last executing test programs: 6.030388182s ago: executing program 1 (id=944): openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe0500000000000000000000950000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) setsockopt(0xffffffffffffffff, 0x0, 0x6, &(0x7f0000002300)="851bf0ea44d0c5de23007aa811723ce9d478a626c148adf492d83475cc071b28032cebb39f1631ab1540db2961cdaedf526c1fb54b4fac98e264684023b2867206697bba1ad08bad9bf765527f8edee2d956bb3d9e210b127baf6808f81adfa9529df7a8d472ced7509817a446f7c8841f27122ab651a7f9314bb22a5a83e75bfc774c481c6133dee4f9be2ebdcd6832aa1ac9b8389c8b21c39ff55f6bb5c82be6395fff2f732069e176204aabe07c42f1e9ac", 0xb3) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) syz_open_dev$loop(0x0, 0x6, 0x82200) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r4 = socket$inet(0xa, 0x801, 0x84) connect$inet(r4, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x100004, 0x44, 0x9, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r5 = socket$inet_mptcp(0x2, 0x1, 0x106) sendto$inet(r5, 0x0, 0x0, 0x28004814, &(0x7f0000000200)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x3e}}, 0x10) poll(&(0x7f00000000c0)=[{r5, 0x8400}], 0x1, 0x4000) 5.908815965s ago: executing program 3 (id=946): r0 = socket$alg(0x26, 0x5, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, 0x0, 0x0, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_DESTROY(r4, 0x0, 0x5) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r5 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r5, 0xc1004110, 0x0) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb) openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0) syz_open_dev$dri(0x0, 0x1, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x0) bind$alg(r0, &(0x7f00000005c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(serpent)\x00'}, 0x58) 5.031009534s ago: executing program 1 (id=949): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000200"/28], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x4, 0x10, &(0x7f00000008c0)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001bc0)={r1, 0x0, 0x138, 0x4c, &(0x7f0000001cc0)="633268f83ca3000000a2029e3815bb2fa117d8326687688b2c969fd7267d546214af00d1ca2524d00f9e4d9555f3ab381b5d44fd6bda8c509e66101d296f10c805252e7c5d48d9814f46db8f07441878734b13270fe47fba418b7358984b9a61c2bbf964a520459fd0d90590b46cf1677d580a26933b6e35aee75996b73a15a25aa8ae2f1f9bc9699a505c0dc4050ab2255fc35f508ccc52f10ac12febf28652fe36f725714868675ca2a7042ab4b26904b2f000589694f69ab0b22a5aec72c5036ce1c8974690045e4ab412a70336b4c65b2dfc8121af4143c2e10a0e5632bcd44e0b000029da424d86f298656822dae2c002e289fbfa6fe0dfb2fd57713a7684dc166c628dc45027ac174c5db54f22e409eb4e94263dbc9919f90f1af3290918b9824c3e0268b300bf69cc2eb3fc58f655439bdbe2b905", &(0x7f0000001c40)=""/76, 0x4000, 0x0, 0x0, 0x50, &(0x7f0000001ac0), &(0x7f0000001a40)="408fd0050dc7945b483103067eca9bd26ffbe35abf0f88a103f6893dc2b1d1cdc2195d4ae89abc04ff5fe5d2466892c81015df835a7d47be4f852161bc4015e7564b08584290fe1762f943a653008ac5", 0x1, 0x0, 0x13}, 0x50) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000009c0)=ANY=[@ANYBLOB="34000000680001090000000000000000000000000000000006000300000000e2130002"], 0x34}}, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_all\x00', 0x275a, 0x0) ftruncate(r3, 0x653f) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x12, r3, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x101842, 0x18) openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0) r4 = getpid() bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x2000019c, &(0x7f0000000240)=ANY=[], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x90) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) openat$sequencer2(0xffffff9c, &(0x7f00000001c0), 0x0, 0x0) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/vmstat\x00', 0x0, 0x0) read$FUSE(r5, &(0x7f00000020c0)={0x2020}, 0x2020) r6 = openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read$FUSE(r6, 0x0, 0x0) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB="300000000104010100000000000000000000000005000100010000000a0002000000000003000000bc148b4eb0"], 0x30}}, 0x0) connect(r5, &(0x7f0000000280)=@vsock={0x28, 0x0, 0x2710, @hyper}, 0x80) socket(0x2a, 0x3, 0x7fff) getsockopt$SO_BINDTODEVICE(r2, 0x1, 0x6, &(0x7f0000000000), 0x10) ioctl$EXT4_IOC_SWAP_BOOT(r3, 0x6611) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040)) symlinkat(&(0x7f0000000180)='./file0\x00', r5, &(0x7f0000000340)='./file0\x00') 5.030247312s ago: executing program 3 (id=950): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'pim6reg0\x00', 0x2}) 4.823719784s ago: executing program 3 (id=952): openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) setsockopt(0xffffffffffffffff, 0x0, 0x6, &(0x7f0000002300)="851bf0ea44d0c5de23007aa811723ce9d478a626c148adf492d83475cc071b28032cebb39f1631ab1540db2961cdaedf526c1fb54b4fac98e264684023b2867206697bba1ad08bad9bf765527f8edee2d956bb3d9e210b127baf6808f81adfa9529df7a8d472ced7509817a446f7c8841f27122ab651a7f9314bb22a5a83e75bfc774c481c6133dee4f9be2ebdcd6832aa1ac9b8389c8b21c39ff55f6bb5c82be6395fff2f732069e176204aabe07c42f1e9ac", 0xb3) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) syz_open_dev$loop(0x0, 0x6, 0x82200) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r4 = socket$inet(0xa, 0x801, 0x84) connect$inet(r4, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x100004, 0x44, 0x9, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x1b, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240), 0x0, 0x2, r5}, 0x38) r6 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r6, &(0x7f0000000340)={0x2, 0x4e22, @multicast1}, 0x10) sendto$inet(r6, 0x0, 0x0, 0x28004814, &(0x7f0000000200)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x3e}}, 0x10) poll(&(0x7f00000000c0)=[{r6, 0x8400}], 0x1, 0x4000) 4.741925703s ago: executing program 1 (id=953): r0 = socket(0xb, 0x3, 0x4000000) write(r0, &(0x7f0000000000)='\"', 0xfdef) socket(0x1e, 0x5, 0x0) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x32c000, 0x1000, 0x0, 0x6}, 0x20) socket$nl_route(0x10, 0x3, 0x0) syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000030020f003176c4000000000010902"], 0x0) r2 = syz_open_dev$ttys(0xc, 0x2, 0x1) readv(r2, &(0x7f0000000180)=[{&(0x7f0000000280)=""/177, 0xb1}], 0x1) ioctl$TIOCPKT(r2, 0x5420, 0x0) ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x0) r3 = socket(0x1d, 0x2, 0x6) openat$vicodec0(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) bind$can_j1939(r3, &(0x7f0000000380)={0x1d, r4, 0x1}, 0x18) sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[], 0x28}}, 0x0) sendmsg$IPCTNL_MSG_EXP_NEW(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x7c}}, 0x0) syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f00000003c0)={0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(0xffffffffffffffff, 0xc06864ce, 0x0) ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f00000003c0)={0x0}) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1900000004000000080000000500000000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000500"/28], 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x3, 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="850000002e000000350000000000ba008500000008000000950000000000000064f1c0dcf95d6806f8a1572b41a1410824581835d80532cb457f454698165b61a3cf5fc6dd8428230e35230163cf094949fc8b0a9114f43d1b6538f5976be4adc07e8c97d76b1895c322a1ef1f83dd6c1023158a1086f7d0f9dce435554bc34e6bdea4217cfaa9a1f8ad1087c697acd9a7ab696922c9e35f0aee6156c599c7b297de0019b27d67bfb3fe241454a04080bf7f8ce021129c820f9b80fe04be5b11cc7bf16c8a029df573db052357c71be1f5e8ce8db0f96ee1d8a312e9671e652bd642dd65d5b9de99038bc9a5d905441c0785d333135a04000130af1bb4cd5b295b9add7a0247cada056be3a9e29f9d4b57ddd4130ccbbbcd6e000000000000004102d74c391acc0880312cc8a8c51c7bddd3698f620a69f46984c2a2e742fadecf6fa7000000000000f001000080000000001b7e62ca8c3572c3dc46dc7579c100010000000000001af7d2149c8ab5ef187087f74b65a6c7da154853894437ffcb5cc3a2b13759c42b350b09a639a8f257d81204e7e61b7f7230db061fabbdc611df1129695265a3426e02f9b24ebc1355c3bde34d28c2be8594af30231a567d1f0ac5297daa6e9e82eb90c602adffc6a3de64b1db82ac547aaf07000023aebbf4917450e54b989c6065aeafe708ed91d86ee0aebd842815a9bad226f1eda090456f50863060f074c0469fb827520400000000000f00cdb628b5f371ce3b1431b2726cbd8b933f3ce2d452d46d563b254fc3bef447d869a8cc49e160581b4ae43a81264d498b4b6e7c2f9bc962da260e699a9a0d2da32c555047cad7e5deefca3a0942d6170aa75648bd19133373dcee41ddece3fe4c111558e0c4a37ccb72e26c31362cfb9606941dfdb10fee16eb67ab9e957ca01b838defa334e36f703204b01dd394bd1dd08b0e1aa9eb396c61dc2b69bc6aec6e8d2a1c5240b734896365f854ed663cc0ab4c4a03468eebe3786f77327ed31360554b8bca4d90e8e7fefeb95831f49537e3f08ad06bc6c0c1842fe5db582677b6a6886bbf"], &(0x7f0000001040)='GPL\x00', 0x0, 0x6b, &(0x7f00000004c0)=""/153, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x15) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe24, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240)={r6}, 0x57) 3.942472956s ago: executing program 3 (id=957): openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, 0x0, 0x0, 0x2, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe0500000000000000000000950000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) setsockopt(0xffffffffffffffff, 0x0, 0x6, &(0x7f0000002300)="851bf0ea44d0c5de23007aa811723ce9d478a626c148adf492d83475cc071b28032cebb39f1631ab1540db2961cdaedf526c1fb54b4fac98e264684023b2867206697bba1ad08bad9bf765527f8edee2d956bb3d9e210b127baf6808f81adfa9529df7a8d472ced7509817a446f7c8841f27122ab651a7f9314bb22a5a83e75bfc774c481c6133dee4f9be2ebdcd6832aa1ac9b8389c8b21c39ff55f6bb5c82be6395fff2f732069e176204aabe07c42f1e9ac", 0xb3) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) syz_open_dev$loop(0x0, 0x6, 0x82200) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r4 = socket$inet(0xa, 0x801, 0x84) connect$inet(r4, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x100004, 0x44, 0x9, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r5 = socket$inet_mptcp(0x2, 0x1, 0x106) sendto$inet(r5, 0x0, 0x0, 0x28004814, &(0x7f0000000200)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x3e}}, 0x10) poll(&(0x7f00000000c0)=[{r5, 0x8400}], 0x1, 0x4000) 3.729022957s ago: executing program 0 (id=958): prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(0xffffffffffffffff, 0xc01064bd, &(0x7f0000000040)={&(0x7f00000000c0)="330a69e4"}) sendmsg$NLBL_UNLABEL_C_STATICREMOVE(0xffffffffffffffff, &(0x7f0000003240)={0x0, 0x0, &(0x7f0000003200)={&(0x7f0000003140)={0x50, 0x0, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @private0}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'bridge_slave_1\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}, 0x50}}, 0x0) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000300)={0x0, @in6={{0xa, 0x4e21, 0xfffffff7, @mcast1, 0x8000}}}, &(0x7f0000000000)=0x84) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000070601010000000000000000000000000500010007fb0000"], 0x1c}, 0x1, 0x0, 0x0, 0x4048050}, 0x0) 3.041104194s ago: executing program 3 (id=960): syz_io_uring_setup(0x24f9, &(0x7f0000002ec0)={0x0, 0x0, 0x10100, 0x0, 0x63}, &(0x7f0000000080), &(0x7f0000000140)) r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000540)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$EVIOCGMASK(r1, 0x80015b18, 0x0) 2.872531379s ago: executing program 0 (id=961): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000200"/28], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x4, 0x10, &(0x7f00000008c0)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001bc0)={r1, 0x0, 0x138, 0x4c, &(0x7f0000001cc0)="633268f83ca3000000a2029e3815bb2fa117d8326687688b2c969fd7267d546214af00d1ca2524d00f9e4d9555f3ab381b5d44fd6bda8c509e66101d296f10c805252e7c5d48d9814f46db8f07441878734b13270fe47fba418b7358984b9a61c2bbf964a520459fd0d90590b46cf1677d580a26933b6e35aee75996b73a15a25aa8ae2f1f9bc9699a505c0dc4050ab2255fc35f508ccc52f10ac12febf28652fe36f725714868675ca2a7042ab4b26904b2f000589694f69ab0b22a5aec72c5036ce1c8974690045e4ab412a70336b4c65b2dfc8121af4143c2e10a0e5632bcd44e0b000029da424d86f298656822dae2c002e289fbfa6fe0dfb2fd57713a7684dc166c628dc45027ac174c5db54f22e409eb4e94263dbc9919f90f1af3290918b9824c3e0268b300bf69cc2eb3fc58f655439bdbe2b905", &(0x7f0000001c40)=""/76, 0x4000, 0x0, 0x0, 0x50, &(0x7f0000001ac0), &(0x7f0000001a40)="408fd0050dc7945b483103067eca9bd26ffbe35abf0f88a103f6893dc2b1d1cdc2195d4ae89abc04ff5fe5d2466892c81015df835a7d47be4f852161bc4015e7564b08584290fe1762f943a653008ac5", 0x1, 0x0, 0x13}, 0x50) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000009c0)=ANY=[@ANYBLOB="34000000680001090000000000000000000000000000000006000300000000e2130002"], 0x34}}, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_all\x00', 0x275a, 0x0) ftruncate(r3, 0x653f) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x12, r3, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x101842, 0x18) openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0) r4 = getpid() bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x2000019c, &(0x7f0000000240)=ANY=[], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x90) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) openat$sequencer2(0xffffff9c, &(0x7f00000001c0), 0x0, 0x0) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/vmstat\x00', 0x0, 0x0) read$FUSE(r5, &(0x7f00000020c0)={0x2020}, 0x2020) r6 = openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read$FUSE(r6, 0x0, 0x0) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB="300000000104010100000000000000000000000005000100010000000a0002000000000003000000bc148b4eb0"], 0x30}}, 0x0) connect(r5, &(0x7f0000000280)=@vsock={0x28, 0x0, 0x2710, @hyper}, 0x80) socket(0x2a, 0x3, 0x7fff) getsockopt$SO_BINDTODEVICE(r2, 0x1, 0x6, &(0x7f0000000000), 0x10) ioctl$EXT4_IOC_SWAP_BOOT(r3, 0x6611) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040)) symlinkat(&(0x7f0000000180)='./file0\x00', r5, &(0x7f0000000340)='./file0\x00') 2.679741641s ago: executing program 0 (id=962): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x86, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r1, &(0x7f0000003000)=@file={0x1}, 0x6e) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) getsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f00000000c0), &(0x7f0000000140)=0x2) r3 = socket$unix(0x1, 0x1, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$bt_BT_SECURITY(r4, 0x10e, 0x4, 0x0, 0xf0ff1f00000000) bind$unix(r3, &(0x7f0000003000)=@abs={0x1}, 0x6e) syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_REFINE(0xffffffffffffffff, 0xc2604110, 0x0) keyctl$dh_compute(0x17, &(0x7f00000000c0), &(0x7f0000000200)=""/172, 0xac, &(0x7f0000000400)={&(0x7f0000000180)={'crc32-generic\x00'}, &(0x7f00000003c0)}) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_ADD(r5, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="200000001600156f0000000000000000030000", @ANYRES32=0x0, @ANYBLOB], 0x20}}, 0x0) r6 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8b04, &(0x7f0000000000)={'wlan1\x00'}) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='dctcp\x00', 0x6) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) r7 = socket$rds(0x15, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r7, 0x114, 0x8, &(0x7f0000000080)=0x1, 0x4) recvmsg(r0, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x200045ca}], 0x1, 0x0, 0x46, 0x407006}, 0x104) 2.362429908s ago: executing program 2 (id=963): mlockall(0x6) 2.361989863s ago: executing program 2 (id=964): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000200)={0x0}, &(0x7f00000002c0)=0xc) prlimit64(r0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) socket$nl_route(0x10, 0x3, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/snmp\x00') read(r2, &(0x7f0000001a00)=""/177, 0xb1) r3 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_int(r3, 0x0, 0xf, 0x0, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, r5, 0x100, 0x70bd2a, 0x25dfdbff, {{}, {}, {0x18, 0x17, {0x1b, 0x602, @udp='udp:syz0\x00'}}}, ["", "", "", "", ""]}, 0x34}, 0x1, 0x0, 0x0, 0x8090}, 0x40000) sendmsg$IPSET_CMD_DEL(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x40, 0xa, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_ADT={0x10, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBPRIO={0x8}}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_LINENO={0x8}]}, 0x40}}, 0x0) keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'user:', 'syz', 0x20, 0xffd}, 0x2a, 0x0) r6 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) keyctl$update(0x2, r6, 0x0, 0x0) r7 = openat$cdrom(0xffffff9c, &(0x7f0000000180), 0x34700, 0x0) r8 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=ANY=[@ANYBLOB="14000000"], 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x91) ioctl$CDROM_GET_MCN(r7, 0x5311, &(0x7f00000001c0)) keyctl$instantiate(0xc, r6, &(0x7f00000003c0)=ANY=[@ANYBLOB="6e6577206563727970746673560e9b76737465643a245c2d382a252e2a24015e20303030303030303030303030303030303030303700"], 0x36, 0xfffffffffffffffd) syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r8) r9 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000180)={'bond0\x00', 0x0}) r11 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000004680)=@newlink={0x5c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_EGRESS_QOS={0x10, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x27}}]}]}}}, @IFLA_LINK={0x8, 0x5, r10}, @IFLA_MASTER={0x8, 0x3}]}, 0x5c}}, 0x0) 2.181528541s ago: executing program 2 (id=965): r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) writev(r0, &(0x7f0000011200)=[{&(0x7f0000010200)="e36e11f9490a838ca8e83bfaa975b54d8a9cef706911ce3572771b2c53bf6171166a81ce7d964e818cab31f265ddc1fde31aaa253eed53376c4744dea0e673935fd8b605db85e4b4aeaf51c68ce451e769721093d74c4ec00da5cdcb65daeccc7e3fcec5bfc4cef3258fd4ec88736989610d56bfdad733f65b98d998d2192ba71a63244239242e200382b75c09cd8dbeaa6b78addf2f48cb62032c5724946d227b9bd9b8f9c486f5c2ea674632e0c53d7d28404be4fa827ea621973ca8711030af9455479c500f55cccb827a49caa192bf1f561f8f81a01739f7838a5cb2a13d69db74baa0dd043e32776f0e71fa6bc124e5c5d992f40a9afed8ac727e0628901950c96f295cdb6babe974824ddb639a481479abe037895237ea82135bf3979313e8735cd7928e8501f3118efdace7838f269b36b9362da69187fbba80fbee86a5aefd413f7a0edcdef0ca7b7404417ede1ace311968b9092cd5ecf428ca67c94de3dfe8bf42f5f19bc7bdaa10b110c31122006d062ea36b46fc20ddd389a47583ad09c383be509fe4af1fcff8edc3e56e1f00e0ea95923104141675a0b0c89a959de9a4390ebdaf1130f3d478e88d593f9bfed4a0900153692a16ef407f550ac93fbf5d73824833f34c5555716905110aa6b35ac7315113dc4a9926ec573b732fa240628f943e87e3a21ccb80b8c6c16b3a2f61d84b504309c4d541c82c567f9bd016caf007192b4ca0b7a9aebedfa909e075ff22e98188f5281b730c8d2b7a70293ef06d9df5d75ebec02bc00f88b847e251621652346d6a1b5fdc64677f22fab75fc441751507ab41f712d28ab3de8a55c63b9998c2438758aa627bdb9f25edef14183c9cf461f268d0956ade18f1663c5348fa8d786868b7f411697223262d93f17d0454b02f1778ef85bb", 0x28d}], 0x1) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r2 = gettid() timer_create(0x0, &(0x7f0000000140)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) read$FUSE(r1, &(0x7f0000000040)={0x2020}, 0x2020) r3 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card2/oss_mixer\x00', 0x0, 0x0) fcntl$dupfd(r3, 0x2, 0xffffffffffffffff) r4 = syz_open_dev$ttys(0xc, 0x2, 0x1) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0x14, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b5af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001e00000018010000646c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000840)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000d80)={r6, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000003c0)="76ea090400018000009ba56a88ca", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) r7 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) write$dsp(r7, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) r8 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r8, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r8, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) r10 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r10, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r10, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000240)=[0x0, 0x0, 0x0], &(0x7f0000000200), 0x3, r11}) ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r8, 0xc01864ba, &(0x7f0000000300)={0x18, r12, r9}) ioctl$SNDCTL_DSP_SYNC(r7, 0x5001, 0x0) ioctl$SNDCTL_DSP_RESET(r7, 0x5000, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000000)=0x15) ioctl$TCFLSH(r4, 0x80044704, 0x20000000) r13 = syz_open_dev$rtc(&(0x7f0000002080), 