last executing test programs: 888.21353ms ago: executing program 3 (id=31708): r0 = gettid() bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r0, 0xffffffffffffffff, 0x0, 0x16, 0xfffffffffffffffe}, 0x30) 837.264782ms ago: executing program 3 (id=31711): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r2, &(0x7f0000000340)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r2, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0) write$dsp(r4, &(0x7f00000001c0)='B', 0x1) 783.045651ms ago: executing program 2 (id=31713): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_RES_QP_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x10, 0x140a, 0xd01, 0x70bd2b, 0x25dfdbfe}, 0x10}, 0x1, 0x0, 0x0, 0x9040}, 0xc010) 782.919587ms ago: executing program 2 (id=31714): r0 = add_key$user(&(0x7f0000000200), &(0x7f0000000440), &(0x7f00000000c0), 0x14b, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000340)={r0, r0, r0}, &(0x7f0000000040)=""/94, 0x5e, &(0x7f0000000240)={&(0x7f0000000000)={'xxhash64\x00'}}) 717.994121ms ago: executing program 2 (id=31715): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000009de00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f000009df00)=@ipv6_getaddr={0x20, 0x16, 0x1, 0x0, 0x0, {}, [@IFA_TARGET_NETNSID={0x8}]}, 0x20}}, 0x0) 717.213491ms ago: executing program 2 (id=31718): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) ioctl$int_in(r3, 0x5421, &(0x7f0000000100)=0x9) connect$inet(r3, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10) close(r3) 621.504635ms ago: executing program 0 (id=31719): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0) 620.992168ms ago: executing program 2 (id=31720): r0 = io_uring_setup(0x3c92, &(0x7f0000000100)={0x0, 0x3, 0x0, 0xffffffff, 0x2}) r1 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10) listen(r1, 0x0) r2 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r2, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10) r3 = accept(r1, 0x0, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="120000000400000004000000a4"], 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r4, &(0x7f0000000080), &(0x7f00000002c0)=@udp=r3}, 0x20) recvmsg$can_bcm(r3, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x0) accept4$inet6(r3, 0x0, 0x0, 0x800) close_range(r0, 0xffffffffffffffff, 0x0) 577.786995ms ago: executing program 0 (id=31722): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='devpts\x00', 0x0, 0x0) mount$bpf(0x0, &(0x7f00000023c0)='./file0\x00', 0x0, 0x958028, 0x0) 531.554343ms ago: executing program 0 (id=31724): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001300)='/proc/timer_list\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000ec0)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1, 0x4b8, 0x1ff) 531.322405ms ago: executing program 1 (id=31725): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) close_range(r3, 0xffffffffffffffff, 0x0) 484.773383ms ago: executing program 0 (id=31726): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, 0x0, 0x0, 0x40040) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000000)={'rose0\x00', 0x112}) ioctl$TUNATTACHFILTER(r4, 0x401054d5, &(0x7f0000000240)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0xffffffff}]}) 484.55014ms ago: executing program 1 (id=31727): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6(0xa, 0x400000000001, 0x0) sendto$inet6(r4, 0x0, 0x0, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x8, @loopback, 0x9db}, 0x1c) 484.020968ms ago: executing program 1 (id=31728): r0 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) ppoll(&(0x7f0000000000)=[{r0, 0xc0}, {r0, 0x2000}], 0x2, 0x0, 0x0, 0x0) 483.376819ms ago: executing program 2 (id=31729): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) ioctl$int_in(r4, 0x5421, &(0x7f0000000100)=0x9) connect$inet(r4, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10) close(r4) 410.098636ms ago: executing program 1 (id=31730): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r5, 0x0, 0x0, 0x805, 0x0, 0x0) syz_emit_ethernet(0xd80, &(0x7f0000001500)={@broadcast, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "010526", 0xd4a, 0x3a, 0x0, @private0, @mcast2, {[], @ndisc_rs={0x85, 0x0, 0x0, '\x00', [{0x1f, 0x18, "9df8869c24c505b7d471402a31e6ea98307116e5d84627360d9f4ded8e743b0a5631de7eb2af6781b38261e2ca88016e2bf001896cdfa7fc8170ab9adb87a391d8e02124fa9dfc4d572402ea66f17f88eeb6f25953faff57b27820bfe984332773e6f52bd686cf5e7bd0796180260e419b51620df7e8d9a8fc812c38cde15d9ae250850e519b044586e7bd0537f0b62ff3ee6e1b592140da9cef727f98361e77ad3c9c574dc00f3813d78ec38bf0639a73f5620eb2712015d39bbf81edc0ee2334608a65"}, {0x22, 0x5, "0e8ea79a6ce39825120e696373c2cb5b842a188554365fcc7635f93b6b0cf7183c1473add686df2b883aed0b5a"}, {0x18, 0x8, "164812996b35d1b9e2f009bfa0918189ad27dd4a3d46585c7d16ce907c5504011d36dea981a80b504f997c2ed526ad05711a33c9b09415e65278bdb063fd5588"}, {0x0, 0x11, "b5fbe47cdb0b36345cc09f83e901dae4e362a963a13d4e5a77cd4635f762afac9637356d83e8410668207a283af51ec73dcccd5e34b888c9d6caf39b588d14ba163d0397375dfb1cb3f3a525b67095c43745f91ac908c1af4a0e62cc0730bb558e8a52746023e8f17ff22a41f825a7acb5902c8b2983e30fa5c18e28bcbc5ef7151c720cb0bf141365"}, {0xe, 0x19, "37ee356bee650bdd6af02cea4cad621cf827ed7ecb805aac800dcc61eae89f6d389087b862cf9558a7a289b4b959ba78102a42520fabfcd675eb5da12d23af9b213046ebfe548c661623d918704b93e0e8c093bb33c345ed4ef134f209875aae46e8c5687fead9814b3add68478c4ca286bb4e3419e54c20df53b7c7f256093a0e04867445fd011a78cfad22ac7ad2db83e0648fe231839ae93cc75254879267f4327ef43aa4739e70f9578f96825c35f9642d3f4df76bd6ff7612674ae9189c4cceedccc72228"}, {0x5, 0xd, "2890ab98d2047b0789f6e5e4ab99c79937d655f7876ca184567615000e9ac4aedcbeccbec4fa8ffeec4e3e94d0da137df21b2b6d4b16ae78bcb72d4f797d51192b56f4bf2922764899880660eedc0194bffc872df8a661bb891a4d118f560e11c5eaab7fe8e436799d26d5fd"}, {0x1f, 0x8, "0f078023085bc803dc3c68c0c4e6e790e139b1650b0dbd28073aae4aa7d13e92eab598a25147b369a7d2585c1d562f2c40b6b20c730e4236a6b856e36eb32a"}, {0x1f, 0x9, "87b62409876b32a091ad326971e24d0c74d96b20f59e34c1afef8d39b944eb7f0a49d314c3bbe43250158a11806d0784a37b9a3f3bd14e34b971a03cab740eb95caccb968bcf478e"}, {0x1, 