last executing test programs: 4m6.354905621s ago: executing program 0 (id=7077): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000040), &(0x7f0000000080)=0x4) 4m6.354394933s ago: executing program 0 (id=7080): r0 = syz_open_dev$sndpcmc(&(0x7f0000000480), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r0, 0xc1004110, &(0x7f0000000000)={0x0, [0x2, 0xffff133a, 0x7], [{0x600, 0xffffffff}, {0x2, 0x7fff}, {0x0, 0xffff}, {0x6}, {0x0, 0x1}, {0x0, 0x9}, {0x0, 0x42}, {}, {}, {0x0, 0x89}, {0x0, 0x10200000}], 0x10}) 4m6.289822362s ago: executing program 0 (id=7083): r0 = socket$inet6_icmp(0xa, 0x2, 0x3a) bind$inet6(r0, &(0x7f0000002580)={0xa, 0x4e24, 0x9, @empty, 0x2}, 0x1c) 4m6.289190027s ago: executing program 0 (id=7087): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x40, 0x10, 0xffffff1f, 0x0, 0x80, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_MULTI_BOOLOPT={0xc, 0x2e, {0x0, 0x1}}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x2000c0c1}, 0x40000) 4m6.217486309s ago: executing program 0 (id=7091): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8}) 4m6.217384012s ago: executing program 0 (id=7093): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f8483f0000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0) 3m50.129715584s ago: executing program 32 (id=7093): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f8483f0000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0) 3m23.196861645s ago: executing program 3 (id=8980): openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) r0 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000100), 0x80000, 0x0) read$FUSE(r0, &(0x7f00000019c0)={0x2020}, 0x2020) 3m23.19660892s ago: executing program 3 (id=8981): r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x800000001fe, 0x82) r1 = dup(r0) ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000000080)={0x23, 0x3, 0x1c, 0x2004, 0x0, 0x7, 0x0}) 3m23.196463947s ago: executing program 3 (id=8982): r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000080)="1400000052004f030e789e7ee2ce2fa4ff612d27", 0x14) recvmmsg(r0, &(0x7f0000005c80)=[{{0x0, 0x0, 0x0}}], 0x344, 0x10122, 0x0) 3m23.165106699s ago: executing program 3 (id=8983): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000002080)={0x1f, 0x5, @any, 0x0, 0x1}, 0xe) setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0xf, &(0x7f0000000100)=0x2, 0x4) 3m23.091024596s ago: executing program 3 (id=8984): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8}) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) 3m23.090855s ago: executing program 3 (id=8985): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)={0x1c, 0x20, 0x9, 0x2, 0x25dfdbff, {0x4}, [@typed={0x8, 0x8, 0x0, 0x0, @fd=r0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000) 3m7.030236048s ago: executing program 33 (id=8985): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)={0x1c, 0x20, 0x9, 0x2, 0x25dfdbff, {0x4}, [@typed={0x8, 0x8, 0x0, 0x0, @fd=r0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000) 3m5.064582096s ago: executing program 1 (id=9606): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0) write$cgroup_devices(r0, &(0x7f0000000180)={'b', ' *:* ', 'rw\x00'}, 0x9) write$dsp(r0, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000) 3m2.858081953s ago: executing program 1 (id=9627): r0 = socket(0x2b, 0x80801, 0x1) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x10000, @empty}, 0x1c) setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000040)=@gcm_128={{0x304}, "4138ff953082d82c", "627a0eb32323927d6f2cca90afc66b25", "e3a9a890", "a2bef8c4a4ea1a57"}, 0x28) 3m2.789200699s ago: executing program 1 (id=9629): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x34, 0x0, 0x8, 0x101, 0x0, 0x0, {0x5, 0x0, 0x7}, [@CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x8863}, @CTA_TIMEOUT_DATA={0x4, 0x4, 0x0, 0x1, @fccp}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x2f}]}, 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x40080) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[], 0x100}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 3m2.788984426s ago: executing program 1 (id=9630): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000180)='.\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x45110, 0x0) mount$tmpfs(0x0, &(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000300)={[{@gid}]}) 3m2.725034937s ago: executing program 1 (id=9631): r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000380)={0x0, 0x2}, 0x8) sendto$inet(r0, &(0x7f0000000100)="ab", 0x34000, 0x40048c4, &(0x7f00000000c0)={0x2, 0x4e22, @local}, 0x10) 3m2.071031588s ago: executing program 1 (id=9635): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_SET(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)={0x58, r1, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20048848}, 0x4000) 3m1.964264272s ago: executing program 34 (id=9635): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_SET(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)={0x58, r1, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20048848}, 0x4000) 2m33.100222388s ago: executing program 2 (id=10823): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a0b040000000000000000020000002400048020000180070001006374000014000280080002400000000a08000140000000170900010073797a30000000000900020073797a320000000014"], 0x78}}, 0x10) 2m32.959757464s ago: executing program 2 (id=10824): mount$9p_virtio(&(0x7f0000000040), &(0x7f0000000080)='.\x00', &(0x7f0000000000), 0x4, &(0x7f00000000c0)={'trans=virtio,', {[{@nodevmap}]}}) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00') read$FUSE(r0, &(0x7f0000003480)={0x2020}, 0x2020) 2m32.954857643s ago: executing program 2 (id=10826): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace$getregs(0xe, r0, 0x1, &(0x7f00000000c0)=""/89) 2m32.7042299s ago: executing program 2 (id=10830): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x400, 0x20000000, 0x0, {0x0, 0x0, 0x0, 0x0, {0x4}, {0x0, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_NAT={0x8}, @TCA_CAKE_WASH={0x8}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000000}, 0x4) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x20008844) 2m32.617893047s ago: executing program 2 (id=10831): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8}) fstat(r0, &(0x7f0000000300)) 2m32.617704019s ago: executing program 2 (id=10832): unshare(0x62000000) r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000080)={0x0, {}, {0x2, 0x0, @multicast2}, {0x2, 0x0, @empty}, 0xab852ebbeefbd6b1}) 2m16.540079826s ago: executing program 35 (id=10832): unshare(0x62000000) r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000080)={0x0, {}, {0x2, 0x0, @multicast2}, {0x2, 0x0, @empty}, 0xab852ebbeefbd6b1}) 1.126789671s ago: executing program 6 (id=15311): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000380)={@in={{0x2, 0x4e22, @remote}}, 0x0, 0x0, 0x25, 0x0, "394281e595fd9eb506cd1a5555af72cd375de18882e299a83da979fa66c8f49889716b8dc73f6c5518c12abfb88e8b811ed8bd3623253c58eed51af8b75008e2576da2b0f564a63d98fb21dc8ab90d76"}, 0xd8) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0x20, &(0x7f0000000080)={@in={{0x2, 0x0, @remote}}, 0x3, 0x0, 0x1a, 0x0, "5e3b86774ef89ec669fabcaff49c2eeb8c4614c85b196a0c67a7768e058e3008931c08d43101cb8242bc42b8e0662749302c1ffcd1d1190000000000000000000000000000000000000000000200"}, 0xd8) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10) 827.064674ms ago: executing program 7 (id=15325): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x28, 0x1, 0x0) getsockname$packet(r1, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000031c0)=@newchain={0x24, 0x64, 0x1, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r2, {0x6, 0xa}, {0x9, 0xffe0}, {0xfff2, 0x1}}}, 0x24}}, 0x0) 826.776345ms ago: executing program 7 (id=15326): r0 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, 0x0) sendmsg$kcm(r0, 0x0, 0x40000) sendmsg$kcm(r0, &(0x7f0000002080)={0x0, 0x0, 0x0}, 0x0) 755.807871ms ago: executing program 7 (id=15329): r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000400), 0x20280, 0x0) ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f0000000080)=0x14) unshare(0x62040200) close(r0) 646.272812ms ago: executing program 7 (id=15336): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4) setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000200), 0x4) listen(r0, 0x0) 576.527098ms ago: executing program 7 (id=15337): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001380)=@newlink={0x44, 0x10, 0x409, 0x2070bd2b, 0x25dfdbff, {0x0, 0x0, 0x0, r2, 0x0, 0x280c2}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0xc, 0x5, 0x0, 0x1, [@IFLA_BRPORT_FAST_LEAVE={0x5, 0x7, 0x1}]}}}]}, 0x44}}, 0x0) 522.305367ms ago: executing program 7 (id=15340): r0 = socket(0xa, 0x5, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000200)=[@in={0x2, 0x4e24, @empty}], 0x10) sendmmsg$inet_sctp(r0, &(0x7f0000003780)=[{&(0x7f0000000bc0)=@in={0x2, 0x4e24, @local}, 0x10, &(0x7f0000000ec0)=[{&(0x7f0000000c00)="9f", 0x1}], 0x1, 0x0, 0x0, 0x8000}], 0x1, 0xc044) recvmsg(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x40000000) 359.974249ms ago: executing program 4 (id=15348): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TX_RATES={0x4}, @NL80211_ATTR_TX_RATES={0x10, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}]}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000801}, 0x4) 355.226114ms ago: executing program 5 (id=15349): r0 = socket(0x40000000015, 0x5, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c) connect$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0xb9, @local, 0x6, 0x2}, 0x20) connect$inet6(r0, &(0x7f0000000280)={0xa, 0x4e21, 0x10001, @local, 0x7f}, 0x1c) 353.612641ms ago: executing program 4 (id=15350): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x1c, 0x2, 0x3, 0x5, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_VERDICT(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000840)={0x14, 0x1, 0x3, 0x301, 0x0, 0x0, {0xa, 0x0, 0x8000}}, 0x14}, 0x1, 0x0, 0x0, 0x81}, 0x4080) 287.390823ms ago: executing program 4 (id=15351): r0 = socket$kcm(0x10, 0x2, 0x0) r1 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r1, 0x8922, &(0x7f0000000b00)={'hsr0\x00', 0x9}) sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000140)="2e00000011008188040f80ec59acbc0413a181003100000001090000000000000e000a000f00e4ff2f8002002d1f", 0x2e}], 0x1}, 0x4000) 287.248124ms ago: executing program 5 (id=15352): r0 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x400246}, &(0x7f0000000340)=0x0, &(0x7f00000006c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f00000000c0)=0xffb, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_MSG_RING={0x28, 0x40, 0x0, r0, 0x0, 0x0, 0x0, 0x3}) io_uring_enter(r0, 0x4c6e, 0xc67a, 0x8, 0x0, 0x0) 233.878691ms ago: executing program 5 (id=15353): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002300)={0x14, 0x34, 0x107, 0xffffffff, 0xfffffffe, {0x1, 0x7c}}, 0x14}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002300)={0x1c, 0x34, 0x107, 0xffffffff, 0xfffffffe, {0x1, 0x7c}, [@nested={0x8, 0x4, 0x0, 0x1, [@nested={0x4, 0x149}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000) 233.482271ms ago: executing program 5 (id=15354): r0 = syz_open_dev$loop(&(0x7f0000000240), 0x7, 0x142ba3) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_freeze_timeout', 0x82803, 0xf) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000080)={r1, 0x0, {0x0, 0x0, 0x0, 0x6, 0x4000000000000ffd, 0x0, 0x0, 0x1e, 0xc, "faf98317e5a1149989fc8dbe43ea6acc96e3a2503dc3bd3fe37d58128bbad0099cebdc25f5ab60c9e6d680f985881a7beda9d69098c8b534464c516bdd8a0f35", "32d8cc26f7061a74df2cfc06c89f3d9e234b30c50997d3bef409ff2176ff7bfe55cd4a5d83cd4a524bd3ffe70c7f3f800b2f7b6aa54cc50a1fcaed1e831fa79a", "67523760fd40f78d2cfc03d81a8ca55ba139c01802c4dae4162e43ac61b7ad33", [0x5, 0x7]}}) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x40000009, 0x10, "2cf5c70b0b284c81f83143810b4a71ffcb375325c86829381495265ceecf444a28178ef925a84f7f9eb646cad27cfda8bbcaa2f1d2280c11b1505e4bbbc8fbda", "190b4de479e73750618816dabedbff4a0a2e75b44e2cc115632179aca631a6a9d774adda677624b790b5d6617f89540b338290e27d4be7cb387cb05ce62f5f77", "576ed97a36cc8629755aad6985c5b2634cccb18b6cbf74fd1d4d116be8220d47", [0x7, 0x5]}) 192.335435ms ago: executing program 6 (id=15355): r0 = socket(0xa, 0x3, 0xff) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x2, @loopback, 0x6}, 0x1c) shutdown(r0, 0x1) sendmmsg$inet6(r0, &(0x7f0000000740)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)="5e54e574da93883e8c628a600b17cbe584d2e73c68141965f3fbcf0e16db6e759d420151c6c57504", 0x28}], 0x1}}], 0x1, 0x4046040) 178.325594ms ago: executing program 4 (id=15356): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000080)=0x9, 0x4) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4627, 0xfdfffffd, @local, 0x2}, 0x1c) sendmmsg$inet6(r0, &(0x7f00000055c0)=[{{&(0x7f0000001640)={0xa, 0xf, 0xfffffc01, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x12}}, 0xe}, 0x1c, &(0x7f0000002880)=[{&(0x7f0000001780)="9c435a7de4c0ff7c4563", 0xa}], 0x1}}], 0x1, 0x4001c00) 120.822438ms ago: executing program 6 (id=15357): r0 = socket$inet6(0xa, 0x3, 0xff) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000000)=0x44c8, 0x4) write$binfmt_script(r0, &(0x7f00000000c0), 0x28) 114.346042ms ago: executing program 4 (id=15358): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000140)='syzkaller\x00', 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='rpc_buf_alloc\x00', r0, 0x0, 0x1}, 0x18) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x2f, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0) 113.17362ms ago: executing program 6 (id=15359): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000000)='devices.deny\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f0000000140)=ANY=[@ANYBLOB='b *:4\tw'], 0xa) 43.781787ms ago: executing program 6 (id=15360): madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) 33.81136ms ago: executing program 5 (id=15361): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=@gettaction={0x3c, 0x32, 0x400, 0x70bd2a, 0x25cfdbfd, {}, [@action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1}}, @action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0xd, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xff}}, {0xc, 0x2, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x81f7}}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4008000}, 0x4040090) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c00000010000304000000000000000000000400", @ANYRES32=r1, @ANYBLOB="60bc010004a701003c00128009000100626f6e6400"], 0x5c}, 0x1, 0x0, 0x0, 0x11}, 0x4000044) 11.62997ms ago: executing program 4 (id=15362): r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000040)=0x217d, 0x4) sendmmsg$inet6(r0, &(0x7f00000000c0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0) recvmmsg(r0, &(0x7f0000005740)=[{{0x0, 0x0, 0x0}, 0x2}], 0x1, 0x40000040, 0x0) 1.500403ms ago: executing program 6 (id=15363): madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) get_mempolicy(0x0, 0x0, 0x2, &(0x7f0000240000/0x1000)=nil, 0x3) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00') pread64(r0, &(0x7f0000000200)=""/102400, 0x19000, 0x1000000000) 0s ago: executing program 5 (id=15364): mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0) execve(&(0x7f0000000740)='./file0\x00', 0x0, 0x0) link(&(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') rename(&(0x7f0000000180)='./file0\x00', &(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') kernel console output (not intermixed with test programs): fallback [ 317.233012][ T67] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 317.236638][ T67] Buffer I/O error on dev nbd0, logical block 0, async page read [ 317.240564][ T7665] block nbd0: shutting down sockets [ 317.242511][ T7665] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 317.246060][ T7665] Buffer I/O error on dev nbd0, logical block 1, async page read [ 317.250140][ T7665] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 317.253473][ T7665] Buffer I/O error on dev nbd0, logical block 2, async page read [ 317.256720][ T7665] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 317.261348][ T7665] Buffer I/O error on dev nbd0, logical block 3, async page read [ 317.265016][ T7665] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 317.268349][ T7665] Buffer I/O error on dev nbd0, logical block 0, async page read [ 317.271683][ T7665] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 317.275146][ T7665] Buffer I/O error on dev nbd0, logical block 1, async page read [ 317.278048][ T7665] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 317.281288][ T7665] Buffer I/O error on dev nbd0, logical block 2, async page read [ 317.283968][ T7665] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 317.286895][ T7665] Buffer I/O error on dev nbd0, logical block 3, async page read [ 317.289548][ T7665] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 317.293163][ T7665] Buffer I/O error on dev nbd0, logical block 0, async page read [ 317.295618][ T7665] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 317.298457][ T7665] Buffer I/O error on dev nbd0, logical block 1, async page read [ 317.304741][ T7665] ldm_validate_partition_table(): Disk read failed. [ 317.309192][ T7665] Dev nbd0: unable to read RDB block 0 [ 317.312493][ T7665] nbd0: unable to read partition table [ 317.317224][ T7949] hsr_slave_0: