160.501115][T16438] Dev loop9: unable to read RDB block 8 [ 160.504708][T16438] loop9: unable to read partition table [ 160.506573][T16438] loop9: partition table beyond EOD, truncated [ 160.512093][T16438] loop_reread_partitions: partition scan of loop9 (被x ) failed (rc=-5) [ 160.536403][ T6011] usb 7-1: config 0 has no interfaces? [ 160.538128][ T6011] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 160.540860][ T6011] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 160.544764][ T6011] usb 7-1: config 0 descriptor?? [ 160.557453][T16445] __nla_validate_parse: 13 callbacks suppressed [ 160.557463][T16445] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4735'. [ 160.563548][T16445] bridge0: port 2(bridge_slave_1) entered disabled state [ 160.587610][T16449] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.621292][T16455] 9p: Unknown uid 00000000004294967295 [ 160.666626][T16449] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.750387][ T839] usb 7-1: USB disconnect, device number 5 [ 160.774911][T16449] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.833474][T16449] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.903297][ T12] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.910813][ T12] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.918230][ T1179] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.925769][ T1179] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.997400][T16475] block nbd1: Dead connection, failed to find a fallback [ 160.999554][T16475] block nbd1: shutting down sockets [ 161.001215][T16475] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 161.004910][T16475] Buffer I/O error on dev nbd1, logical block 0, async page read [ 161.007791][T16475] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 161.010908][T16475] Buffer I/O error on dev nbd1, logical block 0, async page read [ 161.014028][T16475] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 161.016878][T16475] Buffer I/O error on dev nbd1, logical block 0, async page read [ 161.019596][T16475] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 161.024198][T16475] Buffer I/O error on dev nbd1, logical block 0, async page read [ 161.026796][T16475] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 161.029685][T16475] Buffer I/O error on dev nbd1, logical block 0, async page read [ 161.032154][T16475] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 161.036868][T16475] Buffer I/O error on dev nbd1, logical block 0, async page read [ 161.039384][T16475] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 161.042270][T16475] Buffer I/O error on dev nbd1, logical block 0, async page read [ 161.044790][T16475] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 161.047637][T16475] Buffer I/O error on dev nbd1, logical block 0, async page read [ 161.050075][T16475] ldm_validate_partition_table(): Disk read failed. [ 161.052155][T16475] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 161.055110][T16475] Buffer I/O error on dev nbd1, logical block 0, async page read [ 161.057625][T16475] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 161.060408][T16475] Buffer I/O error on dev nbd1, logical block 0, async page read [ 161.063422][T16475] Dev nbd1: unable to read RDB block 0 [ 161.065559][T16475] nbd1: unable to read partition table [ 161.070362][T16482] ldm_validate_partition_table(): Disk read failed. [ 161.073003][T16482] Dev nbd1: unable to read RDB block 0 [ 161.075564][T16482] nbd1: unable to read partition table [ 161.077908][T16482] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 161.080965][T16482] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=0, location=0 [ 161.084059][T16482] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=1, location=1 [ 161.087042][T16482] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 161.090416][T16482] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 161.094052][T16482] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=0, location=0 [ 161.096924][T16482] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=1, location=1 [ 161.100089][T16482] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 161.103592][T16482] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 161.106715][T16482] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=0, location=0 [ 161.109604][T16482] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=1, location=1 [ 161.112810][T16482] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 161.115720][T16482] UDF-fs: warning (device nbd1): udf_fill_super: No partition found (1) [ 161.198692][T16494] loop9: detected capacity change from 0 to 8 [ 161.201123][T16494] Dev loop9: unable to read RDB block 8 [ 161.203651][T16494] loop9: unable to read partition table [ 161.205414][T16494] loop9: partition table beyond EOD, truncated [ 161.207174][T16494] loop_reread_partitions: partition scan of loop9 (被x ) failed (rc=-5) [ 161.305080][T16504] block nbd2: Dead connection, failed to find a fallback [ 161.307467][T16504] block nbd2: shutting down sockets [ 161.310552][T16504] ldm_validate_partition_table(): Disk read failed. [ 161.313070][T16504] Dev nbd2: unable to read RDB block 0 [ 161.315022][T16504] nbd2: unable to read partition table [ 161.320124][T16504] ldm_validate_partition_table(): Disk read failed. [ 161.322535][T16504] Dev nbd2: unable to read RDB block 0 [ 161.324633][T16504] nbd2: unable to read partition table [ 161.327681][T16504] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 161.330700][T16504] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=0, location=0 [ 161.334116][T16504] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=1, location=1 [ 161.336899][T16504] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 161.339937][T16504] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 161.343059][T16504] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=0, location=0 [ 161.345677][T16504] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=1, location=1 [ 161.348303][T16504] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 161.351239][T16504] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 161.354074][T16504] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=0, location=0 [ 161.356694][T16504] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=1, location=1 [ 161.359305][T16504] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 161.361949][T16504] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1) [ 161.772775][ T6011] usb 6-1: new full-speed USB device number 7 using dummy_hcd [ 161.924877][ T6011] usb 6-1: config 1 interface 0 altsetting 93 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 161.928891][ T6011] usb 6-1: config 1 interface 0 has no altsetting 0 [ 161.932336][ T6011] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 161.935194][ T6011] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 161.937654][ T6011] usb 6-1: SerialNumber: syz [ 162.144535][ T6011] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -71 [ 162.150859][ T6011] usb 6-1: USB disconnect, device number 7 [ 163.615088][T16588] sp0: Synchronizing with TNC [ 164.572836][ T838] usb 10-1: new full-speed USB device number 4 using dummy_hcd [ 164.724130][ T838] usb 10-1: config 1 interface 0 altsetting 93 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 164.728241][ T838] usb 10-1: config 1 interface 0 has no altsetting 0 [ 164.731111][ T838] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 164.734273][ T838] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 164.736781][ T838] usb 10-1: SerialNumber: syz [ 164.946604][ T838] cdc_ether 10-1:1.0: probe with driver cdc_ether failed with error -71 [ 164.952250][ T838] usb 10-1: USB disconnect, device number 4 [ 165.166896][T16684] overlay: filesystem on ./bus not supported [ 165.492804][T16695] loop6: detected capacity change from 0 to 524288000 [ 165.552561][T16695] support for the xor transformation has been removed. [ 165.600166][T16709] overlay: filesystem on ./bus not supported [ 166.675423][T16737] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4873'. [ 166.744502][T16743] kvm: kvm [16742]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x40000060) = 0x0 [ 166.928998][T16767] kvm: kvm [16764]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x40000060) = 0x0 [ 166.978622][T16769] loop6: detected capacity change from 0 to 524288000 [ 167.063063][T16769] support for the xor transformation has been removed. [ 168.844790][T16815] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4911'. [ 168.939391][T16832] input: syz0 as /devices/virtual/input/input15 [ 168.939622][ T40] audit: type=1400 audit(2000000040.809:604): avc: denied { map } for pid=16831 comm="syz.1.4919" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 168.951154][ T40] audit: type=1400 audit(2000000040.809:605): avc: denied { execute } for pid=16831 comm="syz.1.4919" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 168.994114][T16837] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 169.302499][ T40] audit: type=1400 audit(2000000041.169:606): avc: denied { ioctl } for pid=16869 comm="syz.2.4937" path="/dev/nullb0" dev="devtmpfs" ino=707 ioctlcmd=0x127f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 169.512074][T16895] input: syz0 as /devices/virtual/input/input16 [ 169.844687][T16919] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4968'. [ 170.059984][T16946] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4971'. [ 170.179944][T16974] 8021q: VLANs not supported on gre0 [ 170.323214][T16994] netlink: 52 bytes leftover after parsing attributes in process `syz.5.4993'. [ 170.326021][T16994] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4993'. [ 170.368009][T17001] sg_write: process 2967 (syz.1.4999) changed security contexts after opening file descriptor, this is not allowed. [ 170.425350][T17010] 8021q: VLANs not supported on gre0 [ 170.429510][ T5325] Bluetooth: hci2: command 0x0406 tx timeout [ 170.430711][ T5972] Bluetooth: hci1: command 0x0406 tx timeout [ 170.545734][T17018] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 170.685219][ T40] audit: type=1400 audit(2000000042.559:607): avc: denied { mounton } for pid=17023 comm="syz.1.5017" path="/1435/file0" dev="configfs" ino=3098 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 170.738650][T17029] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 170.766487][T17033] 8021q: adding VLAN 0 to HW filter on device bond1 [ 170.769763][T17033] bond0: (slave bond1): Enslaving as an active interface with an up link [ 171.166404][T17043] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5024'. [ 171.169960][T17043] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5024'. [ 171.630191][T17075] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5034'. [ 171.707008][T17084] netlink: 52 bytes leftover after parsing attributes in process `syz.1.5035'. [ 171.709828][T17084] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5035'. [ 171.751009][T17088] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5039'. [ 171.754760][T17088] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5039'. [ 172.263329][ T5970] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 172.263637][ T5972] Bluetooth: hci4: command 0x1003 tx timeout [ 172.395174][T17109] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5049'. [ 172.398841][T17109] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5049'. [ 172.584883][ T40] audit: type=1400 audit(2000000044.459:608): avc: denied { setopt } for pid=17127 comm="syz.1.5058" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 172.728850][T17140] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'syz0' [ 172.742656][ T5966] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 172.781921][T17144] A link change request failed with some changes committed already. Interface veth1_to_team may have been left with an inconsistent configuration, please check. [ 172.793371][T17146] sp0: Synchronizing with TNC [ 172.850205][ T40] audit: type=1400 audit(2000000044.719:609): avc: denied { shutdown } for pid=17149 comm="syz.3.5069" laddr=172.20.20.10 lport=9 faddr=172.20.20.