0x137, "4362bd3c8fb53fdc0789108e678121349149537c2cf5fdc60f77fceb21d70c365ec022f9c38d8b29e06cdf40a74c768332ad46a1ee239dc7b69610779389deed18b78ac6ceaa432f4b76c017b744821e640510bb1ddca726d86ac74fd0914ead0f931b3d8d24ac2adc6ab6c60bcdc448eeb5beb3fba14e2e1c2ddc37215a41d70e535b8d9e5f9930e9f3f0a6a7d8bcf966a9edd02bcb79dca7129235edd89e256729533f2035057f6722923e16eb8067996328365535c510ba31f0c60829d8d91a991e872c3770d2544b3ddd7c1f35380575cd0b691477aa775d515a885f3e354b7576ef2d7ead8b551b08a50c127e21f15dfbb87ba8da007f2af2853064363b73fb079a419b719f4c3aaa799cc42cdbbbff19ea8b093390f633e0044e90a4977d2bd15add1bd2ff5bce7484191a7d6ef1e8db6f0a53e3993ba6578bbf9030adfccfd41b9f94ae6fb7eefa0a31ca1c809540e13562670d5677a2ef0ccdfd71c0947641d9ce973ebc07cb64b1dd3b6fb4238849dc66cd1c799ce4817b842c30db35e801579d09ff2ac6839723c3ffc7fc8b5e36a830a0876056df7aee3ec7e834a30ca3ef60e2584fc20d2290c96825ec5255c542f941891587e8469a99deee5ca40123ec1c3cc6a74a6b97fcd3c651df13c9e4c6596bca5b88eded8f252f89dd0b5dd1eb619940b861296ac569ca95e4eea259e4a2575e3eb69ffe753239066daab6b9daeff5e0afbb4cceee1ebd876483fab12ca4c807a440dde8dce20ea67ae730d9840b81a86851a5226d3e07d490178774a46fa0d6b631abe4fe95998784f3946375af462432cef418f7c76b043f66587c9fb22a63f6fd051d73205d0d5fe2537d71eba14415e08831568eef320309e8f26ecfcc5d4d3404b68588ea71ce7546820d6af1f6fde67b2428c8fbaf62897c8aef7b3bd1b5c1d6fa2baca1ecdfb31524045273d0d3d616f73232c0e64c3ab3c7c0cb070930ba895cf322171535806e925367a66b657f3eae52675d26dc1262b51f8e6b6be2d427a2b957159d5f336e568226f29bb34f78949567e129f087f82efdb7db75e7caf35f579e07f0fc0e41e27919a8d7c66148dd1461b2a0a0d1d2ed0f10b5069ae1ab13d617f696a2fea282de63159b5cef7dbb64fc1847abefb53b4398832c1fc5a300abcd7d3d20058d77a2221d2c2bd13a50f01013ba78e1ee4dde1d8946a45cc17a495cfda6783a6ef3bd3b23c9b030a87eb9384d38c95ffc3e097a1f313a48c08d7fe73287b02edb43cf89a1cbb81ca888d09f065863b650b58d604d8b32a43d07e4b9f9a8ab325d97298329aa88a4bce02bf5c9228220954b866c60ca4876c523c530a3817ac27b8d965809c410fc1e3b3a2f91cb39bec94bf8208320084a00b9337e98395cc513b952288e9631656c4a65b91e1128be69178623ad53f193c966d25c4f16ccfc2ae88edf102a38f5ed8428c0c4f34252d384dcbba3bd5eafa7e377f3500f44a2f5bf094cd65c510579a7e79c69d6aa6be268db492d702349dd0de09486f65209c1a19ddcd93b8e493069697562622bc35e711af9815be2cad0af82291781652f9bc83dd4fe3902f02bb09906e4622973eb9b978642c80a8e188461c8dec71ff93981498a228783df6b2ecb86bcc29e37a380b2706057fd6300a71d69268b4bf71ac564d3857f5a27bc35ce50bd380f03affd4a54e720a88dc12f0189032905d69d063727b076aad1a71cb1b462a68b63b4ea5c62b657f815b2a3c324a15f417f40d7b5ea178106846f29822f2efac2d84f02348efa4357076097f707a6fec53de36d6afaf4802a088bfc9893439c5080c4eab496e841e5c252e1a63fd5f973b1e427eb8327093d9c5ef94bd51a2d22a657144e74b7b83178a833fffc3ac90919c2658fcee4e1bf9bdd7274c2bd767d4b38bf587852c10681a8880770655f706da5d88bc2d148bc2ba8e51135cab852381caad8f2da981aad0402c8909d8660cbf5caffac219eb787497d817a0f8ab6d5357c19cdb7424d26df16fb48c4dcc82bae45a2cf9c8c2837b4f1b731249e6d3945f9e3ee1a29dc1ba10591ccf736737df66d386d1e9850500c7b674ec1cc890114a6815659eabe6b5e2603e43c12d566a68474fd2e6e73a09d8343ca7d04169235cd3803764925448b54e27cd7d92d207079865e3982e813e78c8dc029291e5a8869d9cac53df7f02c502c3c14bd5ecc0d5a43be5bf93d03fd8c10370b0fb83dfcdd486fa32f543d569178e30e76f23560aa3ddc0be81e9dc20eec1d0e6288723049893c22d6748901b0cfc4d88a73a733c79e69a38bb7f305d148cb64a8b143f182932f802ff7640e1fd861450e5a48f825f7ae4f2c9e9455eb9f316648f14334d1132d1c45e895942a12077062947876d258f309458b7d8f498c5eaaefa0279dc93f242b7e56f9e7371bcfb38acd080282cde1271c1a08cb3b0c762f20a95e198ef37b36282669d56e434615e1c6c2825e31a4dedcc92a9929adc0a7da4a78e659f4d4552bd27447bbed6955c8fb315799a1bd83d070e1795aa4a0b5e6dddc1dbace6e7ee110a943e81690ea2effbc60bf918a406f0e9e0cde058fe3a02113b76abdf915530ef0a7c1b1b1974d8ff815b1c85ff0aab3c366d9c0a6ddd14f42389538372062ef7f35ba15921bd3a06be09a437dbd4cdfff859a431260290a3792e75e87aa884d09d5ac111dc5d85a966bdd05ba39bdcc565e59f4f38e67b5b15c479aae6780a446c755e8d9fb6f61b4a9c39ff80edce0c60809ecd07eedadcd37cf4aabb40fc7340597b9f2be1a5c4600298b106de7a9ffdef86de58706c3e9b3da74a87a42ca1e0a93cba9fd8fec9e29183a151aedb06fe756e852d1cbb7fb3e9c2be9e62c03a9419472719c6f05f9be892890607e638765ffed1108c202402a3b88bbe65feb12e70b269bd62864d4495528ec07cf321d24ab36d85d73301363e116eb74ffdb6cc410c241a1b806c8972b68eb6889f4ac73ea8c2eb5aedfc4c64db53ea916ee3e17495598800bf1c0bcbff471ba0876d70cc27a3fbb3a2d29d5ba6508bbb43d0b50b1d758d0bef51791d5a5b981e78c4b96e5e41d2d7d165674b34da8ea8dfb23e7d73c036a819d165c9923a597861e6755b372f63b83e292fd3200c2ce8366e276d8cdc55af195e094d638ee366b03cd054d621e9b705e4ec893580c40654cb81eb659b2f4e24ebb0faa89c3d418d6200aa9c531f1eed3216f3c45575a02834599fa5d58b466442ece978f352e71a992f2cef31c603d96a3c2fdae530eb7774abf80cfa09cd5cb04c2f81dafd80168b74df48155bc7f877d623dd15e152d39078b67f24bba2435b2729485f4c73e2a749571d0691bec31ed218bffbd173bfd3c676053e1f7b1e0375e670b380e1af76798bbe90a7e5de70e7a8a2e7253cbb2bac02253646dbbf68ee96744a678c9524ae95641baf8f2d2ac824ecfbb0d8fd7330d48967b6abc762b083c123d529d5062fca87d1ad4b9c3d6ab95d14408860553216b46"}]}}}}}}, 0x0) 409.619227ms ago: executing program 0 (id=31731): r0 = openat$kvm(0x0, &(0x7f0000000240), 0x181002, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x20040830) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0x9, 0x2) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000000), 0xffffffffffffffff) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x9, 0x2, 0x56d, 0x2, 0x0, 0xffffffffffffffff, 0x54ae}, 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000600), &(0x7f0000001f80), 0xfffffffb, r4}, 0x38) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000200), &(0x7f00000004c0), 0x1000, r4}, 0x38) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) ioctl$NBD_SET_SOCK(0xffffffffffffffff, 0xab00, r5) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x1c, r3, 0x1, 0x70bd2b, 0x6, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8004}, 0x0) 381.221361ms ago: executing program 1 (id=31732): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000340)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TDLS_MGMT(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)={0x24, r1, 0x509, 