0xdec, 0x400000) splice(r13, 0x0, 0xffffffffffffffff, 0x0, 0x47fb, 0x9) 2.053761765s ago: executing program 2 (id=966): openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) setsockopt(0xffffffffffffffff, 0x0, 0x6, &(0x7f0000002300)="851bf0ea44d0c5de23007aa811723ce9d478a626c148adf492d83475cc071b28032cebb39f1631ab1540db2961cdaedf526c1fb54b4fac98e264684023b2867206697bba1ad08bad9bf765527f8edee2d956bb3d9e210b127baf6808f81adfa9529df7a8d472ced7509817a446f7c8841f27122ab651a7f9314bb22a5a83e75bfc774c481c6133dee4f9be2ebdcd6832aa1ac9b8389c8b21c39ff55f6bb5c82be6395fff2f732069e176204aabe07c42f1e9ac", 0xb3) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) syz_open_dev$loop(0x0, 0x6, 0x82200) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r4 = socket$inet(0xa, 0x801, 0x84) connect$inet(r4, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x100004, 0x44, 0x9, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x1b, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240), 0x0, 0x2, r5}, 0x38) r6 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r6, &(0x7f0000000340)={0x2, 0x4e22, @multicast1}, 0x10) sendto$inet(r6, 0x0, 0x0, 0x28004814, &(0x7f0000000200)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x3e}}, 0x10) poll(&(0x7f00000000c0)=[{r6, 0x8400}], 0x1, 0x4000) 1.812221574s ago: executing program 0 (id=967): bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x14, &(0x7f0000000000)=0x80000001, 0x4) getsockopt$ARPT_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x0, 0x63, 0x0, &(0x7f00000000c0)) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, 0x0, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000180)=0x5, 0x4) r1 = openat$vicodec0(0xffffff9c, &(0x7f0000000000), 0x2, 0x0) r2 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x34324152}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) r4 = syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2) r5 = syz_io_uring_setup(0x239, &(0x7f0000000540)={0x0, 0xffffffff, 0x400, 0x0, 0x2000}, &(0x7f0000000080)=0x0, 0x0) syz_io_uring_submit(r6, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r5, 0x2def, 0x0, 0x0, 0x0, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r4, 0x4020565a, &(0x7f0000000140)={0x3, 0x98f90f, 0x1}) ioctl$VIDIOC_G_EXT_CTRLS(r1, 0xc0185648, 0x0) r7 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) lseek(r7, 0x6, 0x1) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000600)={0x2, 0x0, @multicast2}, 0x10) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) 1.6811374s ago: executing program 1 (id=968): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000", @ANYRES32=0x1, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000220000ff0000000000000000"], 0x50) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x5a, &(0x7f0000000100)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x0, 0x6031, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6(0xa, 0x5, 0x0) setsockopt$sock_int(r2, 0x1, 0x4000000000000002, &(0x7f0000fee000)=0x3fa, 0x4) ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000180)=0x6) bind$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}}, 0x1c) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000080)='veth1_to_bond\x00', 0x10) connect$inet6(r2, &(0x7f0000000240)={0xa, 0x4e22, 0x0, @private1}, 0x1c) r3 = socket$inet6(0xa, 0x5, 0x0) setsockopt$sock_int(r3, 0x1, 0x4000000000000002, &(0x7f0000fee000)=0x3fa, 0x4) connect$inet6(r3, &(0x7f0000000240)={0xa, 0x4e22, 0x0, @private1}, 0x1c) r4 = socket$netlink(0x10, 0x3, 0x4) writev(r4, &(0x7f0000000080)=[{&(0x7f0000000340)="480000001400190d09034beafd0d36020a841a000000230f234e0000a2bc5603ca00000f7f89004e00200000000101ff00c00e03000200000000000000000300005839c900910000", 0x48}], 0x1) ioctl$UFFDIO_UNREGISTER(0xffffffffffffffff, 0xc020aa08, 0x0) r5 = socket$inet_udp(0x2, 0x2, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=ANY=[@ANYBLOB="4800000010000305000000000000000000cf0000", @ANYRES32=0x0, @ANYRES32=r7], 0x48}}, 0x0) close(r7) ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000140)={'bridge0\x00', &(0x7f0000000000)=@ethtool_link_settings={0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, [0x0, 0xd00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}}) ioctl$UFFDIO_ZEROPAGE(0xffffffffffffffff, 0xc020aa04, &(0x7f0000000400)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}}) 1.12007934s ago: executing program 2 (id=969): prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) getpid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(0xffffffffffffffff, 0xc01064bd, &(0x7f0000000040)={&(0x7f00000000c0)="330a69e4"}) sendmsg$NLBL_UNLABEL_C_STATICREMOVE(0xffffffffffffffff, &(0x7f0000003240)={0x0, 0x0, &(0x7f0000003200)={&(0x7f0000003140)={0x50, 0x0, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @private0}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'bridge_slave_1\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}, 0x50}}, 0x0) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000300)={0x0, @in6={{0xa, 0x4e21, 0xfffffff7, @mcast1, 0x8000}}}, &(0x7f0000000000)=0x84) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000070601010000000000000000000000000500010007fb0000"], 0x1c}, 0x1, 0x0, 0x0, 0x4048050}, 0x0) 448.428045ms ago: executing program 0 (id=970): ioctl$VIDIOC_DECODER_CMD(0xffffffffffffffff, 0xc0485660, &(0x7f0000000000)={0x0, 0x2, @raw_data}) r0 = syz_open_dev$sndctrl(&(0x7f00000007c0), 0x2, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r0, 0xc10c5541, &(0x7f0000000000)) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000b00)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000040)='cachefiles_link\x00', r1}, 0x10) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in=@broadcast, @in6=@remote}, {@in6=@remote, 0x0, 0x32}, @in=@dev, {0x8}, {}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'cbc(aes)\x00'}}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x184}, 0x1, 0x0, 0x0, 0x4001}, 0x0) unshare(0x68060200) openat$cuse(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) r3 = openat$cuse(0xffffff9c, &(0x7f00000000c0), 0x2, 0x0) read$FUSE(r3, &(0x7f0000000b40)={0x2020}, 0xfffffffffffffcfe) read$FUSE(0xffffffffffffffff, &(0x7f0000002b80)={0x2020}, 0x2020) getresuid(&(0x7f0000000380), &(0x7f00000003c0), &(0x7f0000000400)) stat(&(0x7f0000000440)='./file0\x00', &(0x7f0000000480)) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='net/ip_tables_names\x00') r5 = socket$inet_tcp(0x2, 0x1, 0x0) ftruncate(0xffffffffffffffff, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r6, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r6, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r6, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x0, @remote}}, 0x0, 0x0, 0x26, 0x0, "8ddbb5062cfd03080000000000e4dc036d58b39fa8d54ee832040000bdfba71bc4b828c7de258b0172a1fc52bca0dd2a000000000000000000001600000000000000000000000000000000000000002c"}, 0xd8) syz_emit_ethernet(0x5e, &(0x7f0000000140)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\b\x00', 0x28, 0x6, 0x0, @remote, @mcast2, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, {[@md5sig={0x13, 0x12, "fb6b9acd8f4e1c92833a2f1e90339d18"}]}}}}}}}}, 0x0) setsockopt$inet_tcp_int(r5, 0x6, 0xc, &(0x7f0000000040), 0x4) clock_adjtime(0x0, &(0x7f0000000180)={0xb770}) lseek(r4, 0x9, 0x0) 242.474725ms ago: executing program 2 (id=971): r0 = socket$alg(0x26, 0x5, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, 0x0, 0x0, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_DESTROY(r4, 0x0, 0x5) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r5 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r5, 0xc1004110, 0x0) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb) openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0) syz_open_dev$dri(0x0, 0x1, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x0) bind$alg(r0, &(0x7f00000005c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(serpent)\x00'}, 0x58) 175.259213ms ago: executing program 1 (id=972): mlockall(0x6) 174.867608ms ago: executing program 1 (id=973): socket$inet6_sctp(0xa, 0x5, 0x84) r0 = socket(0x2c, 0x849a8f14d161f9d7, 0x5f) sendmsg$nl_route_sched(r0, 0x0, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) prlimit64(0x0, 0xd, &(0x7f0000000000)={0x7, 0x100008b}, 0x0) syz_pidfd_open(0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x64, 0x0, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x8140aecc, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000100)=0x400000bce) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) memfd_create(&(0x7f00000024c0)='\x9d#\x00\xe6Z\x00\xafq%\xa5\x83\xa6\xb5\x00\x83y\xf3\xb2\xe6b\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x17?&^\xe1Ob\xe1Y\xd6\xeb\x91\x83;\xeb\xf1\xd0\xe3\xe5\x19T\xff\x01\x00\x00\xe2\x9f\xd9\xae\xcf>/\x05V%$6\x9fU\x86\xbe\xcbx\x00\x00\x00\x15\x00\x00\x00\xa1\xa2\xe0g\x98\xbf*\xa2c\x12.\xb7\xbe`\'\xcb\xb6\xaf\xb2\xae\xda\xa9\xf6\x92\xaf4\xb5|W\r0{\xdc\xa0D\x93.\xf25\x957\xec\xfb\xe6|\\\xe4h\xfc\x14\x06\xb5\xaa\xe6\x05\xe4\xc3\x90\x91\x98\x15\xec\xdb\xaa\t9\x11\xb4\x84$&0\xdd\x19\x86\x90\xbe\xd7\xdc\n\xcbC\x15\xfcp\x11\xdai\f{a?\xd0\xe1{\x84\xb5\x82q\x19\xacS\x88|\x99\xfd\x9eS\x80\xcb\x14G\xfa\xff\xff\xff\xff\xff\xff\xff\xcd\xf0%\x97!\x97.A\x84\x1d\xc2\x86\x89{\xba\xe3J\xc2t\x96\xf8\xb1\xd2\x168\xbf`$\xbf\xca\xea\xa3\x83\x8e-k\x12\xdf\xb9q\xb6Pr\xd4\xb5X\\\xdbD\n\x03G\x00\x04\x00\x00\xbc\xac\x18\xba\x9d\xce\xb3%QF\x03\b\x9dh\xfd\x91\xea\xce\x06\a\xba`\t\xef{h\xb0\xc0:\x8f|\x8f\x06\xf8\x83\x87+nM\x11\x1c\xb0*8\v\x1e\xcf\x03\xd3\xe8,?\x87\x84\\/y\xed\x01#?\xab\x1c\x11\x00\xc5\x8d\x82\x9c\xd6B[\xc9\x00\xf5]\x81\xf3\xfd\x06M\xbe\xf9\xba\x9em\xe9\"\x03\x933P\xa3\xcc\x9b\f\xa7\x8f\x91O\xc9\xb9\x10M\x8b\xd0\xc0\xb8L\xbd\x1c4\xb59\x988\tgC\xbc\xe0\xc5\xf4\xe0E%\xd9\xd8w\x00k\x042Y\xdc\xc5\xe59\xa95\xd1m\xd8hCuZYi\x10D\xb9\xe6\xff\x04K%yH\xe5W\xfb\x82\xac\x19,\\D\x91T\xfd\x9c\xb8\x8b\x88\xa5\xcc\x8fI\x00\xf0\xc9%\n\xa7\xd6\x0f:\xb0\xf5?\xc3\x88\x1e\xbb-\xa6\xecA\x92\xaf\xa4Xl\v\xa5\xca\v|\xe2L\xac\x80\xc7\x15\x96fh\x83\x15\xc7\xea\xd5\xe8\x89W\x11\xd7oC\xe4\x06\xa8[O\xe6\x1d=\x87\x93\x0f\x87I\xdf\xb1\xeb\x89\x11.\x01\x00\r`\x1e8\x94\xb7\xbc\xc3\xad\xf1\x92/(A=A\x8b\xa5I\xd7\xd3#\xb0\x89\x9e5\x12\xa4\x9a\va\xdf\xf4\xea\xc6\xc7\x10g\x1d\xd5\xb0\xbb\xd2\xfc]fC\x8d\x0f\xa6q\x0f\xef\x90\xfe\x94k\xf1\x98\xfa\xbbb\xb1\x00\x99\xf7\xfd\'\xae\x906\xe0\xaa\xdbtWWH\xa4L\xb5po,\xdfN\x0f8\t\xe7X_H\xd4\xe3\xb2,oj\xac\xd7\xbd\xd0\xadW\x1f<\xd0s\xa8\x1f(\x00/ \xe4]@\xf7mA\xe8\xd1\xf4:\xb3\xeb\x81\xb9\x018\x1c\x95%o\x13\xa4\xad\xd8\xf9\xd2\x95\xa8\x81\xbe\xbc\xa6\x14_o\xfb\xdaL\xcb\xda\x9a\xec\xce\xd18&\xfbG\xa1\f\xf4\xd5u\xb0xE)j\x1b\xecL\xa1\xdc\xabUiN\xdet\xc7Q\xe6\xa4\x99-\xba\x16\xe5\xba!\xbdCI#\x03', 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000500)=@raw={'raw\x00', 0x8, 0x3, 0x480, 0x0, 0xa, 0x148, 0x0, 0x10, 0x3e8, 0x2a8, 0x2a8, 0x3e8, 0x2a8, 0x3, 0x0, {[{{@ip={@rand_addr, @multicast1, 0x0, 0x0, 'bridge0\x00', 'rose0\x00'}, 0x0, 0x120, 0x190, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x0, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@inet=@hashlimit1={{0x58}, {'pim6reg0\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x6, 0xa359e000}}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f2f7b90ad2b60c45cb4ea6e7bf902bdc2ff8a9304d9f655c746adc0bdc773506378bc0d27efd6abb05175089830cc46186074d7de46d5af300"}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'pimreg1\x00', 'veth0_to_team\x00'}, 0x0, 0x1f0, 0x258, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'geneve0\x00', {0x0, 0xff, 0x0, 0x0, 0x0, 0x7fff, 0x200}}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz1\x00'}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x4e0) r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) read$FUSE(r6, &(0x7f00000027c0)={0x2020}, 0x2020) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x48}}, 0x0) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0xffffffffffffff18) alarm(0x709abc910000) 174.579955ms ago: executing program 0 (id=974): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="1b0000000000000000fffc000000000000000000", @ANYRES32, @ANYBLOB="fdffff0200"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0400000000000000fdffffff00"/28], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18fcffffffffffffff0000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r2) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) r4 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r4, &(0x7f0000000600), 0x0) ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000f80)={'wlan1\x00', 0x0}) r5 = inotify_init1(0x0) fcntl$setown(r5, 0x8, 0xffffffffffffffff) (async) fcntl$getownex(r5, 0x10, &(0x7f0000000140)={0x0, 0x0}) r7 = syz_open_procfs(r6, &(0x7f0000000600)='fd/4\x00') ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r7, 0xc0506617, &(0x7f0000000280)={@desc={0x1, 0x0, @desc3}, 0x21, 0x0, '\x00', @c}) (async) r8 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$vhost_msg_v2(r8, &(0x7f0000000980)={0x2, 0x0, {0x0, 0x4b, 0x0, 0x0, 0x2}}, 0x48) (async) write$vhost_msg_v2(r8, &(0x7f0000002080)={0x2, 0x0, {&(0x7f0000001f80)=""/152, 0x98, 0x0, 0x0, 0x4}}, 0x48) (async) write$vhost_msg_v2(r8, &(0x7f0000000640)={0x2, 0x0, {&(0x7f0000000740)=""/234, 0xea, 0x0, 0x0, 0x2}}, 0x4f) write$vhost_msg_v2(r8, &(0x7f0000000180)={0x2, 0x0, {&(0x7f0000000a00)=""/87, 0x57, 0x0, 0x0, 0x2}}, 0x48) write$vhost_msg_v2(r8, &(0x7f0000001f00)={0x2, 0x0, {&(0x7f00000004c0)=""/110, 0x6e, 0x0, 0x2, 0x2}}, 0x48) (async) write$vhost_msg_v2(r7, &(0x7f0000000200)={0x2, 0x0, {&(0x7f0000000840)=""/211, 0xd3, 0x0, 0x0, 0x2}}, 0x48) write$vhost_msg_v2(r8, &(0x7f00000003c0)={0x2, 0x0, {&(0x7f00000002c0)=""/119, 0xfca2, 0x0, 0x0, 0x3}}, 0x48) r9 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE_wg(r9, 0x1, 0x19, &(0x7f00000000c0)='wg0\x00', 0x4) r10 = socket$nl_generic(0x10, 0x3, 0x10) (async) openat$ttyS3(0xffffff9c, &(0x7f0000000340), 0x92000, 0x0) sendmsg$nl_generic(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="3000005d0d00090000000000fedbdf250100000008000000050000001400b2f2fb020000bc0200000000000000000001"], 0x30}, 0x1, 0x0, 0x0, 0x4800}, 0x10000) (async) connect$inet(r9, &(0x7f0000000480)={0x2, 0x4, @private=0xa010100}, 0x10) sendmmsg(r3, &(0x7f0000000bc0)=[{{&(0x7f0000000580)=@alg={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l\x00'}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000040)="a869cd0ceb3b558c09b7620c2f313bbe9f3f540e419f72f00f87a66aeab57d5edf", 0x21}], 0x1, &(0x7f0000000b00)=[{0x80, 0x10f, 0x7d, "ffcef5ec21762fa2fc8ec8642ff49c909b950c0d6b6a37cefd1c8491172cba3a9864d124642457eabfb00a12e1790fe87af2355fd499e7763ba6f370de576d1f60559a99ddc516695dc11bbdac9eaac8d9dbd5e25d98c1b332e4e8fb89c3da19e07568cfa3351b2b6887e8540f86"}, {0x28, 0x112, 0x4, "9f96e8f23e9ed59af322e8ec84657a53b91374"}], 0xa8}}], 0x1, 0x91) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d) 0s ago: executing program 3 (id=975): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x86, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r1, &(0x7f0000003000)=@file={0x1}, 0x6e) bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0x0, @none, 0x0, 0x2}, 0x5c) getsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, &(0x7f00000000c0), &(0x7f0000000140)=0x2) r2 = socket$unix(0x1, 0x1, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$bt_BT_SECURITY(r3, 0x10e, 0x4, 0x0, 0xf0ff1f00000000) bind$unix(r2, &(0x7f0000003000)=@abs={0x1}, 0x6e) syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_REFINE(0xffffffffffffffff, 0xc2604110, 0x0) keyctl$dh_compute(0x17, &(0x7f00000000c0), &(0x7f0000000200)=""/172, 0xac, &(0x7f0000000400)={&(0x7f0000000180)={'crc32-generic\x00'}, &(0x7f00000003c0)}) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_ADD(r4, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="200000001600156f0000000000000000030000", @ANYRES32=0x0, @ANYBLOB], 0x20}}, 0x0) r5 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8b04, &(0x7f0000000000)={'wlan1\x00'}) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='dctcp\x00', 0x6) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) r6 = socket$rds(0x15, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r6, 0x114, 0x8, &(0x7f0000000080)=0x1, 0x4) recvmsg(r0, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x200045ca}], 0x1, 0x0, 0x46, 0x407006}, 0x104) kernel console output (not intermixed with test programs): SK> [ 84.971983][ T6198] dump_stack_lvl+0x16c/0x1f0 [ 84.973971][ T6198] should_fail_ex+0x497/0x5b0 [ 84.975857][ T6198] should_failslab+0xc2/0x120 [ 84.977730][ T6198] __kmalloc_cache_noprof+0x6b/0x300 [ 84.979616][ T6198] ? stack_depot_init+0x39/0x120 [ 84.981454][ T6198] ? __hw_addr_add_ex+0x3c8/0x7c0 [ 84.983359][ T6198] __hw_addr_add_ex+0x3c8/0x7c0 [ 84.985161][ T6198] ? __pfx___hw_addr_add_ex+0x10/0x10 [ 84.986995][ T6198] ? __mutex_unlock_slowpath+0x164/0x650 [ 84.988523][ T6198] ? irqentry_exit+0x3b/0x90 [ 84.989755][ T6198] dev_addr_init+0x162/0x250 [ 84.990981][ T6198] ? __pfx_dev_addr_init+0x10/0x10 [ 84.992330][ T6198] alloc_netdev_mqs+0x3c9/0x1420 [ 84.994154][ T6198] ? __pfx_ip6_tnl_dev_setup+0x10/0x10 [ 84.996231][ T6198] rtnl_create_link+0xc10/0xfa0 [ 84.998106][ T6198] __rtnl_newlink+0x10ae/0x1920 [ 84.999497][ T6198] ? __pfx___rtnl_newlink+0x10/0x10 [ 85.001064][ T6198] rtnl_newlink+0x67/0xa0 [ 85.002352][ T6198] ? __pfx_rtnl_newlink+0x10/0x10 [ 85.003912][ T6198] rtnetlink_rcv_msg+0x3c7/0xea0 [ 85.005405][ T6198] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 85.006966][ T6198] netlink_rcv_skb+0x16b/0x440 [ 85.008403][ T6198] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 85.010056][ T6198] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 85.011550][ T6198] ? netlink_deliver_tap+0x1ae/0xd90 [ 85.013172][ T6198] netlink_unicast+0x53c/0x7f0 [ 85.014488][ T6198] ? __pfx_netlink_unicast+0x10/0x10 [ 85.015893][ T6198] netlink_sendmsg+0x8b8/0xd70 [ 85.017195][ T6198] ? __pfx_netlink_sendmsg+0x10/0x10 [ 85.018666][ T6198] ? __import_iovec+0x1fd/0x6e0 [ 85.020084][ T6198] ____sys_sendmsg+0xaaf/0xc90 [ 85.021464][ T6198] ? copy_msghdr_from_user+0x10b/0x160 [ 85.023118][ T6198] ? __pfx_____sys_sendmsg+0x10/0x10 [ 85.024613][ T6198] ? __pfx___lock_acquire+0x10/0x10 [ 85.026011][ T6198] ___sys_sendmsg+0x135/0x1e0 [ 85.027289][ T6198] ? __pfx____sys_sendmsg+0x10/0x10 [ 85.028730][ T6198] ? lock_acquire+0x2f/0xb0 [ 85.029948][ T6198] ? __fget_files+0x40/0x3f0 [ 85.031194][ T6198] ? fdget+0x176/0x210 [ 85.032282][ T6198] __sys_sendmsg+0x117/0x1f0 [ 85.033529][ T6198] ? __pfx___sys_sendmsg+0x10/0x10 [ 85.034874][ T6198] ? __fget_files+0x244/0x3f0 [ 85.036131][ T6198] do_syscall_64+0xcd/0x250 [ 85.037364][ T6198] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.038960][ T6198] RIP: 0033:0x7ff6b737dff9 [ 85.040265][ T6198] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.045350][ T6198] RSP: 002b:00007ff6b81e3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 85.047578][ T6198] RAX: ffffffffffffffda RBX: 00007ff6b7535f80 RCX: 00007ff6b737dff9 [ 85.049863][ T6198] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 85.052006][ T6198] RBP: 00007ff6b81e3090 R08: 0000000000000000 R09: 0000000000000000 [ 85.054239][ T6198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 85.056403][ T6198] R13: 0000000000000000 R14: 00007ff6b7535f80 R15: 00007ffed0eb21e8 [ 85.058684][ T6198] [ 85.201103][ T39] kauditd_printk_skb: 5 callbacks suppressed [ 85.201121][ T39] audit: type=1400 audit(1728533536.422:377): avc: denied { shutdown } for pid=6204 comm="syz.0.233" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 85.248007][ T6212] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.234'. [ 86.000291][ T39] audit: type=1400 audit(1728533537.222:378): avc: denied { setopt } for pid=6223 comm="syz.3.238" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 86.120889][ T6227] netlink: 12 bytes leftover after parsing attributes in process `syz.3.238'. [ 86.564624][ T8] usb 7-1: USB disconnect, device number 2 [ 86.572590][ T8] iowarrior 7-1:0.1: I/O-Warror #0 now disconnected [ 86.809186][ T6235] IPVS: Scheduler module ip_vs_sip not found [ 86.861787][ T6235] syz.1.240 (6235) used greatest stack depth: 21360 bytes left [ 86.930457][ T6242] Bluetooth: MGMT ver 1.23 [ 86.935750][ T6242] netlink: 'syz.1.242': attribute type 9 has an invalid length. [ 86.939963][ T6242] netlink: 134660 bytes leftover after parsing attributes in process `syz.1.242'. [ 86.948858][ T39] audit: type=1400 audit(1728533538.172:379): avc: denied { ioctl } for