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 172.952827][T17174] sp0: Synchronizing with TNC [ 173.108093][T17185] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'syz0' [ 173.364617][T17197] sp0: Synchronizing with TNC [ 173.449029][T17201] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'syz0' [ 173.818701][ T5970] Bluetooth: hci4: sending frame failed (-49) [ 173.821607][ T5966] Bluetooth: hci4: Opcode 0x1003 failed: -49 [ 174.647513][T17243] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5110'. [ 174.652011][T17243] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5110'. [ 175.142014][T17285] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 175.621638][T17327] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 175.629868][ T40] audit: type=1400 audit(2000000047.499:610): avc: denied { watch watch_reads } for pid=17328 comm="syz.1.5148" path="/1476/file0" dev="tmpfs" ino=7487 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 175.861079][T17369] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 175.867617][T17369] bridge0: port 1(bridge_slave_0) entered disabled state [ 176.706913][T17386] bridge: RTM_NEWNEIGH with unconfigured vlan 1 on bridge0 [ 176.714291][ T5972] Bluetooth: hci5: sending frame failed (-49) [ 176.717059][ T5970] Bluetooth: hci5: Opcode 0x1003 failed: -49 [ 176.830479][ T40] audit: type=1400 audit(2000000048.699:611): avc: denied { read } for pid=17396 comm="syz.1.5181" path="socket:[55069]" dev="sockfs" ino=55069 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 177.050199][ T5970] Bluetooth: hci5: sending frame failed (-49) [ 177.053993][ T5972] Bluetooth: hci5: Opcode 0x1003 failed: -49 [ 177.632733][ T5966] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 177.662156][T17425] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5195'. [ 177.668969][T17425] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5195'. [ 177.925993][T17453] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5207'. [ 177.932081][T17453] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5207'. [ 178.132266][T17464] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 178.138532][T17464] bridge0: port 3(team0) entered disabled state [ 178.141215][T17464] bridge0: port 1(bridge_slave_0) entered disabled state [ 178.573251][T17486] bridge0: port 3(batadv1) entered blocking state [ 178.575493][T17486] bridge0: port 3(batadv1) entered disabled state [ 178.577576][T17486] batadv1: entered allmulticast mode [ 178.580017][T17486] batadv1: entered promiscuous mode [ 178.742102][T17504] serio: Serial port ptm0 [ 178.956026][T17550] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5249'. [ 178.958809][T17550] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5249'. [ 178.980763][T17552] bridge0: port 4(batadv1) entered blocking state [ 178.986263][T17552] bridge0: port 4(batadv1) entered disabled state [ 178.989155][T17552] batadv1: entered allmulticast mode [ 178.997225][T17552] batadv1: entered promiscuous mode [ 179.072554][ T46] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled [ 179.076144][ T46] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled [ 179.482952][ T46] batman_adv: batadv1: IGMP Querier appeared [ 179.484895][ T46] batman_adv: batadv1: MLD Querier appeared [ 179.734691][ T40] audit: type=1400 audit(2000000051.609:612): avc: denied { ioctl } for pid=17611 comm="syz.2.5273" path="socket:[58602]" dev="sockfs" ino=58602 ioctlcmd=0x8b36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 179.782225][T17620] bond0: entered promiscuous mode [ 179.783993][T17620] bond_slave_0: entered promiscuous mode [ 179.785897][T17620] bond_slave_1: entered promiscuous mode [ 179.787717][T17620] bond1: entered promiscuous mode [ 179.847615][T17629] openvswitch: netlink: IP tunnel TTL not specified. [ 179.876276][T17631] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 179.879358][T17631] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 179.895962][T17633] serio: Serial port ptm0 [ 180.093936][T17643] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5289'. [ 180.147202][T17653] openvswitch: netlink: IP tunnel TTL not specified. [ 180.149824][T17654] loop7: detected capacity change from 0 to 7 [ 180.155008][ C2] blk_print_req_error: 84 callbacks suppressed [ 180.155018][ C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 180.159869][ C2] buffer_io_error: 54 callbacks suppressed [ 180.159876][ C2] Buffer I/O error on dev loop7, logical block 0, async page read [ 180.164375][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 180.167897][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 180.171288][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 180.174198][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 180.176740][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 180.179534][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 180.182064][ C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 180.184999][ C2] Buffer I/O error on dev loop7, logical block 0, async page read [ 180.187591][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 180.190618][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 180.193817][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 180.196694][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 180.199119][T17654] ldm_validate_partition_table(): Disk read failed. [ 180.201634][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 180.204537][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 180.208527][ C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 180.211413][ C2] Buffer I/O error on dev loop7, logical block 0, async page read [ 180.214026][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 