entered promiscuous mode [ 317.319454][ T7949] hsr_slave_1: entered promiscuous mode [ 317.319495][ T7665] ldm_validate_partition_table(): Disk read failed. [ 317.321529][ T7949] debugfs: 'hsr0' already exists in 'hsr' [ 317.325725][ T7949] Cannot create hsr debugfs directory [ 317.331609][ T7665] Dev nbd0: unable to read RDB block 0 [ 317.337449][ T7665] nbd0: unable to read partition table [ 317.344833][ T8845] nd_bus ndbus0: __nd_ioctl:bus unknown input size cmd: cmd_call field: 1 [ 317.447110][ T40] audit: type=1400 audit(301.273:70740): avc: denied { map } for pid=9009 comm="syz.5.12950" path="socket:[109835]" dev="sockfs" ino=109835 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1 [ 317.476099][ T7949] netdevsim netdevsim7 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 317.547466][ T7949] netdevsim netdevsim7 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 317.573273][ T9022] [SRW: renamed from lo (while UP) [ 317.798629][ T7949] netdevsim netdevsim7 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 317.917656][ T7949] netdevsim netdevsim7 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 318.132157][ T7949] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 318.134701][ T9058] autofs4:pid:9058:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(1986356271.1668118063), cmd(0xc0189371) [ 318.138371][ T7949] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 318.140025][ T9058] autofs4:pid:9058:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc0189371) [ 318.151009][ T7949] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 318.155461][ T7949] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 318.226552][ T7949] 8021q: adding VLAN 0 to HW filter on device bond0 [ 318.243128][ T7949] 8021q: adding VLAN 0 to HW filter on device team0 [ 318.251663][T25207] bridge0: port 1(bridge_slave_0) entered blocking state [ 318.254938][T25207] bridge0: port 1(bridge_slave_0) entered forwarding state [ 318.267075][T25204] bridge0: port 2(bridge_slave_1) entered blocking state [ 318.270207][T25204] bridge0: port 2(bridge_slave_1) entered forwarding state [ 318.301382][ T9078] CUSE: unknown device info "" [ 318.302979][ T9078] CUSE: zero length info key specified [ 318.432577][ T7949] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 318.594430][ T7949] veth0_vlan: entered promiscuous mode [ 318.610655][ T7949] veth1_vlan: entered promiscuous mode [ 318.637208][ T7949] veth0_macvtap: entered promiscuous mode [ 318.642394][ T7949] veth1_macvtap: entered promiscuous mode [ 318.656250][ T7949] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 318.664351][ T7949] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 318.671410][T25185] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 318.675287][T25185] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 318.679546][T25185] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 318.686573][T25185] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 318.703367][ T6141] Bluetooth: hci2: command tx timeout [ 318.739257][T25209] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 318.742819][T25209] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 318.768511][T25214] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 318.771407][T25214] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 319.116758][ T9166] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes. [ 319.177711][ T9173] netlink: 4 bytes leftover after parsing attributes in process `syz.4.12992'. [ 319.282278][ T40] audit: type=1400 audit(302.985:70741): avc: denied { accept } for pid=9187 comm="syz.4.12998" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 319.288878][ T40] audit: type=1400 audit(302.985:70742): avc: denied { read } for pid=9187 comm="syz.4.12998" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 319.340091][ T9195] netlink: 12 bytes leftover after parsing attributes in process `syz.7.13001'. [ 319.343744][ T9195] netlink: 'syz.7.13001': attribute type 1 has an invalid length. [ 319.348562][ T9195] nbd: error processing sock list [ 319.457432][ T9219] netlink: 12 bytes leftover after parsing attributes in process `syz.5.13010'. [ 319.461514][ T9219] netlink: 12 bytes leftover after parsing attributes in process `syz.5.13010'. [ 319.492780][ T9226] xt_l2tp: missing protocol rule (udp|l2tpip) [ 319.533586][ T9232] netlink: 165 bytes leftover after parsing attributes in process `syz.4.13016'. [ 319.618580][ T9246] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 319.655886][ T40] audit: type=1400 audit(303.340:70743): avc: denied { mounton } for pid=9251 comm="syz.6.13026" path="/863/file0" dev="tmpfs" ino=4392 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 319.682520][ T9256] netlink: 'syz.4.13025': attribute type 7 has an invalid length. [ 319.685056][ T9256] netlink: 'syz.4.13025': attribute type 8 has an invalid length. [ 319.746264][ T9272] netlink: 165 bytes leftover after parsing attributes in process `syz.4.13033'. [ 319.799560][ T9282] netlink: 72 bytes leftover after parsing attributes in process `syz.7.13036'. [ 319.878083][ T40] audit: type=1400 audit(303.546:70744): avc: denied { connect } for pid=9290 comm="syz.7.13040" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 319.938524][ T9299] [U] v3f"S/4:XTzWtlW= [ 319.941047][ T9298] [U] J"e:" [ 319.968476][ T9305] usb usb9: usbfs: process 9305 (syz.5.13045) did not claim interface 26 before use [ 320.066067][ T9322] [U] [ 320.067428][ T9322] [U] [ 320.068443][ T9322] [U] [ 320.069419][ T9322] [U] [ 320.070555][ T9322] [U] [ 320.071465][ T9322] [U] [ 320.072869][ T9322] [U] [ 320.073764][ T9322] [U] [ 320.075379][ T9322] [U] [ 320.076486][ T9322] [U] [ 320.077412][ T9322] [U] [ 320.078375][ T9322] [U] [ 320.079365][ T9322] [U] [ 320.080274][ T9322] [U] [ 320.081206][ T9322] [U] [ 320.082094][ T9322] [U] [ 320.083627][ T9322] [U] [ 320.084550][ T9322] [U] [ 320.085428][ T9322] [U] [ 320.086331][ T9322] [U] [ 320.087351][ T9322] [U] [ 320.088322][ T9322] [U] [ 320.089220][ T9322] [U] [ 320.090143][ T9322] [U] [ 320.091078][ T9322] [U] [ 320.092049][ T9322] [U] [ 320.093165][ T9322] [U] [ 320.094082][ T9322] [U] [ 320.096341][ T9322] [U] [ 320.097251][ T9322] [U] [ 320.098134][ T9322] [U] [ 320.099021][ T9322] [U] [ 320.099910][ T9322] [U] [ 320.100921][ T9322] [U] [ 320.101889][ T9322] [U] [ 320.102759][ T9322] [U] [ 320.104405][ T9322] [U] [ 320.105303][ T9322] [U] [ 320.106225][ T9322] [U] [ 320.107163][ T9322] [U] [ 320.108071][ T9322] [U] [ 320.108972][ T9322] [U] [ 320.109859][ T9322] [U] [ 320.110816][ T9322] [U] [ 320.111697][ T9322] [U] [ 320.112601][ T9322] [U] [ 320.113490][ T9322] [U] [ 320.114386][ T9322] [U] [ 320.115835][ T9322] [U] [ 320.116748][ T9322] [U] [ 320.117630][ T9322] [U] [ 320.118510][ T9322] [U] [ 320.119395][ T9322] [U] [ 320.120315][ T9322] [U] [ 320.121453][ T9322] [U] [ 320.122646][ T9322] [U] [ 320.123888][ T9322] [U] [ 320.125040][ T9322] [U] [ 320.126164][ T9322] [U] [ 320.127239][ T9322] [U] [ 320.128544][ T9322] [U] [ 320.129726][ T9322] [U] [ 320.131209][ T9322] [U] [ 320.132512][ T9322] [U] [ 320.134029][ T9322] [U] [ 320.135340][ T9322] [U] [ 320.136397][ T9322] [U] [ 320.137263][ T9322] [U] [ 320.138348][ T9322] [U] [ 320.139290][ T9322] [U] [ 320.140191][ T9322] [U] [ 320.141087][ T9322] [U] [ 320.142016][ T9322] [U] [ 320.142906][ T9322] [U] [ 320.143803][ T9322] [U] [ 320.144698][ T9322] [U] [ 320.145966][ T9322] [U] [ 320.146859][ T9322] [U] [ 320.147745][ T9322] [U] [ 320.148806][ T9322] [U] [ 320.149763][ T9322] [U] [ 320.150677][ T9322] [U] [ 320.151567][ T9322] [U] [ 320.152501][ T9322] [U] [ 320.153420][ T9322] [U] [ 320.154335][ T9322] [U] [ 320.155214][ T9322] [U] [ 320.156150][ T9322] [U] [ 320.158103][ T9322] [U] [ 320.159047][ T9322] [U] [ 320.159958][ T9322] [U] [ 320.160909][ T9322] [U] [ 320.161879][ T9322] [U] [ 320.162782][ T9322] [U] [ 320.163670][ T9322] [U] [ 320.164605][ T9322] [U] [ 320.165552][ T9322] [U] [ 320.166480][ T9322] [U] [ 320.167388][ T9322] [U] [ 320.168297][ T9322] [U] [ 320.171020][ T9322] [U] [ 320.172001][ T9322] [U] [ 320.172896][ T9322] [U] [ 320.173788][ T9322] [U] [ 320.174862][ T9322] [U] [ 320.175970][ T9322] [U] [ 320.176964][ T9322] [U] [ 320.177967][ T9322] [U] [ 320.179478][ T9322] [U] [ 320.180459][ T9322] [U] [ 320.181537][ T9322] [U] [ 320.182474][ T9322] [U] [ 320.183469][ T9322] [U] [ 320.184388][ T9322] [U] [ 320.185302][ T9322] [U] [ 320.186265][ T9322] [U] [ 320.187495][ T9322] [U] [ 320.188541][ T9322] [U] [ 320.189459][ T9322] [U] [ 320.190363][ T9322] [U] [ 320.191358][ T9322] [U] [ 320.192230][ T9322] [U] [ 320.193145][ T9322] [U] [ 320.194061][ T9322] [U] [ 320.195033][ T9322] [U] [ 320.195965][ T9322] [U] [ 320.196906][ T9322] [U] [ 320.217197][ T9321] [U] [ 320.283473][ T9356] syz_tun: refused to change device tx_queue_len [ 320.335520][ T40] audit: type=1400 audit(303.976:70745): avc: denied { setattr } for pid=9362 comm="syz.4.13067" name="/" dev="configfs" ino=2063 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 320.350575][ T40] audit: type=1400 audit(303.995:70746): avc: denied { unmount } for pid=22559 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 320.371682][ T9368] netlink: 'syz.4.13069': attribute type 1 has an invalid length. [ 320.374161][ T9368] netlink: 232 bytes leftover after parsing attributes in process `syz.4.13069'. [ 320.377625][ T9368] netlink: 8 bytes leftover after parsing attributes in process `syz.4.13069'. [ 320.391599][ T60] usb 12-1: new high-speed USB device number 7 using dummy_hcd [ 320.448705][ T9378] netlink: 'syz.4.13073': attribute type 29 has an invalid length. [ 320.552965][ T60] usb 12-1: too many configurations: 9, using maximum allowed: 8 [ 320.557118][ T60] usb 12-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 320.559943][ T60] usb 12-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 320.563900][ T60] usb 12-1: config 0 interface 0 has no altsetting 0 [ 320.566772][ T60] usb 12-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 320.570258][ T60] usb 12-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 320.574801][ T60] usb 12-1: config 0 interface 0 has no altsetting 0 [ 320.578126][ T60] usb 12-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 320.581845][ T60] usb 12-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 320.586787][ T60] usb 12-1: config 0 interface 0 has no altsetting 0 [ 320.590854][ T60] usb 12-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 320.595878][ T60] usb 12-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 320.600448][ T60] usb 12-1: config 0 interface 0 has no altsetting 0 [ 320.603964][ T60] usb 12-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 320.607171][ T60] usb 12-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 320.610641][ T60] usb 12-1: config 0 interface 0 has no altsetting 0 [ 320.614052][ T60] usb 12-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 320.618967][ T60] usb 12-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 320.622883][ T60] usb 12-1: config 0 interface 0 has no altsetting 0 [ 320.625812][ T60] usb 12-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 320.629012][ T60] usb 12-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 320.632495][ T60] usb 12-1: config 0 interface 0 has no altsetting 0 [ 320.635869][ T60] usb 12-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 320.639663][ T60] usb 12-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 320.643739][ T60] usb 12-1: config 0 interface 0 has no altsetting 0 [ 320.647445][ T60] usb 12-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 320.650879][ T60] usb 12-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 320.653505][ T60] usb 12-1: Product: syz [ 320.654888][ T60] usb 12-1: Manufacturer: syz [ 320.656405][ T60] usb 12-1: SerialNumber: syz [ 320.665723][ T60] usb 12-1: config 0 descriptor?? [ 320.680473][ T60] yurex 12-1:0.0: USB YUREX device now attached to Yurex #0 [ 320.902644][ T842] usb 12-1: USB disconnect, device number 7 [ 320.906383][ T842] yurex 12-1:0.0: USB YUREX #0 now disconnected [ 320.936954][ T6141] Bluetooth: hci2: command tx timeout [ 320.995960][ T9453] netlink: 4 bytes leftover after parsing attributes in process `syz.6.13088'. [ 321.727259][ T9495] kvm: kvm [9494]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x4000001f) = 0x0 [ 322.228089][ T40] audit: type=1400 audit(305.744:70747): avc: denied { open } for pid=9544 comm="syz.4.13127" path="/1414/file0" dev="tmpfs" ino=7167 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 322.236990][ T40] audit: type=1400 audit(305.744:70748): avc: denied { ioctl } for pid=9544 comm="syz.4.13127" path="/1414/file0" dev="tmpfs" ino=7167 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 322.546056][ T9598] openvswitch: netlink: nsh attr 0 has unexpected len 4 expected 0 [ 322.548554][ T9598] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 322.623667][ T9610] SELinux: security_context_str_to_sid (5] S9q#) failed with errno=-22 [ 322.863369][ T40] audit: type=1400 audit(306.343:70749): avc: denied { create } for pid=9642 comm="syz.6.13168" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=netlink_route_socket permissive=1 [ 322.918378][ T9651] ALSA: seq fatal error: cannot create timer (-22) [ 323.064658][ T53] usb 9-1: new high-speed USB device number 12 using dummy_hcd [ 323.149872][ T6141] Bluetooth: hci2: command tx timeout [ 323.153567][ T9725] netem: invalid attributes len -22 [ 323.155534][ T9725] netem: change failed [ 323.225198][ T53] usb 9-1: Using ep0 maxpacket: 16 [ 323.231382][ T53] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 0, changing to 7 [ 323.239728][ T53] usb 9-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f [ 323.243186][ T53] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 323.246738][ T53] usb 9-1: Product: syz [ 323.248412][ T53] usb 9-1: Manufacturer: syz [ 323.249981][ T53] usb 9-1: SerialNumber: syz [ 323.253092][ T53] usb 9-1: config 0 descriptor?? [ 323.257823][ T53] hub 9-1:0.0: bad descriptor, ignoring hub [ 323.260337][ T53] hub 9-1:0.0: probe with driver hub failed with error -5 [ 323.264954][ T53] usb 9-1: Quirk or no altset; falling back to MIDI 1.0 [ 323.361489][ T9776] netlink: zone id is out of range [ 323.363417][ T9776] netlink: del zone limit has 4 unknown bytes [ 323.451689][ T9783] netlink: 'syz.5.13204': attribute type 83 has an invalid length. [ 323.484383][ T9785] x_tables: ip_tables: SNAT target: only valid in nat table, not syz0 [ 323.535149][ T6221] usb 9-1: USB disconnect, device number 12 [ 323.590033][ T842] usb 11-1: new high-speed USB device number 8 using dummy_hcd [ 323.668944][ T9811] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0 [ 323.669399][ T9810] IPVS: stopping backup sync thread 9811 ... [ 323.760636][ T842] usb 11-1: too many configurations: 9, using maximum allowed: 8 [ 323.764054][ T842] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 323.767631][ T842] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 323.772233][ T842] usb 11-1: config 0 interface 0 has no altsetting 0 [ 323.775362][ T842] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 323.779110][ T842] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 323.783160][ T842] usb 11-1: config 0 interface 0 has no altsetting 0 [ 323.786540][ T842] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 323.790380][ T842] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 323.795008][ T842] usb 11-1: config 0 interface 0 has no altsetting 0 [ 323.798835][ T842] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 323.803044][ T842] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 323.807515][ T842] usb 11-1: config 0 interface 0 has no altsetting 0 [ 323.811196][ T842] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 323.814905][ T842] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 323.819283][ T842] usb 11-1: config 0 interface 0 has no altsetting 0 [ 323.822532][ T842] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 323.825685][ T842] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 323.825702][ T842] usb 11-1: config 0 interface 0 has no altsetting 0 [ 323.826548][ T842] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 323.837157][ T842] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 323.841212][ T842] usb 11-1: config 0 interface 0 has no altsetting 0 [ 323.844480][ T842] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 323.847730][ T842] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 323.852124][ T842] usb 11-1: config 0 interface 0 has no altsetting 0 [ 323.860346][ T842] usb 11-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 323.864112][ T842] usb 11-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 323.867742][ T842] usb 11-1: Product: syz [ 323.869522][ T842] usb 11-1: Manufacturer: syz [ 323.871440][ T842] usb 11-1: SerialNumber: syz [ 323.875539][ T842] usb 11-1: config 0 descriptor?? [ 323.883179][ T842] yurex 11-1:0.0: USB YUREX device now attached to Yurex #0 [ 324.103662][ T60] usb 11-1: USB disconnect, device number 8 [ 324.106881][ T60] yurex 11-1:0.0: USB YUREX #0 now disconnected [ 324.559099][ T40] audit: type=1800 audit(307.924:70750): pid=9841 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.4.13217" name="SYSV00000000" dev="hugetlbfs" ino=5 res=0 errno=0 [ 324.734073][ T9863] vxcan1: tx address claim with dlc 0 [ 325.052371][ T9900] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported [ 325.184167][ T9915] mkiss: ax0: crc mode is auto. [ 325.315197][ T9937] __nla_validate_parse: 12 callbacks suppressed [ 325.315214][ T9937] netlink: 20 bytes leftover after parsing attributes in process `syz.7.13254'. [ 325.330102][ T9942] sch_tbf: peakrate 5120 is lower than or equals to rate 4294927007 ! [ 325.384790][ T6141] Bluetooth: hci2: command tx timeout [ 325.428892][ T40] audit: type=1400 audit(308.747:70751): avc: denied { shutdown } for pid=9949 comm="syz.6.13259" laddr=::1 lport=46887 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 325.475090][ T9955] netlink: 64 bytes leftover after parsing attributes in process `syz.6.13261'. [ 325.478844][ T9955] team0: No ports can be present during mode change [ 325.657550][ T9980] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 325.750315][ T9996] netlink: 8 bytes leftover after parsing attributes in process `syz.7.13278'. [ 325.818341][ T9997] syz.6.13279 (9997) used greatest stack depth: 18712 bytes left [ 326.479989][T10059] 9p: Unknown uid 00000000004294967295 [ 326.613822][ T6221] usb 10-1: new high-speed USB device number 5 using dummy_hcd [ 326.776539][ T6221] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 326.782470][ T6221] usb 10-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 326.786373][ T6221] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 326.789491][ T6221] usb 10-1: Product: syz [ 326.791321][ T6221] usb 10-1: Manufacturer: syz [ 326.793297][ T6221] usb 10-1: SerialNumber: syz [ 326.805172][ T6221] usb 10-1: config 0 descriptor?? [ 327.114285][T10111] netlink: 8 bytes leftover after parsing attributes in process `syz.4.13318'. [ 327.118774][T10111] netlink: 12 bytes leftover after parsing attributes in process `syz.4.13318'. [ 327.122474][T10111] netlink: 'syz.4.13318': attribute type 19 has an invalid length. [ 327.252739][ T53] usb 10-1: USB disconnect, device number 5 [ 327.380557][ T3245] IPVS: starting estimator thread 0... [ 327.422567][T10146] vxcan0: tx address claim with dest, not broadcast [ 327.468826][T10142] IPVS: using max 40 ests per chain, 96000 per kthread [ 327.525523][ T6139] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 327.530533][ T6139] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 327.535428][ T6139] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 327.540185][ T6139] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 327.545974][ T6139] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 327.691048][T10242] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes. [ 327.743248][T10156] chnl_net:caif_netlink_parms(): no params data found [ 327.848890][T10156] bridge0: port 1(bridge_slave_0) entered blocking state [ 327.852084][T10156] bridge0: port 1(bridge_slave_0) entered disabled state [ 327.856292][T10156] bridge_slave_0: entered allmulticast mode [ 327.860160][T10156] bridge_slave_0: entered promiscuous mode [ 327.866761][T10156] bridge0: port 2(bridge_slave_1) entered blocking state [ 327.869589][T10156] bridge0: port 2(bridge_slave_1) entered disabled state [ 327.872547][T10156] bridge_slave_1: entered allmulticast mode [ 327.877085][T10156] bridge_slave_1: entered promiscuous mode [ 327.923801][T10156] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 327.929157][T10156] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 327.987198][T10156] team0: Port device team_slave_0 added [ 327.999364][T10156] team0: Port device team_slave_1 added [ 328.100123][T10156] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 328.102246][T10156] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 328.111227][T10156] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 328.116125][T10156] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 328.118306][T10156] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 328.127695][T10156] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 328.208115][ T40] audit: type=1400 audit(311.347:70752): avc: denied { write } for pid=10870 comm="syz.7.13347" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 328.323649][T10156] hsr_slave_0: entered promiscuous mode [ 328.327712][T10156] hsr_slave_1: entered promiscuous mode [ 328.330954][T10156] debugfs: 'hsr0' already exists in 'hsr' [ 328.333399][T10156] Cannot create hsr debugfs directory [ 328.558242][T10156] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 328.664166][T10156] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 328.775603][T10156] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 328.897276][T10156] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 329.103971][T10156] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 329.114717][T10156] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 329.130125][T10156] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 329.135426][T10156] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 329.192664][T10156] 8021q: adding VLAN 0 to HW filter on device bond0 [ 329.206500][T10156] 8021q: adding VLAN 0 to HW filter on device team0 [ 329.213990][T25209] bridge0: port 1(bridge_slave_0) entered blocking state [ 329.216778][T25209] bridge0: port 1(bridge_slave_0) entered forwarding state [ 329.225312][T25228] bridge0: port 2(bridge_slave_1) entered blocking state [ 329.228014][T25228] bridge0: port 2(bridge_slave_1) entered forwarding state [ 329.354798][T10156] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 329.507719][T10156] veth0_vlan: entered promiscuous mode [ 329.509363][ T40] audit: type=1400 audit(312.554:70753): avc: denied { bind } for pid=11314 comm="syz.7.13382" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 329.519121][T10156] veth1_vlan: entered promiscuous mode [ 329.541293][T10156] veth0_macvtap: entered promiscuous mode [ 329.548840][T10156] veth1_macvtap: entered promiscuous mode [ 329.561227][T10156] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 329.569333][T10156] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 329.577781][T25207] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.581574][T25207] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.587537][T25207] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.591378][T25207] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.652174][T25185] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 329.655470][T25185] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 329.669471][T25185] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 329.672907][T25185] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 329.735603][ T6141] Bluetooth: hci0: command tx timeout [ 329.787696][T11344] batadv_slave_1: entered promiscuous mode [ 329.791068][T11343] batadv_slave_1: left promiscuous mode [ 329.806977][ T40] audit: type=1400 audit(312.835:70754): avc: denied { setopt } for pid=11339 comm="syz.6.13322" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 329.883422][T11354] netlink: 28 bytes leftover after parsing attributes in process `syz.6.13393'. [ 329.888676][T11354] netem: change failed [ 329.952052][T11361] netlink: 12 bytes leftover after parsing attributes in process `syz.7.13396'. [ 329.956122][T11361] netlink: 1 bytes leftover after parsing attributes in process `syz.7.13396'. [ 330.007263][T11366] SELinux: ebitmap: truncated map [ 330.018370][T11366] SELinux: failed to load policy [ 330.243661][T11382] mkiss: ax0: crc mode is auto. [ 331.520038][T11470] netlink: 'syz.7.13436': attribute type 25 has an invalid length. [ 331.523113][T11470] netlink: 'syz.7.13436': attribute type 28 has an invalid length. [ 331.595844][T11487] netlink: 348 bytes leftover after parsing attributes in process `syz.4.13442'. [ 331.611386][ T6139] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 331.616521][ T6139] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 331.621108][ T6139] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 331.625348][ T6139] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 331.629819][ T6139] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 331.792477][T11505] Bluetooth: MGMT ver 1.23 [ 331.834743][T11513] input: syz1 as /devices/virtual/input/input42 [ 331.890275][T11536] comedi comedi3: s526: I/O port conflict (0x4f27,64) [ 331.934019][T11553] openvswitch: netlink: Tunnel attr 16370 out of range max 16 [ 331.969695][ T6141] Bluetooth: hci0: command tx timeout [ 332.027056][T11484] chnl_net:caif_netlink_parms(): no params data found [ 332.146583][T11484] bridge0: port 1(bridge_slave_0) entered blocking state [ 332.149772][T11484] bridge0: port 1(bridge_slave_0) entered disabled state [ 332.156303][T11484] bridge_slave_0: entered allmulticast mode [ 332.159094][T11484] bridge_slave_0: entered promiscuous mode [ 332.163103][T11484] bridge0: port 2(bridge_slave_1) entered blocking state [ 332.165529][T11484] bridge0: port 2(bridge_slave_1) entered disabled state [ 332.167942][T11484] bridge_slave_1: entered allmulticast mode [ 332.170990][T11484] bridge_slave_1: entered promiscuous mode [ 332.246618][T11484] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 332.252660][T11484] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 332.293970][T11484] team0: Port device team_slave_0 added [ 332.297247][T11484] team0: Port device team_slave_1 added [ 332.361312][T11484] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 332.363893][T11484] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 332.376266][T11484] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 332.380578][T11484] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 332.382941][T11484] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 332.392405][T11484] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 332.443173][T11484] hsr_slave_0: entered promiscuous mode [ 332.445535][T11484] hsr_slave_1: entered promiscuous mode [ 332.447663][T11484] debugfs: 'hsr0' already exists in 'hsr' [ 332.449523][T11484] Cannot create hsr debugfs directory [ 332.486268][ T40] audit: type=1400 audit(315.341:70755): avc: denied { read } for pid=12381 comm="syz.6.13466" path="socket:[114597]" dev="sockfs" ino=114597 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 332.674057][T11484] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 332.903132][T11484] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 332.921488][ T3245] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 332.986031][ C3] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured! [ 332.989205][T11484] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 332.993038][T12620] __vm_enough_memory: pid: 12620, comm: syz.4.13482, bytes: 21200255250432 not enough memory for the allocation [ 333.002440][T12618] netlink: 36 bytes leftover after parsing attributes in process `syz.7.13481'. [ 333.065888][T11484] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 333.367827][T11484] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 333.372707][T11484] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 333.377171][T11484] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 333.382667][T11484] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 333.441484][T11484] 8021q: adding VLAN 0 to HW filter on device bond0 [ 333.456707][T11484] 8021q: adding VLAN 0 to HW filter on device team0 [ 333.464639][T25209] bridge0: port 1(bridge_slave_0) entered blocking state [ 333.467870][T25209] bridge0: port 1(bridge_slave_0) entered forwarding state [ 333.477321][T25184] bridge0: port 2(bridge_slave_1) entered blocking state [ 333.479673][T25184] bridge0: port 2(bridge_slave_1) entered forwarding state [ 333.635656][T11484] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 333.808568][T11484] veth0_vlan: entered promiscuous mode [ 333.816250][T11484] veth1_vlan: entered promiscuous mode [ 333.842164][T11484] veth0_macvtap: entered promiscuous mode [ 333.845975][T11484] veth1_macvtap: entered promiscuous mode [ 333.851125][ T6141] Bluetooth: hci3: command tx timeout [ 333.859963][T11484] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 333.868298][T11484] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 333.877347][T25209] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 333.880467][T25209] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 333.884809][T25209] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 333.888541][T25209] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 333.961058][T25185] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 333.964283][T25185] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 333.989252][T25184] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 333.993010][T25184] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 334.182785][ T6141] Bluetooth: hci0: command tx timeout [ 334.277251][T12717] netlink: 8 bytes leftover after parsing attributes in process `syz.5.13505'. [ 334.325074][T12726] openvswitch: netlink: IP tunnel TTL not specified. [ 334.349483][ T40] audit: type=1400 audit(317.081:70756): avc: denied { connect } for pid=12727 comm="syz.4.13510" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 334.409799][T12738] netlink: 20 bytes leftover after parsing attributes in process `syz.4.13513'. [ 334.413352][T12738] netlink: 64 bytes leftover after parsing attributes in process `syz.4.13513'. [ 334.546106][ T10] usb 12-1: new high-speed USB device number 8 using dummy_hcd [ 334.714529][ T10] usb 12-1: config index 0 descriptor too short (expected 23569, got 27) [ 334.717644][ T10] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 334.721500][ T10] usb 12-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 334.724391][ T10] usb 12-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 334.726988][ T10] usb 12-1: Manufacturer: syz [ 334.733783][ T10] usb 12-1: config 0 descriptor?? [ 334.781414][ T10] rc_core: IR keymap rc-hauppauge not found [ 334.787122][ T10] Registered IR keymap rc-empty [ 334.792335][ T10] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.7/usb12/12-1/12-1:0.0/rc/rc0 [ 334.806490][ T10] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.7/usb12/12-1/12-1:0.0/rc/rc0/input44 [ 334.948636][T12796] batadv_slave_1: entered promiscuous mode [ 334.953455][ T53] usb 12-1: USB disconnect, device number 8 [ 334.954446][T12795] batadv_slave_1: left promiscuous mode [ 335.380094][T32128] usb 9-1: new high-speed USB device number 13 using dummy_hcd [ 335.551465][T32128] usb 9-1: Using ep0 maxpacket: 8 [ 335.556577][T32128] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 335.559930][T32128] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 335.565073][T32128] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 335.568976][T32128] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 335.574399][T32128] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 335.578450][T32128] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 335.595213][T12871] netlink: 20 bytes leftover after parsing attributes in process `syz.7.13556'. [ 335.599335][T12871] netlink: 28 bytes leftover after parsing attributes in process `syz.7.13556'. [ 335.805326][T32128] usb 9-1: GET_CAPABILITIES returned 0 [ 335.808027][T32128] usbtmc 9-1:16.0: can't read capabilities [ 335.843697][T12906] Bluetooth: MGMT ver 1.23 [ 335.967958][T12925] misc userio: Can't change port type on an already running userio instance [ 336.022751][T32128] usb 9-1: USB disconnect, device number 13 [ 336.064208][ T6141] Bluetooth: hci3: command tx timeout [ 336.284245][T12961] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 336.348221][ T840] hid-generic 0005:15C2:5505.0009: unknown main item tag 0x0 [ 336.350913][ T840] hid-generic 0005:15C2:5505.0009: unknown main item tag 0x0 [ 336.370267][ T840] hid-generic 0005:15C2:5505.0009: hidraw1: BLUETOOTH HID vc3.b8 Device [syz0] on aa:aa:aa:aa:aa:aa [ 336.406631][ T6141] Bluetooth: hci0: command tx timeout [ 336.474651][T12990] netlink: 92 bytes leftover after parsing attributes in process `syz.6.13587'. [ 336.505562][T12996] netlink: 28 bytes leftover after parsing attributes in process `syz.6.13589'. [ 336.563565][T13005] netlink: 'syz.6.13593': attribute type 63 has an invalid length. [ 336.782604][T13044] netlink: 4 bytes leftover after parsing attributes in process `syz.6.13607'. [ 336.862306][ T40] audit: type=1326 audit(319.438:70757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13053 comm="syz.7.13611" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f683838eba9 code=0x0 [ 337.192957][ T40] audit: type=1400 audit(319.747:70758): avc: denied { bind } for pid=13104 comm="syz.5.13632" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 337.232901][ T40] audit: type=1400 audit(319.785:70759): avc: denied { unlink } for pid=13108 comm="syz.5.13634" name="file1" dev="9p" ino=72614131 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 337.332218][ T53] hid-generic 0004:0004:0007.000A: item fetching failed at offset 5/9 [ 337.336010][ T53] hid-generic 0004:0004:0007.000A: probe with driver hid-generic failed with error -22 [ 337.770133][T13172] __nla_validate_parse: 2 callbacks suppressed [ 337.770151][T13172] netlink: 360 bytes leftover after parsing attributes in process `syz.7.13659'. [ 338.047489][T13188] bridge0: port 2(bridge_slave_1) entered disabled state [ 338.104180][T13193] vxcan1: tx drop: invalid da for name 0x0000000000000016 [ 338.230803][T13204] netlink: 8 bytes leftover after parsing attributes in process `syz.7.13671'. [ 338.299670][ T6141] Bluetooth: hci3: command tx timeout [ 338.373529][T25214] bond0: (slave bond_slave_0): interface is now down [ 338.377619][T25214] bond0: (slave bond_slave_1): interface is now down [ 338.385392][T25214] bond0: now running without any active interface! [ 338.597763][ T842] usb 12-1: new high-speed USB device number 9 using dummy_hcd [ 338.704601][T32128] usb 11-1: new high-speed USB device number 9 using dummy_hcd [ 338.730563][ T40] audit: type=1326 audit(321.188:70760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13178 comm="syz.5.13663" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff497f8eba9 code=0x7fc00000 [ 338.779607][ T842] usb 12-1: Using ep0 maxpacket: 8 [ 338.783250][ T842] usb 12-1: config 0 has an invalid interface number: 55 but max is 0 [ 338.786381][ T842] usb 12-1: config 0 has no interface number 0 [ 338.788525][ T842] usb 12-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 338.795012][ T842] usb 12-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 338.799490][ T842] usb 12-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 338.803163][ T842] usb 12-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 338.808651][ T842] usb 12-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 338.811649][ T842] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 338.815590][ T842] usb 12-1: config 0 descriptor?? [ 338.821115][ T842] ldusb 12-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 338.865293][T32128] usb 11-1: Using ep0 maxpacket: 32 [ 338.869166][T32128] usb 11-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 338.875083][T32128] usb 11-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 338.879828][T32128] usb 11-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 338.883433][T32128] usb 11-1: Product: syz [ 338.885275][T32128] usb 11-1: Manufacturer: syz [ 338.887795][T32128] usb 11-1: SerialNumber: syz [ 338.897957][T32128] usb 11-1: config 0 descriptor?? [ 338.900838][T13226] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22 [ 338.905236][T32128] hub 11-1:0.0: bad descriptor, ignoring hub [ 338.907955][T32128] hub 11-1:0.0: probe with driver hub failed with error -5 [ 339.042285][T30391] usb 12-1: USB disconnect, device number 9 [ 339.044896][ C2] ldusb 12-1:0.55: usb_submit_urb failed (-19) [ 339.052833][T30391] ldusb 12-1:0.55: LD USB Device #0 now disconnected [ 339.240237][ T842] usb 11-1: USB disconnect, device number 9 [ 339.270158][T13221] ldusb: No device or device unplugged -19 [ 339.373905][T13285] netlink: 64 bytes leftover after parsing attributes in process `syz.5.13690'. [ 339.529189][ T40] audit: type=1326 audit(321.936:70761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13292 comm="syz.5.13693" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff497f8eba9 code=0x0 [ 340.523961][ T6141] Bluetooth: hci3: command tx timeout [ 341.367030][ T842] usb 10-1: new high-speed USB device number 6 using dummy_hcd [ 341.537746][ T842] usb 10-1: Using ep0 maxpacket: 8 [ 341.541407][ T842] usb 10-1: config index 0 descriptor too short (expected 301, got 45) [ 341.544844][ T842] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 341.549527][ T842] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 341.553193][ T842] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 341.557435][ T842] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 341.563720][ T842] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 341.567344][ T842] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 341.759360][ T6139] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 341.766390][ T6139] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 341.770346][ T6139] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 341.776422][ T6139] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 341.781255][ T6139] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 341.794479][ T842] usb 10-1: GET_CAPABILITIES returned 0 [ 341.796914][ T842] usbtmc 10-1:16.0: can't read capabilities [ 341.950989][T13438] chnl_net:caif_netlink_parms(): no params data found [ 342.012390][ T840] usb 10-1: USB disconnect, device number 6 [ 342.102955][T13438] bridge0: port 1(bridge_slave_0) entered blocking state [ 342.106172][T13438] bridge0: port 1(bridge_slave_0) entered disabled state [ 342.109341][T13438] bridge_slave_0: entered allmulticast mode [ 342.113380][T13438] bridge_slave_0: entered promiscuous mode [ 342.119255][T13438] bridge0: port 2(bridge_slave_1) entered blocking state [ 342.122224][T13438] bridge0: port 2(bridge_slave_1) entered disabled state [ 342.125162][T13438] bridge_slave_1: entered allmulticast mode [ 342.130112][T13438] bridge_slave_1: entered promiscuous mode [ 342.197776][T13438] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 342.205938][T13438] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 342.270560][T13438] team0: Port device team_slave_0 added [ 342.276725][T13438] team0: Port device team_slave_1 added [ 342.338704][T13438] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 342.344411][T13438] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 342.355062][T13438] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 342.366089][T13438] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 342.369032][T13438] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 342.380687][T13438] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 342.490668][T13438] hsr_slave_0: entered promiscuous mode [ 342.493866][T13438] hsr_slave_1: entered promiscuous mode [ 342.496814][T13438] debugfs: 'hsr0' already exists in 'hsr' [ 342.499307][T13438] Cannot create hsr debugfs directory [ 342.716824][T13438] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 342.772814][T14461] netlink: 76 bytes leftover after parsing attributes in process `syz.5.13755'. [ 342.827481][T13438] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 342.940157][T13438] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 342.997014][T13438] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 343.272247][T13438] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 343.278245][T13438] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 343.286951][T13438] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 343.294885][T13438] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 343.479483][T14529] Bluetooth: MGMT ver 1.23 [ 343.488823][T13438] 8021q: adding VLAN 0 to HW filter on device bond0 [ 343.521077][T13438] 8021q: adding VLAN 0 to HW filter on device team0 [ 343.530862][ T1260] bridge0: port 1(bridge_slave_0) entered blocking state [ 343.533900][ T1260] bridge0: port 1(bridge_slave_0) entered forwarding state [ 343.551495][ T1260] bridge0: port 2(bridge_slave_1) entered blocking state [ 343.554576][ T1260] bridge0: port 2(bridge_slave_1) entered forwarding state [ 343.596148][T14542] macvtap1: entered allmulticast mode [ 343.598400][T14542] veth0_macvtap: entered allmulticast mode [ 343.673508][ T40] audit: type=1400 audit(325.809:70762): avc: denied { setopt } for pid=14557 comm="syz.5.13782" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 343.757335][T13438] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 343.807084][T14582] syz_tun: entered allmulticast mode [ 343.840041][T14586] Invalid/unusable pipe [ 344.009357][T13438] veth0_vlan: entered promiscuous mode [ 344.018290][ T6141] Bluetooth: hci0: command tx timeout [ 344.023047][T13438] veth1_vlan: entered promiscuous mode [ 344.042456][T13438] veth0_macvtap: entered promiscuous mode [ 344.048471][T13438] veth1_macvtap: entered promiscuous mode [ 344.062976][T13438] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 344.070441][T13438] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 344.087918][ T1260] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 344.091676][ T1260] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 344.098009][ T1260] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 344.101651][ T1260] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 344.176014][T25185] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 344.183122][T25185] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 344.212506][T25221] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 344.215862][T25221] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 344.806025][T14704] netlink: 28 bytes leftover after parsing attributes in process `syz.4.13829'. [ 344.810942][T14704] netlink: 32 bytes leftover after parsing attributes in process `syz.4.13829'. [ 344.815262][T14704] netlink: 28 bytes leftover after parsing attributes in process `syz.4.13829'. [ 344.821821][T14704] netlink: 32 bytes leftover after parsing attributes in process `syz.4.13829'. [ 345.024761][T14733] netlink: 'syz.4.13841': attribute type 1 has an invalid length. [ 345.027727][T14733] netlink: 12 bytes leftover after parsing attributes in process `syz.4.13841'. [ 345.123664][T14747] dvmrp17: entered allmulticast mode [ 345.127998][T14747] dvmrp17: left allmulticast mode [ 345.481446][T14785] netlink: 8 bytes leftover after parsing attributes in process `syz.4.13860'. [ 345.495195][T14785] bridge0: port 2(bridge_slave_1) entered disabled state [ 345.640076][ T40] audit: type=1400 audit(327.642:70763): avc: denied { watch } for pid=14804 comm="syz.7.13867" path="/dev/nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 345.649236][ T40] audit: type=1400 audit(327.642:70764): avc: denied { watch_sb } for pid=14804 comm="syz.7.13867" path="/dev/nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 345.654110][ T6139] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 345.925348][T14824] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=14824 comm=syz.4.13875 [ 346.173836][ T40] audit: type=1400 audit(328.147:70765): avc: denied { remount } for pid=14841 comm="syz.5.13882" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 346.244959][ T6139] Bluetooth: hci0: command 0x041b tx timeout [ 346.361846][T14866] loop7: detected capacity change from 0 to 7 [ 346.370136][ C0] blk_print_req_error: 138 callbacks suppressed [ 346.370148][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 346.374901][ C0] buffer_io_error: 138 callbacks suppressed [ 346.374909][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 346.380966][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 346.384206][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 346.387087][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 346.390682][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 346.393998][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 346.396901][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 346.399562][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 346.403042][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 346.408331][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 346.412434][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 346.416151][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 346.419800][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 346.423075][T14866] ldm_validate_partition_table(): Disk read failed. [ 346.427830][ C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 346.431874][ C2] Buffer I/O error on dev loop7, logical block 0, async page read [ 346.435679][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 346.438926][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 346.441745][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 346.445464][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 346.448906][T14866] Dev loop7: unable to read RDB block 0 [ 346.454096][T14866] loop7: unable to read partition table [ 346.458087][T14866] loop7: partition table beyond EOD, truncated [ 346.460623][T14866] loop_reread_partitions: partition scan of loop7 (gCj̖P=!MX %`搘ȵ4FLQk݊5) failed (rc=-5) [ 346.482449][T14870] ldm_validate_partition_table(): Disk read failed. [ 346.485946][T14870] Dev loop7: unable to read RDB block 0 [ 346.489352][T14870] loop7: unable to read partition table [ 346.491664][T14870] loop7: partition table beyond EOD, truncated [ 346.576795][T14890] mkiss: ax0: crc mode is auto. [ 346.686580][T14908] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 346.691399][T14908] overlayfs: overlapping lowerdir path [ 347.252884][T14990] input: syz1 as /devices/virtual/input/input46 [ 347.397213][ T6139] Bluetooth: hci3: ISO packet too small [ 347.443414][T15004] SELinux: failure in selinux_parse_skb(), unable to parse packet [ 347.463902][T15007] netlink: 24 bytes leftover after parsing attributes in process `syz.5.13933'. [ 347.467886][T15007] bond0: Removing last arp target with arp_interval on [ 347.536254][T15015] netlink: 56 bytes leftover after parsing attributes in process `syz.5.13936'. [ 347.597056][T15025] netlink: 8 bytes leftover after parsing attributes in process `syz.4.13940'. [ 347.610094][T15025] gretap0: entered promiscuous mode [ 347.697294][T15037] mkiss: ax0: crc mode is auto. [ 347.896101][ T840] hid-generic 00A0:0008:0003.000B: unknown main item tag 0x0 [ 347.900161][ T840] hid-generic 00A0:0008:0003.000B: unknown main item tag 0x0 [ 347.903687][ T840] hid-generic 00A0:0008:0003.000B: unknown main item tag 0x0 [ 347.906731][ T840] hid-generic 00A0:0008:0003.000B: unknown main item tag 0x0 [ 347.910514][ T840] hid-generic 00A0:0008:0003.000B: unknown main item tag 0x0 [ 347.913673][ T840] hid-generic 00A0:0008:0003.000B: unknown main item tag 0x0 [ 347.916908][ T840] hid-generic 00A0:0008:0003.000B: unknown main item tag 0x0 [ 347.921233][ T840] hid-generic 00A0:0008:0003.000B: unknown main item tag 0x0 [ 347.924602][ T840] hid-generic 00A0:0008:0003.000B: unknown main item tag 0x0 [ 347.927749][ T840] hid-generic 00A0:0008:0003.000B: unknown main item tag 0x0 [ 347.940164][ T840] hid-generic 00A0:0008:0003.000B: hidraw2: HID v0.05 Device [syz1] on syz0 [ 348.475933][ T6139] Bluetooth: hci0: command 0x041b tx timeout [ 348.634864][ T40] audit: type=1326 audit(330.448:70766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15160 comm="syz.4.13983" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f812458eba9 code=0x0 [ 348.687532][T15171] netlink: 4 bytes leftover after parsing attributes in process `syz.5.13986'. [ 348.753591][ T40] audit: type=1326 audit(330.560:70767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15176 comm="syz.7.13988" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683838eba9 code=0x7ffc0000 [ 348.772688][ T40] audit: type=1326 audit(330.560:70768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15176 comm="syz.7.13988" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f683838eba9 code=0x7ffc0000 [ 348.781375][ T40] audit: type=1326 audit(330.560:70769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15176 comm="syz.7.13988" exe="/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f683838eba9 code=0x7ffc0000 [ 348.792980][ T40] audit: type=1326 audit(330.560:70770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15176 comm="syz.7.13988" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6838385b67 code=0x7ffc0000 [ 348.793263][T15179] SELinux: failure in selinux_parse_skb(), unable to parse packet [ 348.802371][ T40] audit: type=1326 audit(330.560:70771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15176 comm="syz.7.13988" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f683832ada9 code=0x7ffc0000 [ 348.802434][ T40] audit: type=1326 audit(330.560:70772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15176 comm="syz.7.13988" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6838385b67 code=0x7ffc0000 [ 348.973255][T15195] erspan0: entered promiscuous mode [ 349.066238][T15204] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 349.168111][T15204] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 349.244406][T15204] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 349.386240][T15204] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 349.552280][T25204] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 349.570119][T25184] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 349.581398][T25204] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 349.593905][T25204] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 349.951522][T15268] nbd1: detected capacity change from 0 to 127 [ 349.965675][ T6139] block nbd1: Receive control failed (result -104) [ 350.253503][T15323] netlink: 'syz.4.14041': attribute type 6 has an invalid length. [ 350.257414][T15323] __nla_validate_parse: 1 callbacks suppressed [ 350.257436][T15323] netlink: 36 bytes leftover after parsing attributes in process `syz.4.14041'. [ 350.266801][T15323] bridge0: port 1(bridge_slave_0) entered disabled state [ 350.444162][T15362] openvswitch: netlink: Unknown VXLAN extension attribute 0 [ 350.447769][T15337] Falling back ldisc for ttyS3. [ 350.475066][T15365] gretap0: vlans aren't supported yet for dev_uc|mc_add() [ 350.509134][T32128] IPVS: starting estimator thread 0... [ 350.511000][T15372] IPVS: sed: SCTP 172.20.20.187:0 - no destination available [ 350.603832][T15376] IPVS: using max 49 ests per chain, 117600 per kthread [ 350.639163][T15397] netlink: 4 bytes leftover after parsing attributes in process `syz.4.14063'. [ 350.645667][T15397] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 350.656448][T15397] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 350.661154][T15397] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 350.664855][T15397] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 350.675926][T15397] batman_adv: batadv0: Interface deactivated: gretap1 [ 350.681497][T15397] batman_adv: batadv0: Removing interface: gretap1 [ 350.683334][T15405] 9pnet_rdma: rdma_create_trans (15405): problem binding to privport: 13 [ 350.688811][ T6139] Bluetooth: hci0: command 0x041b tx timeout [ 350.758193][T15415] netlink: 8 bytes leftover after parsing attributes in process `syz.7.14072'. [ 350.761088][T15415] netlink: 4 bytes leftover after parsing attributes in process `syz.7.14072'. [ 350.806919][T15425] openvswitch: netlink: IP tunnel TTL not specified. [ 350.872705][T15434] netlink: 'syz.7.14077': attribute type 12 has an invalid length. [ 350.876312][T15434] netlink: 120 bytes leftover after parsing attributes in process `syz.7.14077'. [ 350.985855][T15448] netlink: 8 bytes leftover after parsing attributes in process `syz.7.14083'. [ 350.990236][T15448] netlink: 12 bytes leftover after parsing attributes in process `syz.7.14083'. [ 351.109039][ T40] kauditd_printk_skb: 210 callbacks suppressed [ 351.109049][ T40] audit: type=1400 audit(332.768:70983): avc: denied { listen } for pid=15476 comm="syz.6.14088" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 351.121206][ T40] audit: type=1400 audit(332.777:70984): avc: denied { accept } for pid=15476 comm="syz.6.14088" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 351.153431][T15483] bond0: option mode: unable to set because the bond device has slaves [ 351.227116][T15496] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 351.374380][T15503] block nbd2: server does not support multiple connections per device. [ 351.379104][T15503] block nbd2: shutting down sockets [ 351.629554][T15556] binder: 15555:15556 ioctl c0306201 200000000640 returned -22 [ 351.708729][T15572] netlink: 8 bytes leftover after parsing attributes in process `syz.5.14120'. [ 352.003739][ T6221] usb 10-1: new high-speed USB device number 7 using dummy_hcd [ 352.197801][ T6221] usb 10-1: config index 0 descriptor too short (expected 39, got 27) [ 352.200650][ T6221] usb 10-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 352.204061][ T6221] usb 10-1: config 0 interface 0 has no altsetting 0 [ 352.208314][ T6221] usb 10-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 352.211461][ T6221] usb 10-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 352.214092][ T6221] usb 10-1: Product: syz [ 352.215547][ T6221] usb 10-1: Manufacturer: syz [ 352.217109][ T6221] usb 10-1: SerialNumber: syz [ 352.221933][ T6221] usb 10-1: config 0 descriptor?? [ 352.225501][ T6221] hub 10-1:0.0: bad descriptor, ignoring hub [ 352.227630][ T6221] hub 10-1:0.0: probe with driver hub failed with error -5 [ 352.233405][ T6221] usb 10-1: selecting invalid altsetting 0 [ 352.369254][ T40] audit: type=1400 audit(333.947:70985): avc: denied { map } for pid=15621 comm="syz.6.14132" path="socket:[126997]" dev="sockfs" ino=126997 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 352.774112][ T40] audit: type=1326 audit(334.330:70986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15647 comm="syz.6.14140" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe74a98eba9 code=0x0 [ 352.861688][T15576] usb 10-1: reset high-speed USB device number 7 using dummy_hcd [ 352.912730][ T6139] Bluetooth: hci0: command 0x041b tx timeout [ 353.043458][T15576] usb 10-1: device firmware changed [ 353.048313][ T10] usb 10-1: USB disconnect, device number 7 [ 353.169431][T30391] usb 9-1: new high-speed USB device number 14 using dummy_hcd [ 353.201365][ T10] usb 10-1: new high-speed USB device number 8 using dummy_hcd [ 353.340319][T30391] usb 9-1: Using ep0 maxpacket: 8 [ 353.343503][T30391] usb 9-1: config 168 descriptor has 1 excess byte, ignoring [ 353.346515][T30391] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 127, changing to 10 [ 353.350532][T30391] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 353.354907][T30391] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 353.358301][T30391] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 353.364283][ T10] usb 10-1: config index 0 descriptor too short (expected 39, got 27) [ 353.367853][ T10] usb 10-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 353.369199][T30391] usb 9-1: config 168 descriptor has 1 excess byte, ignoring [ 353.371629][ T10] usb 10-1: config 0 interface 0 has no altsetting 0 [ 353.374358][T30391] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 127, changing to 10 [ 353.380014][T30391] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 353.383660][T30391] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 353.385524][ T10] usb 10-1: string descriptor 0 read error: -22 [ 353.387220][T30391] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 353.389862][ T10] usb 10-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 353.394407][T30391] usb 9-1: config 168 descriptor has 1 excess byte, ignoring [ 353.397271][ T10] usb 10-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 353.399426][T30391] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 127, changing to 10 [ 353.403583][ T10] usb 10-1: config 0 descriptor?? [ 353.406578][T30391] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 353.411007][T30391] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 353.414519][T30391] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 353.420818][ T10] hub 10-1:0.0: bad descriptor, ignoring hub [ 353.423589][ T10] hub 10-1:0.0: probe with driver hub failed with error -5 [ 353.424565][T30391] usb 9-1: string descriptor 0 read error: -22 [ 353.429281][T30391] usb 9-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 353.430000][ T10] usb 10-1: selecting invalid altsetting 0 [ 353.437782][T30391] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 353.456173][T30391] adutux 9-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 353.674992][ T840] usb 9-1: USB disconnect, device number 14 [ 353.757688][T30391] usb 10-1: USB disconnect, device number 8 [ 353.835716][T15751] netlink: 52 bytes leftover after parsing attributes in process `syz.6.14158'. [ 353.881966][T15756] netlink: 72 bytes leftover after parsing attributes in process `syz.6.14160'. [ 354.086726][T15778] sock: sock_timestamping_bind_phc: sock not bind to device [ 354.357203][T15792] team0 (unregistering): Port device team_slave_0 removed [ 354.364310][T15792] team0 (unregistering): Port device team_slave_1 removed [ 354.853781][ T40] audit: type=1400 audit(336.266:70987): avc: denied { remount } for pid=15865 comm="syz.5.14194" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 355.563972][ T6494] usb 11-1: new high-speed USB device number 11 using dummy_hcd [ 355.590648][T15924] skbuff: bad partial csum: csum=65489/0 headroom=64 headlen=65491 [ 355.724052][ T6494] usb 11-1: Using ep0 maxpacket: 16 [ 355.733061][ T6494] usb 11-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 355.745599][ T6494] usb 11-1: config 0 interface 0 altsetting 1 endpoint 0x89 has an invalid bInterval 42, changing to 9 [ 355.749060][ T6494] usb 11-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid maxpacket 50169, setting to 1024 [ 355.752673][ T6494] usb 11-1: config 0 interface 0 has no altsetting 0 [ 355.757399][ T6494] usb 11-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 355.760227][ T6494] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 355.762835][ T6494] usb 11-1: Product: syz [ 355.764155][ T6494] usb 11-1: Manufacturer: syz [ 355.765591][ T6494] usb 11-1: SerialNumber: syz [ 355.769975][ T6494] usb 11-1: config 0 descriptor?? [ 355.784276][T15940] erspan0: entered promiscuous mode [ 355.997817][ T6494] input: syz syz as /devices/platform/dummy_hcd.6/usb11/11-1/11-1:0.0/input/input48 [ 356.133240][ T40] audit: type=1400 audit(593.470:70988): avc: denied { ioctl } for pid=15976 comm="syz.7.14230" path="socket:[125554]" dev="sockfs" ino=125554 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 356.135200][T15979] __nla_validate_parse: 3 callbacks suppressed [ 356.135215][T15979] netlink: 8 bytes leftover after parsing attributes in process `syz.7.14230'. [ 356.157421][T15979] macvlan3: entered allmulticast mode [ 356.159560][T15979] veth1_vlan: entered allmulticast mode [ 356.412453][ T3245] usb 11-1: USB disconnect, device number 11 [ 356.429758][T16015] netlink: 8 bytes leftover after parsing attributes in process `syz.7.14243'. [ 356.439713][T16015] gretap0: entered promiscuous mode [ 356.525730][T16038] netlink: 8 bytes leftover after parsing attributes in process `syz.7.14248'. [ 356.652347][T16050] netlink: 36 bytes leftover after parsing attributes in process `syz.4.14252'. [ 356.801243][T16072] netlink: 20 bytes leftover after parsing attributes in process `syz.4.14260'. [ 356.831364][T16072] netlink: 20 bytes leftover after parsing attributes in process `syz.4.14260'. [ 357.354126][T16125] netlink: 'syz.6.14276': attribute type 1 has an invalid length. [ 357.356997][T16125] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 357.546852][T16142] loop7: detected capacity change from 0 to 524255232 [ 357.693565][T16158] netlink: 4 bytes leftover after parsing attributes in process `syz.7.14288'. [ 357.791252][ T40] audit: type=1326 audit(595.013:70989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16173 comm="syz.6.14295" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe74a98eba9 code=0x7ffc0000 [ 357.804627][ T40] audit: type=1326 audit(595.013:70990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16173 comm="syz.6.14295" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe74a98eba9 code=0x7ffc0000 [ 357.814152][ T40] audit: type=1326 audit(595.013:70991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16173 comm="syz.6.14295" exe="/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7fe74a98eba9 code=0x7ffc0000 [ 357.826534][ T40] audit: type=1326 audit(595.013:70992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16173 comm="syz.6.14295" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe74a985b67 code=0x7ffc0000 [ 357.841848][ T40] audit: type=1326 audit(595.013:70993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16173 comm="syz.6.14295" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe74a92ada9 code=0x7ffc0000 [ 357.849070][T16184] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 357.849354][ T40] audit: type=1326 audit(595.013:70994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16173 comm="syz.6.14295" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe74a98eba9 code=0x7ffc0000 [ 357.852870][T16184] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 357.859635][ T40] audit: type=1326 audit(595.013:70995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16173 comm="syz.6.14295" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe74a98eba9 code=0x7ffc0000 [ 357.869753][ T40] audit: type=1326 audit(595.013:70996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16173 comm="syz.6.14295" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe74a98eba9 code=0x7ffc0000 [ 357.877696][ T40] audit: type=1326 audit(595.013:70997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16173 comm="syz.6.14295" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe74a985b67 code=0x7ffc0000 [ 357.886401][ T40] audit: type=1326 audit(595.013:70998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16173 comm="syz.6.14295" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe74a92ada9 code=0x7ffc0000 [ 358.865861][T16276] netlink: 6032 bytes leftover after parsing attributes in process `syz.7.14341'. [ 359.177387][T30391] usb 12-1: new low-speed USB device number 10 using dummy_hcd [ 359.263604][ T6796] usb 10-1: new high-speed USB device number 9 using dummy_hcd [ 359.340435][T30391] usb 12-1: config 0 has an invalid interface number: 55 but max is 0 [ 359.343164][T30391] usb 12-1: config 0 has no interface number 0 [ 359.345299][T30391] usb 12-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 359.349304][T30391] usb 12-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8 [ 359.352607][T30391] usb 12-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 359.356178][T30391] usb 12-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 359.359776][T30391] usb 12-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8 [ 359.363036][T30391] usb 12-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 359.367173][T30391] usb 12-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 359.370271][T30391] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 359.375623][T30391] usb 12-1: config 0 descriptor?? [ 359.378600][T16284] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 359.383191][T16284] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 359.390564][T30391] ldusb 12-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 359.437634][ T6796] usb 10-1: too many configurations: 9, using maximum allowed: 8 [ 359.441733][ T6796] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 359.446029][ T6796] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 359.450169][ T6796] usb 10-1: config 0 interface 0 has no altsetting 0 [ 359.453935][ T6796] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 359.457357][ T6796] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 359.460639][ T6796] usb 10-1: config 0 interface 0 has no altsetting 0 [ 359.464076][ T6796] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 359.468089][ T6796] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 359.472504][ T6796] usb 10-1: config 0 interface 0 has no altsetting 0 [ 359.476251][ T6796] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 359.480554][ T6796] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 359.484934][ T6796] usb 10-1: config 0 interface 0 has no altsetting 0 [ 359.488832][ T6796] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 359.492527][ T6796] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 359.497028][ T6796] usb 10-1: config 0 interface 0 has no altsetting 0 [ 359.501468][ T6796] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 359.505428][ T6796] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 359.510538][ T6796] usb 10-1: config 0 interface 0 has no altsetting 0 [ 359.514300][ T6796] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 359.517799][ T6796] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 359.522323][ T6796] usb 10-1: config 0 interface 0 has no altsetting 0 [ 359.526640][ T6796] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 359.530076][ T6796] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 359.533713][ T6796] usb 10-1: config 0 interface 0 has no altsetting 0 [ 359.538256][ T6796] usb 10-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 359.541843][ T6796] usb 10-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 359.544938][ T6796] usb 10-1: Product: syz [ 359.546626][ T6796] usb 10-1: Manufacturer: syz [ 359.548482][ T6796] usb 10-1: SerialNumber: syz [ 359.553939][ T6796] usb 10-1: config 0 descriptor?? [ 359.563734][ T6796] yurex 10-1:0.0: USB YUREX device now attached to Yurex #1 [ 359.601131][T16284] ldusb 12-1:0.55: Write buffer overflow, 7 bytes dropped [ 359.607124][ T3245] usb 12-1: USB disconnect, device number 10 [ 359.612620][ T3245] ldusb 12-1:0.55: LD USB Device #0 now disconnected [ 359.626972][ T6169] usb 11-1: new high-speed USB device number 12 using dummy_hcd [ 359.781634][ T6494] usb 10-1: USB disconnect, device number 9 [ 359.787287][ T6494] yurex 10-1:0.0: USB YUREX #1 now disconnected [ 359.797606][ T6169] usb 11-1: Using ep0 maxpacket: 8 [ 359.800682][ T6169] usb 11-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 359.803971][ T6169] usb 11-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 359.806791][ T6169] usb 11-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 359.809774][ T6169] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 359.815145][ T6169] usb 11-1: config 0 descriptor?? [ 359.877048][T16354] netlink: 8 bytes leftover after parsing attributes in process `syz.4.14348'. [ 360.036630][ T6494] usb 11-1: USB disconnect, device number 12 [ 360.259295][T16386] usb usb8: usbfs: process 16386 (syz.7.14358) did not claim interface 0 before use [ 360.550194][T16417] netlink: 'syz.4.14369': attribute type 2 has an invalid length. [ 360.584917][T16422] netlink: 24 bytes leftover after parsing attributes in process `syz.4.14371'. [ 360.899413][T16482] netlink: 'syz.7.14394': attribute type 7 has an invalid length. [ 361.141323][T16517] overlay: filesystem on ./file1 not supported [ 361.230261][ T10] usb 9-1: new high-speed USB device number 15 using dummy_hcd [ 361.397096][ T10] usb 9-1: unable to get BOS descriptor or descriptor too short [ 361.400395][ T10] usb 9-1: no configurations [ 361.402448][ T10] usb 9-1: can't read configurations, error -22 [ 362.343862][T16586] __nla_validate_parse: 2 callbacks suppressed [ 362.343877][T16586] netlink: 12 bytes leftover after parsing attributes in process `syz.5.14426'. [ 362.350187][T16586] netlink: 3 bytes leftover after parsing attributes in process `syz.5.14426'. [ 362.354150][T16588] sch_tbf: burst 0 is lower than device veth0_to_bridge mtu (1514) ! [ 362.469055][T16612] netlink: 8 bytes leftover after parsing attributes in process `syz.5.14437'. [ 362.569649][T16637] netlink: 28 bytes leftover after parsing attributes in process `syz.5.14446'. [ 362.595441][T16640] netlink: 'syz.6.14447': attribute type 10 has an invalid length. [ 362.603961][T16640] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 362.608451][T16640] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 362.618473][T16640] netlink: 'syz.6.14447': attribute