0x70bd26, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x8080}, 0x4044000) 279.110445ms ago: executing program 3 (id=31733): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) timer_create(0x7, 0x0, &(0x7f0000bbdffc)=0x0) timer_gettime(r4, &(0x7f0000000000)) 278.871646ms ago: executing program 1 (id=31734): mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f00000009c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r6, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000000)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}]}) 232.463391ms ago: executing program 3 (id=31735): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_buf(r0, 0x0, 0x10, &(0x7f00000000c0)="170000000200020000ffbe8c5ee17688a2006c00030100000077fc5ad90200fb6a880000d6c9db0000db15d088bd8b7000000000d9ce9bc7e28db3000200ff01800a0000ebfc0607bdff59100ac45761547a681f009ceeff5acba400001fb700674f00c8e365d00b5033bf79ac2dfc061f15003901dee2000000000062068f5ee50c08af9b1c568302ffff02ff03310800ab0840024f02d8e9e90539062a80e605007f71174ab498ff0b3e5a1b47b6df7b23de8caa000000", 0x10c) 166.763878ms ago: executing program 3 (id=31736): sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000040)={0x20, 0x0, 0x1, 0x70bd2a, 0x25dfdbff, {}, [{{0x8}, {0x4}}]}, 0x20}, 0x1, 0x1000000, 0x0, 0x24004000}, 0x24040840) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x6}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="300000001a00010000000000000000001c000000000000000000000014"], 0x30}}, 0x0) 93.483222ms ago: executing program 3 (id=31737): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6(0xa, 0x400000000001, 0x0) sendto$inet6(r4, 0x0, 0x0, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x8, @loopback, 0x9db}, 0x1c) 0s ago: executing program 0 (id=31738): r0 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) ppoll(&(0x7f0000000000)=[{r0, 0xc0}, {r0, 0x2000}], 0x2, 0x0, 0x0, 0x0) 0s ago: executing program 0 (id=31739): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0) r0 = landlock_create_ruleset(&(0x7f0000000180)={0x100}, 0x18, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x200000, 0x0) landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000200)={0x100, r1}, 0x0) close(0xffffffffffffffff) close(r1) umount2(&(0x7f00000002c0)='./file0\x00', 0x0) close(r0) kernel console output (not intermixed with test programs): [ 1578.570929][ T8431] bridge0: port 2(bridge_slave_1) entered blocking state [ 1578.573757][ T8431] bridge0: port 2(bridge_slave_1) entered disabled state [ 1578.577334][ T8431] bridge_slave_1: entered allmulticast mode [ 1578.587187][ T8431] bridge_slave_1: entered promiscuous mode [ 1578.651613][ T8431] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1578.660178][ T8431] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1578.723915][ T8431] team0: Port device team_slave_0 added [ 1578.730724][ T8431] team0: Port device team_slave_1 added [ 1578.782585][ T8431] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1578.789329][ T8431] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1578.801669][ T8431] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1578.806974][T22105] Bluetooth: hci1: command 0x0406 tx timeout [ 1578.817724][ T8431] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1578.820842][ T8431] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1578.833211][ T8431] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1579.024466][ T8431] hsr_slave_0: entered promiscuous mode [ 1579.030246][ T8431] hsr_slave_1: entered promiscuous mode [ 1579.042151][ T8431] debugfs: 'hsr0' already exists in 'hsr' [ 1579.045253][ T8431] Cannot create hsr debugfs directory [ 1579.202554][ T8458] netlink: 20 bytes leftover after parsing attributes in process `syz.0.28609'. [ 1579.386823][ T40] audit: type=1400 audit(1763393841.438:551): avc: denied { map } for pid=8469 comm="syz.0.28620" path="/dev/zero" dev="devtmpfs" ino=6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1 [ 1579.409011][ T8472] netlink: 'syz.2.28619': attribute type 3 has an invalid length. [ 1579.413340][ T8472] netlink: 'syz.2.28619': attribute type 1 has an invalid length. [ 1579.417212][ T8472] netlink: 224 bytes leftover after parsing attributes in process `syz.2.28619'. [ 1579.421332][ T8472] NCSI netlink: No device for ifindex 0 [ 1579.452550][ T8431] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1579.541209][ T8431] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1579.630811][ T8431] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1579.694369][ T8431] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1579.792105][ T8492] mkiss: ax0: crc mode is auto. [ 1579.844249][ T8496] binder: Bad value for 'stats' [ 1579.876070][ T8431] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1579.882308][ T8431] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1579.888315][ T8498] netlink: 12 bytes leftover after parsing attributes in process `syz.2.28631'. [ 1579.891555][ T8431] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1579.899491][ T8431] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1580.003629][T22862] Bluetooth: hci4: command tx timeout [ 1580.029780][ T8431] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1580.074200][ T8431] 8021q: adding VLAN 0 to HW filter on device team0 [ 1580.085308][T21781] bridge0: port 1(bridge_slave_0) entered blocking state [ 1580.087874][T21781] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1580.097622][T21781] bridge0: port 2(bridge_slave_1) entered blocking state [ 1580.100002][T21781] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1580.311000][ T8431] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1580.358375][ T8431] veth0_vlan: entered promiscuous mode [ 1580.372884][ T8431] veth1_vlan: entered promiscuous mode [ 1580.383771][ T8530] mkiss: ax0: crc mode is auto. [ 1580.428543][ T8431] veth0_macvtap: entered promiscuous mode [ 1580.436975][ T8431] veth1_macvtap: entered promiscuous mode [ 1580.460526][ T8431] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1580.471582][ T8532] mkiss: ax0: crc mode is auto. [ 1580.471585][ T8534] netlink: 12 bytes leftover