180.216878][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 180.219438][T17654] Dev loop7: unable to read RDB block 0 [ 180.221644][T17654] loop7: unable to read partition table [ 180.223587][T17654] loop7: partition table beyond EOD, truncated [ 180.225555][T17654] loop_reread_partitions: partition scan of loop7 (Cj̖P=ý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 180.422550][ T24] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 180.592513][ T24] usb 7-1: Using ep0 maxpacket: 8 [ 180.595847][ T24] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 180.598408][ T24] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 180.601405][ T24] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 180.604460][ T24] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 180.607574][ T24] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 180.611551][ T24] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 180.615093][ T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 180.795526][T17659] Invalid logical block size (6) [ 180.826008][ T24] usb 7-1: GET_CAPABILITIES returned 0 [ 180.827808][ T24] usbtmc 7-1:16.0: can't read capabilities [ 181.027863][ T6011] usb 7-1: USB disconnect, device number 6 [ 181.073294][ T838] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 181.222561][ T838] usb 6-1: Using ep0 maxpacket: 8 [ 181.225478][ T838] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 181.227992][ T838] usb 6-1: config 0 has no interface number 0 [ 181.229914][ T838] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 181.233689][ T838] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 181.236482][ T838] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 181.240039][ T838] usb 6-1: config 0 descriptor?? [ 181.243731][ T838] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 181.445531][ T838] usb 6-1: USB disconnect, device number 8 [ 181.714904][T17690] blkio.reset_stats is deprecated [ 181.801700][T17699] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5315'. [ 181.973227][T17703] ipvlan2: entered promiscuous mode [ 181.975524][T17703] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 182.160896][ T40] audit: type=1400 audit(2000000054.029:613): avc: denied { override_creds } for pid=17710 comm="syz.1.5321" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 182.529627][T17734] netlink: 'syz.1.5332': attribute type 1 has an invalid length. [ 182.796988][T17756] netlink: 'syz.5.5342': attribute type 1 has an invalid length. [ 182.912732][ T1470] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 183.072598][ T1470] usb 7-1: Using ep0 maxpacket: 8 [ 183.076636][ T1470] usb 7-1: config 0 has an invalid interface number: 1 but max is 0 [ 183.079109][ T1470] usb 7-1: config 0 has no interface number 0 [ 183.081022][ T1470] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 183.084445][ T1470] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 183.087279][ T1470] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 183.090944][ T1470] usb 7-1: config 0 descriptor?? [ 183.095631][ T1470] iowarrior 7-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 183.297770][ T24] usb 7-1: USB disconnect, device number 7 [ 184.111000][ T40] audit: type=1400 audit(2000000055.979:614): avc: denied { ioctl } for pid=17794 comm="syz.2.5360" path="socket:[58886]" dev="sockfs" ino=58886 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 187.256358][ T40] audit: type=1326 audit(2000000059.129:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17836 comm="syz.3.5382" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f32aa18eb69 code=0x0 [ 187.275705][T17834] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 187.339404][ T40] audit: type=1400 audit(2000000059.209:616): avc: denied { accept } for pid=17842 comm="syz.5.5385" laddr=::ac14:14aa lport=49837 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 187.511446][T17877] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.5400'. [ 187.541936][T17884] dvmrp1: entered allmulticast mode [ 187.590959][ T40] audit: type=1400 audit(2000000059.459:617): avc: denied { unmount } for pid=9998 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 187.637391][T17898] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5410'. [ 187.640291][T17898] netem: change failed [ 187.660948][T17900] netlink: 64 bytes leftover after parsing attributes in process `syz.1.5411'. [ 187.692301][T17907] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 187.714456][ T40] audit: type=1400 audit(2000000059.589:618): avc: denied { remount } for pid=17909 comm="syz.5.5416" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 187.744178][T17912] tipc: New replicast peer: 255.255.255.255 [ 187.746348][T17912] tipc: Enabled bearer , priority 10 [ 187.748925][T17912] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5417'. [ 187.751755][T17912] tipc: Disabling bearer [ 187.856839][ T40] audit: type=1400 audit(2000000059.729:619): avc: denied { bind } for pid=17921 comm="syz.5.5422" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 187.972839][T17940] loop9: detected capacity change from 0 to 8 [ 187.975271][T17940] loop9: [CUMANA/ADFS] p1 [ADFS] p1 [ 187.976971][T17940] loop9: partition table partially beyond EOD, truncated [ 187.979238][T17940] loop9: p1 size 81768186 extends beyond EOD, truncated [ 188.009607][T17946] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.5433'. [ 188.110067][T17959] netlink: 165 bytes leftover after parsing attributes in process `syz.3.5440'. [ 188.137265][T17964] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5442'. [ 188.254504][T17990] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=17990 comm=syz.3.5454 [ 188.299950][T18001] loop3: detected capacity change from 0 to 8 [ 188.409820][T18001] Dev loop3: unable to read RDB block 8 [ 188.411594][T18001] loop3: unable to read partition table [ 188.414359][T18001] loop3: partition table beyond EOD, truncated [ 