pid=6241 comm="syz.1.242" path="socket:[12656]" dev="sockfs" ino=12656 ioctlcmd=0x671f scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 86.979126][ T39] audit: type=1400 audit(1728533538.172:380): avc: denied { accept } for pid=6241 comm="syz.1.242" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1 [ 87.193943][ T6246] netlink: 20 bytes leftover after parsing attributes in process `syz.3.243'. [ 88.637654][ T39] audit: type=1400 audit(1728533539.862:381): avc: denied { write } for pid=6266 comm="syz.3.249" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 88.981742][ T6271] netlink: 4 bytes leftover after parsing attributes in process `syz.3.250'. [ 89.116122][ T39] audit: type=1400 audit(1728533540.212:382): avc: denied { create } for pid=6268 comm="syz.3.250" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 89.142286][ T39] audit: type=1400 audit(1728533540.212:383): avc: denied { setopt } for pid=6268 comm="syz.3.250" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 89.531433][ T39] audit: type=1400 audit(1728533540.752:384): avc: denied { create } for pid=6276 comm="syz.0.252" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 89.541576][ T39] audit: type=1400 audit(1728533540.762:385): avc: denied { create } for pid=6276 comm="syz.0.252" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 89.549133][ T39] audit: type=1400 audit(1728533540.762:386): avc: denied { setopt } for pid=6276 comm="syz.0.252" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 89.816126][ T1287] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 89.966052][ T1287] usb 5-1: Using ep0 maxpacket: 32 [ 89.968832][ T1287] usb 5-1: config 0 has no interfaces? [ 89.970431][ T1287] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 89.972832][ T1287] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 89.976492][ T1287] usb 5-1: config 0 descriptor?? [ 90.242565][ T39] kauditd_printk_skb: 1 callbacks suppressed [ 90.242578][ T39] audit: type=1400 audit(1728533541.462:388): avc: denied { ioctl } for pid=6276 comm="syz.0.252" path="/dev/ptyq5" dev="devtmpfs" ino=132 ioctlcmd=0x5420 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 91.868236][ T39] audit: type=1400 audit(1728533543.092:389): avc: denied { getopt } for pid=6306 comm="syz.1.261" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 92.896951][ T5399] usb 5-1: USB disconnect, device number 2 [ 93.264543][ T39] audit: type=1326 audit(1728533544.482:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6325 comm="syz.0.268" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc95117dff9 code=0x7ffc0000 [ 93.271937][ T39] audit: type=1326 audit(1728533544.482:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6325 comm="syz.0.268" exe="/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7fc95117dff9 code=0x7ffc0000 [ 93.280933][ T39] audit: type=1326 audit(1728533544.482:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6325 comm="syz.0.268" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc95117dff9 code=0x7ffc0000 [ 93.289529][ T39] audit: type=1326 audit(1728533544.482:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6325 comm="syz.0.268" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc95117dff9 code=0x7ffc0000 [ 93.297979][ T39] audit: type=1326 audit(1728533544.492:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6325 comm="syz.0.268" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc95117dff9 code=0x7ffc0000 [ 93.305834][ T39] audit: type=1326 audit(1728533544.492:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6325 comm="syz.0.268" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc95117dff9 code=0x7ffc0000 [ 93.313595][ T39] audit: type=1326 audit(1728533544.492:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6325 comm="syz.0.268" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc95117dff9 code=0x7ffc0000 [ 93.321507][ T39] audit: type=1326 audit(1728533544.492:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6325 comm="syz.0.268" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc95117dff9 code=0x7ffc0000 [ 93.344261][ T6326] netlink: 'syz.0.268': attribute type 10 has an invalid length. [ 93.569944][ T6335] netlink: 8 bytes leftover after parsing attributes in process `syz.1.270'. [ 94.606058][ T1287] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 94.786141][ T1287] usb 7-1: Using ep0 maxpacket: 32 [ 94.797445][ T1287] usb 7-1: config 0 has no interfaces? [ 94.799575][ T1287] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 94.802957][ T1287] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 94.807521][ T1287] usb 7-1: config 0 descriptor?? [ 94.896317][ T6363] netlink: 8 bytes leftover after parsing attributes in process `syz.0.278'. [ 94.899558][ T6363] netlink: 8 bytes leftover after parsing attributes in process `syz.0.278'. [ 95.080750][ T6365] netlink: 8 bytes leftover after parsing attributes in process `syz.1.279'. [ 95.083822][ T6365] netlink: 8 bytes leftover after parsing attributes in process `syz.1.279'. [ 95.648726][ T6371] FAULT_INJECTION: forcing a failure. [ 95.648726][ T6371] name failslab, interval 1, probability 0, space 0, times 0 [ 95.652270][ T6371] CPU: 1 UID: 0 PID: 6371 Comm: syz.3.281 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0 [ 95.655139][ T6371] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 95.658300][ T6371] Call Trace: [ 95.659171][ T6371] [ 95.660440][ T6371] dump_stack_lvl+0x16c/0x1f0 [ 95.661947][ T6371] should_fail_ex+0x497/0x5b0 [ 95.663221][ T6371] should_failslab+0xc2/0x120 [ 95.664535][ T6371] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 95.666113][ T6371] ? skb_clone+0x190/0x3f0 [ 95.667489][ T6371] skb_clone+0x190/0x3f0 [ 95.668968][ T6371] netlink_deliver_tap+0xab3/0xd90 [ 95.670402][ T6371] netlink_unicast+0x5e1/0x7f0 [ 95.671668][ T6371] ? __pfx_netlink_unicast+0x10/0x10 [ 95.673058][ T6371] netlink_sendmsg+0x8b8/0xd70 [ 95.674331][ T6371] ? __pfx_netlink_sendmsg+0x10/0x10 [ 95.675744][ T6371] ? __import_iovec+0x1fd/0x6e0 [ 95.677075][ T6371] ____sys_sendmsg+0xaaf/0xc90 [ 95.678496][ T6371] ? copy_msghdr_from_user+0x10b/0x160 [ 95.679919][ T6371] ? __pfx_____sys_sendmsg+0x10/0x10 [ 95.681584][ T6371] ? __pfx___lock_acquire+0x10/0x10 [ 95.683042][ T6371] ___sys_sendmsg+0x135/0x1e0 [ 95.684313][ T6371] ? __pfx____sys_sendmsg+0x10/0x10 [ 95.685861][ T6371] ? lock_acquire+0x2f/0xb0 [ 95.687150][ T6371] ? __fget_files+0x40/0x3f0 [ 95.688648][ T6371] ? fdget+0x176/0x210 [ 95.690079][ T6371] __sys_sendmsg+0x117/0x1f0 [ 95.691364][ T6371] ? __pfx___sys_sendmsg+0x10/0x10 [ 95.692866][ T6371] ? __fget_files+0x244/0x3f0 [ 95.694136][ T6371] do_syscall_64+0xcd/0x250 [ 95.695354][ T6371] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.696928][ T6371] RIP: 0033:0x7ff6b737dff9 [ 95.698305][ T6371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 95.704631][ T6371] RSP: 002b:00007ff6b81e3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 95.707232][ T6371] RAX: ffffffffffffffda RBX: 00007ff6b7535f80 RCX: 00007ff6b737dff9 [ 95.709457][ T6371] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000003 [ 95.711557][ T6371] RBP: 00007ff6b81e3090 R08: 0000000000000000 R09: 0000000000000000 [ 95.713667][ T6371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 95.716231][ T6371] R13: 0000000000000000 R14: 00007ff6b7535f80 R15: 00007ffed0eb21e8 [ 95.719270][ T6371] [ 95.779599][ T39] kauditd_printk_skb: 50 callbacks suppressed [ 95.779618][ T39] audit: type=1400 audit(1728533547.002:448): avc: denied { write } for pid=6372 comm="syz.3.282" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 96.173950][ T39] audit: type=1400 audit(1728533547.392:449): avc: denied { bind } for pid=6377 comm="syz.0.284" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 96.183902][ T39] audit: type=1400 audit(1728533547.392:450): avc: denied { name_bind } for pid=6377 comm="syz.0.284" src=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1 [ 96.195263][ T39] audit: type=1400 audit(1728533547.392:451): avc: denied { node_bind } for pid=6377 comm="syz.0.284" src=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1 [ 97.089576][ T6394] overlayfs: failed to resolve './file1': -2 [ 97.129822][ T39] audit: type=1400 audit(1728533548.352:452): avc: denied { read write } for pid=6395 comm="syz.1.290" name="vhost-vsock" dev="devtmpfs" ino=1115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 97.137544][ T39] audit: type=1400 audit(1728533548.352:453): avc: denied { open } for pid=6395 comm="syz.1.290" path="/dev/vhost-vsock" dev="devtmpfs" ino=1115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 97.145499][ T39] audit: type=1400 audit(1728533548.352:454): avc: denied { ioctl } for pid=6395 comm="syz.1.290" path="/dev/vhost-vsock" dev="devtmpfs" ino=1115 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 97.357975][ T5399] usb 7-1: USB disconnect, device number 3 [ 97.666081][ T30] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 97.682525][ T6412] netlink: 8 bytes leftover after parsing attributes in process `syz.2.292'. [ 97.685784][ T6412] netlink: 8 bytes leftover after parsing attributes in process `syz.2.292'. [ 97.714207][ T6415] netlink: 20 bytes leftover after parsing attributes in process `syz.0.295'. [ 97.826040][ T30] usb 8-1: Using ep0 maxpacket: 8 [ 97.830332][ T30] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 97.834254][ T30] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 97.839518][ T30] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 29535, setting to 64 [ 97.843594][ T30] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 97.847064][ T30] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 97.852665][ T30] hub 8-1:1.0: bad descriptor, ignoring hub [ 97.854823][ T30] hub 8-1:1.0: probe with driver hub failed with error -5 [ 97.859895][ T30] cdc_wdm 8-1:1.0: skipping garbage [ 97.862934][ T30] cdc_wdm 8-1:1.0: skipping garbage [ 97.865071][ T30] cdc_wdm 8-1:1.0: probe with driver cdc_wdm failed with error -22 [ 97.996118][ T5340] Bluetooth: hci2: link tx timeout [ 97.998388][ T5340] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 98.140912][ T6421] netlink: 20 bytes leftover after parsing attributes in process `syz.1.297'. [ 98.167957][ T56] usb 8-1: USB disconnect, device number 3 [ 99.217050][ T56] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 99.596016][ T56] usb 7-1: Using ep0 maxpacket: 32 [ 99.604541][ T56] usb 7-1: config 0 has no interfaces? [ 99.606148][ T56] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 99.609007][ T56] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 99.614835][ T56] usb 7-1: config 0 descriptor?? [ 99.901618][ T39] audit: type=1400 audit(1728533551.122:455): avc: denied { ioctl } for pid=6443 comm="syz.0.304" path="/dev/sg0" dev="devtmpfs" ino=705 ioctlcmd=0x2285 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 99.901631][ T5343] Bluetooth: hci2: link tx timeout [ 99.913910][ T5343] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 99.969047][ T39] audit: type=1400 audit(1728533551.192:456): avc: denied { ioctl } for pid=6449 comm="syz.1.306" path="socket:[13689]" dev="sockfs" ino=13689 ioctlcmd=0x8905 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 100.016098][ T5343] Bluetooth: hci2: command 0x0406 tx timeout [ 100.229357][ T6459] FAULT_INJECTION: forcing a failure. [ 100.229357][ T6459] name failslab, interval 1, probability 0, space 0, times 0 [ 100.233257][ T6459] CPU: 2 UID: 0 PID: 6459 Comm: syz.0.309 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0 [ 100.236330][ T6459] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 100.239343][ T6459] Call Trace: [ 100.240270][ T6459] [ 100.241036][ T6459] dump_stack_lvl+0x16c/0x1f0 [ 100.242246][ T6459] should_fail_ex+0x497/0x5b0 [ 100.243459][ T6459] ? fs_reclaim_acquire+0xae/0x160 [ 100.244749][ T6459] should_failslab+0xc2/0x120 [ 100.245971][ T6459] __kmalloc_noprof+0xcb/0x400 [ 100.247226][ T6459] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 100.248690][ T6459] tomoyo_realpath_from_path+0xb9/0x720 [ 100.250221][ T6459] ? tomoyo_path_number_perm+0x232/0x590 [ 100.251622][ T6459] tomoyo_path_number_perm+0x245/0x590 [ 100.253093][ T6459] ? tomoyo_path_number_perm+0x232/0x590 [ 100.254449][ T6459] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 100.255821][ T6459] ? trace_lock_acquire+0x14a/0x1d0 [ 100.257229][ T6459] ? lock_acquire+0x2f/0xb0 [ 100.258387][ T6459] ? __fget_files+0x40/0x3f0 [ 100.259618][ T6459] ? __fget_files+0x244/0x3f0 [ 100.260814][ T6459] security_file_ioctl+0x9b/0x240 [ 100.262139][ T6459] __x64_sys_ioctl+0xbb/0x220 [ 100.263347][ T6459] do_syscall_64+0xcd/0x250 [ 100.264536][ T6459] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.266095][ T6459] RIP: 0033:0x7fc95117dff9 [ 100.267237][ T6459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 100.271969][ T6459] RSP: 002b:00007fc951ed5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 100.274065][ T6459] RAX: ffffffffffffffda RBX: 00007fc951335f80 RCX: 00007fc95117dff9 [ 100.276019][ T6459] RDX: 0000000000000000 RSI: 0000000000008905 RDI: 0000000000000003 [ 100.278094][ T6459] RBP: 00007fc951ed5090 R08: 0000000000000000 R09: 0000000000000000 [ 100.280102][ T6459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 100.282101][ T6459] R13: 0000000000000000 R14: 00007fc951335f80 R15: 00007fff025a8e28 [ 100.284106][ T6459] [ 100.286131][ T6459] ERROR: Out of memory at tomoyo_realpath_from_path. [ 100.319541][ T6462] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not our slave [ 100.322205][ T6462] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1) [ 100.343858][ T6463] netlink: 8 bytes leftover after parsing attributes in process `syz.3.308'. [ 100.347314][ T6463] netlink: 8 bytes leftover after parsing attributes in process `syz.3.308'. [ 100.347703][ T39] audit: type=1400 audit(1728533551.572:457): avc: denied { write } for pid=6461 comm="syz.0.310" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 100.356196][ T30] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 100.516006][ T30] usb 6-1: Using ep0 maxpacket: 8 [ 100.518808][ T30] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 100.521894][ T30] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 100.525101][ T30] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 29535, setting to 64 [ 100.529273][ T30] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 100.537747][ T30] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 100.539515][ T6466] netlink: 8 bytes leftover after parsing attributes in process `syz.0.311'. [ 100.547763][ T30] hub 6-1:1.0: bad descriptor, ignoring hub [ 100.552367][ T30] hub 6-1:1.0: probe with driver hub failed with error -5 [ 100.559950][ T30] cdc_wdm 6-1:1.0: skipping garbage [ 100.563082][ T30] cdc_wdm 6-1:1.0: skipping garbage [ 100.564858][ T30] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22 [ 101.058027][ T8] usb 6-1: USB disconnect, device number 2 [ 101.340759][ T6475] netlink: 208 bytes leftover after parsing attributes in process `syz.1.314'. [ 101.752340][ T39] kauditd_printk_skb: 2 callbacks suppressed [ 101.752360][ T39] audit: type=1400 audit(1728533552.972:460): avc: denied { connect } for pid=6480 comm="syz.0.316" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 101.803714][ T39] audit: type=1400 audit(1728533553.022:461): avc: denied { shutdown } for pid=6480 comm="syz.0.316" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 101.914968][ T30] usb 7-1: USB disconnect, device number 4 [ 101.943221][ T6486] overlayfs: failed to resolve './file0': -2 [ 101.953013][ T6487] bond_slave_0: entered promiscuous mode [ 101.955399][ T6487] bond_slave_1: entered promiscuous mode [ 101.957880][ T6487] macsec1: entered promiscuous mode [ 101.959718][ T6487] bond0: entered promiscuous mode [ 101.961651][ T6487] macsec1: entered allmulticast mode [ 101.963453][ T6487] bond0: entered allmulticast mode [ 101.965215][ T6487] bond_slave_0: entered allmulticast mode [ 101.968786][ T6487] bond_slave_1: entered allmulticast mode [ 101.972903][ T6487] bond0: left allmulticast mode [ 101.974704][ T6487] bond_slave_0: left allmulticast mode [ 101.976986][ T6487] bond_slave_1: left allmulticast mode [ 101.979003][ T6487] bond0: left promiscuous mode [ 101.981092][ T6487] bond_slave_0: left promiscuous mode [ 101.983063][ T6487] bond_slave_1: left promiscuous mode [ 102.341928][ T6494] netlink: 8 bytes leftover after parsing attributes in process `syz.2.320'. [ 103.376430][ T58] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 103.464610][ T6516] netlink: 8 bytes leftover after parsing attributes in process `syz.2.325'. [ 103.470988][ T6516] netlink: 8 bytes leftover after parsing attributes in process `syz.2.325'. [ 103.536075][ T58] usb 6-1: Using ep0 maxpacket: 8 [ 103.539292][ T58] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 103.542235][ T58] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 103.544716][ T58] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 29535, setting to 64 [ 103.548044][ T58] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 103.550762][ T58] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 103.561527][ T58] hub 6-1:1.0: bad descriptor, ignoring hub [ 103.563880][ T58] hub 6-1:1.0: probe with driver hub failed with error -5 [ 103.566784][ T58] cdc_wdm 6-1:1.0: skipping garbage [ 103.568629][ T58] cdc_wdm 6-1:1.0: skipping garbage [ 103.569986][ T58] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22 [ 103.879568][ T35] usb 6-1: USB disconnect, device number 3 [ 103.888901][ T39] audit: type=1400 audit(1728533555.112:462): avc: denied { rename } for pid=4817 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 103.899021][ T39] audit: type=1400 audit(1728533555.112:463): avc: denied { unlink } for pid=4817 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 103.909648][ T39] audit: type=1400 audit(1728533555.112:464): avc: denied { create } for pid=4817 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 104.347329][ T6523] nfs4: Unknown parameter 'x00000000000000ff' [ 104.357118][ T5397] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 104.506059][ T5397] usb 8-1: Using ep0 maxpacket: 32 [ 104.509417][ T5397] usb 8-1: config 0 has no interfaces? [ 104.510932][ T5397] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 104.513644][ T5397] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 104.517309][ T5397] usb 8-1: config 0 descriptor?? [ 105.746089][ T58] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 105.907335][ T58] usb 6-1: Using ep0 maxpacket: 8 [ 105.912462][ T58] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 105.916452][ T58] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 105.920087][ T58] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 29535, setting to 64 [ 105.923261][ T58] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 105.925617][ T58] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 105.932785][ T58] hub 6-1:1.0: bad descriptor, ignoring hub [ 105.935012][ T58] hub 6-1:1.0: probe with driver hub failed with error -5 [ 105.936266][ T6556] FAULT_INJECTION: forcing a failure. [ 105.936266][ T6556] name failslab, interval 1, probability 0, space 0, times 0 [ 105.937974][ T58] cdc_wdm 6-1:1.0: skipping garbage [ 105.941996][ T6556] CPU: 0 UID: 0 PID: 6556 Comm: syz.2.338 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0 [ 105.944014][ T58] cdc_wdm 6-1:1.0: skipping garbage [ 105.947971][ T6556] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 105.947988][ T6556] Call Trace: [ 105.947995][ T6556] [ 105.948005][ T6556] dump_stack_lvl+0x16c/0x1f0 [ 105.948038][ T6556] should_fail_ex+0x497/0x5b0 [ 105.948067][ T6556] ? fs_reclaim_acquire+0xae/0x160 [ 105.948089][ T6556] should_failslab+0xc2/0x120 [ 105.948112][ T6556] __kmalloc_cache_noprof+0x6b/0x300 [ 105.948131][ T6556] ? __lock_acquire+0x163e/0x3ce0 [ 105.948149][ T6556] ? usb_control_msg+0xbd/0x4b0 [ 105.950133][ T58] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22 [ 105.953876][ T6556] usb_control_msg+0xbd/0x4b0 [ 105.973228][ T6556] ? __pfx_usb_control_msg+0x10/0x10 [ 105.975117][ T6556] ? __pfx___lock_acquire+0x10/0x10 [ 105.976933][ T6556] hub_ext_port_status+0x14e/0x670 [ 105.978763][ T6556] hub_activate+0x6e6/0x1be0 [ 105.980433][ T6556] ? __pfx_hub_activate+0x10/0x10 [ 105.982206][ T6556] ? preempt_schedule_irq+0x50/0x90 [ 105.984008][ T6556] ? __pfx_lock_release+0x10/0x10 [ 105.985776][ T6556] hub_resume+0xaa/0x3f0 [ 