type 10 has an invalid length. [ 362.621996][T16640] netlink: 40 bytes leftover after parsing attributes in process `syz.6.14447'. [ 362.625430][T16640] batadv0: entered promiscuous mode [ 362.627316][T16640] batadv0: entered allmulticast mode [ 362.632021][T16640] bond0: (slave batadv0): Releasing backup interface [ 362.675731][T16640] bridge0: port 3(batadv0) entered blocking state [ 362.677910][T16640] bridge0: port 3(batadv0) entered disabled state [ 362.780624][T25209] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 362.784902][T25209] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 363.079732][ T6195] usb 11-1: new high-speed USB device number 13 using dummy_hcd [ 363.154327][ T842] usb 10-1: new high-speed USB device number 10 using dummy_hcd [ 363.251844][ T6195] usb 11-1: config index 0 descriptor too short (expected 39, got 27) [ 363.254997][ T6195] usb 11-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 363.259066][ T6195] usb 11-1: config 0 interface 0 has no altsetting 0 [ 363.264050][ T6195] usb 11-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 363.267581][ T6195] usb 11-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 363.271040][ T6195] usb 11-1: Product: syz [ 363.272994][ T6195] usb 11-1: Manufacturer: syz [ 363.274764][ T6195] usb 11-1: SerialNumber: syz [ 363.278426][ T6195] usb 11-1: config 0 descriptor?? [ 363.284483][ T6195] hub 11-1:0.0: bad descriptor, ignoring hub [ 363.286680][ T6195] hub 11-1:0.0: probe with driver hub failed with error -5 [ 363.291225][ T6195] usb 11-1: selecting invalid altsetting 0 [ 363.318264][ T842] usb 10-1: Using ep0 maxpacket: 8 [ 363.324073][ T842] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 363.328417][ T842] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 363.331688][ T842] usb 10-1: Product: syz [ 363.333451][ T842] usb 10-1: Manufacturer: syz [ 363.335515][ T842] usb 10-1: SerialNumber: syz [ 363.563804][ T842] usblp 10-1:1.0: usblp0: USB Unidirectional printer dev 10 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 363.778860][ T6796] usb 10-1: USB disconnect, device number 10 [ 363.788692][ T6796] usblp0: removed [ 364.244711][T16678] usb 11-1: reset high-speed USB device number 13 using dummy_hcd [ 364.406475][T16678] usb 11-1: device firmware changed [ 364.413350][T30391] usb 11-1: USB disconnect, device number 13 [ 364.422305][T16755] netlink: 28 bytes leftover after parsing attributes in process `syz.4.14473'. [ 364.425306][T16755] netlink: 28 bytes leftover after parsing attributes in process `syz.4.14473'. [ 364.480653][T16769] netlink: 28 bytes leftover after parsing attributes in process `syz.4.14473'. [ 364.485001][T16769] netlink: 28 bytes leftover after parsing attributes in process `syz.4.14473'. [ 364.498301][T16772] netlink: 4 bytes leftover after parsing attributes in process `syz.7.14475'. [ 364.597807][T30391] usb 11-1: new high-speed USB device number 14 using dummy_hcd [ 364.626150][T16772] team0 (unregistering): Port device team_slave_0 removed [ 364.632474][T16772] team0 (unregistering): Port device team_slave_1 removed [ 364.640439][ T3245] usb 10-1: new high-speed USB device number 11 using dummy_hcd [ 364.791941][T30391] usb 11-1: config index 0 descriptor too short (expected 39, got 27) [ 364.800588][T30391] usb 11-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 364.805506][T30391] usb 11-1: config 0 interface 0 has no altsetting 0 [ 364.811197][ T3245] usb 10-1: Using ep0 maxpacket: 8 [ 364.815015][ T3245] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 364.817233][T30391] usb 11-1: string descriptor 0 read error: -22 [ 364.819552][ T3245] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 364.819576][ T3245] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 364.823848][T30391] usb 11-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 364.827685][ T3245] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 364.831826][T30391] usb 11-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 364.835176][ T3245] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 364.841931][T30391] usb 11-1: config 0 descriptor?? [ 364.844333][ T3245] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 364.859897][T30391] hub 11-1:0.0: bad descriptor, ignoring hub [ 364.862418][T30391] hub 11-1:0.0: probe with driver hub failed with error -5 [ 364.869242][T30391] usb 11-1: selecting invalid altsetting 0 [ 364.938437][T16849] bond0: entered promiscuous mode [ 364.941322][T16849] bond_slave_0: entered promiscuous mode [ 364.943971][T16849] bond_slave_1: entered promiscuous mode [ 364.947088][T16849] batadv0: entered promiscuous mode [ 364.950905][T16849] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 364.959599][T16849] bond0: left promiscuous mode [ 364.962669][T16849] bond_slave_0: left promiscuous mode [ 364.964998][T16849] bond_slave_1: left promiscuous mode [ 364.967392][T16849] batadv0: left promiscuous mode [ 365.074751][ T3245] usb 10-1: GET_CAPABILITIES returned 0 [ 365.077249][ T3245] usbtmc 10-1:16.0: can't read capabilities [ 365.196118][T30391] usb 11-1: USB disconnect, device number 14 [ 365.291135][ T6169] usb 10-1: USB disconnect, device number 11 [ 365.327616][T16910] tap0: tun_chr_ioctl cmd 1074025675 [ 365.329897][T16910] tap0: persist disabled [ 365.520559][ T40] kauditd_printk_skb: 42 callbacks suppressed [ 365.520571][ T40] audit: type=1400 audit(602.244:71041): avc: denied { listen } for pid=16932 comm="syz.7.14496" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 365.530882][ T40] audit: type=1400 audit(602.244:71042): avc: denied { accept } for pid=16932 comm="syz.7.14496" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 365.840735][T16964] binder: 16963:16964 ioctl c018620c 200000000000 returned -22 [ 365.886123][T16970] netlink: 'syz.6.14512': attribute type 4 has an invalid length. [ 366.358440][T17025] openvswitch: netlink: VXLAN extension 0 has unexpected len 4 expected 0 [ 366.682553][T17084] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 366.686511][T17084] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 366.916789][T17134] loop6: detected capacity change from 0 to 2560 [ 366.920562][T13438] buffer_io_error: 25 callbacks suppressed [ 366.920571][T13438] Buffer I/O error on dev loop6, logical block 0, async page read [ 366.924959][T13438] Buffer I/O error on dev loop6, logical block 0, async page read [ 366.927463][T13438] Buffer I/O error on dev loop6, logical block 0, async page read [ 366.931350][T13438] Buffer I/O error on dev loop6, logical block 0, async page read [ 366.933856][T13438] Buffer I/O error on dev loop6, logical block 0, async page read [ 366.936740][T13438] Buffer I/O error on dev loop6, logical block 0, async page read [ 366.939820][T13438] Buffer I/O error on dev loop6, logical block 0, async page read [ 366.942611][T13438] Buffer I/O error on dev loop6, logical block 0, async page read [ 366.945321][T13438] ldm_validate_partition_table(): Disk read failed. [ 366.947785][T13438] Buffer I/O error on dev loop6, logical block 0, async page read [ 366.951097][T13438] Buffer I/O error on dev loop6, logical block 0, async page read [ 366.953692][T13438] Dev loop6: unable to read RDB block 0 [ 366.955630][T13438] loop6: unable to read partition table [ 366.958418][T17134] ldm_validate_partition_table(): Disk read failed. [ 366.961456][T17134] Dev loop6: unable to read RDB block 0 [ 366.963658][T17134] loop6: unable to read partition table [ 366.970949][T17134] loop_reread_partitions: partition scan of loop6 (3 ) failed (rc=-5) [ 367.032604][T17151] SELinux: failure in selinux_parse_skb(), unable to parse packet [ 367.196403][ C3] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured! [ 367.275987][T17203] netlink: 'syz.7.14605': attribute type 1 has an invalid length. [ 367.309724][T17207] netlink: 'syz.7.14607': attribute type 2 has an invalid length. [ 367.412419][T17215] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 367.804563][ T842] usb 12-1: new high-speed USB device number 11 using dummy_hcd [ 367.988093][ T842] usb 12-1: config index 0 descriptor too short (expected 23569, got 27) [ 367.991722][ T842] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 367.997145][ T842] usb 12-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 368.000722][ T842] usb 12-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 368.003959][ T842] usb 12-1: Manufacturer: syz [ 368.008116][ T842] usb 12-1: config 0 descriptor?? [ 368.020075][T30391] usb 9-1: new high-speed USB device number 17 using dummy_hcd [ 368.071795][ T842] rc_core: IR keymap rc-hauppauge not found [ 368.074650][ T842] Registered IR keymap rc-empty [ 368.078184][ T842] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.7/usb12/12-1/12-1:0.0/rc/rc0 [ 368.085568][ T842] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.7/usb12/12-1/12-1:0.0/rc/rc0/input49 [ 368.210680][T30391] usb 9-1: Using ep0 maxpacket: 8 [ 368.216634][T30391] usb 9-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04 [ 368.219500][T30391] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 368.222580][T30391] usb 9-1: Product: syz [ 368.224028][T30391] usb 9-1: Manufacturer: syz [ 368.225856][T30391] usb 9-1: SerialNumber: syz [ 368.229612][T30391] usb 9-1: config 0 descriptor?? [ 368.229698][ T842] usb 12-1: USB disconnect, device number 11 [ 368.431683][T17268] SELinux: failure in selinux_parse_skb(), unable to parse packet [ 368.451685][T30391] usb 9-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 368.460079][T30391] dvb_usb_rtl28xxu 9-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 368.464356][T30391] usb 9-1: USB disconnect, device number 17 [ 369.007304][ T40] audit: type=1400 audit(605.508:71043): avc: denied { mounton } for pid=17295 comm="syz.7.14628" path="/460/file0" dev="loop0" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=fifo_file permissive=1 [ 369.048118][T17302] __nla_validate_parse: 9 callbacks suppressed [ 369.048129][T17302] netlink: 108 bytes leftover after parsing attributes in process `syz.5.14630'. [ 369.175091][T17317] netlink: 12 bytes leftover after parsing attributes in process `syz.4.14636'. [ 369.206859][T17329] SELinux: failure in selinux_parse_skb(), unable to parse packet [ 369.397468][ T6195] usb 12-1: new high-speed USB device number 12 using dummy_hcd [ 369.510826][T17355] overlayfs: missing 'workdir' [ 369.559705][ T6195] usb 12-1: too many configurations: 9, using maximum allowed: 8 [ 369.563245][ T6195] usb 12-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 369.566419][ T6195] usb 12-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 369.571091][ T6195] usb 12-1: config 0 interface 0 has no altsetting 0 [ 369.574367][ T6195] usb 12-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 369.580707][ T6195] usb 12-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 369.584507][ T6195] usb 12-1: config 0 interface 0 has no altsetting 0 [ 369.587621][ T6195] usb 12-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 369.591409][ T6195] usb 12-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 369.595143][ T6195] usb 12-1: config 0 interface 0 has no altsetting 0 [ 369.598214][ T6195] usb 12-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 369.601787][ T6195] usb 12-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 369.605377][ T6195] usb 12-1: config 0 interface 0 has no altsetting 0 [ 369.608485][ T6195] usb 12-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 369.611689][ T6195] usb 12-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 369.615388][ T6195] usb 12-1: config 0 interface 0 has no altsetting 0 [ 369.618388][ T6195] usb 12-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 369.621488][ T6195] usb 12-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 369.625564][ T6195] usb 12-1: config 0 interface 0 has no altsetting 0 [ 369.628704][ T6195] usb 12-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 369.631706][ T6195] usb 12-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 369.636397][ T6195] usb 12-1: config 0 interface 0 has no altsetting 0 [ 369.640171][ T6195] usb 12-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 369.643586][ T6195] usb 12-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 369.644029][T30391] usb 10-1: new high-speed USB device number 12 using dummy_hcd [ 369.647343][ T6195] usb 12-1: config 0 interface 0 has no altsetting 0 [ 369.649157][ T6195] usb 12-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 369.655499][ T6195] usb 12-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 369.658253][ T6195] usb 12-1: Product: syz [ 369.659638][ T6195] usb 12-1: Manufacturer: syz [ 369.661267][ T6195] usb 12-1: SerialNumber: syz [ 369.664209][ T6195] usb 12-1: config 0 descriptor?? [ 369.672435][ T6195] yurex 12-1:0.0: USB YUREX device now attached to Yurex #0 [ 369.830574][T30391] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 369.834954][T30391] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 369.840513][T30391] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 369.844090][T30391] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 369.853347][T17345] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 369.859322][T30391] usb 10-1: Quirk or no altset; falling back to MIDI 1.0 [ 370.006531][T17406] e1000 0000:00:06.0 eth0: Unsupported Speed/Duplex configuration [ 370.078103][T30391] usb 10-1: USB disconnect, device number 12 [ 370.601802][ T40] audit: type=1400 audit(606.996:71044): avc: denied { rename } for pid=17476 comm="syz.4.14676" name="file0" dev="9p" ino=72614127 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 370.613305][ T40] audit: type=1400 audit(606.996:71045): avc: denied { add_name } for pid=17476 comm="syz.4.14676" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 370.812308][T17499] netlink: 8 bytes leftover after parsing attributes in process `syz.5.14682'. [ 370.873624][ T3245] IPVS: starting estimator thread 0... [ 370.874556][T17508] IPVS: rr: SCTP 172.20.20.187:0 - no destination available [ 370.972706][T17512] IPVS: using max 48 ests per chain, 115200 per kthread [ 371.249997][T17552] netlink: 16 bytes leftover after parsing attributes in process `syz.5.14701'. [ 371.336225][T17559] netlink: 'syz.6.14703': attribute type 10 has an invalid length. [ 371.339450][T17559] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 371.349012][T17559] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 371.356842][T17559] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link [ 371.402462][T17566] vivid-000: ================= START STATUS ================= [ 371.406436][T17566] vivid-000: Test Pattern: 75% Colorbar [ 371.409414][T17566] vivid-000: Fill Percentage of Frame: 100 [ 371.412007][T17566] vivid-000: Horizontal Movement: Move Left Slow [ 371.414658][T17566] vivid-000: Vertical Movement: Move Up [ 371.416990][T17566] vivid-000: OSD Text Mode: All [ 371.419187][T17566] vivid-000: Show Border: true [ 371.421223][T17566] vivid-000: Show Square: true [ 371.423332][T17566] vivid-000: Sensor Flipped Horizontally: true [ 371.427359][T17566] vivid-000: Sensor Flipped Vertically: false [ 371.430493][T17566] vivid-000: Insert SAV Code in Image: true [ 371.433127][T17566] vivid-000: Insert EAV Code in Image: false [ 371.435923][T17566] vivid-000: Insert Video Guard Band: true [ 371.438384][T17566] vivid-000: Reduced Framerate: true [ 371.441218][T17566] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator [ 371.444408][T17566] vivid-000: S-Video 000-0 Is Connected To: Output S-Video 023-0 [ 371.447606][T17566] vivid-000: Enable Capture Cropping: true grabbed [ 371.451444][T17566] vivid-000: Enable Capture Composing: true grabbed [ 371.454003][T17566] vivid-000: Enable Capture Scaler: false grabbed [ 371.456683][T17566] vivid-000: Timestamp Source: End of Frame [ 371.458574][T17566] vivid-000: Colorspace: SMPTE 170M [ 371.460400][T17566] vivid-000: Transfer Function: Default [ 371.463141][T17566] vivid-000: Y'CbCr Encoding: Rec. 709 [ 371.466377][T17566] vivid-000: HSV Encoding: Hue 0-179 [ 371.468411][T17566] vivid-000: Quantization: Limited Range [ 371.470185][T17566] vivid-000: Apply Alpha To Red Only: true [ 371.475271][T17566] vivid-000: Standard Aspect Ratio: 4x3 [ 371.477025][T17566] vivid-000: DV Timings Signal Mode: Current DV Timings inactive [ 371.479424][T17566] vivid-000: DV Timings: 640x480p59 inactive [ 371.481317][T17566] vivid-000: DV Timings Aspect Ratio: Source Width x Height [ 371.484393][T17566] vivid-000: Maximum EDID Blocks: 1 [ 371.486085][T17566] vivid-000: Limited RGB Range (16-235): true [ 371.488282][T17566] vivid-000: Rx RGB Quantization Range: RGB Full Range (0-255) [ 371.496098][T17566] vivid-000: Power Present: 0x00000001 [ 371.497963][T17566] tpg source WxH: 720x576 (R'G'B) [ 371.501122][T17566] tpg field: 4 [ 371.502304][T17566] tpg crop: (0,0)/720x576 [ 371.503948][T17566] tpg compose: (0,0)/720x576 [ 371.505674][T17566] tpg colorspace: 1 [ 371.507416][T17566] tpg transfer function: 6/6 [ 371.509987][T17566] tpg quantization: 2/2 [ 371.511481][T17566] tpg RGB range: 0/1 [ 371.513164][T17566] vivid-000: ================== END STATUS ================== [ 371.662203][T17598] netlink: 16 bytes leftover after parsing attributes in process `syz.6.14715'. [ 371.859324][T17629] netlink: 104 bytes leftover after parsing attributes in process `syz.4.14727'. [ 371.966337][T17640] openvswitch: netlink: IPv4 tunnel dst address is zero [ 372.054236][T17659] netlink: 