after parsing attributes in process `syz.2.28643'. [ 1580.482340][ T8431] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1580.505027][ T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1580.508624][ T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1580.522761][ T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1580.531787][ T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1580.623017][T21781] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1580.631355][T21781] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1580.674357][ T8546] netlink: 20 bytes leftover after parsing attributes in process `syz.0.28649'. [ 1580.688931][ T8546] team0: entered promiscuous mode [ 1580.691466][ T8546] team_slave_0: entered promiscuous mode [ 1580.694827][ T8546] team_slave_1: entered promiscuous mode [ 1580.697888][ T8546] team0: entered allmulticast mode [ 1580.700133][ T8546] team_slave_0: entered allmulticast mode [ 1580.702283][ T8546] team_slave_1: entered allmulticast mode [ 1580.718906][ T3082] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1580.721506][ T3082] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1580.828335][ T8551] bridge0: port 2(bridge_slave_1) entered disabled state [ 1580.832627][ T8551] bridge0: port 1(bridge_slave_0) entered disabled state [ 1580.972931][ T8551] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1580.989006][ T8551] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1581.172045][ T8558] mkiss: ax0: crc mode is auto. [ 1581.173948][ T62] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1581.194380][ T62] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1581.198100][ T62] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1581.208861][ T62] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1581.380804][ T40] audit: type=1804 audit(1763393843.428:552): pid=8569 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.3.28657" name="/newroot/4/file0" dev="tmpfs" ino=41 res=1 errno=0 [ 1581.735186][ T8592] netlink: 20 bytes leftover after parsing attributes in process `syz.1.28667'. [ 1581.737894][ T8590] mkiss: ax0: crc mode is auto. [ 1581.975308][ T8618] netlink: 20 bytes leftover after parsing attributes in process `syz.3.28678'. [ 1581.985624][ T8618] team0: entered promiscuous mode [ 1581.987393][ T8618] team_slave_0: entered promiscuous mode [ 1581.989416][ T8618] team_slave_1: entered promiscuous mode [ 1581.991504][ T8618] team0: entered allmulticast mode [ 1581.993183][ T8618] team_slave_0: entered allmulticast mode [ 1581.995737][ T8618] team_slave_1: entered allmulticast mode [ 1582.049496][ T8626] mkiss: ax0: crc mode is auto. [ 1582.093553][ T3571] Bluetooth: hci4: command tx timeout [ 1582.285543][ T8648] netlink: 20 bytes leftover after parsing attributes in process `syz.3.28692'. [ 1582.447334][ T8665] netlink: 'syz.3.28697': attribute type 4 has an invalid length. [ 1582.635231][ T8677] netlink: 20 bytes leftover after parsing attributes in process `syz.0.28703'. [ 1582.951950][ T40] audit: type=1400 audit(1763393844.998:553): avc: denied { setopt } for pid=8696 comm="syz.1.28713" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 1583.115398][ T8703] mkiss: ax0: crc mode is auto. [ 1583.631223][ T40] audit: type=1400 audit(1763393845.678:554): avc: denied { mount } for pid=8726 comm="syz.3.28727" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1 [ 1583.923620][ T3571] Bluetooth: hci3: command 0x0406 tx timeout [ 1584.165984][T22105] Bluetooth: hci4: command tx timeout [ 1584.983731][T29944] usb 7-1: new high-speed USB device number 18 using dummy_hcd [ 1585.143450][T29944] usb 7-1: Using ep0 maxpacket: 8 [ 1585.147435][T29944] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1585.150984][T29944] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1585.155898][T29944] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 1585.159443][T29944] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1585.164360][T29944] usb 7-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b [ 1585.167409][T29944] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1585.179104][T29944] usb 7-1: config 0 descriptor?? [ 1585.186007][T29944] hso 7-1:0.0: Can't find BULK IN endpoint [ 1585.229429][ T8782] netlink: 12 bytes leftover after parsing attributes in process `syz.0.28754'. [ 1585.385848][T21157] usb 7-1: USB disconnect, device number 18 [ 1585.923668][T29944] usb 8-1: new high-speed USB device number 22 using dummy_hcd [ 1586.077169][T29944] usb 8-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 1586.081072][T29944] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1586.090425][T29944] usb 8-1: Product: syz [ 1586.092445][T29944] usb 8-1: Manufacturer: syz [ 1586.096625][T29944] usb 8-1: SerialNumber: syz [ 1586.102994][T29944] usb 8-1: config 0 descriptor?? [ 1586.243961][T22105] Bluetooth: hci4: command tx timeout [ 1586.316472][T29944] usb-storage 8-1:0.0: USB Mass Storage device detected [ 1586.394711][T29944] usb 8-1: USB disconnect, device number 22 [ 1586.428737][ T8859] netlink: 'syz.0.28788': attribute type 4 has an invalid length. [ 1586.757471][ T8884] netlink: 12 bytes leftover after parsing attributes in process `syz.0.28796'. [ 1586.895531][ T8898] netlink: 'syz.3.28800': attribute type 4 has an invalid length. [ 1586.906231][ T8900] netlink: 20 bytes leftover after parsing attributes in process `syz.1.28801'. [ 1586.920158][ T8896] mkiss: ax0: crc mode is auto. [ 1587.207546][ T8923] netlink: 'syz.0.28811': attribute type 4 has an invalid length. [ 1587.240873][ T8927] netlink: 20 bytes leftover after parsing attributes in process `syz.3.28812'. [ 1587.718103][ T8965] netlink: 20 bytes leftover after parsing attributes in process `syz.3.28823'. [ 1587.915270][ T40] audit: type=1400 audit(1763393849.968:555): avc: denied { nlmsg_read } for pid=8985 comm="syz.3.28833" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 1587.915306][ T8986] netlink: 104 bytes leftover after parsing attributes in process `syz.3.28833'. [ 1588.275000][ T9014] netlink: 12 bytes leftover after parsing attributes in process `syz.3.28845'. [ 