105.987256][ T6556] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 105.989399][ T6556] ? __pfx_hub_resume+0x10/0x10 [ 105.991506][ T6556] ? __pfx_hcd_bus_resume+0x10/0x10 [ 105.993629][ T6556] usb_resume_interface.constprop.0.isra.0+0x2c8/0x3e0 [ 105.996016][ T6556] usb_resume_both+0x274/0x800 [ 105.997733][ T6556] ? __pfx_usb_resume_both+0x10/0x10 [ 105.999667][ T6556] ? __pfx_usb_runtime_resume+0x10/0x10 [ 106.001718][ T6556] __rpm_callback+0xc5/0x4c0 [ 106.003377][ T6556] ? __pfx_usb_runtime_resume+0x10/0x10 [ 106.005297][ T6556] rpm_callback+0x192/0x1d0 [ 106.006855][ T6556] ? __pfx_usb_runtime_resume+0x10/0x10 [ 106.008773][ T6556] rpm_resume+0xd2c/0x1330 [ 106.010321][ T6556] ? lock_acquire.part.0+0xf0/0x380 [ 106.012110][ T6556] ? __pfx_rpm_resume+0x10/0x10 [ 106.013787][ T6556] ? do_raw_spin_lock+0x12d/0x2c0 [ 106.015520][ T6556] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 106.017365][ T6556] ? lock_acquire+0x2f/0xb0 [ 106.018896][ T6556] ? __pm_runtime_resume+0xa9/0x170 [ 106.020697][ T6556] __pm_runtime_resume+0xb6/0x170 [ 106.022427][ T6556] usb_autoresume_device+0x23/0xe0 [ 106.024188][ T6556] usbdev_open+0x22a/0x8c0 [ 106.025806][ T6556] ? kobject_get_unless_zero+0x157/0x1e0 [ 106.027774][ T6556] ? __pfx_usbdev_open+0x10/0x10 [ 106.029512][ T6556] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 106.031368][ T6556] ? lock_acquire+0x2f/0xb0 [ 106.032932][ T6556] ? chrdev_open+0x80/0x6a0 [ 106.034510][ T6556] ? __pfx_usbdev_open+0x10/0x10 [ 106.036173][ T6556] chrdev_open+0x237/0x6a0 [ 106.037700][ T6556] ? __pfx_chrdev_open+0x10/0x10 [ 106.039392][ T6556] ? security_file_open+0x62a/0x9d0 [ 106.041171][ T6556] do_dentry_open+0x6ca/0x1530 [ 106.042770][ T6556] ? __pfx_chrdev_open+0x10/0x10 [ 106.044467][ T6556] ? inode_permission+0xdd/0x5f0 [ 106.046175][ T6556] vfs_open+0x82/0x3f0 [ 106.047559][ T6556] ? may_open+0x1f2/0x400 [ 106.049037][ T6556] path_openat+0x1e6a/0x2d60 [ 106.050642][ T6556] ? __pfx_path_openat+0x10/0x10 [ 106.052333][ T6556] ? __pfx___lock_acquire+0x10/0x10 [ 106.054099][ T6556] do_filp_open+0x1dc/0x430 [ 106.055656][ T6556] ? __pfx_do_filp_open+0x10/0x10 [ 106.057402][ T6556] ? find_held_lock+0x2d/0x110 [ 106.059070][ T6556] ? _raw_spin_unlock+0x28/0x50 [ 106.060738][ T6556] ? alloc_fd+0x2d7/0x6c0 [ 106.062246][ T6556] do_sys_openat2+0x17a/0x1e0 [ 106.063863][ T6556] ? __pfx_do_sys_openat2+0x10/0x10 [ 106.065664][ T6556] ? do_user_addr_fault+0xe50/0x13f0 [ 106.067488][ T6556] ? __pfx_lock_release+0x10/0x10 [ 106.069221][ T6556] ? trace_lock_acquire+0x14a/0x1d0 [ 106.071030][ T6556] __x64_sys_openat+0x175/0x210 [ 106.072712][ T6556] ? __pfx___x64_sys_openat+0x10/0x10 [ 106.074570][ T6556] ? do_user_addr_fault+0x83d/0x13f0 [ 106.076402][ T6556] do_syscall_64+0xcd/0x250 [ 106.078039][ T6556] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 106.080073][ T6556] RIP: 0033:0x7fddd577c990 [ 106.081612][ T6556] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 19 8f 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 6c 8f 02 00 8b 44 [ 106.088141][ T6556] RSP: 002b:00007fddd6660b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 106.090972][ T6556] RAX: ffffffffffffffda RBX: 0000000000004180 RCX: 00007fddd577c990 [ 106.093690][ T6556] RDX: 0000000000004180 RSI: 00007fddd6660c10 RDI: 00000000ffffff9c [ 106.096385][ T6556] RBP: 00007fddd6660c10 R08: 0000000000000000 R09: 0000000000000000 [ 106.099084][ T6556] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 106.101772][ T6556] R13: 0000000000000001 R14: 00007fddd5935f80 R15: 00007ffe6db86208 [ 106.104472][ T6556] [ 106.107339][ T6556] hub 1-0:1.0: hub_ext_port_status failed (err = -12) [ 106.141463][ T39] audit: type=1400 audit(1728533557.362:465): avc: denied { append } for pid=6557 comm="syz.2.339" name="001" dev="devtmpfs" ino=751 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 106.711604][ T6572] syz.2.343 uses obsolete (PF_INET,SOCK_PACKET) [ 107.083231][ T56] usb 8-1: USB disconnect, device number 4 [ 107.744516][ T6584] netlink: 208 bytes leftover after parsing attributes in process `syz.2.347'. [ 108.433912][ T39] audit: type=1400 audit(1728533559.652:466): avc: denied { write } for pid=6599 comm="syz.3.353" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 108.543306][ T6604] netlink: 8 bytes leftover after parsing attributes in process `syz.3.354'. [ 108.844541][ T30] usb 6-1: reset high-speed USB device number 4 using dummy_hcd [ 108.847961][ T30] usb 6-1: device reset changed ep0 maxpacket size! [ 108.852139][ T30] usb 6-1: USB disconnect, device number 4 [ 109.249134][ T30] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 109.406002][ T30] usb 6-1: Using ep0 maxpacket: 32 [ 109.409987][ T30] usb 6-1: config 0 has no interfaces? [ 109.412023][ T30] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 109.415016][ T30] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.422792][ T30] usb 6-1: config 0 descriptor?? [ 110.046036][ T30] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 110.196026][ T30] usb 7-1: Using ep0 maxpacket: 8 [ 110.199545][ T30] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 110.202212][ T30] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 110.204492][ T30] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 29535, setting to 64 [ 110.208013][ T30] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 110.210394][ T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 110.214462][ T30] hub 7-1:1.0: bad descriptor, ignoring hub [ 110.216144][ T30] hub 7-1:1.0: probe with driver hub failed with error -5 [ 110.218349][ T30] cdc_wdm 7-1:1.0: skipping garbage [ 110.219790][ T30] cdc_wdm 7-1:1.0: skipping garbage [ 110.221118][ T30] cdc_wdm 7-1:1.0: probe with driver cdc_wdm failed with error -22 [ 110.394112][ T6634] netlink: 8 bytes leftover after parsing attributes in process `syz.0.363'. [ 111.653184][ T6649] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 111.674054][ T6649] FAULT_INJECTION: forcing a failure. [ 111.674054][ T6649] name failslab, interval 1, probability 0, space 0, times 0 [ 111.679213][ T6649] CPU: 3 UID: 0 PID: 6649 Comm: syz.3.367 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0 [ 111.683320][ T6649] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 111.687262][ T6649] Call Trace: [ 111.688538][ T6649] [ 111.689628][ T6649] dump_stack_lvl+0x16c/0x1f0 [ 111.691419][ T6649] should_fail_ex+0x497/0x5b0 [ 111.693316][ T6649] ? fs_reclaim_acquire+0xae/0x160 [ 111.695478][ T6649] should_failslab+0xc2/0x120 [ 111.697334][ T6649] kmem_cache_alloc_node_noprof+0x71/0x310 [ 111.699496][ T6649] ? __alloc_skb+0x2b1/0x380 [ 111.701231][ T6649] __alloc_skb+0x2b1/0x380 [ 111.702892][ T6649] ? __pfx___alloc_skb+0x10/0x10 [ 111.704783][ T6649] ? if_nlmsg_size+0x451/0xa60 [ 111.706629][ T6649] rtmsg_ifinfo_build_skb+0x81/0x280 [ 111.708613][ T6649] unregister_netdevice_many_notify+0x983/0x1e50 [ 111.710984][ T6649] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 111.713572][ T6649] ? mark_held_locks+0x9f/0xe0 [ 111.715387][ T6649] unregister_netdevice_queue+0x307/0x3f0 [ 111.717574][ T6649] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 111.719907][ T6649] ? linkwatch_schedule_work+0x181/0x1c0 [ 111.721975][ T6649] ? linkwatch_fire_event+0x6f/0x270 [ 111.723915][ T6649] __tun_detach+0x11cc/0x14a0 [ 111.725711][ T6649] ? __pfx_tun_chr_close+0x10/0x10 [ 111.727658][ T6649] tun_chr_close+0xc2/0x230 [ 111.729529][ T6649] __fput+0x3f6/0xb60 [ 111.731186][ T6649] __fput_sync+0x45/0x50 [ 111.732812][ T6649] __x64_sys_close+0x86/0x100 [ 111.734520][ T6649] do_syscall_64+0xcd/0x250 [ 111.736194][ T6649] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.738371][ T6649] RIP: 0033:0x7ff6b737dff9 [ 111.740011][ T6649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 111.747376][ T6649] RSP: 002b:00007ff6b81e3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 111.750391][ T6649] RAX: ffffffffffffffda RBX: 00007ff6b7535f80 RCX: 00007ff6b737dff9 [ 111.753252][ T6649] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 111.756089][ T6649] RBP: 00007ff6b81e3090 R08: 0000000000000000 R09: 0000000000000000 [ 111.759155][ T6649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 111.762424][ T6649] R13: 0000000000000000 R14: 00007ff6b7535f80 R15: 00007ffed0eb21e8 [ 111.765504][ T6649] [ 111.796896][ T1287] usb 6-1: USB disconnect, device number 5 [ 112.062088][ T6659] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 112.447052][ T6670] netlink: 8 bytes leftover after parsing attributes in process `syz.1.373'. [ 113.077105][ T5771] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 113.104229][ T30] usb 7-1: USB disconnect, device number 5 [ 113.129308][ T6691] netlink: 8 bytes leftover after parsing attributes in process `syz.2.380'. [ 113.132553][ T6691] netlink: 8 bytes leftover after parsing attributes in process `syz.2.380'. [ 113.138713][ T6691] FAULT_INJECTION: forcing a failure. [ 113.138713][ T6691] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 113.143459][ T6691] CPU: 2 UID: 0 PID: 6691 Comm: syz.2.380 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0 [ 113.147315][ T6691] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 113.151261][ T6691] Call Trace: [ 113.152553][ T6691] [ 113.153725][ T6691] dump_stack_lvl+0x16c/0x1f0 [ 113.155626][ T6691] should_fail_ex+0x497/0x5b0 [ 113.157450][ T6691] _copy_from_iter+0x2a1/0x1540 [ 113.159716][ T6691] ? __pfx__copy_from_iter+0x10/0x10 [ 113.161763][ T6691] ? __virt_addr_valid+0x1a4/0x590 [ 113.163746][ T6691] ? __virt_addr_valid+0x5e/0x590 [ 113.165594][ T6691] ? __phys_addr_symbol+0x30/0x80 [ 113.167443][ T6691] ? __check_object_size+0x488/0x710 [ 113.169386][ T6691] netlink_sendmsg+0x813/0xd70 [ 113.171171][ T6691] ? __pfx_netlink_sendmsg+0x10/0x10 [ 113.173127][ T6691] ? __import_iovec+0x1fd/0x6e0 [ 113.175009][ T6691] ____sys_sendmsg+0xaaf/0xc90 [ 113.176832][ T6691] ? copy_msghdr_from_user+0x10b/0x160 [ 113.178831][ T6691] ? __pfx_____sys_sendmsg+0x10/0x10 [ 113.180767][ T6691] ? __pfx___lock_acquire+0x10/0x10 [ 113.182655][ T6691] ___sys_sendmsg+0x135/0x1e0 [ 113.184375][ T6691] ? __pfx____sys_sendmsg+0x10/0x10 [ 113.186330][ T6691] ? lock_acquire+0x2f/0xb0 [ 113.187985][ T6691] ? __fget_files+0x40/0x3f0 [ 113.189706][ T6691] ? fdget+0x176/0x210 [ 113.191208][ T6691] __sys_sendmsg+0x117/0x1f0 [ 113.192908][ T6691] ? __pfx___sys_sendmsg+0x10/0x10 [ 113.194776][ T6691] ? __fget_files+0x244/0x3f0 [ 113.196518][ T6691] do_syscall_64+0xcd/0x250 [ 113.198209][ T6691] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.200322][ T6691] RIP: 0033:0x7fddd577dff9 [ 113.201955][ T6691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 113.208847][ T6691] RSP: 002b:00007fddd6661038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 113.211862][ T6691] RAX: ffffffffffffffda RBX: 00007fddd5935f80 RCX: 00007fddd577dff9 [ 113.214734][ T6691] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 113.217623][ T6691] RBP: 00007fddd6661090 R08: 0000000000000000 R09: 0000000000000000 [ 113.220476][ T6691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 113.223336][ T6691] R13: 0000000000000000 R14: 00007fddd5935f80 R15: 00007ffe6db86208 [ 113.226217][ T6691] [ 113.233238][ T6693] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 113.256193][ T5771] usb 6-1: Using ep0 maxpacket: 32 [ 113.265266][ T5771] usb 6-1: config 0 has no interfaces? [ 113.267488][ T5771] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 113.270828][ T5771] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 113.341605][ T5771] usb 6-1: config 0 descriptor?? [ 113.805992][ T58] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 113.956203][ T58] usb 8-1: Using ep0 maxpacket: 8 [ 113.958903][ T58] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 113.961590][ T58] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 113.963870][ T58] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 29535, setting to 64 [ 113.966839][ T58] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 113.969378][ T58] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 113.974163][ T58] hub 8-1:1.0: bad descriptor, ignoring hub [ 113.975741][ T58] hub 8-1:1.0: probe with driver hub failed with error -5 [ 113.977859][ T58] cdc_wdm 8-1:1.0: skipping garbage [ 113.979225][ T58] cdc_wdm 8-1:1.0: skipping garbage [ 113.982937][ T58] cdc_wdm 8-1:1.0: probe with driver cdc_wdm failed with error -22 [ 114.219320][ T6714] FAULT_INJECTION: forcing a failure. [ 114.219320][ T6714] name failslab, interval 1, probability 0, space 0, times 0 [ 114.222845][ T6714] CPU: 2 UID: 0 PID: 6714 Comm: syz.0.388 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0 [ 114.225971][ T6714] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 114.229685][ T6714] Call Trace: [ 114.230706][ T6714] [ 114.231490][ T6714] dump_stack_lvl+0x16c/0x1f0 [ 114.232704][ T6714] should_fail_ex+0x497/0x5b0 [ 114.233947][ T6714] ? fs_reclaim_acquire+0xae/0x160 [ 114.235362][ T6714] should_failslab+0xc2/0x120 [ 114.236601][ T6714] __kmalloc_noprof+0xcb/0x400 [ 114.237937][ T6714] tomoyo_encode2+0x100/0x3e0 [ 114.239446][ T6714] tomoyo_encode+0x29/0x50 [ 114.240708][ T6714] tomoyo_realpath_from_path+0x19d/0x720 [ 114.242232][ T6714] ? tomoyo_path_number_perm+0x232/0x590 [ 114.243769][ T6714] tomoyo_path_number_perm+0x245/0x590 [ 114.245279][ T6714] ? tomoyo_path_number_perm+0x232/0x590 [ 114.246771][ T6714] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 114.248357][ T6714] ? trace_lock_acquire+0x14a/0x1d0 [ 114.249739][ T6714] ? lock_acquire+0x2f/0xb0 [ 114.250943][ T6714] ? __fget_files+0x40/0x3f0 [ 114.252175][ T6714] ? __fget_files+0x244/0x3f0 [ 114.253453][ T6714] security_file_ioctl+0x9b/0x240 [ 114.254823][ T6714] __x64_sys_ioctl+0xbb/0x220 [ 114.256130][ T6714] do_syscall_64+0xcd/0x250 [ 114.257385][ T6714] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 114.259000][ T6714] RIP: 0033:0x7fc95117dff9 [ 114.260204][ T6714] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 114.265171][ T6714] RSP: 002b:00007fc951ed5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 114.267265][ T6714] RAX: ffffffffffffffda RBX: 00007fc951335f80 RCX: 00007fc95117dff9 [ 114.269341][ T6714] RDX: 0000000020000140 RSI: 000000000000890b RDI: 0000000000000003 [ 114.271388][ T6714] RBP: 00007fc951ed5090 R08: 0000000000000000 R09: 0000000000000000 [ 114.273399][ T6714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 114.275449][ T6714] R13: 0000000000000000 R14: 00007fc951335f80 R15: 00007fff025a8e28 [ 114.277705][ T6714] [ 114.280060][ T6714] ERROR: Out of memory at tomoyo_realpath_from_path. [ 114.508834][ T5340] Bluetooth: hci1: unexpected event 0x06 length: 4 > 3 [ 114.691826][ T6722] netlink: 24 bytes leftover after parsing attributes in process `syz.0.390'. [ 114.703099][ T6722] netlink: 8 bytes leftover after parsing attributes in process `syz.0.390'. [ 114.709446][ T6722] netlink: 8 bytes leftover after parsing attributes in process `syz.0.390'. [ 115.178256][ T6732] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 115.744106][ T5397] usb 6-1: USB disconnect, device number 6 [ 115.842082][ T6745] netlink: 8 bytes leftover after parsing attributes in process `syz.0.395'. [ 115.846079][ T6745] netlink: 8 bytes leftover after parsing attributes in process `syz.0.395'. [ 116.589675][ T39] audit: type=1400 audit(1728533567.812:467): avc: denied { getopt } for pid=6751 comm="syz.2.399" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 116.636281][ T30] usb 8-1: USB disconnect, device number 5 [ 117.586082][ T25] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 117.895532][ T25] usb 6-1: Using ep0 maxpacket: 32 [ 117.899726][ T25] usb 6-1: config 0 has no interfaces? [ 117.901071][ T25] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 117.903409][ T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 117.907495][ T25] usb 6-1: config 0 descriptor?? [ 118.111686][ T6780] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 118.416540][ T11] wlan1: Trigger new scan to find an IBSS to join [ 119.276428][ T6801] netlink: 8 bytes leftover after parsing attributes in process `syz.0.412'. [ 119.437967][ T6808] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 119.570299][ T6818] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 119.825420][ T39] audit: type=1326 audit(1728533571.042:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6825 comm="syz.2.423" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fddd577dff9 code=0x0 [ 119.885434][ T39] audit: type=1400 audit(1728533571.102:469): avc: denied { write } for pid=6825 comm="syz.2.423" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 120.323961][ T5771] usb 6-1: USB disconnect, device number 7 [ 120.423057][ T6830] netlink: 8 bytes leftover after parsing attributes in process `syz.1.424'. [ 120.573405][ T6835] FAULT_INJECTION: forcing a failure. [ 120.573405][ T6835] name failslab, interval 1, probability 0, space 0, times 0 [ 120.577034][ T11] wlan1: Trigger new scan to find an IBSS to join [ 120.578630][ T6835] CPU: 0 UID: 0 PID: 6835 Comm: syz.0.426 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0 [ 120.582231][ T6835] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 120.585035][ T6835] Call Trace: [ 120.585931][ T6835] [ 120.586721][ T6835] dump_stack_lvl+0x16c/0x1f0 [ 120.587983][ T6835] should_fail_ex+0x497/0x5b0 [ 120.588461][ T6836] netlink: 208 bytes leftover after parsing attributes in process `syz.3.427'. [ 120.589413][ T6835] ? fs_reclaim_acquire+0xae/0x160 [ 120.593917][ T6835] should_failslab+0xc2/0x120 [ 120.595171][ T6835] __kmalloc_cache_noprof+0x6b/0x300 [ 120.596561][ T6835] ? __do_sys_fanotify_init+0x3f2/0xb00 [ 120.598032][ T6835] __do_sys_fanotify_init+0x3f2/0xb00 [ 120.599441][ T6835] do_syscall_64+0xcd/0x250 [ 120.600640][ T6835] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.602197][ T6835] RIP: 0033:0x7fc95117dff9 [ 120.603368][ T6835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 120.608491][ T6835] RSP: 002b:00007fc951ed5038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 120.610680][ T6835] RAX: ffffffffffffffda RBX: 00007fc951335f80 RCX: 00007fc95117dff9 [ 120.612740][ T6835] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 120.614833][ T6835] RBP: 00007fc951ed5090 R08: 0000000000000000 R09: 0000000000000000 [ 120.616954][ T6835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 120.619045][ T6835] R13: 0000000000000000 R14: 00007fc951335f80 R15: 00007fff025a8e28 [ 120.621475][ T6835] [ 120.653928][ T6840] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 120.996103][ T5771] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 121.155984][ T5771] usb 6-1: Using ep0 maxpacket: 32 [ 121.159712][ T5771] usb 6-1: config 0 has no interfaces? [ 121.162318][ T5771] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 121.165520][ T5771] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 121.171188][ T5771] usb 6-1: config 0 descriptor?? [ 121.596310][ T6862] netlink: 208 bytes leftover after parsing attributes in process `syz.3.437'. [ 121.743072][ T39] audit: type=1400 audit(1728533572.962:470): avc: denied { block_suspend } for pid=6867 comm="syz.3.440" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 122.115014][ T6874] netlink: 8 bytes leftover after parsing attributes in process `syz.0.441'. [ 122.499527][ T6879] netlink: 20 bytes leftover after parsing attributes in process `syz.2.443'. [ 122.624507][ T6886] overlayfs: missing 'lowerdir' [ 122.911661][ T6892] netlink: 208 bytes leftover after parsing attributes in process `syz.3.448'. [ 123.053205][ T6897] netlink: 8 bytes leftover after parsing attributes in process `syz.3.450'. [ 123.401315][ T39] audit: type=1400 audit(1728533574.622:471): avc: denied { read } for pid=6905 comm="syz.2.453" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 123.452621][ T39] audit: type=1400 audit(1728533574.672:472): avc: denied { setopt } for pid=6905 comm="syz.2.453" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 123.453033][ T6908] overlayfs: missing 'lowerdir' [ 123.467089][ T45] wlan1: Trigger new scan to find an IBSS to join [ 123.556885][ T70] wlan1: Creating new IBSS network, BSSID 3a:a6:b8:9f:05:e5 [ 123.632851][ T39] audit: type=1326 audit(1728533574.852:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6912 comm="syz.3.456" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6b737dff9 code=0x7ffc0000 [ 123.633587][ T6915] netlink: 208 bytes leftover after parsing attributes in process `syz.2.457'. [ 123.637274][ T6916] QAT: Device 1 not found [ 123.639155][ T39] audit: type=1326 audit(1728533574.852:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6912 comm="syz.3.456" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6b737dff9 code=0x7ffc0000 [ 123.639264][ T39] audit: type=1326 audit(1728533574.852:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6912 comm="syz.3.456" exe="/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7ff6b737dff9 code=0x7ffc0000 [ 123.639292][ T39] audit: type=1326 audit(1728533574.852:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6912 comm="syz.3.456" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6b737dff9 code=0x7ffc0000 [ 123.639319][ T39] audit: type=1326 audit(1728533574.852:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6912 comm="syz.3.456" exe="/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7ff6b737dff9 code=0x7ffc0000 [ 123.639345][ T39] audit: type=1326 audit(1728533574.852:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6912 comm="syz.3.456" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6b737dff9 code=0x7ffc0000 [ 123.639371][ T39] audit: type=1326 audit(1728533574.852:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6912 comm="syz.3.456" exe="/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7ff6b737dff9 code=0x7ffc0000 [ 123.784283][ T30] usb 6-1: USB disconnect, device number 8 [ 123.805314][ T6919] fuse: Unknown parameter 'group_i00000000000000000000' [ 124.492076][ T6930] netlink: 8 bytes leftover after parsing attributes in process `syz.0.460'. [ 125.502360][ T6944] overlayfs: missing 'lowerdir' [ 125.554466][ T6947] netlink: 8 bytes leftover after parsing attributes in process `syz.2.461'. [ 125.921645][ T6947] netlink: 8 bytes leftover after parsing attributes in process `syz.2.461'. [ 126.556083][ T5329] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 126.706066][ T5329] usb 8-1: Using ep0 maxpacket: 8 [ 126.714460][ T5329] usb 8-1: config index 0 descriptor too short (expected 301, got 45) [ 126.719761][ T5329] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 126.723331][ T5329] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 126.727275][ T5329] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 126.730926][ T5329] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 126.735585][ T5329] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 126.739037][ T5329] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 126.932127][ T6965] netlink: 28 bytes leftover after parsing attributes in process `syz.0.470'. [ 126.971220][ T5329] usb 8-1: usb_control_msg returned -32 [ 126.973353][ T5329] usbtmc 8-1:16.0: can't read capabilities [ 127.636524][ T6975] FAULT_INJECTION: forcing a failure. [ 127.636524][ T6975] name failslab, interval 1, probability 0, space 0, times 0 [ 127.640263][ T6975] CPU: 2 UID: 0 PID: 6975 Comm: syz.2.473 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0 [ 127.643824][ T6975] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 127.647445][ T6975] Call Trace: [ 127.648589][ T6975] [ 127.649608][ T6975] dump_stack_lvl+0x16c/0x1f0 [ 127.651225][ T6975] should_fail_ex+0x497/0x5b0 [ 127.652842][ T6975] ? fs_reclaim_acquire+0xae/0x160 [ 127.654616][ T6975] should_failslab+0xc2/0x120 [ 127.656090][ T6976] fuse: Bad value for 'fd' [ 127.657662][ T6975] __kmalloc_noprof+0xcb/0x400 [ 127.659190][ T6975] ? d_absolute_path+0x137/0x1b0 [ 127.660560][ T6975] tomoyo_encode2+0x100/0x3e0 [ 127.662086][ T6975] tomoyo_encode+0x29/0x50 [ 127.663460][ T6975] tomoyo_realpath_from_path+0x19d/0x720 [ 127.664899][ T6975] tomoyo_path_number_perm+0x245/0x590 [ 127.666516][ T6975] ? tomoyo_path_number_perm+0x232/0x590 [ 127.668003][ T6975] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 127.669618][ T6975] ? trace_lock_acquire+0x14a/0x1d0 [ 127.670998][ T6975] ? lock_acquire+0x2f/0xb0 [ 127.672215][ T6975] ? __fget_files+0x40/0x3f0 [ 127.673465][ T6975] ? __fget_files+0x244/0x3f0 [ 127.674732][ T6975] security_file_ioctl+0x9b/0x240 [ 127.676071][ T6975] __x64_sys_ioctl+0xbb/0x220 [ 127.677366][ T6975] do_syscall_64+0xcd/0x250 [ 127.678583][ T6975] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.680147][ T6975] RIP: 0033:0x7fddd577dff9 [ 127.681355][ T6975] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 127.686519][ T6975] RSP: 002b:00007fddd6661038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 127.688728][ T6975] RAX: ffffffffffffffda RBX: 00007fddd5935f80 RCX: 00007fddd577dff9 [ 127.690804][ T6975] RDX: 0000000020000000 RSI: 00000000400445a0 RDI: 0000000000000003 [ 127.692911][ T6975] RBP: 00007fddd6661090 R08: 0000000000000000 R09: 0000000000000000 [ 127.695012][ T6975] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 127.697111][ T6975] R13: 0000000000000000 R14: 00007fddd5935f80 R15: 00007ffe6db86208 [ 127.699781][ T6975] [ 127.701278][ T6975] ERROR: Out of memory at tomoyo_realpath_from_path. [ 128.448620][ T6985] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 129.284407][ T35] usb 8-1: USB disconnect, device number 6 [ 129.476738][ T7005] netlink: 8 bytes leftover after parsing attributes in process `syz.3.481'. [ 129.480085][ T7005] netlink: 8 bytes leftover after parsing attributes in process `syz.3.481'. [ 129.643914][ T7010] netlink: 20 bytes leftover after parsing attributes in process `syz.0.485'. [ 129.670131][ T7013] netlink: 4 bytes leftover after parsing attributes in process `syz.2.486'. [ 129.914313][ T7023] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 130.467343][ T35] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 130.626707][ T35] usb 7-1: Using ep0 maxpacket: 32 [ 130.637715][ T35] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 130.652089][ T35] usb 7-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 130.656055][ T35] usb 7-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 130.659144][ T35] usb 7-1: Product: syz [ 130.660803][ T35] usb 7-1: Manufacturer: syz [ 130.662837][ T35] usb 7-1: SerialNumber: syz [ 130.672353][ T35] usb 7-1: config 0 descriptor?? [ 130.677879][ T7025] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 130.932951][ T39] kauditd_printk_skb: 23 callbacks suppressed [ 130.932963][ T39] audit: type=1400 audit(1728533582.152:503): avc: denied { read write } for pid=7039 comm="syz.3.494" name="file0" dev="9p" ino=36574221 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 130.942826][ T39] audit: type=1400 audit(1728533582.152:504): avc: denied { ioctl open } for pid=7039 comm="syz.3.494" path="/137/file0/file0" dev="9p" ino=36574221 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 130.975608][ T39] audit: type=1400 audit(1728533582.192:505): avc: denied { add_name } for pid=7039 comm="syz.3.494" name="cpuacct.usage_sys" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 130.985621][ T39] audit: type=1400 audit(1728533582.192:506): avc: denied { create } for pid=7039 comm="syz.3.494" name="cpuacct.usage_sys" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 130.993999][ T39] audit: type=1400 audit(1728533582.192:507): avc: denied { associate } for pid=7039 comm="syz.3.494" name="cpuacct.usage_sys" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 131.001774][ T39] audit: type=1400 audit(1728533582.192:508): avc: denied { append } for pid=7039 comm="syz.3.494" path="/137/file0/cpuacct.usage_sys" dev="9p" ino=36574410 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 131.012355][ T39] audit: type=1400 audit(1728533582.232:509): avc: denied { read } for pid=7024 comm="syz.2.489" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 131.021285][ T30] usb 7-1: USB disconnect, device number 6 [ 131.321558][ T7045] smc: adding net device pim6reg0 with user defined pnetid SYZ1 [ 131.325040][ T7045] netlink: 'syz.3.495': attribute type 3 has an invalid length. [ 131.329251][ T7045] netlink: 666 bytes leftover after parsing attributes in process `syz.3.495'. [ 131.348930][ T7045] smc: removing net device pim6reg0 with user defined pnetid SYZ1 [ 131.454596][ T7047] overlayfs: missing 'lowerdir' [ 132.055234][ T7064] netlink: 8 bytes leftover after parsing attributes in process `syz.1.501'. [ 132.067274][ T7064] netlink: 8 bytes leftover after parsing attributes in process `syz.1.501'. [ 132.565995][ T5329] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 132.574627][ T7068] netlink: 52 bytes leftover after parsing attributes in process `syz.3.503'. [ 132.590241][ T7068] use of bytesused == 0 is deprecated and will be removed in the future, [ 132.592755][ T7068] use the actual size instead. [ 132.704211][ T39] audit: type=1400 audit(1728533583.922:510): avc: denied { watch } for pid=7069 comm="syz.0.504" path="/proc/395/task" dev="proc" ino=14293 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 132.707361][ T7071] team_slave_0: entered promiscuous mode [ 132.712979][ T7071] team_slave_1: entered promiscuous mode [ 132.717492][ T5329] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 132.720916][ T5329] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 132.724514][ T5329] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 132.728155][ T5329] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 132.733513][ T5329] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 132.737037][ T5329] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 132.739717][ T5329] usb 7-1: Manufacturer: syz [ 132.743405][ T5329] usb 7-1: config 0 descriptor?? [ 132.743931][ T7076] overlayfs: missing 'workdir' [ 133.170597][ T5329] appleir 0003:05AC:8243.0002: unknown main item tag 0x0 [ 133.180164][ T5329] appleir 0003:05AC:8243.0002: No inputs registered, leaving [ 133.195858][ T7089] netlink: 8 bytes leftover after parsing attributes in process `syz.3.510'. [ 133.198758][ T7089] netlink: 8 bytes leftover after parsing attributes in process `syz.3.510'. [ 133.209553][ T5329] appleir 0003:05AC:8243.0002: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0 [ 133.442871][ T7091] FAULT_INJECTION: forcing a failure. [ 133.442871][ T7091] name failslab, interval 1, probability 0, space 0, times 0 [ 133.446294][ T7091] CPU: 0 UID: 0 PID: 7091 Comm: syz.1.511 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0 [ 133.449040][ T7091] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 133.451811][ T7091] Call Trace: [ 133.452692][ T7091] [ 133.453489][ T7091] dump_stack_lvl+0x16c/0x1f0 [ 133.454738][ T7091] should_fail_ex+0x497/0x5b0 [ 133.455980][ T7091] ? fs_reclaim_acquire+0xae/0x160 [ 133.457410][ T7091] should_failslab+0xc2/0x120 [ 133.458647][ T7091] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 133.460053][ T7091] ? __kernfs_new_node+0xd3/0x890 [ 133.461383][ T7091] __kernfs_new_node+0xd3/0x890 [ 133.462654][ T7091] ? __pfx___kernfs_new_node+0x10/0x10 [ 133.464078][ T7091] ? __pfx___lock_acquire+0x10/0x10 [ 133.465555][ T7091] kernfs_new_node+0x186/0x240 [ 133.466933][ T7091] __kernfs_create_file+0x53/0x350 [ 133.468461][ T7091] sysfs_add_file_mode_ns+0x1ff/0x3b0 [ 133.470030][ T7091] sysfs_create_file_ns+0x13e/0x1d0 [ 133.471627][ T7091] ? __pfx_sysfs_create_file_ns+0x10/0x10 [ 133.473281][ T7091] ? down_read+0xc9/0x330 [ 133.474419][ T7091] ? __pfx___up_read+0x10/0x10 [ 133.475680][ T7091] ? kobject_put+0xab/0x5a0 [ 133.476938][ T7091] device_create_file+0xf2/0x1e0 [ 133.478126][ T7091] device_add+0x2c0/0x1a70 [ 133.479254][ T7091] ? __pfx_device_add+0x10/0x10 [ 133.480539][ T7091] ? lockdep_init_map_type+0x16d/0x7d0 [ 133.481976][ T7091] ? lockdep_init_map_type+0x16d/0x7d0 [ 133.483417][ T7091] ? __raw_spin_lock_init+0x3a/0x110 [ 133.484832][ T7091] input_register_device+0x7e8/0x1110 [ 133.486311][ T7091] ? input_ff_create+0x251/0x320 [ 133.487610][ T7091] uinput_ioctl_handler.isra.0+0x130c/0x1d70 [ 133.489297][ T7091] ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460 [ 133.491030][ T7091] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 133.492707][ T7091] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 133.494511][ T7091] ? trace_lock_acquire+0x14a/0x1d0 [ 133.495904][ T7091] ? selinux_file_ioctl+0x180/0x270 [ 133.497286][ T7091] ? selinux_file_ioctl+0xb4/0x270 [ 133.498570][ T7091] ? __pfx_uinput_ioctl+0x10/0x10 [ 133.499867][ T7091] __x64_sys_ioctl+0x18f/0x220 [ 133.501348][ T7091] do_syscall_64+0xcd/0x250 [ 133.502768][ T7091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.504363][ T7091] RIP: 0033:0x7f19b817dff9 [ 133.505547][ T7091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 133.510765][ T7091] RSP: 002b:00007f19b8e98038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 133.512953][ T7091] RAX: ffffffffffffffda RBX: 00007f19b8335f80 RCX: 00007f19b817dff9 [ 133.515259][ T7091] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000003 [ 133.517376][ T7091] RBP: 00007f19b8e98090 R08: 0000000000000000 R09: 0000000000000000 [ 133.519538][ T7091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 133.521644][ T7091] R13: 0000000000000000 R14: 00007f19b8335f80 R15: 00007ffc4def4c98 [ 133.523706][ T7091] [ 133.533059][ T7092] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 133.540042][ T7092] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 133.893947][ T7103] overlayfs: missing 'workdir' [ 133.958194][ T5771] usb 7-1: USB disconnect, device number 7 [ 133.962613][ T7108] netlink: 16 bytes leftover after parsing attributes in process `syz.1.517'. [ 134.222735][ T7120] netlink: 8 bytes leftover after parsing attributes in process `syz.1.519'. [ 134.646276][ T39] audit: type=1400 audit(1728533585.862:511): avc: denied { ioctl } for pid=7125 comm="syz.2.523" path="socket:[17452]" dev="sockfs" ino=17452 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 134.652790][ T39] audit: type=1400 audit(1728533585.862:512): avc: denied { write } for pid=7125 comm="syz.2.523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 134.784370][ T7128] overlayfs: missing 'workdir' [ 134.845979][ T7134] FAULT_INJECTION: forcing a failure. [ 134.845979][ T7134] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 134.850510][ T7134] CPU: 3 UID: 0 PID: 7134 Comm: syz.2.526 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0 [ 134.853876][ T7134] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 134.857559][ T7134] Call Trace: [ 134.858720][ T7134] [ 134.859714][ T7134] dump_stack_lvl+0x16c/0x1f0 [ 134.861359][ T7134] should_fail_ex+0x497/0x5b0 [ 134.863001][ T7134] _copy_from_iter+0x2a1/0x1540 [ 134.864746][ T7134] ? __pfx__copy_from_iter+0x10/0x10 [ 134.866601][ T7134] ? __virt_addr_valid+0x1a4/0x590 [ 134.868599][ T7134] ? __virt_addr_valid+0x5e/0x590 [ 134.870350][ T7134] ? __phys_addr_symbol+0x30/0x80 [ 134.872109][ T7134] ? __check_object_size+0x488/0x710 [ 134.873983][ T7134] netlink_sendmsg+0x813/0xd70 [ 134.875657][ T7134] ? __pfx_netlink_sendmsg+0x10/0x10 [ 134.877497][ T7134] ? __import_iovec+0x1fd/0x6e0 [ 134.879311][ T7134] ____sys_sendmsg+0xaaf/0xc90 [ 134.881023][ T7134] ? copy_msghdr_from_user+0x10b/0x160 [ 134.882909][ T7134] ? __pfx_____sys_sendmsg+0x10/0x10 [ 134.884745][ T7134] ? __pfx___lock_acquire+0x10/0x10 [ 134.886563][ T7134] ___sys_sendmsg+0x135/0x1e0 [ 134.888254][ T7134] ? __pfx____sys_sendmsg+0x10/0x10 [ 134.890239][ T7134] ? lock_acquire+0x2f/0xb0 [ 134.891836][ T7134] ? __fget_files+0x40/0x3f0 [ 134.893487][ T7134] ? fdget+0x176/0x210 [ 134.894911][ T7134] __sys_sendmsg+0x117/0x1f0 [ 134.896533][ T7134] ? __pfx___sys_sendmsg+0x10/0x10 [ 134.898321][ T7134] ? __fget_files+0x244/0x3f0 [ 134.899968][ T7134] do_syscall_64+0xcd/0x250 [ 134.901573][ T7134] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 134.903615][ T7134] RIP: 0033:0x7fddd577dff9 [ 134.905173][ T7134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 134.911837][ T7134] RSP: 002b:00007fddd6661038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 134.914724][ T7134] RAX: ffffffffffffffda RBX: 00007fddd5935f80 RCX: 00007fddd577dff9 [ 134.917473][ T7134] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000004 [ 134.920186][ T7134] RBP: 00007fddd6661090 R08: 0000000000000000 R09: 0000000000000000 [ 134.922882][ T7134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 134.925032][ T7134] R13: 0000000000000000 R14: 00007fddd5935f80 R15: 00007ffe6db86208 [ 134.927610][ T7134] [ 135.040886][ T7136] tipc: Started in network mode [ 135.042683][ T7136] tipc: Node identity 4, cluster identity 4711 [ 135.047669][ T7136] tipc: Node number set to 4 [ 135.330972][ T7153] __nla_validate_parse: 2 callbacks suppressed [ 135.330985][ T7153] netlink: 8 bytes leftover after parsing attributes in process `syz.0.533'. [ 135.475057][ T7155] overlayfs: missing 'lowerdir' [ 135.523698][ T7157] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 135.774062][ T7165] binder: Unknown parameter 'Nè' [ 135.992512][ T7171] netlink: 4 bytes leftover after parsing attributes in process `syz.3.540'. [ 136.071672][ T7179] overlayfs: missing 'lowerdir' [ 136.092433][ T7180] netlink: 8 bytes leftover after parsing attributes in process `syz.2.542'. [ 136.126183][ T7182] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 137.133255][ T39] kauditd_printk_skb: 1 callbacks suppressed [ 137.133267][ T39] audit: type=1400 audit(1728533588.352:514): avc: denied { unmount } for pid=5349 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 137.480613][ T7206] netlink: 48 bytes leftover after parsing attributes in process `syz.0.552'. [ 137.483328][ T39] audit: type=1400 audit(1728533588.702:515): avc: denied { listen } for pid=7205 comm="syz.0.552" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 137.522073][ T7210] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 137.546668][ T39] audit: type=1400 audit(1728533588.762:516): avc: denied { map } for pid=7205 comm="syz.0.552" path="socket:[18647]" dev="sockfs" ino=18647 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 137.553445][ T39] audit: type=1400 audit(1728533588.772:517): avc: denied { read accept } for pid=7205 comm="syz.0.552" path="socket:[18647]" dev="sockfs" ino=18647 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 137.597107][ T5384] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 137.745261][ T7215] netlink: 12 bytes leftover after parsing attributes in process `syz.1.555'. [ 137.747923][ T5384] usb 8-1: Using ep0 maxpacket: 8 [ 137.751487][ T5384] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 137.754505][ T5384] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 137.758136][ T5384] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 137.762009][ T5384] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 137.766721][ T5384] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 137.770072][ T5384] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 137.943335][ T7221] netlink: 8 bytes leftover after parsing attributes in process `syz.2.556'. [ 137.987803][ T5384] usb 8-1: usb_control_msg returned -32 [ 137.989632][ T5384] usbtmc 8-1:16.0: can't read capabilities [ 138.392200][ C2] usbtmc 8-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 138.396953][ T7227] usbtmc 8-1:16.0: Unable to send data, error -71 [ 139.437611][ T7241] netlink: 208 bytes leftover after parsing attributes in process `syz.2.563'. [ 139.996034][ T5329] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 140.146000][ T5329] usb 7-1: Using ep0 maxpacket: 8 [ 140.148684][ T5329] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 140.151412][ T5329] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 140.153714][ T5329] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 29535, setting to 64 [ 140.156678][ T5329] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 140.159033][ T5329] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 140.163172][ T5329] hub 7-1:1.0: bad descriptor, ignoring hub [ 140.164790][ T5329] hub 7-1:1.0: probe with driver hub failed with error -5 [ 140.167041][ T5329] cdc_wdm 7-1:1.0: skipping garbage [ 140.168457][ T5329] cdc_wdm 7-1:1.0: skipping garbage [ 140.169859][ T5329] cdc_wdm 7-1:1.0: probe with driver cdc_wdm failed with error -22 [ 140.365946][ T35] usb 8-1: USB disconnect, device number 7 [ 141.519271][ T7275] netlink: 192 bytes leftover after parsing attributes in process `syz.3.573'. [ 142.757966][ T58] usb 7-1: USB disconnect, device number 8 [ 143.180946][ T7307] FAULT_INJECTION: forcing a failure. [ 143.180946][ T7307] name failslab, interval 1, probability 0, space 0, times 0 [ 143.184258][ T7307] CPU: 1 UID: 0 PID: 7307 Comm: syz.1.582 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0 [ 143.187029][ T7307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 143.189826][ T7307] Call Trace: [ 143.190711][ T7307] [ 143.191502][ T7307] dump_stack_lvl+0x16c/0x1f0 [ 143.192759][ T7307] should_fail_ex+0x497/0x5b0 [ 143.194031][ T7307] ? fs_reclaim_acquire+0xae/0x160 [ 143.195393][ T7307] should_failslab+0xc2/0x120 [ 143.196665][ T7307] __kmalloc_noprof+0xcb/0x400 [ 143.197966][ T7307] ? audit_alloc+0xa3/0x7b0 [ 143.199173][ T7307] lsm_blob_alloc+0x68/0x90 [ 143.200384][ T7307] security_task_alloc+0x2d/0x260 [ 143.201726][ T7307] copy_process+0x24cf/0x8db0 [ 143.202990][ T7307] ? __pfx___lock_acquire+0x10/0x10 [ 143.204359][ T7307] ? find_held_lock+0x2d/0x110 [ 143.205656][ T7307] ? __pfx_copy_process+0x10/0x10 [ 143.207000][ T7307] ? __might_fault+0x13b/0x190 [ 143.208289][ T7307] ? __pfx_lock_release+0x10/0x10 [ 143.209641][ T7307] ? trace_lock_acquire+0x14a/0x1d0 [ 143.211016][ T7307] ? lock_acquire+0x2f/0xb0 [ 143.212216][ T7307] ? __might_fault+0xe3/0x190 [ 143.213490][ T7307] ? __might_fault+0xe3/0x190 [ 143.214809][ T7307] ? _copy_from_user+0x5d/0xf0 [ 143.216091][ T7307] kernel_clone+0xfd/0x960 [ 143.217302][ T7307] ? __pfx_kernel_clone+0x10/0x10 [ 143.218644][ T7307] ? __schedule+0xefd/0x5750 [ 143.219876][ T7307] __do_sys_clone3+0x1f5/0x270 [ 143.221150][ T7307] ? __pfx___do_sys_clone3+0x10/0x10 [ 143.222555][ T7307] do_syscall_64+0xcd/0x250 [ 143.223763][ T7307] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 143.225337][ T7307] RIP: 0033:0x7f19b817dff9 [ 143.226536][ T7307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 143.231535][ T7307] RSP: 002b:00007f19b7bddf08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 143.233724][ T7307] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f19b817dff9 [ 143.235795][ T7307] RDX: 00007f19b7bddf20 RSI: 0000000000000058 RDI: 00007f19b7bddf20 [ 143.237892][ T7307] RBP: 00007f19b7bde090 R08: 0000000000000000 R09: 0000000000000058 [ 143.239969][ T7307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 143.242054][ T7307] R13: 0000000000000000 R14: 00007f19b8336130 R15: 00007ffc4def4c98 [ 143.244128][ T7307] [ 143.521589][ T7317] FAULT_INJECTION: forcing a failure. [ 143.521589][ T7317] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 143.526294][ T7317] CPU: 0 UID: 0 PID: 7317 Comm: syz.3.585 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0 [ 143.529120][ T7317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 143.531936][ T7317] Call Trace: [ 143.532833][ T7317] [ 143.533632][ T7317] dump_stack_lvl+0x16c/0x1f0 [ 143.534921][ T7317] should_fail_ex+0x497/0x5b0 [ 143.536320][ T7317] _copy_from_user+0x30/0xf0 [ 143.537525][ T7317] copy_msghdr_from_user+0x99/0x160 [ 143.538921][ T7317] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 143.540491][ T7317] ? find_held_lock+0x2d/0x110 [ 143.541795][ T7317] ___sys_recvmsg+0xdc/0x1a0 [ 143.543046][ T7317] ? __pfx____sys_recvmsg+0x10/0x10 [ 143.544439][ T7317] ? lock_acquire+0x2f/0xb0 [ 143.545666][ T7317] ? fdget+0x176/0x210 [ 143.546765][ T7317] do_recvmmsg+0x2ba/0x750 [ 143.547985][ T7317] ? __pfx_do_recvmmsg+0x10/0x10 [ 143.549321][ T7317] ? vfs_write+0x14d/0x1140 [ 143.550547][ T7317] ? __mutex_unlock_slowpath+0x164/0x650 [ 143.552047][ T7317] ? __fget_files+0x244/0x3f0 [ 143.553323][ T7317] __x64_sys_recvmmsg+0x239/0x290 [ 143.554669][ T7317] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 143.556143][ T7317] do_syscall_64+0xcd/0x250 [ 143.557372][ T7317] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 143.558946][ T7317] RIP: 0033:0x7ff6b737dff9 [ 143.560139][ T7317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 143.565191][ T7317] RSP: 002b:00007ff6b81c2038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 143.567384][ T7317] RAX: ffffffffffffffda RBX: 00007ff6b7536058 RCX: 00007ff6b737dff9 [ 143.569489][ T7317] RDX: 040000000000026c RSI: 00000000200005c0 RDI: 0000000000000009 [ 143.571635][ T7317] RBP: 00007ff6b81c2090 R08: 0000000000000000 R09: 0000000000000000 [ 143.573725][ T7317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 143.575793][ T7317] R13: 0000000000000000 R14: 00007ff6b7536058 R15: 00007ffed0eb21e8 [ 143.577835][ T7317] [ 144.366955][ T5397] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 144.517228][ T5397] usb 6-1: Using ep0 maxpacket: 32 [ 144.520979][ T5397] usb 6-1: config 0 has no interfaces? [ 144.522620][ T5397] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 144.525082][ T5397] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 144.530889][ T5397] usb 6-1: config 0 descriptor?? [ 144.856448][ T7333] netlink: 192 bytes leftover after parsing attributes in process `syz.2.590'. [ 145.015991][ T58] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 145.176005][ T58] usb 8-1: Using ep0 maxpacket: 8 [ 145.178925][ T58] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 145.181508][ T58] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 145.183709][ T58] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 29535, setting to 64 [ 145.186420][ T58] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 145.188619][ T58] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 145.192731][ T58] hub 8-1:1.0: bad descriptor, ignoring hub [ 145.194245][ T58] hub 8-1:1.0: probe with driver hub failed with error -5 [ 145.197625][ T58] cdc_wdm 8-1:1.0: skipping garbage [ 145.198981][ T58] cdc_wdm 8-1:1.0: skipping garbage [ 145.200292][ T58] cdc_wdm 8-1:1.0: probe with driver cdc_wdm failed with error -22 [ 145.379659][ T7342] netlink: 8 bytes leftover after parsing attributes in process `syz.0.592'. [ 146.826268][ T7360] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 146.829624][ T7360] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 146.970966][ T5384] usb 6-1: USB disconnect, device number 9 [ 147.586167][ T58] usb 8-1: USB disconnect, device number 8 [ 147.678104][ T7371] netlink: 8 bytes leftover after parsing attributes in process `syz.3.601'. [ 148.077807][ T7385] netlink: 208 bytes leftover after parsing attributes in process `syz.3.607'. [ 148.135398][ T7387] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 148.195965][ T39] audit: type=1400 audit(1728533599.412:518): avc: denied { bind } for pid=7388 comm="syz.3.608" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 148.368543][ T7392] netlink: 12 bytes leftover after parsing attributes in process `syz.3.608'. [ 148.898226][ T7404] input: syz0 as /devices/virtual/input/input8 [ 149.136678][ T5329] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 149.316046][ T5329] usb 8-1: Using ep0 maxpacket: 8 [ 149.318641][ T5329] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 149.321349][ T5329] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 149.323660][ T5329] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 29535, setting to 64 [ 149.326845][ T5329] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 149.329663][ T5329] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 149.334942][ T5329] hub 8-1:1.0: bad descriptor, ignoring hub [ 149.336875][ T5329] hub 8-1:1.0: probe with driver hub failed with error -5 [ 149.338921][ T5329] cdc_wdm 8-1:1.0: skipping garbage [ 149.340295][ T5329] cdc_wdm 8-1:1.0: skipping garbage [ 149.341694][ T5329] cdc_wdm 8-1:1.0: probe with driver cdc_wdm failed with error -22 [ 149.875622][ T7417] netlink: 8 bytes leftover after parsing attributes in process `syz.0.616'. [ 149.901855][ T7418] netlink: 8 bytes leftover after parsing attributes in process `syz.2.615'. [ 149.904283][ T7418] netlink: 8 bytes leftover after parsing attributes in process `syz.2.615'. [ 151.025959][ T39] audit: type=1400 audit(1728533602.242:519): avc: denied { map } for pid=7435 comm="syz.0.622" path="/dev/usbmon0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 151.036414][ T39] audit: type=1400 audit(1728533602.242:520): avc: denied { execute } for pid=7435 comm="syz.0.622" path="/dev/usbmon0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 151.626063][ T58] usb 8-1: USB disconnect, device number 9 [ 151.758522][ T7443] netlink: 8 bytes leftover after parsing attributes in process `syz.3.625'. [ 151.904318][ T39] audit: type=1400 audit(1728533603.122:521): avc: denied { execute_no_trans } for pid=7441 comm="syz.0.624" path="/170/file0" dev="tmpfs" ino=947 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 151.930059][ T39] audit: type=1400 audit(1728533603.152:522): avc: denied { map } for pid=7441 comm="syz.0.624" path="socket:[19759]" dev="sockfs" ino=19759 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 151.938756][ T39] audit: type=1400 audit(1728533603.152:523): avc: denied { read } for pid=7441 comm="syz.0.624" path="socket:[19759]" dev="sockfs" ino=19759 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 152.116479][ T7464] netlink: 8 bytes leftover after parsing attributes in process `syz.1.629'. [ 152.119282][ T7464] netlink: 8 bytes leftover after parsing attributes in process `syz.1.629'. [ 152.134262][ T7465] netlink: 8 bytes leftover after parsing attributes in process `syz.2.631'. [ 153.447073][ T5329] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 153.596193][ T5329] usb 5-1: Using ep0 maxpacket: 8 [ 153.599729][ T5329] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 153.603157][ T5329] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 153.606699][ T5329] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 29535, setting to 64 [ 153.610754][ T5329] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 153.613831][ T5329] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 153.621265][ T5329] hub 5-1:1.0: bad descriptor, ignoring hub [ 153.623261][ T5329] hub 5-1:1.0: probe with driver hub failed with error -5 [ 153.628413][ T5329] cdc_wdm 5-1:1.0: skipping garbage [ 153.630091][ T5329] cdc_wdm 5-1:1.0: skipping garbage [ 153.635549][ T5329] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22 [ 153.992257][ T7494] virtio-fs: tag <(null)> not found [ 153.998021][ T7494] mmap: syz.1.640 (7494) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 155.063878][ T7512] __nla_validate_parse: 1 callbacks suppressed [ 155.063896][ T7512] netlink: 8 bytes leftover after parsing attributes in process `syz.1.643'. [ 155.071373][ T7512] netlink: 8 bytes leftover after parsing attributes in process `syz.1.643'. [ 155.140911][ T7514] FAULT_INJECTION: forcing a failure. [ 155.140911][ T7514] name failslab, interval 1, probability 0, space 0, times 0 [ 155.146141][ T7514] CPU: 3 UID: 0 PID: 7514 Comm: syz.3.646 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0 [ 155.149549][ T7514] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 155.152924][ T7514] Call Trace: [ 155.154016][ T7514] [ 155.154994][ T7514] dump_stack_lvl+0x16c/0x1f0 [ 155.156743][ T7514] should_fail_ex+0x497/0x5b0 [ 155.158366][ T7514] should_failslab+0xc2/0x120 [ 155.160064][ T7514] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 155.161895][ T7514] ? skb_clone+0x190/0x3f0 [ 155.163438][ T7514] skb_clone+0x190/0x3f0 [ 155.164785][ T7514] netlink_deliver_tap+0xab3/0xd90 [ 155.166478][ T7514] netlink_unicast+0x6b4/0x7f0 [ 155.167963][ T7514] ? __pfx_netlink_unicast+0x10/0x10 [ 155.169590][ T7514] ? rtnetlink_rcv_msg+0x3e6/0xea0 [ 155.171217][ T7514] netlink_ack+0x6a8/0xb90 [ 155.172589][ T7514] netlink_rcv_skb+0x348/0x440 [ 155.174103][ T7514] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 155.175842][ T7514] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 155.177538][ T7514] ? rcu_is_watching+0x12/0xc0 [ 155.179077][ T7514] netlink_unicast+0x53c/0x7f0 [ 155.180583][ T7514] ? __pfx_netlink_unicast+0x10/0x10 [ 155.182259][ T7514] netlink_sendmsg+0x8b8/0xd70 [ 155.183828][ T7514] ? __pfx_netlink_sendmsg+0x10/0x10 [ 155.185589][ T7514] ? __import_iovec+0x1fd/0x6e0 [ 155.187511][ T7514] ____sys_sendmsg+0xaaf/0xc90 [ 155.189108][ T7514] ? copy_msghdr_from_user+0x10b/0x160 [ 155.190886][ T7514] ? __pfx_____sys_sendmsg+0x10/0x10 [ 155.192578][ T7514] ? __pfx___lock_acquire+0x10/0x10 [ 155.194276][ T7514] ___sys_sendmsg+0x135/0x1e0 [ 155.195819][ T7514] ? __pfx____sys_sendmsg+0x10/0x10 [ 155.197544][ T7514] ? lock_acquire+0x2f/0xb0 [ 155.198995][ T7514] ? __fget_files+0x40/0x3f0 [ 155.200501][ T7514] ? fdget+0x176/0x210 [ 155.201874][ T7514] __sys_sendmsg+0x117/0x1f0 [ 155.203385][ T7514] ? __pfx___sys_sendmsg+0x10/0x10 [ 155.205095][ T7514] ? __fget_files+0x244/0x3f0 [ 155.206661][ T7514] do_syscall_64+0xcd/0x250 [ 155.208162][ T7514] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 155.210114][ T7514] RIP: 0033:0x7ff6b737dff9 [ 155.211562][ T7514] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 155.217763][ T7514] RSP: 002b:00007ff6b81e3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 155.220415][ T7514] RAX: ffffffffffffffda RBX: 00007ff6b7535f80 RCX: 00007ff6b737dff9 [ 155.222953][ T7514] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000003 [ 155.225479][ T7514] RBP: 00007ff6b81e3090 R08: 0000000000000000 R09: 0000000000000000 [ 155.228037][ T7514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 155.230558][ T7514] R13: 0000000000000000 R14: 00007ff6b7535f80 R15: 00007ffed0eb21e8 [ 155.233117][ T7514] [ 156.074856][ T35] usb 5-1: USB disconnect, device number 3 [ 156.292067][ T7532] netlink: 12 bytes leftover after parsing attributes in process `syz.2.652'. [ 156.295453][ T7532] netlink: 56 bytes leftover after parsing attributes in process `syz.2.652'. [ 156.486963][ T7540] Bluetooth: hci4: Frame reassembly failed (-84) [ 156.524159][ T70] Bluetooth: hci4: Frame reassembly failed (-84) [ 157.255240][ T39] audit: type=1400 audit(1728533608.472:524): avc: denied { mount } for pid=7560 comm="syz.3.662" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 157.261051][ T30] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 157.267546][ T39] audit: type=1400 audit(1728533608.492:525): avc: denied { mounton } for pid=7560 comm="syz.3.662" path="/180/file0" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1 [ 157.416181][ T30] usb 6-1: Using ep0 maxpacket: 8 [ 157.420341][ T30] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 157.423710][ T30] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 157.427951][ T30] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 29535, setting to 64 [ 157.431677][ T30] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 157.434932][ T30] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 157.457308][ T30] hub 6-1:1.0: bad descriptor, ignoring hub [ 157.459152][ T30] hub 6-1:1.0: probe with driver hub failed with error -5 [ 157.465446][ T30] cdc_wdm 6-1:1.0: skipping garbage [ 157.472569][ T30] cdc_wdm 6-1:1.0: skipping garbage [ 157.474807][ T30] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22 [ 158.094924][ T39] audit: type=1400 audit(1728533609.312:526): avc: denied { unmount } for pid=5349 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 158.157467][ T39] audit: type=1400 audit(1728533609.382:527): avc: denied { connect } for pid=7565 comm="syz.0.664" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 158.295623][ T7576] netlink: 8 bytes leftover after parsing attributes in process `syz.3.665'. [ 158.299307][ T7576] netlink: 8 bytes leftover after parsing attributes in process `syz.3.665'. [ 158.576905][ T5343] Bluetooth: hci4: command 0xfc11 tx timeout [ 158.577027][ T5340] Bluetooth: hci4: Entering manufacturer mode failed (-110) [ 159.649255][ T7597] netlink: 8 bytes leftover after parsing attributes in process `syz.3.674'. [ 159.705358][ T7599] FAULT_INJECTION: forcing a failure. [ 159.705358][ T7599] name failslab, interval 1, probability 0, space 0, times 0 [ 159.709582][ T7599] CPU: 1 UID: 0 PID: 7599 Comm: syz.1.675 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0 [ 159.712417][ T7599] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 159.715225][ T7599] Call Trace: [ 159.716141][ T7599] [ 159.716954][ T7599] dump_stack_lvl+0x16c/0x1f0 [ 159.718246][ T7599] should_fail_ex+0x497/0x5b0 [ 159.719501][ T7599] ? fs_reclaim_acquire+0xae/0x160 [ 159.720937][ T7599] should_failslab+0xc2/0x120 [ 159.722210][ T7599] __kmalloc_cache_noprof+0x6b/0x300 [ 159.723610][ T7599] ? tcf_block_get_ext+0x15c/0x17e0 [ 159.725062][ T7599] tcf_block_get_ext+0x15c/0x17e0 [ 159.726583][ T7599] tcf_block_get+0xa9/0x100 [ 159.728268][ T7599] ? __pfx_tcf_block_get+0x10/0x10 [ 159.730148][ T7599] ? __pfx_tcf_chain_head_change_dflt+0x10/0x10 [ 159.732241][ T7599] fq_codel_init+0x4ff/0xa60 [ 159.733488][ T7599] ? lockdep_rtnl_is_held+0x26/0x40 [ 159.734863][ T7599] ? __pfx_fq_codel_init+0x10/0x10 [ 159.736240][ T7599] qdisc_create+0x4f1/0x1100 [ 159.737666][ T7599] ? __pfx_qdisc_create+0x10/0x10 [ 159.739004][ T7599] ? nla_strcmp+0xff/0x130 [ 159.740188][ T7599] tc_modify_qdisc+0x4d8/0x1c40 [ 159.741548][ T7599] ? __pfx_tc_modify_qdisc+0x10/0x10 [ 159.742945][ T7599] ? __pfx_tc_modify_qdisc+0x10/0x10 [ 159.744336][ T7599] rtnetlink_rcv_msg+0x3c7/0xea0 [ 159.745667][ T7599] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 159.747565][ T7599] netlink_rcv_skb+0x16b/0x440 [ 159.749352][ T7599] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 159.751362][ T7599] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 159.753110][ T7599] ? netlink_deliver_tap+0x1ae/0xd90 [ 159.754500][ T7599] netlink_unicast+0x53c/0x7f0 [ 159.755767][ T7599] ? __pfx_netlink_unicast+0x10/0x10 [ 159.757204][ T7599] netlink_sendmsg+0x8b8/0xd70 [ 159.758469][ T7599] ? __pfx_netlink_sendmsg+0x10/0x10 [ 159.759855][ T7599] ? __import_iovec+0x1fd/0x6e0 [ 159.761189][ T7599] ____sys_sendmsg+0xaaf/0xc90 [ 159.762449][ T7599] ? copy_msghdr_from_user+0x10b/0x160 [ 159.763872][ T7599] ? __pfx_____sys_sendmsg+0x10/0x10 [ 159.765271][ T7599] ? __pfx___lock_acquire+0x10/0x10 [ 159.766912][ T7599] ___sys_sendmsg+0x135/0x1e0 [ 159.768673][ T7599] ? __pfx____sys_sendmsg+0x10/0x10 [ 159.770609][ T7599] ? lock_acquire+0x2f/0xb0 [ 159.772079][ T7599] ? __fget_files+0x40/0x3f0 [ 159.773285][ T7599] ? fdget+0x176/0x210 [ 159.774356][ T7599] __sys_sendmmsg+0x1a1/0x450 [ 159.775610][ T7599] ? __pfx___sys_sendmmsg+0x10/0x10 [ 159.777027][ T7599] ? vfs_write+0x14d/0x1140 [ 159.778168][ T7599] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 159.779683][ T7599] ? fput+0x30/0x390 [ 159.780675][ T7599] ? ksys_write+0x1ad/0x260 [ 159.781833][ T7599] ? __pfx_ksys_write+0x10/0x10 [ 159.783059][ T7599] __x64_sys_sendmmsg+0x9c/0x100 [ 159.784304][ T7599] ? lockdep_hardirqs_on+0x7c/0x110 [ 159.785633][ T7599] do_syscall_64+0xcd/0x250 [ 159.786797][ T7599] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.788269][ T7599] RIP: 0033:0x7f19b817dff9 [ 159.789394][ T7599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 159.794172][ T7599] RSP: 002b:00007f19b8e98038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 159.796335][ T7599] RAX: ffffffffffffffda RBX: 00007f19b8335f80 RCX: 00007f19b817dff9 [ 159.798294][ T7599] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000004 [ 159.800275][ T7599] RBP: 00007f19b8e98090 R08: 0000000000000000 R09: 0000000000000000 [ 159.802288][ T7599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 159.804240][ T7599] R13: 0000000000000000 R14: 00007f19b8335f80 R15: 00007ffc4def4c98 [ 159.806331][ T7599] [ 159.845258][ T5329] usb 6-1: USB disconnect, device number 10 [ 159.879807][ T7603] FAULT_INJECTION: forcing a failure. [ 159.879807][ T7603] name failslab, interval 1, probability 0, space 0, times 0 [ 159.883274][ T7603] CPU: 2 UID: 0 PID: 7603 Comm: syz.1.677 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0 [ 159.886102][ T7603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 159.889156][ T7603] Call Trace: [ 159.890030][ T7603] [ 159.890851][ T7603] dump_stack_lvl+0x16c/0x1f0 [ 159.892112][ T7603] should_fail_ex+0x497/0x5b0 [ 159.893360][ T7603] ? fs_reclaim_acquire+0xae/0x160 [ 159.894803][ T7603] should_failslab+0xc2/0x120 [ 159.896113][ T7603] __kmalloc_noprof+0xcb/0x400 [ 159.897468][ T7603] video_usercopy+0x1ac/0x1600 [ 159.898804][ T7603] ? __pfx___video_do_ioctl+0x10/0x10 [ 159.900221][ T7603] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 159.902087][ T7603] ? __pfx_video_usercopy+0x10/0x10 [ 159.903411][ T7603] v4l2_ioctl+0x1ba/0x250 [ 159.904673][ T7603] ? __pfx_v4l2_ioctl+0x10/0x10 [ 159.905983][ T7603] __x64_sys_ioctl+0x18f/0x220 [ 159.907306][ T7603] do_syscall_64+0xcd/0x250 [ 159.908536][ T7603] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.910053][ T7603] RIP: 0033:0x7f19b817dff9 [ 159.911234][ T7603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 