188.417784][T18001] loop_reread_partitions: partition scan of loop3 (Cjmmý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 188.458937][T18020] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=18020 comm=syz.5.5468 [ 188.546907][T18004] Dev loop3: unable to read RDB block 8 [ 188.548659][T18004] loop3: unable to read partition table [ 188.550485][T18004] loop3: partition table beyond EOD, truncated [ 188.587987][T18037] netlink: 165 bytes leftover after parsing attributes in process `syz.2.5477'. [ 188.594656][T18041] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5476'. [ 188.640327][T18051] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.5483'. [ 188.649744][T18056] loop3: detected capacity change from 0 to 8 [ 188.762714][T18056] Dev loop3: unable to read RDB block 8 [ 188.766288][T18056] loop3: unable to read partition table [ 188.768164][T18056] loop3: partition table beyond EOD, truncated [ 188.772218][T18056] loop_reread_partitions: partition scan of loop3 (Cjmmý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 188.860753][T18084] tipc: New replicast peer: 255.255.255.255 [ 188.864263][T18084] tipc: Enabled bearer , priority 10 [ 188.866801][T18084] tipc: Disabling bearer [ 188.893676][T18063] Dev loop3: unable to read RDB block 8 [ 188.895493][T18063] loop3: unable to read partition table [ 188.897449][T18063] loop3: partition table beyond EOD, truncated [ 188.924349][T18094] netem: change failed [ 188.962115][T18101] loop3: detected capacity change from 0 to 8 [ 189.063571][T18113] tipc: New replicast peer: 255.255.255.255 [ 189.065627][T18113] tipc: Enabled bearer , priority 10 [ 189.068248][T18113] tipc: Disabling bearer [ 189.083318][T18101] Dev loop3: unable to read RDB block 8 [ 189.085134][T18101] loop3: unable to read partition table [ 189.086961][T18101] loop3: partition table beyond EOD, truncated [ 189.092642][T18101] loop_reread_partitions: partition scan of loop3 (Cjmmý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 189.207625][T18107] Dev loop3: unable to read RDB block 8 [ 189.209877][T18107] loop3: unable to read partition table [ 189.211749][T18107] loop3: partition table beyond EOD, truncated [ 189.226382][T18125] netem: change failed [ 189.463995][ T40] audit: type=1326 audit(2000000063.337:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18166 comm="syz.1.5544" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5aef38eb69 code=0x0 [ 190.448787][T18193] netlink: 'syz.1.5548': attribute type 7 has an invalid length. [ 191.540078][T18281] netlink: 'syz.5.5600': attribute type 7 has an invalid length. [ 192.788053][ T40] audit: type=1326 audit(2000000066.657:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18326 comm="syz.1.5614" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5aef38eb69 code=0x0 [ 193.042751][ T29] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 193.196307][ T29] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 193.199133][ T29] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 193.202424][ T29] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 193.205444][ T29] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 193.208947][ T29] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 193.215447][ T29] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 193.218399][ T29] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 193.221231][ T29] usb 7-1: Product: syz [ 193.222893][ T29] usb 7-1: Manufacturer: syz [ 193.226807][ T29] cdc_wdm 7-1:1.0: skipping garbage [ 193.228524][ T29] cdc_wdm 7-1:1.0: skipping garbage [ 193.231386][ T29] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device [ 193.233956][ T29] cdc_wdm 7-1:1.0: Unknown control protocol [ 193.432049][ T24] usb 7-1: USB disconnect, device number 8 [ 193.712184][ T40] audit: type=1326 audit(2000000067.577:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18351 comm="syz.5.5632" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9d3c58eb69 code=0x0 [ 193.945455][ T40] audit: type=1400 audit(2000000067.817:623): avc: denied { nlmsg_read } for pid=18373 comm="syz.3.5635" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 193.946631][T18374] __nla_validate_parse: 12 callbacks suppressed [ 193.946641][T18374] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5635'. [ 193.954708][ T1423] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.250954][T18405] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5650'. [ 194.332116][ T40] audit: type=1400 audit(2000000068.197:624): avc: denied { getopt } for pid=18421 comm="syz.3.5658" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 194.512856][T18455] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5679'. [ 194.715076][T18482] GUP no longer grows the stack in syz.3.5686 (18482): 200000007000-20000000a000 (200000004000) [ 194.718728][T18482] CPU: 2 UID: 0 PID: 18482 Comm: syz.3.5686 Not tainted 6.16.0-syzkaller-11322-g352af6a011d5 #0 PREEMPT(full) [ 194.718743][T18482] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 194.718750][T18482] Call Trace: [ 194.718754][T18482] [ 194.718758][T18482] dump_stack_lvl+0x16c/0x1f0 [ 194.718778][T18482] gup_vma_lookup+0x1d2/0x220 [ 194.718792][T18482] __get_user_pages+0x243/0x34a0 [ 194.718813][T18482] ? __pfx___get_user_pages+0x10/0x10 [ 194.718831][T18482] __gup_longterm_locked+0x2dd/0x17e0 [ 194.718846][T18482] ? __lock_acquire+0xf80/0x1ce0 [ 194.718865][T18482] ? __pfx___gup_longterm_locked+0x10/0x10 [ 194.718887][T18482] pin_user_pages+0x13c/0x160 [ 194.718902][T18482] ? __pfx_pin_user_pages+0x10/0x10 [ 194.718919][T18482] ? xdp_umem_create+0x652/0x1270 [ 194.718936][T18482] xdp_umem_create+0x73c/0x1270 [ 194.718953][T18482] xsk_setsockopt+0x6db/0x9a0 [ 194.718966][T18482] ? __pfx_xsk_setsockopt+0x10/0x10 [ 194.718978][T18482] ? find_held_lock+0x2b/0x80 [ 194.718994][T18482] ? selinux_socket_setsockopt+0x6a/0x80 [ 194.719006][T18482] ? __pfx_xsk_setsockopt+0x10/0x10 [ 194.719019][T18482] do_sock_setsockopt+0xf3/0x1d0 [ 