1588.636831][ T8857] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1588.639495][ T8857] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 1588.642368][ T9045] mkiss: ax0: crc mode is auto. [ 1588.688115][ T8857] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1588.691327][ T8857] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 1588.753157][ T8857] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1588.756100][ T8857] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 1588.775954][ T8857] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1588.778763][ T8857] Bluetooth: hci4: Error when powering off device on rfkill (-4) [ 1588.998970][ T9072] netlink: 12 bytes leftover after parsing attributes in process `syz.1.28871'. [ 1589.067820][ T9076] mkiss: ax0: crc mode is auto. [ 1589.086914][ T9080] nfs: Bad value for 'source' [ 1589.268798][ T9096] netlink: 12 bytes leftover after parsing attributes in process `syz.0.28883'. [ 1589.405963][ T9108] mkiss: ax0: crc mode is auto. [ 1589.667061][ T9121] mkiss: ax0: crc mode is auto. [ 1590.060661][ T3571] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1590.065745][ T3571] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1590.068924][ T3571] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1590.072429][ T3571] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1590.077111][ T3571] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1590.178420][T22105] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1590.181411][T22105] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1590.184198][T22105] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1590.186926][T22105] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1590.189497][T22105] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1590.438868][ T9133] chnl_net:caif_netlink_parms(): no params data found [ 1590.651083][ T9133] bridge0: port 1(bridge_slave_0) entered blocking state [ 1590.654078][ T9133] bridge0: port 1(bridge_slave_0) entered disabled state [ 1590.658103][ T9133] bridge_slave_0: entered allmulticast mode [ 1590.675718][ T9133] bridge_slave_0: entered promiscuous mode [ 1590.695290][ T9133] bridge0: port 2(bridge_slave_1) entered blocking state [ 1590.697821][ T9133] bridge0: port 2(bridge_slave_1) entered disabled state [ 1590.701524][ T9133] bridge_slave_1: entered allmulticast mode [ 1590.733391][ T9133] bridge_slave_1: entered promiscuous mode [ 1590.857197][ T9133] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1590.878411][ T9133] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1590.987318][ T9133] team0: Port device team_slave_0 added [ 1590.992564][ T9133] team0: Port device team_slave_1 added [ 1591.067970][ T9133] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1591.070555][ T9133] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1591.081592][ T9133] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1591.090966][ T9133] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1591.094723][ T9133] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1591.105970][ T9133] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1591.129545][ T9154] mkiss: ax0: crc mode is auto. [ 1591.195082][ T9133] hsr_slave_0: entered promiscuous mode [ 1591.199015][ T9133] hsr_slave_1: entered promiscuous mode [ 1591.202047][ T9133] debugfs: 'hsr0' already exists in 'hsr' [ 1591.205535][ T9133] Cannot create hsr debugfs directory [ 1591.412018][ T9133] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1591.554840][ T9133] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1591.639421][ T9133] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1591.766915][ T9133] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1591.981058][ T9133] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1591.997445][ T9133] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1592.005500][ T9133] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1592.016832][ T9133] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1592.135677][ T9133] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1592.158289][ T9133] 8021q: adding VLAN 0 to HW filter on device team0 [ 1592.179480][ T62] bridge0: port 1(bridge_slave_0) entered blocking state [ 1592.182658][ T62] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1592.197269][ T1144] bridge0: port 2(bridge_slave_1) entered blocking state [ 1592.200511][ T1144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1592.243926][T22105] Bluetooth: hci1: command tx timeout [ 1592.491303][ T9133] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1592.577906][ T9133] veth0_vlan: entered promiscuous mode [ 1592.595764][ T9133] veth1_vlan: entered promiscuous mode [ 1592.638729][ T9200] netlink: 12 bytes leftover after parsing attributes in process `syz.3.28920'. [ 1592.646415][ T9133] veth0_macvtap: entered promiscuous mode [ 1592.656540][ T9133] veth1_macvtap: entered promiscuous mode [ 1592.671045][ T9133] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1592.677553][ T9133] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1592.697572][ T62] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1592.700528][ T62] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1592.705623][ T62] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1592.708744][ T62] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1592.724728][T32660] usb 5-1: new high-speed USB device number 41 using dummy_hcd [ 1592.836573][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1592.839206][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1592.875337][T32660] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1592.886296][T32660] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1592.895269][T32660] usb 5-1: config 0 descriptor?? [ 1592.914150][T32660] cp210x 5-1:0.0: cp210x converter detected [ 1592.922729][ T5341] udevd[5341]: worker [9136] terminated by signal 33 (Unknown signal 33) [ 1592.930165][ T1144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1592.930548][ T5341] udevd[5341]: worker [9136] failed while handling '/devices/platform/dummy_hcd.0/usb5/5-1' [ 