'syz.6.14739': attribute type 8 has an invalid length. [ 372.083222][ C1] usb 12-1: yurex_control_callback - control failed: -2 [ 372.088030][ T10] usb 12-1: USB disconnect, device number 12 [ 372.092924][ T10] yurex 12-1:0.0: USB YUREX #0 now disconnected [ 372.104566][T17669] tc_dump_action: action bad kind [ 372.110895][T17677] netlink: 12 bytes leftover after parsing attributes in process `syz.4.14738'. [ 372.176279][ T40] audit: type=1400 audit(608.464:71046): avc: denied { ioctl } for pid=17688 comm="syz.4.14746" path="socket:[132186]" dev="sockfs" ino=132186 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sock_file permissive=1 [ 372.331123][ T6139] Bluetooth: hci0: Malformed LE Event: 0x1d [ 372.337704][T17711] netlink: 52 bytes leftover after parsing attributes in process `syz.4.14756'. [ 373.066511][T17783] netlink: 'syz.7.14780': attribute type 1 has an invalid length. [ 373.069119][T17783] netlink: 24 bytes leftover after parsing attributes in process `syz.7.14780'. [ 373.218419][T17799] netlink: 4 bytes leftover after parsing attributes in process `syz.7.14785'. [ 373.249355][T17804] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 373.397600][T17824] trusted_key: encrypted_key: keyword 'load' not allowed when called from .update method [ 373.846541][ T40] audit: type=1400 audit(610.036:71047): avc: denied { watch watch_reads } for pid=17885 comm="syz.6.14812" path="pipe:[120187]" dev="pipefs" ino=120187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 373.855963][T17886] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 373.954082][T17896] netlink: 'syz.6.14815': attribute type 1 has an invalid length. [ 374.114345][T17910] netlink: 'syz.5.14820': attribute type 11 has an invalid length. [ 374.916054][T17991] __nla_validate_parse: 3 callbacks suppressed [ 374.916065][T17991] netlink: 8 bytes leftover after parsing attributes in process `syz.7.14845'. [ 375.054512][ T40] audit: type=1400 audit(611.168:71048): avc: denied { execmod } for pid=17995 comm="syz.7.14847" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=134285 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 375.320342][T18035] netlink: 212376 bytes leftover after parsing attributes in process `syz.5.14860'. [ 375.460860][T18045] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18045 comm=syz.6.14863 [ 375.528384][T18053] can0: slcan on ttyS3. [ 375.566398][ T3245] usb 9-1: new low-speed USB device number 18 using dummy_hcd [ 375.662184][T18053] can0 (unregistered): slcan off ttyS3. [ 375.742129][ T3245] usb 9-1: config 0 has an invalid interface number: 55 but max is 0 [ 375.744636][ T3245] usb 9-1: config 0 has no interface number 0 [ 375.746476][ T3245] usb 9-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 375.751347][ T3245] usb 9-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8 [ 375.754560][ T3245] usb 9-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 375.758153][ T3245] usb 9-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 375.762449][ T3245] usb 9-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8 [ 375.765840][ T3245] usb 9-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 375.770586][ T3245] usb 9-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 375.773316][ T3245] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 375.779217][ T3245] usb 9-1: config 0 descriptor?? [ 375.782030][T18028] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 375.784310][T18028] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 375.788663][ T3245] ldusb 9-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 375.864518][T18119] dvmrp1: entered allmulticast mode [ 376.011619][T18028] ldusb 9-1:0.55: Write buffer overflow, 7 bytes dropped [ 376.017393][ T6494] usb 9-1: USB disconnect, device number 18 [ 376.025210][ T6494] ldusb 9-1:0.55: LD USB Device #0 now disconnected [ 376.142921][T18171] netlink: 68 bytes leftover after parsing attributes in process `syz.6.14895'. [ 376.292991][ T6195] usb 10-1: new high-speed USB device number 13 using dummy_hcd [ 376.341129][T18184] netlink: 8 bytes leftover after parsing attributes in process `syz.6.14901'. [ 376.344288][T18184] netlink: 12 bytes leftover after parsing attributes in process `syz.6.14901'. [ 376.453884][ T6195] usb 10-1: Using ep0 maxpacket: 16 [ 376.457138][ T6195] usb 10-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 9 [ 376.461622][ T6195] usb 10-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 376.465186][ T6195] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 376.469095][ T6195] usb 10-1: config 0 descriptor?? [ 376.473525][ T6195] usbhid 10-1:0.0: couldn't find an input interrupt endpoint [ 376.522407][T18199] IPv6: NLM_F_CREATE should be specified when creating new route [ 376.525819][T18199] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 376.528983][T18199] IPv6: NLM_F_CREATE should be set when creating new route [ 376.573615][T18202] bridge0: port 3(syz_tun) entered blocking state [ 376.576040][T18202] bridge0: port 3(syz_tun) entered disabled state [ 376.578187][T18202] syz_tun: entered allmulticast mode [ 376.580788][T18202] syz_tun: entered promiscuous mode [ 376.613253][ T40] audit: type=1400 audit(612.617:71049): avc: denied { ioctl } for pid=18205 comm="syz.4.14911" path="socket:[132581]" dev="sockfs" ino=132581 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 376.698523][ T840] usb 10-1: USB disconnect, device number 13 [ 376.795601][T18236] netlink: 'syz.6.14919': attribute type 9 has an invalid length. [ 376.798100][T18236] netlink: 211988 bytes leftover after parsing attributes in process `syz.6.14919'. [ 377.134424][T18276] netlink: 8 bytes leftover after parsing attributes in process `syz.4.14934'. [ 377.459031][ T6195] usb 9-1: new full-speed USB device number 19 using dummy_hcd [ 377.643035][ T6195] usb 9-1: config 0 has no interfaces? [ 377.647298][ T6195] usb 9-1: New USB device found, idVendor=04da, idProduct=390d, bcdDevice=fa.df [ 377.651614][ T6195] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 377.654293][ T6195] usb 9-1: Product: syz [ 377.655728][ T6195] usb 9-1: Manufacturer: syz [ 377.657285][ T6195] usb 9-1: SerialNumber: syz [ 377.660116][ T6195] usb 9-1: config 0 descriptor?? [ 377.889702][ T840] usb 9-1: USB disconnect, device number 19 [ 377.965705][T18348] netlink: 12 bytes leftover after parsing attributes in process `syz.7.14959'. [ 378.145383][ T6139] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 378.152531][ T6139] Bluetooth: hci2: Injecting HCI hardware error event [ 378.155834][ T6139] Bluetooth: hci2: hardware error 0x00 [ 378.340694][T18392] netlink: 8 bytes leftover after parsing attributes in process `syz.7.14974'. [ 378.424142][T18403] syzkaller0: tun_chr_ioctl cmd 1074025672 [ 378.426030][T18403] syzkaller0: ignored: set checksum enabled [ 378.493816][T18416] team0: No ports can be present during mode change [ 378.574993][T18430] netlink: 'syz.6.14987': attribute type 3 has an invalid length. [ 378.690515][T18440] MPI: mpi too large (16392 bits) [ 378.795238][T18469] : renamed from bridge_slave_0 (while UP) [ 378.802290][T18469] bridge0: port 1() entered disabled state [ 379.014752][T18524] tmpfs: Invalid gid '0x00000000ffffffff' [ 379.014836][ T40] audit: type=1400 audit(614.862:71050): avc: denied { getopt } for pid=18523 comm="syz.4.15023" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 379.143974][T18543] netlink: 8 bytes leftover after parsing attributes in process `syz.7.15031'. [ 379.536659][T18586] GUP no longer grows the stack in syz.6.15049 (18586): 200000007000-20000000a000 (200000004000) [ 379.540551][T18586] CPU: 0 UID: 0 PID: 18586 Comm: syz.6.15049 Not tainted syzkaller #0 PREEMPT(full) [ 379.540565][T18586] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 379.540572][T18586] Call Trace: [ 379.540576][T18586] [ 379.540581][T18586] dump_stack_lvl+0x16c/0x1f0 [ 379.540598][T18586] gup_vma_lookup+0x1d2/0x220 [ 379.540614][T18586] __get_user_pages+0x243/0x34a0 [ 379.540631][T18586] ? xsk_setsockopt+0x6db/0x9a0 [ 379.540641][T18586] ? do_sock_setsockopt+0xf0/0x1d0 [ 379.540655][T18586] ? __sys_setsockopt+0x1a0/0x230 [ 379.540667][T18586] ? __x64_sys_setsockopt+0xbd/0x160 [ 379.540679][T18586] ? __pfx___get_user_pages+0x10/0x10 [ 379.540697][T18586] __gup_longterm_locked+0x2dd/0x17e0 [ 379.540711][T18586] ? __lock_acquire+0xb80/0x1ce0 [ 379.540731][T18586] ? __pfx___gup_longterm_locked+0x10/0x10 [ 379.540752][T18586] pin_user_pages+0x13c/0x160 [ 379.540767][T18586] ? __pfx_pin_user_pages+0x10/0x10 [ 379.540783][T18586] ? xdp_umem_create+0x652/0x1270 [ 379.540797][T18586] xdp_umem_create+0x73c/0x1270 [ 379.540812][T18586] xsk_setsockopt+0x6db/0x9a0 [ 379.540823][T18586] ? __pfx_xsk_setsockopt+0x10/0x10 [ 379.540832][T18586] ? find_held_lock+0x2b/0x80 [ 379.540847][T18586] ? selinux_socket_setsockopt+0x6a/0x80 [ 379.540862][T18586] ? __pfx_xsk_setsockopt+0x10/0x10 [ 379.540872][T18586] do_sock_setsockopt+0xf0/0x1d0 [ 379.540889][T18586] __sys_setsockopt+0x1a0/0x230 [ 379.540903][T18586] __x64_sys_setsockopt+0xbd/0x160 [ 379.540915][T18586] ? do_syscall_64+0x91/0x4e0 [ 379.540928][T18586] ? lockdep_hardirqs_on+0x7c/0x110 [ 379.540940][T18586] do_syscall_64+0xcd/0x4e0 [ 379.540954][T18586] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 379.540965][T18586] RIP: 0033:0x7fe74a98eba9 [ 379.540974][T18586] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 379.540984][T18586] RSP: 002b:00007fe74b7eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 379.540994][T18586] RAX: ffffffffffffffda RBX: 00007fe74abd5fa0 RCX: 00007fe74a98eba9 [ 379.541001][T18586] RDX: 0000000000000004 RSI: 000000000000011b RDI: 0000000000000003 [ 379.541007][T18586] RBP: 00007fe74aa11e19 R08: 0000000000000020 R09: 0000000000000000 [ 379.541013][T18586] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000 [ 379.541019][T18586] R13: 00007fe74abd6038 R14: 00007fe74abd5fa0 R15: 00007ffea1d76508 [ 379.541033][T18586] [ 379.955822][T18632] netlink: 'syz.6.15066': attribute type 2 has an invalid length. [ 380.054550][T18645] bridge: RTM_NEWNEIGH with invalid state 0x1 [ 380.113500][T18655] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 380.115870][T18655] IPv6: NLM_F_CREATE should be set when creating new route [ 380.118110][T18655] IPv6: NLM_F_CREATE should be set when creating new route [ 380.121410][T18655] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 380.155648][T18659] 8021q: VLANs not supported on gre0 [ 380.321537][T18689] __nla_validate_parse: 4 callbacks suppressed [ 380.321548][T18689] netlink: 830 bytes leftover after parsing attributes in process `syz.4.15089'. [ 380.480960][ T40] audit: type=1400 audit(616.237:71051): avc: denied { mounton } for pid=18710 comm="syz.7.15098" path="/proc/1148/task/1149/net" dev="proc" ino=136538 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 380.492691][T18723] 9pnet_virtio: no channels available for device ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 380.502754][T18723] @0: renamed from bond_slave_1 (while UP) [ 380.537251][ T6139] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 380.541773][ T6195] e1000 0000:00:06.0 eth0: Reset adapter [ 380.665777][ T6195] e1000 0000:00:06.0 eth0: Reset adapter [ 380.758446][ T5106] syz_tun (unregistering): left allmulticast mode [ 380.761282][ T5106] syz_tun (unregistering): left promiscuous mode [ 380.764167][ T5106] bridge0: port 3(syz_tun) entered disabled state [ 382.249552][ T67] block nbd1: Possible stuck request ffff888027f355c0: control (read@0,1024B). Runtime 30 seconds [ 382.254550][ T67] block nbd1: Possible stuck request ffff888027f35780: control (read@1024,1024B). Runtime 30 seconds [ 382.260234][ T67] block nbd1: Possible stuck request ffff888027f35940: control (read@2048,1024B). Runtime 30 seconds [ 382.264869][ T67] block nbd1: Possible stuck request ffff888027f35b00: control (read@3072,1024B). Runtime 30 seconds [ 383.115020][ T3245] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX [ 398.797475][ T6141] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 398.798086][T18785] bridge0: port 1(bridge_slave_0) entered disabled state [ 398.806024][ T6141] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 398.810481][ T6141] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 398.810856][ T1260] bridge0: port 1(bridge_slave_0) entered blocking state [ 398.814528][ T6141] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 398.814839][ T1260] bridge0: port 1(bridge_slave_0) entered forwarding state [ 398.817351][ T6141] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 398.965369][T18782] chnl_net:caif_netlink_parms(): no params data found [ 399.053826][T18782] bridge0: port 1(bridge_slave_0) entered blocking state [ 399.056270][T18782] bridge0: port 1(bridge_slave_0) entered disabled state [ 399.058472][T18782] bridge_slave_0: entered allmulticast mode [ 399.061096][T18782] bridge_slave_0: entered promiscuous mode [ 399.066474][T18782] bridge0: port 2(bridge_slave_1) entered blocking state [ 399.069441][T18782] bridge0: port 2(bridge_slave_1) entered disabled state [ 399.072201][T18782] bridge_slave_1: entered allmulticast mode [ 399.076321][T18782] bridge_slave_1: entered promiscuous mode [ 399.118503][T18782] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 399.123236][T18782] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 399.170776][T18782] team0: Port device team_slave_0 added [ 399.174154][T18782] team0: Port device team_slave_1 added [ 399.225053][T18782] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 399.227186][T18782] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 399.236141][T18782] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 399.241975][T19482] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=512 sclass=netlink_route_socket pid=19482 comm=syz.7.15133 [ 399.243043][T18782] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 399.248541][T18782] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 399.256552][T18782] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 399.344226][T18782] hsr_slave_0: entered promiscuous mode [ 399.346550][T18782] hsr_slave_1: entered promiscuous mode [ 399.348624][T18782] debugfs: 'hsr0' already exists in 'hsr' [ 399.350401][T18782] Cannot create hsr debugfs directory [ 399.474450][T18782] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 399.572292][T18782] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 399.669899][T18782] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 399.748492][T18782] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 399.932671][T18782] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 399.936996][T18782] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 399.941539][T18782] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 399.946332][T18782] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 400.014440][T19881] netlink: 152 bytes leftover after parsing attributes in process `syz.6.15147'. [ 400.019902][T18782] 8021q: adding VLAN 0 to HW filter on device bond0 [ 400.022549][T19881] netlink: 24 bytes leftover after parsing attributes in process `syz.6.15147'. [ 400.035060][T18782] 8021q: adding VLAN 0 to HW filter on device team0 [ 400.043060][T25214] bridge0: port 1(bridge_slave_0) entered blocking state [ 400.045317][T25214] bridge0: port 1(bridge_slave_0) entered forwarding state [ 400.050368][T25214] bridge0: port 2(bridge_slave_1) entered blocking state [ 400.053940][T25214] bridge0: port 2(bridge_slave_1) entered forwarding state [ 400.094513][ T842] usb 10-1: new high-speed USB device number 14 using dummy_hcd [ 400.196130][T18782] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 400.254176][T19903] netlink: 4 bytes leftover after parsing attributes in process `syz.6.15155'. [ 400.261886][ T842] usb 10-1: Using ep0 maxpacket: 8 [ 400.265926][ T842] usb 10-1: config 179 has an invalid interface number: 65 but max is 0 [ 400.269298][ T842] usb 10-1: config 179 has no interface number 0 [ 400.272336][ T842] usb 10-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 400.277265][ T842] usb 10-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 400.282188][ T842] usb 10-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 400.291673][ T842] usb 10-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 400.296123][ T842] usb 10-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 400.301599][ T842] usb 10-1: config 179 interface 65 has no altsetting 0 [ 400.304820][ T842] usb 10-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 400.308628][ T842] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 400.329968][ T842] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:179.65/input/input51 [ 400.345317][T19917] netlink: 20 bytes leftover after parsing attributes in process `syz.6.15158'. [ 400.377563][T18782] veth0_vlan: entered promiscuous mode [ 400.384824][T18782] veth1_vlan: entered promiscuous mode [ 400.407617][T18782] veth0_macvtap: entered promiscuous mode [ 400.411616][T18782] veth1_macvtap: entered promiscuous mode [ 400.420133][T18782] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 400.426749][T18782] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 400.434649][ T1260] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 400.437828][ T1260] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 400.445219][ T1260] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 400.451014][ T1260] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 