159.916229][ T7603] RSP: 002b:00007f19b8e98038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 159.918520][ T7603] RAX: ffffffffffffffda RBX: 00007f19b8335f80 RCX: 00007f19b817dff9 [ 159.920657][ T7603] RDX: 0000000020000200 RSI: 00000000c0845657 RDI: 0000000000000003 [ 159.922808][ T7603] RBP: 00007f19b8e98090 R08: 0000000000000000 R09: 0000000000000000 [ 159.924967][ T7603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 159.927492][ T7603] R13: 0000000000000000 R14: 00007f19b8335f80 R15: 00007ffc4def4c98 [ 159.929841][ T7603] [ 160.376077][ T7617] netlink: 8 bytes leftover after parsing attributes in process `syz.1.680'. [ 160.378822][ T7617] netlink: 8 bytes leftover after parsing attributes in process `syz.1.680'. [ 161.548533][ T5329] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 161.696052][ T5329] usb 5-1: Using ep0 maxpacket: 8 [ 161.700884][ T5329] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 161.704512][ T5329] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 161.709091][ T5329] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 29535, setting to 64 [ 161.712973][ T5329] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 161.716649][ T5329] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 161.728634][ T5329] hub 5-1:1.0: bad descriptor, ignoring hub [ 161.730384][ T5329] hub 5-1:1.0: probe with driver hub failed with error -5 [ 161.732485][ T5329] cdc_wdm 5-1:1.0: skipping garbage [ 161.733905][ T5329] cdc_wdm 5-1:1.0: skipping garbage [ 161.735345][ T5329] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22 [ 161.749602][ T7634] syzkaller1: entered promiscuous mode [ 161.751100][ T7634] syzkaller1: entered allmulticast mode [ 161.755120][ T39] audit: type=1400 audit(1728533612.972:528): avc: denied { call } for pid=7633 comm="syz.1.686" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 161.887505][ T7639] netlink: 8 bytes leftover after parsing attributes in process `syz.3.687'. [ 164.166493][ T30] usb 5-1: USB disconnect, device number 4 [ 164.732799][ T7678] netlink: 8 bytes leftover after parsing attributes in process `syz.1.699'. [ 165.296053][ T5343] Bluetooth: hci0: command 0x0406 tx timeout [ 165.548391][ T7691] netlink: 8 bytes leftover after parsing attributes in process `syz.2.700'. [ 165.550811][ T7691] netlink: 8 bytes leftover after parsing attributes in process `syz.2.700'. [ 165.829770][ T5340] Bluetooth: hci2: unexpected event 0x06 length: 4 > 3 [ 166.966077][ T5329] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 167.133125][ T7722] netlink: 8 bytes leftover after parsing attributes in process `syz.3.711'. [ 167.155966][ T5329] usb 5-1: Using ep0 maxpacket: 8 [ 167.162593][ T5329] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 167.167422][ T5329] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 167.171999][ T5329] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 29535, setting to 64 [ 167.177435][ T5329] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 167.181400][ T5329] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 167.195286][ T5329] hub 5-1:1.0: bad descriptor, ignoring hub [ 167.197518][ T5329] hub 5-1:1.0: probe with driver hub failed with error -5 [ 167.200238][ T5329] cdc_wdm 5-1:1.0: skipping garbage [ 167.202083][ T5329] cdc_wdm 5-1:1.0: skipping garbage [ 167.203951][ T5329] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22 [ 168.179317][ T39] audit: type=1400 audit(1728533619.402:529): avc: denied { write } for pid=7735 comm="syz.3.716" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 168.239200][ T7737] sctp: [Deprecated]: syz.3.716 (pid 7737) Use of int in max_burst socket option. [ 168.239200][ T7737] Use struct sctp_assoc_value instead [ 168.249953][ T7736] /dev/nullb0: Can't open blockdev [ 168.958345][ T7749] netlink: 8 bytes leftover after parsing attributes in process `syz.2.720'. [ 169.163143][ T39] audit: type=1400 audit(1728533620.382:530): avc: denied { read } for pid=7752 comm="syz.3.722" name="nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 169.184801][ T39] audit: type=1400 audit(1728533620.392:531): avc: denied { open } for pid=7752 comm="syz.3.722" path="/dev/nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 169.312706][ T39] audit: type=1400 audit(1728533620.532:532): avc: denied { map } for pid=7756 comm="syz.3.724" path="/dev/video3" dev="devtmpfs" ino=880 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 169.566423][ T5329] usb 5-1: USB disconnect, device number 5 [ 171.216038][ T5329] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 171.375980][ T5329] usb 5-1: Using ep0 maxpacket: 8 [ 171.379315][ T5329] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 171.382525][ T5329] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 171.385517][ T5329] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 29535, setting to 64 [ 171.389362][ T5329] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 171.392438][ T5329] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 171.400310][ T5329] hub 5-1:1.0: bad descriptor, ignoring hub [ 171.402332][ T5329] hub 5-1:1.0: probe with driver hub failed with error -5 [ 171.405528][ T5329] cdc_wdm 5-1:1.0: skipping garbage [ 171.410688][ T5329] cdc_wdm 5-1:1.0: skipping garbage [ 171.412530][ T5329] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22 [ 173.695512][ T7833] netlink: 8 bytes leftover after parsing attributes in process `syz.2.745'. [ 173.895996][ T30] usb 5-1: USB disconnect, device number 6 [ 175.992729][ T39] audit: type=1400 audit(1728533627.212:533): avc: denied { mount } for pid=7880 comm="syz.0.760" name="/" dev="afs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 176.173753][ T5329] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 176.336083][ T5329] usb 6-1: Using ep0 maxpacket: 8 [ 176.343483][ T5329] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 176.348916][ T5329] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 176.352354][ T5329] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 29535, setting to 64 [ 176.367137][ T5329] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 176.373514][ T5329] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 176.388602][ T5329] hub 6-1:1.0: bad descriptor, ignoring hub [ 176.390248][ T5329] hub 6-1:1.0: probe with driver hub failed with error -5 [ 176.393867][ T5329] cdc_wdm 6-1:1.0: skipping garbage [ 176.395335][ T5329] cdc_wdm 6-1:1.0: skipping garbage [ 176.401501][ T5329] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22 [ 177.111385][ T7907] serio: Serial port pts0 [ 178.031895][ T39] audit: type=1400 audit(1728533629.252:534): avc: denied { write } for pid=7914 comm="syz.3.771" name="ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 178.043861][ T39] audit: type=1400 audit(1728533629.262:535): avc: denied { ioctl } for pid=7914 comm="syz.3.771" path="/dev/ndctl0" dev="devtmpfs" ino=109 ioctlcmd=0x9417 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 178.317475][ T5340] Bluetooth: hci1: unexpected event 0x06 length: 4 > 3 [ 178.356017][ T7925] netlink: 8 bytes leftover after parsing attributes in process `syz.3.774'. [ 178.499090][ T7927] netlink: 20 bytes leftover after parsing attributes in process `syz.3.775'. [ 178.766165][ T58] usb 6-1: USB disconnect, device number 11 [ 180.115856][ T7963] 8021q: adding VLAN 0 to HW filter on device bond1 [ 180.118282][ T7951] overlayfs: missing 'workdir' [ 180.157753][ T7967] netlink: 'syz.2.784': attribute type 3 has an invalid length. [ 180.159892][ T7967] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.784'. [ 180.369884][ T5340] Bluetooth: hci2: unexpected event 0x06 length: 4 > 3 [ 180.666020][ T5771] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 180.826019][ T5771] usb 5-1: Using ep0 maxpacket: 32 [ 180.830977][ T5771] usb 5-1: config 0 has no interfaces? [ 180.833125][ T5771] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 180.836608][ T5771] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 180.841593][ T5771] usb 5-1: config 0 descriptor?? [ 182.110306][ T5340] Bluetooth: hci2: unexpected event 0x06 length: 4 > 3 [ 183.204188][ T39] audit: type=1400 audit(1728533634.422:536): avc: denied { create } for pid=8020 comm="syz.2.805" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 183.410000][ T25] usb 5-1: USB disconnect, device number 7 [ 183.938207][ T39] audit: type=1400 audit(1728533635.162:537): avc: denied { append } for pid=8041 comm="syz.1.812" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 184.715992][ T5771] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 184.785991][ T58] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 184.876003][ T5771] usb 7-1: Using ep0 maxpacket: 32 [ 184.876155][ T5329] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 184.879532][ T5771] usb 7-1: config 0 has no interfaces? [ 184.882202][ T5771] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 184.885239][ T5771] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 184.889638][ T5771] usb 7-1: config 0 descriptor?? [ 184.936060][ T58] usb 6-1: Using ep0 maxpacket: 8 [ 184.939221][ T58] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 184.942940][ T58] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 184.945753][ T58] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 29535, setting to 64 [ 184.949331][ T58] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 184.952484][ T58] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 184.959695][ T58] hub 6-1:1.0: bad descriptor, ignoring hub [ 184.961567][ T58] hub 6-1:1.0: probe with driver hub failed with error -5 [ 184.965740][ T58] cdc_wdm 6-1:1.0: skipping garbage [ 184.967717][ T58] cdc_wdm 6-1:1.0: skipping garbage [ 184.969599][ T58] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22 [ 185.036070][ T5329] usb 8-1: Using ep0 maxpacket: 8 [ 185.038689][ T5329] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 185.041311][ T5329] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 185.043613][ T5329] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 29535, setting to 64 [ 185.046633][ T5329] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 185.049445][ T5329] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 185.053676][ T5329] hub 8-1:1.0: bad descriptor, ignoring hub [ 185.055252][ T5329] hub 8-1:1.0: probe with driver hub failed with error -5 [ 185.057405][ T5329] cdc_wdm 8-1:1.0: skipping garbage [ 185.058755][ T5329] cdc_wdm 8-1:1.0: skipping garbage [ 185.060204][ T5329] cdc_wdm 8-1:1.0: probe with driver cdc_wdm failed with error -22 [ 186.180688][ T8069] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.820'. [ 186.183587][ T8069] openvswitch: netlink: Key type 4112 is out of range max 32 [ 187.208323][ T5384] usb 6-1: USB disconnect, device number 12 [ 187.326799][ T5399] usb 8-1: USB disconnect, device number 10 [ 187.373013][ T8081] netlink: 8 bytes leftover after parsing attributes in process `syz.3.824'. [ 187.380387][ T8081] veth0_vlan: entered allmulticast mode [ 187.604352][ T828] usb 7-1: USB disconnect, device number 9 [ 188.069168][ T5329] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 188.226049][ T5329] usb 6-1: Using ep0 maxpacket: 8 [ 188.229676][ T5329] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 188.233294][ T5329] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 188.236633][ T5329] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 29535, setting to 64 [ 188.240847][ T5329] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 188.244086][ T5329] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 188.250349][ T5329] hub 6-1:1.0: bad descriptor, ignoring hub [ 188.252481][ T5329] hub 6-1:1.0: probe with driver hub failed with error -5 [ 188.255268][ T5329] cdc_wdm 6-1:1.0: skipping garbage [ 188.257693][ T5329] cdc_wdm 6-1:1.0: skipping garbage [ 188.259657][ T5329] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22 [ 188.875035][ T39] audit: type=1326 audit(1728533640.092:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8113 comm="syz.2.836" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fddd577dff9 code=0x0 [ 188.990316][ T39] audit: type=1400 audit(1728533640.212:539): avc: denied { ioctl } for pid=8113 comm="syz.2.836" path="socket:[20981]" dev="sockfs" ino=20981 ioctlcmd=0x89f1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 189.000803][ T39] audit: type=1400 audit(1728533640.222:540): avc: denied { getopt } for pid=8113 comm="syz.2.836" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 189.067286][ T5397] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 189.215986][ T5397] usb 5-1: Using ep0 maxpacket: 32 [ 189.220461][ T5397] usb 5-1: config 0 has no interfaces? [ 189.222336][ T5397] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 189.225763][ T5397] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 189.230561][ T5397] usb 5-1: config 0 descriptor?? [ 190.526853][ T58] usb 6-1: USB disconnect, device number 13 [ 191.969282][ T25] usb 5-1: USB disconnect, device number 8 [ 192.097528][ T39] audit: type=1400 audit(1728533643.322:541): avc: denied { ioctl } for pid=8158 comm="syz.2.849" path="socket:[22157]" dev="sockfs" ino=22157 ioctlcmd=0x9377 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 192.106198][ T5340] Bluetooth: hci1: unexpected cc 0x1001 length: 65 > 9 [ 192.108110][ T5340] Bluetooth: hci1: unexpected event for opcode 0x1001 [ 193.051505][ T8170] netlink: 8 bytes leftover after parsing attributes in process `syz.2.851'. [ 193.969556][ T5340] Bluetooth: hci1: unexpected event 0x06 length: 4 > 3 [ 194.575956][ T39] audit: type=1400 audit(1728533645.792:542): avc: denied { read } for pid=8191 comm="syz.3.860" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1 [ 194.586990][ T39] audit: type=1400 audit(1728533645.792:543): avc: denied { open } for pid=8191 comm="syz.3.860" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1 [ 194.600043][ T8196] nlmon0: entered promiscuous mode [ 194.602181][ T8196] vlan2: entered promiscuous mode [ 194.605774][ T8196] nlmon0: left promiscuous mode [ 195.112452][ T8206] netlink: 8 bytes leftover after parsing attributes in process `syz.3.861'. [ 195.132974][ T35] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 195.296139][ T35] usb 5-1: Using ep0 maxpacket: 32 [ 195.300909][ T35] usb 5-1: config 0 has no interfaces? [ 195.305101][ T35] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 195.310588][ T35] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 195.315304][ T35] usb 5-1: config 0 descriptor?? [ 195.426423][ T30] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 195.591643][ T39] audit: type=1400 audit(1728533646.812:544): avc: denied { watch } for pid=8208 comm="syz.1.863" path="/201/net_prio.prioidx" dev="tmpfs" ino=1114 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 195.601014][ T39] audit: type=1400 audit(1728533646.812:545): avc: denied { watch_sb } for pid=8208 comm="syz.1.863" path="/201/net_prio.prioidx" dev="tmpfs" ino=1114 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 195.786025][ T30] usb 7-1: Using ep0 maxpacket: 8 [ 195.789619][ T30] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 195.793213][ T30] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 195.796499][ T30] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 29535, setting to 64 [ 195.800571][ T30] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 195.803861][ T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 195.810650][ T30] hub 7-1:1.0: bad descriptor, ignoring hub [ 195.812797][ T30] hub 7-1:1.0: probe with driver hub failed with error -5 [ 195.815605][ T30] cdc_wdm 7-1:1.0: skipping garbage [ 195.817670][ T30] cdc_wdm 7-1:1.0: skipping garbage [ 195.819614][ T30] cdc_wdm 7-1:1.0: probe with driver cdc_wdm failed with error -22 [ 195.874777][ T8217] netlink: 24 bytes leftover after parsing attributes in process `syz.3.865'. [ 195.932743][ T8220] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 197.003480][ T8242] netlink: 8 bytes leftover after parsing attributes in process `syz.3.873'. [ 197.621413][ T25] usb 5-1: USB disconnect, device number 9 [ 198.338294][ T30] usb 7-1: USB disconnect, device number 10 [ 198.436138][ T39] audit: type=1326 audit(1728533649.662:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8263 comm="syz.0.880" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc95117dff9 code=0x0 [ 198.537872][ T8273] netlink: 8 bytes leftover after parsing attributes in process `syz.2.882'. [ 198.789214][ T8279] FAULT_INJECTION: forcing a failure. [ 198.789214][ T8279] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 198.794107][ T8279] CPU: 2 UID: 0 PID: 8279 Comm: syz.2.885 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0 [ 198.797728][ T8279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 198.801344][ T8279] Call Trace: [ 198.802497][ T8279] [ 198.803521][ T8279] dump_stack_lvl+0x16c/0x1f0 [ 198.805345][ T8279] should_fail_ex+0x497/0x5b0 [ 198.807100][ T8279] _copy_to_user+0x30/0xc0 [ 198.808551][ T8279] simple_read_from_buffer+0xd0/0x160 [ 198.810430][ T8279] proc_fail_nth_read+0x198/0x270 [ 198.811851][ T8279] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 198.813557][ T8279] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 198.815106][ T8279] vfs_read+0x1ce/0xbd0 [ 198.816539][ T8279] ? __fget_files+0x23a/0x3f0 [ 198.818123][ T8279] ? fdget_pos+0x24c/0x360 [ 198.819679][ T8279] ? __pfx_lock_release+0x10/0x10 [ 198.821453][ T8279] ? trace_lock_acquire+0x14a/0x1d0 [ 198.823231][ T8279] ? __pfx_vfs_read+0x10/0x10 [ 198.824829][ T8279] ? __pfx___mutex_lock+0x10/0x10 [ 198.826525][ T8279] ? __fget_files+0x244/0x3f0 [ 198.828041][ T8279] ksys_read+0x12f/0x260 [ 198.829444][ T8279] ? __pfx_ksys_read+0x10/0x10 [ 198.831063][ T8279] do_syscall_64+0xcd/0x250 [ 198.832678][ T8279] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 198.834853][ T8279] RIP: 0033:0x7fddd577ca3c [ 198.836554][ T8279] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 198.843151][ T8279] RSP: 002b:00007fddd6661030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 198.845982][ T8279] RAX: ffffffffffffffda RBX: 00007fddd5935f80 RCX: 00007fddd577ca3c [ 198.848704][ T8279] RDX: 000000000000000f RSI: 00007fddd66610a0 RDI: 0000000000000006 [ 198.851332][ T8279] RBP: 00007fddd6661090 R08: 0000000000000000 R09: 0000000000000000 [ 198.853989][ T8279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 198.856694][ T8279] R13: 0000000000000000 R14: 00007fddd5935f80 R15: 00007ffe6db86208 [ 198.859395][ T8279] [ 198.900852][ T39] audit: type=1400 audit(1728533650.122:547): avc: denied { getopt } for pid=8280 comm="syz.2.886" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 199.006056][ T35] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 199.236041][ T35] usb 6-1: Using ep0 maxpacket: 32 [ 199.239012][ T35] usb 6-1: config 0 has no interfaces? [ 199.240664][ T35] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 199.243170][ T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 199.247941][ T35] usb 6-1: config 0 descriptor?? [ 199.374109][ T8299] netlink: 8 bytes leftover after parsing attributes in process `syz.0.888'. [ 199.377434][ T8299] netlink: 8 bytes leftover after parsing attributes in process `syz.0.888'. [ 200.316032][ T30] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 200.466535][ T30] usb 8-1: Using ep0 maxpacket: 8 [ 200.471776][ T30] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 200.475412][ T30] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 200.478769][ T30] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 29535, setting to 64 [ 200.632081][ T30] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 200.635418][ T30] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 200.641649][ T30] hub 8-1:1.0: bad descriptor, ignoring hub [ 200.643785][ T30] hub 8-1:1.0: probe with driver hub failed with error -5 [ 200.646758][ T30] cdc_wdm 8-1:1.0: skipping garbage [ 200.648911][ T30] cdc_wdm 8-1:1.0: skipping garbage [ 200.651227][ T30] cdc_wdm 8-1:1.0: probe with driver cdc_wdm failed with error -22 [ 201.773245][ T5397] usb 6-1: USB disconnect, device number 14 [ 201.859488][ T5340] Bluetooth: hci1: unexpected event 0x06 length: 4 > 3 [ 202.119281][ T8338] netlink: 8 bytes leftover after parsing attributes in process `syz.0.901'. [ 202.126622][ T8338] netlink: 8 bytes leftover after parsing attributes in process `syz.0.901'. [ 202.543423][ T30] usb 8-1: USB disconnect, device