1592.940786][ T1144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1593.017953][ T9205] binder: Unknown parameter 'st' [ 1593.106812][ T9209] netlink: 32 bytes leftover after parsing attributes in process `syz.1.28923'. [ 1593.305631][T32660] cp210x 5-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 1593.316785][T32660] usb 5-1: cp210x converter now attached to ttyUSB0 [ 1593.356486][ T5341] udevd[5341]: worker [9135] terminated by signal 33 (Unknown signal 33) [ 1593.360258][ T5341] udevd[5341]: worker [9135] failed while handling '/devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/ttyUSB0/tty/ttyUSB0' [ 1593.513750][ T29] usb 5-1: USB disconnect, device number 41 [ 1593.532807][ T29] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1593.558871][ T29] cp210x 5-1:0.0: device disconnected [ 1593.651586][ T9223] mkiss: ax0: crc mode is auto. [ 1593.782422][ T9225] mkiss: ax0: crc mode is auto. [ 1594.059439][ T9239] netlink: 20 bytes leftover after parsing attributes in process `syz.0.28937'. [ 1594.098007][ T9243] binder: Unknown parameter 'stat' [ 1594.144091][ T6898] usb 8-1: new high-speed USB device number 23 using dummy_hcd [ 1594.196348][ T9251] netlink: 12 bytes leftover after parsing attributes in process `syz.2.28943'. [ 1594.251361][ T40] audit: type=1400 audit(1763393856.298:556): avc: denied { listen } for pid=9255 comm="syz.1.28946" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 1594.266832][ T9259] netlink: 20 bytes leftover after parsing attributes in process `syz.0.28947'. [ 1594.268222][ T40] audit: type=1400 audit(1763393856.298:557): avc: denied { create } for pid=9254 comm="syz.2.28945" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 1594.279590][ T40] audit: type=1400 audit(1763393856.298:558): avc: denied { write } for pid=9254 comm="syz.2.28945" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 1594.293518][ T6898] usb 8-1: Using ep0 maxpacket: 16 [ 1594.304557][ T6898] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1594.308623][ T6898] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1594.315030][ T6898] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1594.317142][ T9263] binder: Unknown parameter 'stat' [ 1594.318922][ T6898] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1594.323604][T22105] Bluetooth: hci1: command tx timeout [ 1594.327411][ T6898] usb 8-1: Product: syz [ 1594.330414][ T6898] usb 8-1: Manufacturer: syz [ 1594.332574][ T6898] usb 8-1: SerialNumber: syz [ 1594.376764][ T9269] netlink: 'syz.0.28951': attribute type 4 has an invalid length. [ 1594.488964][ T40] audit: type=1400 audit(1763393856.538:559): avc: denied { setopt } for pid=9279 comm="syz.0.28957" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 1594.528009][ T40] audit: type=1400 audit(1763393856.578:560): avc: denied { ioctl } for pid=9282 comm="syz.1.28958" path="socket:[729832]" dev="sockfs" ino=729832 ioctlcmd=0x8905 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 1594.545358][ T6898] usb 8-1: 0:2 : does not exist [ 1594.547288][ T6898] usb 8-1: unit 9 not found! [ 1594.563665][ T6898] usb 8-1: USB disconnect, device number 23 [ 1594.599444][T26327] udevd[26327]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1594.614412][ T9293] fuse: Bad value for 'fd' [ 1594.616247][ T9292] netlink: 12 bytes leftover after parsing attributes in process `syz.1.28962'. [ 1594.790305][ T40] audit: type=1400 audit(1763393856.838:561): avc: denied { read } for pid=9307 comm="syz.1.28971" name="ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 1594.877608][ T40] audit: type=1400 audit(1763393856.928:562): avc: denied { setopt } for pid=9312 comm="syz.0.28973" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 1595.090490][ T9333] netlink: 20 bytes leftover after parsing attributes in process `syz.0.28984'. [ 1595.095413][ T9333] vcan0: entered promiscuous mode [ 1595.098406][ T9333] vcan0: entered allmulticast mode [ 1595.212664][ T9343] netlink: 'syz.3.28988': attribute type 4 has an invalid length. [ 1595.215756][ T9343] netlink: 'syz.3.28988': attribute type 5 has an invalid length. [ 1595.218619][ T9343] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.28988'. [ 1595.313193][ T9349] netlink: 12 bytes leftover after parsing attributes in process `syz.3.28991'. [ 1595.333745][ T6898] usb 6-1: new full-speed USB device number 36 using dummy_hcd [ 1595.384334][ T29] usb 5-1: new high-speed USB device number 42 using dummy_hcd [ 1595.421544][ T9357] mkiss: ax0: crc mode is auto. [ 1595.484998][ T6898] usb 6-1: config 0 has an invalid interface number: 241 but max is 0 [ 1595.487959][ T6898] usb 6-1: config 0 has no interface number 0 [ 1595.492533][ T6898] usb 6-1: New USB device found, idVendor=1a0a, idProduct=0101, bcdDevice=1f.24 [ 1595.498294][ T6898] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1595.501830][ T6898] usb 6-1: Product: syz [ 1595.503760][ T6898] usb 6-1: Manufacturer: syz [ 1595.505832][ T6898] usb 6-1: SerialNumber: syz [ 1595.512766][ T6898] usb 6-1: config 0 descriptor?? [ 1595.524623][ T6898] usb_ehset_test 6-1:0.241: probe with driver usb_ehset_test failed with error -32 [ 1595.555106][ T29] usb 5-1: New USB device found, idVendor=0dba, idProduct=1000, bcdDevice=80.99 [ 1595.559260][ T29] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1595.562856][ T29] usb 5-1: Product: syz [ 1595.564928][ T29] usb 5-1: Manufacturer: syz [ 1595.566988][ T29] usb 5-1: SerialNumber: syz [ 1595.574833][ T29] usb 5-1: config 0 descriptor?? [ 1595.722952][ T3938] usb 6-1: USB disconnect, device number 36 [ 1595.784103][T29944] usb 5-1: USB disconnect, device number 42 [ 1596.413356][T22105] Bluetooth: hci1: command tx timeout [ 1596.626176][ T9395] mkiss: ax0: crc mode is auto. [ 1597.181169][ T40] audit: type=1400 audit(1763393859.228:563): avc: denied { mounton } for pid=9422 comm="syz.3.29026" path="/108/bus" dev="tmpfs" ino=652 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1 [ 1597.318782][ T9435] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 1598.118123][ T40] audit: type=1400 audit(1763393860.168:564): avc: denied { connect } for pid=9459 comm="syz.1.29045" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 1598.127087][ T40] audit: type=1400 audit(1763393860.178:565): avc: denied { read } for pid=9459 comm="syz.1.29045" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 1598.483666][T22105] Bluetooth: hci1: command tx timeout [ 1598.514535][ T9481] tipc: Started in network mode [ 1598.516612][ T9481] tipc: Node identity 4, cluster identity 4711 [ 1598.519160][ T9481] tipc: Node number set to 4 [ 1598.646508][ T9493] netlink: 'syz.2.29050': attribute type 4 has an invalid length. [ 1598.696344][ T9497] mkiss: ax0: crc mode is auto. [ 1598.965699][ T9520] netlink: 'syz.3.29073': attribute type 4 has an invalid length. [ 1599.740678][ T9550] mkiss: ax0: crc mode is auto. [ 1599.909364][ T40] kauditd_printk_skb: 4 callbacks suppressed [ 1599.909381][ T40] audit: type=1400 audit(1763393861.958:570): avc: denied { create } for pid=9558 comm="syz.2.29091" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 1600.106447][ T9573] netlink: 'syz.2.29098': attribute type 4 has an invalid length. [ 1600.209891][ T40] audit: type=1400 audit(1763393862.258:571): avc: denied { mount } for pid=9578 comm="syz.2.29102" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1 [ 1600.511236][ T9588] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 1600.595053][ T9595] tipc: Started in network mode [ 1600.596815][ T9595] tipc: Node identity 4, cluster identity 4711 [ 1600.598863][ T9595] tipc: Node number set to 4 [ 1600.735010][ T9601] netlink: 'syz.2.29112': attribute type 4 has an invalid length. [ 1600.794203][ T9603] mkiss: ax0: crc mode is auto. [ 1600.968512][ T9607] netlink: 12 bytes leftover after parsing attributes in process `syz.2.29115'. [ 1601.170555][ T9617] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1601.248127][ T9622] netlink: 'syz.2.29122': attribute type 4 has an invalid length. [ 1601.319345][ T40] audit: type=1400 audit(1763393863.368:572): avc: denied { ioctl } for pid=9626 comm="syz.2.29124" path="/dev/fb0" dev="devtmpfs" ino=637 ioctlcmd=0x4605 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 1601.663165][ T9657] netlink: 'syz.0.29138': attribute type 4 has an invalid length. [ 1602.022989][ T9678] mkiss: ax0: crc mode is auto. [ 1602.275977][ T9686] netlink: 12 bytes leftover after parsing attributes in process `syz.0.29152'. [ 1602.454094][ T9694] mkiss: ax0: crc mode is auto. [ 1602.578969][ T9698] mkiss: ax0: crc mode is auto. [ 1602.781629][ T9722] tipc: Started in network mode [ 1602.784812][ T9722] tipc: Node identity 4, cluster identity 4711 [ 1602.787806][ T9722] tipc: Node number set to 4 [ 1602.814715][ T9718] mkiss: ax0: crc mode is auto. [ 1602.875982][ T40] audit: type=1326 audit(1763393864.928:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9729 comm="syz.1.29174" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f717d38f6c9 code=0x7ffc0000 [ 1602.878439][ T9728] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1602.885357][ T40] audit: type=1326 audit(1763393864.928:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9729 comm="syz.1.29174" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f717d38f6c9 code=0x7ffc0000 [ 1602.904505][ T40] audit: type=1326 audit(1763393864.928:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9729 comm="syz.1.29174" exe="/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f717d38f6c9 code=0x7ffc0000 [ 1602.912688][ T40] audit: type=1326 audit(1763393864.928:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9729 comm="syz.1.29174" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f717d38f6c9 code=0x7ffc0000 [ 1602.926727][ T40] audit: type=1326 audit(1763393864.928:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9729 comm="syz.1.29174" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f717d38f6c9 code=0x7ffc0000 [ 1602.953378][ T40] audit: type=1326 audit(1763393864.928:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9729 comm="syz.1.29174" exe="/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f717d38f6c9 code=0x7ffc0000 [ 1602.962625][ T40] audit: type=1326 audit(1763393864.928:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9729 comm="syz.1.29174" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f717d38f6c9 code=0x7ffc0000 [ 1603.195327][ T9756] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1603.763167][ T9770] tipc: Started in network mode [ 1603.768686][ T9770] tipc: Node identity 4, cluster identity 4711 [ 1603.771462][ T9770] tipc: Node number set to 4 [ 1603.860255][ T9780] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1604.164246][T21157] usb 7-1: new high-speed USB device number 19 using dummy_hcd [ 1604.325343][T21157] usb 7-1: config 0 has an invalid interface number: 73 but max is 0 [ 1604.328822][T21157] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1604.339600][T21157] usb 7-1: config 0 has no interface number 0 [ 1604.344991][T21157] usb 7-1: New USB device found, idVendor=06f8, idProduct=300c, bcdDevice=39.64 [ 1604.348758][T21157] usb 7-1: New USB device strings: Mfr=9, Product=2, SerialNumber=3 [ 1604.352155][T21157] usb 7-1: Product: syz [ 1604.354912][T21157] usb 7-1: Manufacturer: syz [ 1604.357107][T21157] usb 7-1: SerialNumber: syz [ 1604.362529][T21157] usb 7-1: config 0 descriptor?? [ 1604.363792][ T9793] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 1604.372010][T21157] uvcvideo 7-1:0.73: probe with driver uvcvideo failed with error -22 [ 1604.570886][T23628] usb 7-1: USB disconnect, device number 19 [ 1604.780063][ T9813] mkiss: ax0: crc mode is auto. [ 1605.283102][ T9828] syzkaller0: entered promiscuous mode [ 1605.285413][ T9828] syzkaller0: entered allmulticast mode [ 1605.299034][ T9830] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1606.802412][ T9837] netlink: 12 bytes leftover after parsing attributes in process `syz.0.29223'. [ 1606.832698][ T40] kauditd_printk_skb: 241 callbacks suppressed [ 1606.832709][ T40] audit: type=1400 audit(1763393868.878:821): avc: denied { listen } for pid=9846 comm="syz.0.29230" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 