400.470629][T19931] 9p: Unknown access argument 18446744073709551615: -34 [ 400.491314][T25184] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 400.493798][T25184] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 400.514728][T25184] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 400.517125][T25184] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 400.562332][T30391] usb 10-1: USB disconnect, device number 14 [ 400.562459][ C3] xpad 10-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 400.864070][T19986] SELinux: security_context_str_to_sid () failed with errno=-22 [ 400.977591][ T6139] Bluetooth: hci1: command tx timeout [ 401.176531][T20012] netlink: 8 bytes leftover after parsing attributes in process `syz.4.15185'. [ 401.219046][T20017] batadv_slave_0: entered promiscuous mode [ 401.222552][T20017] batadv_slave_0: left promiscuous mode [ 401.782233][T20072] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 401.963808][T20088] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check. [ 402.431084][T20155] netlink: 8 bytes leftover after parsing attributes in process `syz.5.15240'. [ 402.447806][T20159] bpf: Bad value for 'uid' [ 402.498874][T20165] netlink: 4 bytes leftover after parsing attributes in process `syz.6.15244'. [ 402.795747][ T6221] usb 12-1: new high-speed USB device number 13 using dummy_hcd [ 402.959656][ T6221] usb 12-1: config 0 has no interfaces? [ 402.964509][ T6221] usb 12-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 402.968180][ T6221] usb 12-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 402.971676][ T6221] usb 12-1: Product: syz [ 402.973377][ T6221] usb 12-1: Manufacturer: syz [ 402.983681][ T6221] usb 12-1: config 0 descriptor?? [ 403.209096][ T842] usb 12-1: USB disconnect, device number 13 [ 403.213117][ T6139] Bluetooth: hci1: command tx timeout [ 404.035299][ T40] audit: type=1400 audit(894.278:71052): avc: denied { create } for pid=20313 comm="syz.7.15287" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1 [ 404.048519][ T40] audit: type=1400 audit(894.288:71053): avc: denied { sys_admin } for pid=20313 comm="syz.7.15287" capability=21 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1 [ 404.188709][T20331] netlink: 28 bytes leftover after parsing attributes in process `syz.7.15295'. [ 404.466936][ T842] IPVS: starting estimator thread 0... [ 404.559667][T20375] Context (ID=0x4da) not attached to queue pair (handle=0x4db:0x0) [ 404.570204][T20363] IPVS: using max 49 ests per chain, 117600 per kthread [ 405.294063][T20480] netlink: 'syz.4.15351': attribute type 10 has an invalid length. [ 405.300657][T20480] hsr_slave_0: left promiscuous mode [ 405.303434][T20480] hsr_slave_1: left promiscuous mode [ 405.387443][T20486] loop7: detected capacity change from 0 to 7 [ 405.391325][ C3] blk_print_req_error: 25 callbacks suppressed [ 405.391335][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 405.396187][ C3] buffer_io_error: 27 callbacks suppressed [ 405.396196][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 405.400620][ T40] audit: type=1400 audit(895.541:71054): avc: denied { shutdown } for pid=20488 comm="syz.6.15355" laddr=::1 lport=255 faddr=::1 fport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 405.400882][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 405.412910][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 405.418632][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 405.422178][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 405.425171][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 405.427631][ T6139] Bluetooth: hci1: command tx timeout [ 405.428961][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 405.431631][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 405.438758][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 405.445296][ C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 405.449222][ C2] Buffer I/O error on dev loop7, logical block 0, async page read [ 405.454715][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 405.458634][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 405.461967][T20486] ldm_validate_partition_table(): Disk read failed. [ 405.500430][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 405.504346][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 405.509028][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 405.512530][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 405.517887][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 405.521801][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 405.526029][T20486] Dev loop7: unable to read RDB block 0 [ 405.530309][T20486] loop7: unable to read partition table [ 405.532532][T20486] loop7: partition table beyond EOD, truncated [ 405.534551][T20486] loop_reread_partitions: partition scan of loop7 (Cj̖P=ý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 405.573593][T20524] netlink: 32 bytes leftover after parsing attributes in process `syz.5.15361'. [ 405.595825][T25221] ------------[ cut here ]------------ [ 405.598045][T25221] RTNL: assertion failed at ./include/net/netdev_lock.h (72) [ 405.603110][T25221] WARNING: CPU: 3 PID: 25221 at ./include/net/netdev_lock.h:72 __linkwatch_sync_dev+0x1ed/0x230 [ 405.607148][T25221] Modules linked in: SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 405.608819][T25221] CPU: 3 UID: 0 PID: 25221 Comm: kworker/u32:48 Not tainted syzkaller #0 PREEMPT(full) [ 405.614677][T25221] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 405.618202][ T40] audit: type=1400 audit(895.747:71055): avc: denied { write } for pid=5879 comm="syz-executor" path="pipe:[6261]" dev="pipefs" ino=6261 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 405.625465][T25221] Workqueue: bond0 bond_mii_monitor [ 405.627352][T25221] RIP: 0010:__linkwatch_sync_dev+0x1ed/0x230 [ 405.629523][T25221] Code: 05 ff ff ff e8 34 64 43 f8 c6 05 70 9b 1b 07 01 90 ba 48 00 00 00 48 c7 c6 a0 04 e6 8c 48 c7 c7 40 04 e6 8c e8 34 07 02 f8 90 <0f> 0b 90 90 e9 d6 fe ff ff 48 c7 c7 54 a4 ab 90 e8 3e c3 a9 f8 e9 [ 405.635683][T25221] RSP: 0018:ffffc90006c9f9f0 EFLAGS: 00010286 [ 405.637600][T25221] RAX: 0000000000000000 RBX: ffff88806333a000 RCX: ffffffff817a4388 [ 405.641041][T25221] RDX: ffff88805bca4880 RSI: ffffffff817a4395 RDI: 0000000000000001 [ 405.644367][T25221] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 405.647644][T25221] R10: 0000000000000001 R11: 0000000000000000 R12: 1ffff92000d93f48 [ 405.651224][T25221] R13: ffff88806333acc1 R14: ffffffff8c59e740 R15: ffffffff89b16430 [ 405.654799][T25221] FS: 0000000000000000(0000) GS:ffff8880d69b4000(0000) knlGS:0000000000000000 [ 405.658541][T25221] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 405.662362][T25221] CR2: 00007f95f6bd7dac CR3: 000000005e793000 CR4: 0000000000352ef0 [ 405.665716][T25221] Call Trace: [ 405.667156][T25221] [ 405.668219][T25221] ethtool_op_get_link+0x1d/0x70 [ 405.669818][T25221] bond_check_dev_link+0x3f9/0x710 [ 405.671571][T25221] ? __pfx_bond_check_dev_link+0x10/0x10 [ 405.673348][T25221] bond_mii_monitor+0x3c0/0x2dc0 [ 405.674942][T25221] ? __pfx_bond_mii_monitor+0x10/0x10 [ 405.676594][T25221] ? rcu_is_watching+0x12/0xc0 [ 405.678259][T25221] process_one_work+0x9cc/0x1b70 [ 405.679893][T25221] ? __pfx_process_one_work+0x10/0x10 [ 405.681753][T25221] ? assign_work+0x1a0/0x250 [ 405.683253][T25221] worker_thread+0x6c8/0xf10 [ 405.684743][T25221] ? __pfx_worker_thread+0x10/0x10 [ 405.686376][T25221] kthread+0x3c2/0x780 [ 405.687703][T25221] ? __pfx_kthread+0x10/0x10 [ 405.689173][T25221] ? rcu_is_watching+0x12/0xc0 [ 405.690741][T25221] ? __pfx_kthread+0x10/0x10 [ 405.692459][T25221] ret_from_fork+0x56a/0x730 [ 405.693943][T25221] ? __pfx_kthread+0x10/0x10 [ 405.695536][T25221] ret_from_fork_asm+0x1a/0x30 [ 405.697070][T25221] [ 405.698072][T25221] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 405.700456][T25221] CPU: 3 UID: 0 PID: 25221 Comm: kworker/u32:48 Not tainted syzkaller #0 PREEMPT(full) [ 405.704247][T25221] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 405.708920][T25221] Workqueue: bond0 bond_mii_monitor [ 405.711146][T25221] Call Trace: [ 405.712216][T25221] [ 405.713124][T25221] dump_stack_lvl+0x3d/0x1f0 [ 405.714530][T25221] vpanic+0x6e8/0x7a0 [ 405.715766][T25221] ? __pfx_vpanic+0x10/0x10 [ 405.717061][T25221] ? __linkwatch_sync_dev+0x1ed/0x230 [ 405.718564][T25221] panic+0xca/0xd0 [ 405.719866][T25221] ? __pfx_panic+0x10/0x10 [ 405.721314][T25221] ? check_panic_on_warn+0x1f/0xb0 [ 405.722985][T25221] check_panic_on_warn+0xab/0xb0 [ 405.724533][T25221] __warn+0xf6/0x3c0 [ 405.725836][T25221] ? preempt_schedule_notrace+0x62/0xe0 [ 405.727544][T25221] ? __linkwatch_sync_dev+0x1ed/0x230 [ 405.729270][T25221] report_bug+0x3c3/0x580 [ 405.730653][T25221] ? __linkwatch_sync_dev+0x1ed/0x230 [ 405.732391][T25221] handle_bug+0x184/0x210 [ 405.733761][T25221] exc_invalid_op+0x17/0x50 [ 405.735223][T25221] asm_exc_invalid_op+0x1a/0x20 [ 405.736737][T25221] RIP: 0010:__linkwatch_sync_dev+0x1ed/0x230 [ 405.738623][T25221] Code: 05 ff ff ff e8 34 64 43 f8 c6 05 70 9b 1b 07 01 90 ba 48 00 00 00 48 c7 c6 a0 04 e6 8c 48 c7 c7 40 04 e6 8c e8 34 07 02 f8 90 <0f> 0b 90 90 e9 d6 fe ff ff 48 c7 c7 54 a4 ab 90 e8 3e c3 a9 f8 e9 [ 405.744673][T25221] RSP: 0018:ffffc90006c9f9f0 EFLAGS: 00010286 [ 405.746648][T25221] RAX: 0000000000000000 RBX: ffff88806333a000 RCX: ffffffff817a4388 [ 405.749171][T25221] RDX: ffff88805bca4880 RSI: ffffffff817a4395 RDI: 0000000000000001 [ 405.751671][T25221] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 405.754129][T25221] R10: 0000000000000001 R11: 0000000000000000 R12: 1ffff92000d93f48 [ 405.756637][T25221] R13: ffff88806333acc1 R14: ffffffff8c59e740 R15: ffffffff89b16430 [ 405.759158][T25221] ? __pfx_ethtool_op_get_link+0x10/0x10 [ 405.760926][T25221] ? __warn_printk+0x198/0x350 [ 405.762467][T25221] ? __warn_printk+0x1a5/0x350 [ 405.764013][T25221] ethtool_op_get_link+0x1d/0x70 [ 405.765602][T25221] bond_check_dev_link+0x3f9/0x710 [ 405.767278][T25221] ? __pfx_bond_check_dev_link+0x10/0x10 [ 405.769086][T25221] bond_mii_monitor+0x3c0/0x2dc0 [ 405.770587][T25221] ? __pfx_bond_mii_monitor+0x10/0x10 [ 405.772728][T25221] ? rcu_is_watching+0x12/0xc0 [ 405.774359][T25221] process_one_work+0x9cc/0x1b70 [ 405.775958][T25221] ? __pfx_process_one_work+0x10/0x10 [ 405.777655][T25221] ? assign_work+0x1a0/0x250 [ 405.779144][T25221] worker_thread+0x6c8/0xf10 [ 405.780632][T25221] ? __pfx_worker_thread+0x10/0x10 [ 405.782296][T25221] kthread+0x3c2/0x780 [ 405.783606][T25221] ? __pfx_kthread+0x10/0x10 [ 405.785081][T25221] ? rcu_is_watching+0x12/0xc0 [ 405.786611][T25221] ? __pfx_kthread+0x10/0x10 [ 405.788082][T25221] ret_from_fork+0x56a/0x730 [ 405.789557][T25221] ? __pfx_kthread+0x10/0x10 [ 405.790966][T25221] ret_from_fork_asm+0x1a/0x30 [ 405.792480][T25221] [ 405.794064][T25221] Kernel Offset: disabled [ 405.795402][T25221] Rebooting in 86400 seconds.. VM DIAGNOSIS: 19:13:01 Registers: info registers vcpu 0 CPU#0 RAX=00000000000008b9 RBX=ffff88803c6baf30 RCX=0000000000000000 RDX=00000000000008b9 RSI=0000000000000000 RDI=ffff88803c6baf80 RBP=0000000000000000 RSP=ffffc90006237950 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000050 R11=0000000000000001 R12=ffff88803c6baf80 R13=ffff88803c6ba440 R14=0000000000000000 R15=ffff888049d6d218 RIP=ffffffff81976653 RFL=00000003 [------C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d66b4000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f95f772ef98 CR3=000000002ad98000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000020080810 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd59739126 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd59739126 00007ffd5973912c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f95f6a12e46 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f95f6a12e53 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f95f6a12e4d ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f95f6a12e61 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f95f6a12ee7 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f95f6a12fc5 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f95f6ba74a8 00007f95f6ba74a0 00007f95f6ba7498 00007f95f6ba7470 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f95f770d100 00007f95f6ba7460 00007f95f6ba7478 00007f95f6ba74c0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f95f6ba74b8 00007f95f6ba74b0 00007f95f6ba74a8 00007f95f6ba74a0 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=0000000000000000 RCX=ffffffff82074a4a RDX=ffff888023ef8000 RSI=0000000000000000 RDI=0000000000000007 RBP=0000000000000000 RSP=ffffc9000338f828 R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000 R12=00007effbce05000 R13=ffffc9000338f9b8 R14=dffffc0000000000 R15=00007effbd000000 RIP=ffffffff81bb9ed0 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d67b4000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007effc2507d60 CR3=000000003370d000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000002020004 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007effc19a76c3 00007effc19a76c3 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffee16b0d40 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055558f4ed11c 000055558f4ed090 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055558f4e3414 000055558f4e3410 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055558f4dfe18 000055558f4dfda0 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055558f4ef3a4 000055558f4ef3a0 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000003bf12 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0111800406800404 01578a0061616161 6161616161616161 6161616161616161 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 660a312e79656b5f 5f20622030303564 3033623966666666 666666660a726f72 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6666666666660a33 2e79656b5f5f2062 2030343564303362 3966666666666666 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3362396666666666 6666660a332e7965 6b5f5f2062203038 3564303362396666 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 66660a322e79656b 5f5f206220303665 3031336239666666 66666666660a312e ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 666666666666660a 332e79656b5f5f20 6220306165303133 6239666666666666 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3133623966666666 666666660a342e79 656b5f5f20622030 6565303133623966 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2030366630313362 3966666666666666 660a352e79656b5f 5f20622030326630 info registers vcpu 2 CPU#2 RAX=0000000000000001 RBX=000000000004db5a RCX=ffffffff822dc31c RDX=ffff888056e20000 RSI=ffffffff822dc620 RDI=0000000000000006 RBP=0000000000000001 RSP=ffffc900206c7588 R8 =0000000000000006 R9 =0000000000000001 R10=0000000000000001 R11=0000000000000000 R12=ffff88801e1c8c20 R13=0000000000000001 R14=0000000000000000 R15=0000000000005b5a RIP=ffffffff8b94b074 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 000055558bf26500 ffffffff 00c00000 GS =0000 ffff8880d68b4000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000001b33620000 CR3=00000000405a9000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000020080810 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffea1d76670 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffea1d76a16 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffea1d76a16 00007ffea1d76a1c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe74aa12e46 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe74aa12e53 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe74aa12e4d ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe74aa12e61 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe74aa12ee7 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe74aa12fc5 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6c667265766f20 6772612061746164 000a747261745374 6f687370616e5300 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a49435740534a05 4257440544514441 000a515744515351 4a4d5655444b5300 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000032 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8564b875 RDI=ffffffff9b1160e0 RBP=ffffffff9b1160a0 RSP=ffffc90006c9f360 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000032 R14=ffffffff9b1160a0 R15=ffffffff8564b810 RIP=ffffffff8564b89f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d69b4000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f95f6bd7dac CR3=000000005e793000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff812c7503 ffffffff812c7503 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff812c7503 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcdac08f36 00007ffcdac08f3c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6838412e46 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6838412e53 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6838412e4d ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6838412e61 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6838412ee7 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6838412fc5 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f68385a74a8 00007f68385a74a0 00007f68385a7498 00007f68385a7470 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f683910d100 00007f68385a7460 00007f6800040008 0000000f0010000c ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f68385a74b8 00007f68385a74b0 00007f68385a74a8 00007f68385a74a0 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000