194.719039][T18482] __sys_setsockopt+0x1a0/0x230 [ 194.719056][T18482] __x64_sys_setsockopt+0xbd/0x160 [ 194.719070][T18482] ? do_syscall_64+0x91/0x4c0 [ 194.719085][T18482] ? lockdep_hardirqs_on+0x7c/0x110 [ 194.719101][T18482] do_syscall_64+0xcd/0x4c0 [ 194.719118][T18482] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 194.719129][T18482] RIP: 0033:0x7f32aa18eb69 [ 194.719138][T18482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 194.719148][T18482] RSP: 002b:00007f32ab020038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 194.719159][T18482] RAX: ffffffffffffffda RBX: 00007f32aa3b5fa0 RCX: 00007f32aa18eb69 [ 194.719166][T18482] RDX: 0000000000000004 RSI: 000000000000011b RDI: 0000000000000003 [ 194.719172][T18482] RBP: 00007f32aa211df1 R08: 0000000000000020 R09: 0000000000000000 [ 194.719179][T18482] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000 [ 194.719185][T18482] R13: 0000000000000000 R14: 00007f32aa3b5fa0 R15: 00007fffdd9587a8 [ 194.719199][T18482] [ 194.742511][ T40] audit: type=1326 audit(2000000068.607:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18488 comm="syz.2.5687" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f52ccf8eb69 code=0x0 [ 195.441747][T18598] netlink: 48 bytes leftover after parsing attributes in process `syz.5.5743'. [ 195.460898][T18607] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5747'. [ 195.570367][T18629] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5758'. [ 195.573858][ T71] bond0: (slave bond_slave_0): interface is now down [ 195.577043][ T71] bond0: (slave bond_slave_1): interface is now down [ 195.589349][ T71] bond0: now running without any active interface! [ 195.776689][T18677] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5779'. [ 195.872828][T18690] netlink: 48 bytes leftover after parsing attributes in process `syz.1.5786'. [ 195.958784][T18710] netlink: 'syz.1.5793': attribute type 2 has an invalid length. [ 195.961329][T18710] netlink: 132 bytes leftover after parsing attributes in process `syz.1.5793'. [ 196.037781][T18720] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5799'. [ 196.042392][T18722] bond0: option ad_select: unable to set because the bond device is up [ 196.202973][ T838] usb 10-1: new full-speed USB device number 5 using dummy_hcd [ 196.312075][T18739] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 196.314444][T18739] IPv6: NLM_F_CREATE should be set when creating new route [ 196.316793][T18739] IPv6: NLM_F_CREATE should be set when creating new route [ 196.320349][T18739] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 196.329823][T18741] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 196.355230][ T838] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 196.358460][ T838] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 196.361266][ T838] usb 10-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 196.364410][ T838] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 196.368089][ T838] usb 10-1: config 0 descriptor?? [ 196.373413][ T838] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 196.376118][ T838] dvb-usb: bulk message failed: -22 (3/0) [ 196.381801][ T838] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 196.385974][ T838] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 196.388413][ T838] usb 10-1: media controller created [ 196.391859][ T838] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 196.398142][ T838] dvb-usb: bulk message failed: -22 (6/0) [ 196.400969][ T838] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 196.404879][ T838] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb10/10-1/input/input18 [ 196.416029][ T838] dvb-usb: schedule remote query interval to 150 msecs. [ 196.418247][ T838] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 196.481670][T18763] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 196.484065][T18763] IPv6: NLM_F_CREATE should be set when creating new route [ 196.486314][T18763] IPv6: NLM_F_CREATE should be set when creating new route [ 196.488813][T18763] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 196.574082][ T838] dvb-usb: bulk message failed: -22 (1/0) [ 196.574160][ T34] usb 10-1: USB disconnect, device number 5 [ 196.576441][ T838] dvb-usb: error while querying for an remote control event. [ 196.598811][ T34] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 197.275455][T18820] vxcan1: tx address claim with dlc 0 [ 197.542666][ T8673] usb 10-1: new high-speed USB device number 6 using dummy_hcd [ 197.692551][ T8673] usb 10-1: Using ep0 maxpacket: 32 [ 197.695425][ T8673] usb 10-1: config 0 has an invalid interface number: 247 but max is 0 [ 197.698007][ T8673] usb 10-1: config 0 has no interface number 0 [ 197.701116][ T8673] usb 10-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b [ 197.704247][ T8673] usb 10-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0 [ 197.706792][ T8673] usb 10-1: Product: syz [ 197.708155][ T8673] usb 10-1: Manufacturer: syz [ 197.711001][ T8673] usb 10-1: config 0 descriptor?? [ 197.921694][ T8673] usb 10-1: USB disconnect, device number 6 [ 198.552013][T18854] vxcan1: tx address claim with dlc 0 [ 198.708893][T18888] lo: Master is either lo or non-ether device [ 198.925230][T18942] vxcan1: tx address claim with dlc 0 [ 199.259746][T18993] lo: Master is either lo or non-ether device [ 199.391451][T19019] lo: Master is either lo or non-ether device [ 199.488271][T19041] __nla_validate_parse: 7 callbacks suppressed [ 199.488283][T19041] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5953'. [ 199.611678][T19058] tun0: tun_chr_ioctl cmd 1074025677 [ 199.613507][T19058] tun0: linktype set to 5 [ 200.770442][T19130] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5997'. [ 200.864741][T19147] netlink: 277 bytes leftover after parsing attributes in process `syz.3.6006'. [ 200.888399][T19153] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6009'. [ 