number 11 [ 203.586010][ T8358] FAULT_INJECTION: forcing a failure. [ 203.586010][ T8358] name failslab, interval 1, probability 0, space 0, times 0 [ 203.589763][ T8358] CPU: 3 UID: 0 PID: 8358 Comm: syz.2.906 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0 [ 203.592524][ T8358] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 203.595320][ T8358] Call Trace: [ 203.596473][ T8358] [ 203.597567][ T8358] dump_stack_lvl+0x16c/0x1f0 [ 203.599298][ T8358] should_fail_ex+0x497/0x5b0 [ 203.601028][ T8358] ? fs_reclaim_acquire+0xae/0x160 [ 203.602371][ T8358] should_failslab+0xc2/0x120 [ 203.603613][ T8358] __kmalloc_cache_noprof+0x6b/0x300 [ 203.605014][ T8358] ? inode_doinit_use_xattr+0x54/0x410 [ 203.606480][ T8358] inode_doinit_use_xattr+0x54/0x410 [ 203.607913][ T8358] inode_doinit_with_dentry+0x10c6/0x12c0 [ 203.609435][ T8358] ? find_held_lock+0x2d/0x110 [ 203.610776][ T8358] ? __pfx_inode_doinit_with_dentry+0x10/0x10 [ 203.612467][ T8358] ? find_held_lock+0x2d/0x110 [ 203.613780][ T8358] selinux_d_instantiate+0x26/0x30 [ 203.615135][ T8358] security_d_instantiate+0x142/0x1a0 [ 203.616812][ T8358] d_splice_alias+0x94/0xdf0 [ 203.618521][ T8358] ? do_raw_spin_unlock+0x172/0x230 [ 203.620443][ T8358] kernfs_iop_lookup+0x286/0x330 [ 203.621889][ T8358] lookup_one_qstr_excl+0x11d/0x190 [ 203.623254][ T8358] ? mnt_want_write+0x161/0x450 [ 203.624562][ T8358] do_rmdir+0x247/0x410 [ 203.625681][ T8358] ? __might_fault+0xe3/0x190 [ 203.626952][ T8358] ? __pfx_do_rmdir+0x10/0x10 [ 203.628226][ T8358] ? getname_flags.part.0+0x1c5/0x550 [ 203.629659][ T8358] __x64_sys_rmdir+0xc5/0x110 [ 203.630898][ T8358] do_syscall_64+0xcd/0x250 [ 203.632104][ T8358] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 203.633667][ T8358] RIP: 0033:0x7fddd577dff9 [ 203.634844][ T8358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 203.641236][ T8358] RSP: 002b:00007fddd6661038 EFLAGS: 00000246 ORIG_RAX: 0000000000000054 [ 203.643457][ T8358] RAX: ffffffffffffffda RBX: 00007fddd5935f80 RCX: 00007fddd577dff9 [ 203.645639][ T8358] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000700 [ 203.647701][ T8358] RBP: 00007fddd6661090 R08: 0000000000000000 R09: 0000000000000000 [ 203.649771][ T8358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 203.651837][ T8358] R13: 0000000000000000 R14: 00007fddd5935f80 R15: 00007ffe6db86208 [ 203.653925][ T8358] [ 204.026228][ T25] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 204.126442][ T35] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 204.176972][ T25] usb 7-1: Using ep0 maxpacket: 16 [ 204.182177][ T25] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 204.185190][ T25] usb 7-1: config 0 has no interfaces? [ 204.186904][ T25] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 204.189645][ T25] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 204.199849][ T25] usb 7-1: config 0 descriptor?? [ 204.296075][ T35] usb 6-1: Using ep0 maxpacket: 32 [ 204.300461][ T35] usb 6-1: config 0 has no interfaces? [ 204.302083][ T35] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 204.304584][ T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 204.322809][ T35] usb 6-1: config 0 descriptor?? [ 204.409055][ T828] usb 7-1: USB disconnect, device number 11 [ 205.591093][ T8387] netlink: 8 bytes leftover after parsing attributes in process `syz.0.915'. [ 205.593798][ T8387] netlink: 8 bytes leftover after parsing attributes in process `syz.0.915'. [ 205.846575][ T8389] fuse: Bad value for 'rootmode' [ 206.089502][ T8394] netlink: 12 bytes leftover after parsing attributes in process `syz.3.917'. [ 206.841070][ T35] usb 6-1: USB disconnect, device number 15 [ 208.008839][ T39] audit: type=1804 audit(1728533659.222:548): pid=8431 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.928" name="/newroot/216/bus/bus" dev="overlay" ino=1220 res=1 errno=0 [ 208.183432][ T8436] io-wq is not configured for unbound workers [ 208.496145][ T828] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 208.786013][ T828] usb 7-1: Using ep0 maxpacket: 32 [ 208.798664][ T828] usb 7-1: config 0 has no interfaces? [ 208.800446][ T828] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 208.806084][ T828] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 208.831284][ T828] usb 7-1: config 0 descriptor?? [ 209.996216][ T8471] smc: adding net device pim6reg0 with user defined pnetid SYZ1 [ 210.032143][ T8469] smc: removing net device pim6reg0 with user defined pnetid SYZ1 [ 210.443114][ T39] audit: type=1400 audit(1728533661.642:549): avc: denied { connect } for pid=8476 comm="syz.3.942" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 210.455506][ T39] audit: type=1400 audit(1728533661.662:550): avc: denied { setopt } for pid=8476 comm="syz.3.942" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 211.240491][ T35] usb 7-1: USB disconnect, device number 12 [ 211.544667][ T39] audit: type=1326 audit(1728533662.762:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8495 comm="syz.0.947" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc95117dff9 code=0x0 [ 211.710505][ T8499] overlayfs: missing 'lowerdir' [ 212.231965][ T8506] smc: adding net device pim6reg0 with user defined pnetid SYZ1 [ 212.236620][ T8507] netlink: 8 bytes leftover after parsing attributes in process `syz.1.949'. [ 212.253594][ T8505] smc: removing net device pim6reg0 with user defined pnetid SYZ1 [ 212.726459][ T1708] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 212.876039][ T1708] usb 6-1: Using ep0 maxpacket: 32 [ 212.878850][ T1708] usb 6-1: config 0 has no interfaces? [ 212.880476][ T1708] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 212.882820][ T1708] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 212.885987][ T1708] usb 6-1: config 0 descriptor?? [ 214.390849][ T8549] netlink: 8 bytes leftover after parsing attributes in process `syz.0.961'. [ 214.406002][ T5771] usb 8-1: new high-speed USB device number 12 using dummy_hcd [ 214.566071][ T5771] usb 8-1: Using ep0 maxpacket: 8 [ 214.569468][ T5771] usb 8-1: config index 0 descriptor too short (expected 301, got 45) [ 214.571605][ T5771] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 214.574118][ T5771] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 214.576923][ T5771] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 214.579611][ T5771] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 214.583032][ T5771] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 214.585389][ T5771] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 214.790699][ T5771] usb 8-1: usb_control_msg returned -32 [ 214.792256][ T5771] usbtmc 8-1:16.0: can't read capabilities [ 215.501279][ T8] usb 6-1: USB disconnect, device number 16 [ 215.920004][ T8571] netlink: 40 bytes leftover after parsing attributes in process `syz.1.968'. [ 217.150426][ T8607] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 217.177775][ T30] usb 8-1: USB disconnect, device number 12 SYZFAIL: bad allocate request allocated=0 size=18446744073709551090/18446744073709551096 (errno 11: Resource temporarily unavailable) [ 217.449874][ T70] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 217.542905][ T70] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 217.640771][ T70] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 217.740147][ T70] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 217.837963][ T70] bridge_slave_1: left allmulticast mode [ 217.840271][ T70] bridge_slave_1: left promiscuous mode [ 217.843612][ T70] bridge0: port 2(bridge_slave_1) entered disabled state [ 217.851362][ T70] bridge_slave_0: left allmulticast mode [ 217.852900][ T70] bridge_slave_0: left promiscuous mode [ 217.854434][ T70] bridge0: port 1(bridge_slave_0) entered disabled state [ 218.178715][ T70] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 218.184985][ T70] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 218.191657][ T70] bond0 (unregistering): Released all slaves [ 218.220298][ T39] audit: type=1400 audit(1728533669.442:552): avc: denied { search } for pid=5055 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 218.226388][ T39] audit: type=1400 audit(1728533669.452:553): avc: denied { read } for pid=5055 comm="dhcpcd" name="n71" dev="tmpfs" ino=3993 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 218.232292][ T39] audit: type=1400 audit(1728533669.452:554): avc: denied { open } for pid=5055 comm="dhcpcd" path="/run/udev/data/n71" dev="tmpfs" ino=3993 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 218.239661][ T39] audit: type=1400 audit(1728533669.452:555): avc: denied { getattr } for pid=5055 comm="dhcpcd" path="/run/udev/data/n71" dev="tmpfs" ino=3993 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 218.264437][ T39] audit: type=1400 audit(1728533669.482:556): avc: denied { read } for pid=8612 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=1482 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 218.270704][ T39] audit: type=1400 audit(1728533669.482:557): avc: denied { open } for pid=8612 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1482 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 218.277846][ T39] audit: type=1400 audit(1728533669.482:558): avc: denied { getattr } for pid=8612 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1482 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 218.284968][ T39] audit: type=1400 audit(1728533669.482:559): avc: denied { write } for pid=8611 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1481 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 218.291392][ T39] audit: type=1400 audit(1728533669.482:560): avc: denied { add_name } for pid=8611 comm="dhcpcd-run-hook" name="resolv.conf.eth2.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 218.297342][ T39] audit: type=1400 audit(1728533669.492:561): avc: denied { create } for pid=8611 comm="dhcpcd-run-hook" name="resolv.conf.eth2.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 218.590878][ T70] hsr_slave_0: left promiscuous mode [ 218.592870][ T70] hsr_slave_1: left promiscuous mode [ 218.595185][ T70] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 218.598173][ T70] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 218.601233][ T70] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 218.603169][ T70] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 218.622496][ T70] veth1_macvtap: left promiscuous mode [ 218.624284][ T70] veth0_macvtap: left promiscuous mode [ 218.626147][ T70] veth1_vlan: left promiscuous mode [ 218.627922][ T70] veth0_vlan: left promiscuous mode [ 219.106270][ T70] smc: removing net device batadv_slave_1 with user defined pnetid SYZ2 [ 219.243459][ T70] team0 (unregistering): Port device team_slave_1 removed [ 219.312424][ T70] team0 (unregistering): Port device team_slave_0 removed [ 220.375631][ T70] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.450328][ T70] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.525082][ T70] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.596630][ T70] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.705476][ T70] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.785595][ T70] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.858106][ T70] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.920578][ T70] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.029027][ T70] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.115628][ T70] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.198137][ T70] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.291067][ T70] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.529520][ T70] bridge_slave_1: left allmulticast mode [ 221.531594][ T70] bridge_slave_1: left promiscuous mode [ 221.533730][ T70] bridge0: port 2(bridge_slave_1) entered disabled state [ 221.539249][ T70] bridge_slave_0: left allmulticast mode [ 221.541340][ T70] bridge_slave_0: left promiscuous mode [ 221.543471][ T70] bridge0: port 1(bridge_slave_0) entered disabled state [ 221.551323][ T70] bridge_slave_1: left allmulticast mode [ 221.552866][ T70] bridge_slave_1: left promiscuous mode [ 221.554413][ T70] bridge0: port 2(bridge_slave_1) entered disabled state [ 221.560660][ T70] bridge_slave_0: left allmulticast mode [ 221.562761][ T70] bridge_slave_0: left promiscuous mode [ 221.564907][ T70] bridge0: port 1(bridge_slave_0) entered disabled state [ 221.570054][ T70] bridge_slave_1: left allmulticast mode [ 221.572009][ T70] bridge_slave_1: left promiscuous mode [ 221.574125][ T70] bridge0: port 2(bridge_slave_1) entered disabled state [ 221.584536][ T70] bridge_slave_0: left allmulticast mode [ 221.587484][ T70] bridge_slave_0: left promiscuous mode [ 221.589694][ T70] bridge0: port 1(bridge_slave_0) entered disabled state [ 222.334385][ T70] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 222.340281][ T70] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 222.345119][ T70] bond0 (unregistering): Released all slaves [ 222.414774][ T70] bond1 (unregistering): Released all slaves [ 222.482876][ T70] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 222.486934][ T70] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 222.490257][ T70] bond0 (unregistering): Released all slaves [ 222.563231][ T70] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 222.567475][ T70] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 222.571017][ T70] bond0 (unregistering): Released all slaves [ 222.693528][ T70] tipc: Left network mode [ 223.523720][ T70] hsr_slave_0: left promiscuous mode [ 223.526483][ T70] hsr_slave_1: left promiscuous mode [ 223.529015][ T70] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 223.531706][ T70] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 223.534898][ T70] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 223.537813][ T70] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 223.544448][ T70] hsr_slave_0: left promiscuous mode [ 223.546771][ T70] hsr_slave_1: left promiscuous mode [ 223.548896][ T70] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 223.551257][ T70] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 223.553635][ T70] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 223.555614][ T70] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 223.561081][ T70] hsr_slave_0: left promiscuous mode [ 223.563674][ T70] hsr_slave_1: left promiscuous mode [ 223.566554][ T70] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 223.569221][ T70] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 223.572425][ T70] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 223.575059][ T70] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 223.638361][ T70] veth1_macvtap: left promiscuous mode [ 223.639811][ T70] veth0_macvtap: left promiscuous mode [ 223.641244][ T70] veth1_vlan: left promiscuous mode [ 223.643618][ T70] veth1_macvtap: left promiscuous mode [ 223.645278][ T70] veth0_macvtap: left promiscuous mode [ 223.647073][ T70] veth1_vlan: left promiscuous mode [ 223.650775][ T70] veth1_macvtap: left promiscuous mode [ 223.652270][ T70] veth0_macvtap: left promiscuous mode [ 223.653655][ T70] veth1_vlan: left promiscuous mode [ 223.655149][ T70] veth0_vlan: left promiscuous mode [ 223.773654][ T70] pim6reg (unregistering): left allmulticast mode [ 224.441616][ T70] team0 (unregistering): Port device team_slave_1 removed [ 224.516183][ T70] team0 (unregistering): Port device team_slave_0 removed [ 225.532529][ T70] smc: removing net device batadv_slave_1 with user defined pnetid SYZ2 [ 225.685166][ T70] team0 (unregistering): Port device team_slave_1 removed [ 225.758128][ T70] team0 (unregistering): Port device team_slave_0 removed [ 227.027176][ T70] team0 (unregistering): Port device team_slave_1 removed [ 227.115143][ T70] team0 (unregistering): Port device team_slave_0 removed VM DIAGNOSIS: 04:14:28 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=0000000000000000 RCX=ffffffff81d601b5 RDX=1ffff11005b7e751 RSI=0000000000000000 RDI=0000000000000000 RBP=800000004c006825 RSP=ffffc90004197890 R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000 R12=dffffc0000000000 R13=0000000000000000 R14=0000000000000000 R15=ffffea0001300180 RIP=ffffffff818d8498 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007ffca9613fac CR3=0000000022bb4000 CR4=00352ef0 DR0=fffffffffffffffc DR1=0000000000000000 DR2=0000000000000002 DR3=0000000000000800 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f19b81f1133 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f19b81f1140 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f19b81f113a ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f19b81f114e ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f19b81f11d4 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f19b81f12b2 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00736e6f69746361 736e6172742f7265 646e69622f677562 65642f6c656e7265 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 add0bdd7ac6a6f2c b2e3d4485f58e709 380f4edf2c6f70b5 4ca448575774dbaa ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=1ffff9200060eefc RCX=ffffc90003077820 RDX=1ffff110043365e3 RSI=ffffffff8e1b8340 RDI=ffff8880219b2f6a RBP=ffff8880219b2f48 RSP=ffffc900030777d0 R8 =0000000000000000 R9 =fffffbfff20be6f9 R10=ffffffff905f37cf R11=0000000000000000 R12=0000000000000001 R13=0000000000000002 R14=ffff8880219b2f18 R15=ffff8880219b2440 RIP=ffffffff816aa78c RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fc951e68710 CR3=0000000022bb4000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0070234423436d63 702f646e732f7665 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fddd57f1133 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fddd57f1140 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fddd57f113a ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fddd57f114e ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fddd57f11d4 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fddd57f12b2 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fddd646d100 00007fddd590b440 00007fddd5900004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fddd590b498 00007fddd590b490 00007fddd590b488 00007fddd590b480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=000000000095f293 RBX=0000000000000002 RCX=ffffffff8b21e0b9 RDX=0000000000000000 RSI=ffffffff8b6cd040 RDI=ffffffff8bd1a080 RBP=ffffed1003b5b000 RSP=ffffc90000197e08 R8 =0000000000000001 R9 =ffffed100d507025 R10=ffff88806a83812b R11=0000000000000000 R12=0000000000000002 R13=ffff88801dad8000 R14=ffffffff905f37c8 R15=0000000000000000 RIP=ffffffff8b21f49f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002001f000 CR3=000000002dfca000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000316e616c77 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff6b73f1133 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff6b73f1140 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff6b73f113a ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff6b73f114e ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff6b73f11d4 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff6b73f12b2 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0008000f0010000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0000000000000000 0000000000000000 0000000000000140 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=00000000008e428b RBX=0000000000000003 RCX=ffffffff8b21e0b9 RDX=0000000000000000 RSI=ffffffff8b6cd040 RDI=ffffffff8bd1a080 RBP=ffffed1003b5b488 RSP=ffffc900001a7e08 R8 =0000000000000001 R9 =ffffed100d527025 R10=ffff88806a93812b R11=0000000000000000 R12=0000000000000003 R13=ffff88801dada440 R14=ffffffff905f37c8 R15=0000000000000000 RIP=ffffffff8b21f49f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a900000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020021000 CR3=0000000022bb4000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=000000007ffbffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe6db865a0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fddd57f1133 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fddd57f1140 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fddd57f113a ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fddd57f114e ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fddd57f11d4 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fddd57f12b2 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000050 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000