200.895361][T19156] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6011'. [ 200.988725][T19172] lo: entered promiscuous mode [ 200.990547][T19172] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6018'. [ 200.993698][T19172] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 201.119918][T19202] netlink: 20 bytes leftover after parsing attributes in process `syz.3.6032'. [ 201.123926][ T12] ------------[ cut here ]------------ [ 201.126110][ T12] RTNL: assertion failed at ./include/net/netdev_lock.h (72) [ 201.129606][ T12] WARNING: CPU: 1 PID: 12 at ./include/net/netdev_lock.h:72 __linkwatch_sync_dev+0x1ed/0x230 [ 201.133419][ T12] Modules linked in: [ 201.134940][ T12] CPU: 1 UID: 0 PID: 12 Comm: kworker/u32:0 Not tainted 6.16.0-syzkaller-11322-g352af6a011d5 #0 PREEMPT(full) [ 201.139665][ T12] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 201.147805][ T12] Workqueue: bond0 bond_mii_monitor [ 201.149470][ T12] RIP: 0010:__linkwatch_sync_dev+0x1ed/0x230 [ 201.151352][ T12] Code: 05 ff ff ff e8 34 15 45 f8 c6 05 14 c8 1c 07 01 90 ba 48 00 00 00 48 c7 c6 20 c1 e5 8c 48 c7 c7 c0 c0 e5 8c e8 64 bb 03 f8 90 <0f> 0b 90 90 e9 d6 fe ff ff 48 c7 c7 64 05 ab 90 e8 8e 5a ab f8 e9 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 201.161399][ T12] RSP: 0018:ffffc900000f79f0 EFLAGS: 00010286 [ 201.163484][ T12] RAX: 0000000000000000 RBX: ffff88802bd40000 RCX: ffffffff817a3068 [ 201.165945][ T12] RDX: ffff88801dacc880 RSI: ffffffff817a3075 RDI: 0000000000000001 [ 201.168407][ T12] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 201.170856][ T12] R10: 0000000000000001 R11: 0000000000000000 R12: 1ffff9200001ef48 [ 201.173391][ T12] R13: ffff88802bd40cbd R14: ffffffff8c59b5c0 R15: ffffffff89af9020 [ 201.176657][ T12] FS: 0000000000000000(0000) GS:ffff8880d67c8000(0000) knlGS:0000000000000000 [ 201.179427][ T12] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 201.181502][ T12] CR2: 0000001b30a17ff8 CR3: 000000000e380000 CR4: 0000000000352ef0 [ 201.184088][ T12] Call Trace: [ 201.185150][ T12] [ 201.186088][ T12] ethtool_op_get_link+0x1d/0x70 [ 201.187658][ T12] bond_check_dev_link+0x3f9/0x710 [ 201.189273][ T12] ? __pfx_bond_check_dev_link+0x10/0x10 [ 201.191039][ T12] bond_mii_monitor+0x3c0/0x2dc0 [ 201.192710][ T12] ? __pfx_bond_mii_monitor+0x10/0x10 [ 201.194395][ T12] ? rcu_is_watching+0x12/0xc0 [ 201.195899][ T12] process_one_work+0x9cc/0x1b70 [ 201.197466][ T12] ? __pfx_process_one_work+0x10/0x10 [ 201.199141][ T12] ? assign_work+0x1a0/0x250 [ 201.200657][ T12] worker_thread+0x6c8/0xf10 [ 201.202137][ T12] ? __pfx_worker_thread+0x10/0x10 [ 201.203848][ T12] kthread+0x3c5/0x780 [ 201.205150][ T12] ? __pfx_kthread+0x10/0x10 [ 201.206610][ T12] ? rcu_is_watching+0x12/0xc0 [ 201.208122][ T12] ? __pfx_kthread+0x10/0x10 [ 201.209575][ T12] ret_from_fork+0x5d7/0x6f0 [ 201.211027][ T12] ? __pfx_kthread+0x10/0x10 [ 201.212551][ T12] ret_from_fork_asm+0x1a/0x30 [ 201.214062][ T12] [ 201.215045][ T12] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 201.217304][ T12] CPU: 1 UID: 0 PID: 12 Comm: kworker/u32:0 Not tainted 6.16.0-syzkaller-11322-g352af6a011d5 #0 PREEMPT(full) [ 201.220950][ T12] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 201.224273][ T12] Workqueue: bond0 bond_mii_monitor [ 201.225900][ T12] Call Trace: [ 201.226954][ T12] [ 201.227895][ T12] dump_stack_lvl+0x3d/0x1f0 [ 201.229365][ T12] vpanic+0x6a3/0x780 [ 201.230630][ T12] ? __pfx_vpanic+0x10/0x10 [ 201.232074][ T12] ? __linkwatch_sync_dev+0x1ed/0x230 [ 201.233748][ T12] panic+0xca/0xd0 [ 201.234938][ T12] ? __pfx_panic+0x10/0x10 [ 201.236358][ T12] ? check_panic_on_warn+0x1f/0xb0 [ 201.237955][ T12] check_panic_on_warn+0xab/0xb0 [ 201.239504][ T12] __warn+0xf6/0x3c0 [ 201.240744][ T12] ? preempt_schedule_notrace+0x62/0xe0 [ 201.242479][ T12] ? __linkwatch_sync_dev+0x1ed/0x230 [ 201.244154][ T12] report_bug+0x3c3/0x580 [ 201.245515][ T12] ? __linkwatch_sync_dev+0x1ed/0x230 [ 201.247189][ T12] handle_bug+0x184/0x210 [ 201.248555][ T12] exc_invalid_op+0x17/0x50 [ 201.249981][ T12] asm_exc_invalid_op+0x1a/0x20 [ 201.251506][ T12] RIP: 0010:__linkwatch_sync_dev+0x1ed/0x230 [ 201.253394][ T12] Code: 05 ff ff ff e8 34 15 45 f8 c6 05 14 c8 1c 07 01 90 ba 48 00 00 00 48 c7 c6 20 c1 e5 8c 48 c7 c7 c0 c0 e5 8c e8 64 bb 03 f8 90 <0f> 0b 90 90 e9 d6 fe ff ff 48 c7 c7 64 05 ab 90 e8 8e 5a ab f8 e9 [ 201.259283][ T12] RSP: 0018:ffffc900000f79f0 EFLAGS: 00010286 [ 201.261181][ T12] RAX: 0000000000000000 RBX: ffff88802bd40000 RCX: ffffffff817a3068 [ 201.263625][ T12] RDX: ffff88801dacc880 RSI: ffffffff817a3075 RDI: 0000000000000001 [ 201.266071][ T12] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 201.268521][ T12] R10: 0000000000000001 R11: 0000000000000000 R12: 1ffff9200001ef48 [ 201.270959][ T12] R13: ffff88802bd40cbd R14: ffffffff8c59b5c0 R15: ffffffff89af9020 [ 201.273416][ T12] ? __pfx_ethtool_op_get_link+0x10/0x10 [ 201.275173][ T12] ? __warn_printk+0x198/0x350 [ 201.276685][ T12] ? __warn_printk+0x1a5/0x350 [ 201.278198][ T12] ethtool_op_get_link+0x1d/0x70 [ 201.279757][ T12] bond_check_dev_link+0x3f9/0x710 [ 201.281377][ T12] ? __pfx_bond_check_dev_link+0x10/0x10 [ 201.283127][ T12] bond_mii_monitor+0x3c0/0x2dc0 [ 201.284692][ T12] ? __pfx_bond_mii_monitor+0x10/0x10 [ 201.286383][ T12] ? rcu_is_watching+0x12/0xc0 [ 201.287886][ T12] process_one_work+0x9cc/0x1b70 [ 201.289451][ T12] ? __pfx_process_one_work+0x10/0x10 [ 201.291129][ T12] ? assign_work+0x1a0/0x250 [ 201.292595][ T12] worker_thread+0x6c8/0xf10 [ 201.294054][ T12] ? __pfx_worker_thread+0x10/0x10 [ 201.295655][ T12] kthread+0x3c5/0x780 [ 201.296955][ T12] ? __pfx_kthread+0x10/0x10 [ 201.298411][ T12] ? rcu_is_watching+0x12/0xc0 [ 201.299917][ T12] ? __pfx_kthread+0x10/0x10 [ 201.301388][ T12] ret_from_fork+0x5d7/0x6f0 [ 201.302837][ T12] ? __pfx_kthread+0x10/0x10 [ 201.304294][ T12] ret_from_fork_asm+0x1a/0x30 [ 201.305803][ T12] [ 201.307275][ T12] Kernel Offset: disabled [ 201.308643][ T12] Rebooting in 86400 seconds.. VM DIAGNOSIS: 21:50:18 Registers: info registers vcpu 0 CPU#0 RAX=00000000001942e5 RBX=0000000000000000 RCX=ffffffff8b9273a9 RDX=0000000000000000 RSI=ffffffff8de4c8f5 RDI=ffffffff8c15fb80 RBP=fffffbfff1c52ef0 RSP=ffffffff8e207e08 R8 =0000000000000001 R9 =ffffed100d486655 R10=ffff88806a4332ab R11=0000000000000000 R12=0000000000000000 R13=ffffffff8e297780 R14=ffffffff90aad390 R15=0000000000000000 RIP=ffffffff8b925f0f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d66c8000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000001b30a1dff8 CR3=0000000027433000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff823d3377 ffffffff8239a5c6 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff823d3377 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcf70fb306 00007ffcf70fb30c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5aef412e0a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5aef412e17 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5aef412e11 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5aef412e25 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5aef412eab ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5aef412f89 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff823d2f64 ffffffff823d2f33 ffffffff823d2eed ffffffff8239a69c ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff823d3377 ffffffff823d3179 ffffffff00040008 000c00130014000c ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff823d30a9 ffffffff823d2f64 ffffffff823d2f33 ffffffff823d2eed ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=000000000000003a RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85634195 RDI=ffffffff9b1120a0 RBP=ffffffff9b112060 RSP=ffffc900000f7360 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=000000000000003a R14=ffffffff9b112060 R15=ffffffff85634130 RIP=ffffffff856341bf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d67c8000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000001b30a17ff8 CR3=0000000050382000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000080040001 Opmask01=0000000000000fff Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffdd958b30 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffdd958cb6 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffdd958cb6 00007fffdd958cbc ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f32aa212e0a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f32aa212e17 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f32aa212e11 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f32aa212e25 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f32aa212eab ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f32aa212f89 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0063696e61703d73 726f727265006f72 2d746e756f6d6572 3d73726f72726500 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00464c4b44551856 574a575740004a57 08514b504a484057 1856574a57574000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000080000002 RBX=0000000000000001 RCX=ffffffff8205feb8 RDX=ffff888028120000 RSI=ffffffff8205fed8 RDI=0000000000000007 RBP=ffffea00011aaec0 RSP=ffffc90003797650 R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000 R12=ffffea00011aaec0 R13=ffffea00011aaec0 R14=0000000000000000 R15=ffffea00011aaec0 RIP=ffffffff81bb8897 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000555591148500 ffffffff 00c00000 GS =0000 ffff8880d68c8000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f52cdce56c0 CR3=000000004ff53000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000080040001 Opmask01=00000000c4000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff3ecb9770 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff3ecb98f6 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff3ecb98f6 00007fff3ecb98fc ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f52cd012e0a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f52cd012e17 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f52cd012e11 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f52cd012e25 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f52cd012eab ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f52cd012f89 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0063696e61703d73 726f727265006f72 2d746e756f6d6572 3d73726f72726500 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00464c4b44551856 574a575740004a57 08514b504a484057 1856574a57574000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000001 RBX=ffffffff8e5c1060 RCX=00000000d21b9c13 RDX=0000000000000000 RSI=ffffffff8de27585 RDI=ffffffff8c15fb80 RBP=0000000000000002 RSP=ffffc900050df4f0 R8 =64dd42c65c2b57fd R9 =0000000000000000 R10=0000000000000007 R11=0000000000000000 R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff8197c8b6 RFL=00000057 [---ZAPC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000555587819500 ffffffff 00c00000 GS =0000 ffff8880d69c8000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f9d3d2e56c0 CR3=000000003bcb7000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000080040001 Opmask01=0000000002fefce0 Opmask02=0000000002fefcfe Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffe454c550 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffe454c6d6 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffe454c6d6 00007fffe454c6dc ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9d3c612e0a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9d3c612e17 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9d3c612e11 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9d3c612e25 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9d3c612eab ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9d3c612f89 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0063696e61703d73 726f727265006f72 2d746e756f6d6572 3d73726f72726500 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00464c4b44551856 574a575740004a57 08514b504a484057 1856574a57574000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000