1606.909871][ T9861] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1606.994663][T32660] hid-generic 0003:80000004:0000.000C: unknown main item tag 0x0 [ 1606.997182][T32660] hid-generic 0003:80000004:0000.000C: unknown main item tag 0x0 [ 1606.999904][T32660] hid-generic 0003:80000004:0000.000C: unknown main item tag 0x0 [ 1607.002510][T32660] hid-generic 0003:80000004:0000.000C: unknown main item tag 0x0 [ 1607.005472][T32660] hid-generic 0003:80000004:0000.000C: unknown main item tag 0x0 [ 1607.010005][T32660] hid-generic 0003:80000004:0000.000C: unknown main item tag 0x0 [ 1607.012697][T32660] hid-generic 0003:80000004:0000.000C: unknown main item tag 0x0 [ 1607.015361][T32660] hid-generic 0003:80000004:0000.000C: unknown main item tag 0x0 [ 1607.017888][T32660] hid-generic 0003:80000004:0000.000C: unknown main item tag 0x0 [ 1607.020652][T32660] hid-generic 0003:80000004:0000.000C: unknown main item tag 0x0 [ 1607.031920][T32660] hid-generic 0003:80000004:0000.000C: hidraw1: USB HID v0.00 Device [syz1] on syz0 [ 1607.062701][ T9882] fido_id[9882]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 1607.088589][ T9885] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1607.149732][ T9896] netlink: 48 bytes leftover after parsing attributes in process `syz.2.29254'. [ 1607.316784][ T9917] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1608.093101][ T9936] netlink: 'syz.0.29273': attribute type 4 has an invalid length. [ 1608.110384][ T9940] netlink: 12 bytes leftover after parsing attributes in process `syz.3.29274'. [ 1608.310587][ T9960] netlink: 'syz.0.29284': attribute type 4 has an invalid length. [ 1608.342070][ T9962] netlink: 12 bytes leftover after parsing attributes in process `syz.1.29285'. [ 1608.438837][ T9970] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1608.818058][ T9986] netlink: 12 bytes leftover after parsing attributes in process `syz.1.29296'. [ 1608.887633][ T9990] netlink: 20 bytes leftover after parsing attributes in process `syz.1.29298'. [ 1608.890957][ T9990] team0: entered promiscuous mode [ 1608.892705][ T9990] team_slave_0: entered promiscuous mode [ 1608.896030][ T9990] team_slave_1: entered promiscuous mode [ 1608.898094][ T9990] team0: entered allmulticast mode [ 1608.900268][ T9990] team_slave_0: entered allmulticast mode [ 1608.902323][ T9990] team_slave_1: entered allmulticast mode [ 1609.060972][ T9999] tmpfs: Bad value for 'mpol' [ 1609.732436][T10044] netlink: 48 bytes leftover after parsing attributes in process `syz.2.29322'. [ 1609.964672][T10048] overlayfs: missing 'lowerdir' [ 1610.150093][T10052] netlink: 8 bytes leftover after parsing attributes in process `syz.2.29327'. [ 1610.153644][T10052] netlink: 8 bytes leftover after parsing attributes in process `syz.2.29327'. [ 1611.505240][T10108] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=10108 comm=syz.3.29354 [ 1612.580602][ T1419] ieee802154 phy0 wpan0: encryption failed: -22 [ 1612.583294][ T1419] ieee802154 phy1 wpan1: encryption failed: -22 [ 1612.726443][T10102] syz.1.29351: vmalloc error: size 35651584, failed to allocated page array size 69632, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 1612.733837][T10102] CPU: 3 UID: 0 PID: 10102 Comm: syz.1.29351 Not tainted syzkaller #0 PREEMPT(full) [ 1612.733853][T10102] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1612.733861][T10102] Call Trace: [ 1612.733865][T10102] [ 1612.733870][T10102] dump_stack_lvl+0x16c/0x1f0 [ 1612.733885][T10102] warn_alloc+0x248/0x3a0 [ 1612.733905][T10102] ? __pfx_warn_alloc+0x10/0x10 [ 1612.733928][T10102] ? hash_netport4_resize+0x1d8/0x1c50 [ 1612.733942][T10102] ? __vmalloc_node_noprof+0xad/0xf0 [ 1612.733959][T10102] __vmalloc_node_range_noprof+0xfe2/0x1480 [ 1612.733978][T10102] ? hash_netport4_resize+0x1d8/0x1c50 [ 1612.733995][T10102] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1612.734012][T10102] ? ___kmalloc_large_node+0xed/0x160 [ 1612.734029][T10102] __kvmalloc_node_noprof+0x431/0x9c0 [ 1612.734041][T10102] ? hash_netport4_resize+0x1d8/0x1c50 [ 1612.734054][T10102] ? trace_kmalloc+0x2b/0xd0 [ 1612.734066][T10102] ? __kmalloc_noprof+0x34f/0x880 [ 1612.734081][T10102] ? hash_netport4_resize+0x1d8/0x1c50 [ 1612.734097][T10102] ? hash_netport4_resize+0x1d8/0x1c50 [ 1612.734110][T10102] hash_netport4_resize+0x1d8/0x1c50 [ 1612.734123][T10102] ? __pfx_hash_netport4_add+0x10/0x10 [ 1612.734137][T10102] ? __pfx_hash_netport4_uadt+0x10/0x10 [ 1612.734148][T10102] ? __pfx___mutex_lock+0x10/0x10 [ 1612.734166][T10102] ? __pfx_hash_netport4_resize+0x10/0x10 [ 1612.734182][T10102] call_ad.constprop.0+0x36d/0x940 [ 1612.734196][T10102] ? __pfx_hash_netport4_resize+0x10/0x10 [ 1612.734211][T10102] ? __pfx_call_ad.constprop.0+0x10/0x10 [ 1612.734224][T10102] ? __pfx___nla_validate_parse+0x10/0x10 [ 1612.734248][T10102] ? __nla_parse+0x40/0x60 [ 1612.734265][T10102] ip_set_ad.constprop.0.isra.0+0x3ce/0x870 [ 1612.734283][T10102] ? __pfx_ip_set_ad.constprop.0.isra.0+0x10/0x10 [ 1612.734312][T10102] ? exit_tasks_rcu_finish+0x110/0x440 [ 1612.734343][T10102] ? find_held_lock+0x2b/0x80 [ 1612.734362][T10102] nfnetlink_rcv_msg+0x9fc/0x1200 [ 1612.734381][T10102] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 1612.734396][T10102] ? __lock_acquire+0x622/0x1c90 [ 1612.734419][T10102] ? avc_has_perm_noaudit+0x149/0x3b0 [ 1612.734440][T10102] netlink_rcv_skb+0x158/0x420 [ 1612.734458][T10102] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 1612.734472][T10102] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1612.734496][T10102] ? ns_capable+0xd7/0x110 [ 1612.734511][T10102] nfnetlink_rcv+0x1b3/0x430 [ 1612.734524][T10102] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 1612.734536][T10102] ? netlink_deliver_tap+0x1ae/0xd30 [ 1612.734555][T10102] netlink_unicast+0x5aa/0x870 [ 1612.734604][T10102] ? __pfx_netlink_unicast+0x10/0x10 [ 1612.734627][T10102] netlink_sendmsg+0x8c8/0xdd0 [ 1612.734647][T10102] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1612.734669][T10102] ____sys_sendmsg+0xa98/0xc70 [ 1612.734682][T10102] ? copy_msghdr_from_user+0x10a/0x160 [ 1612.734698][T10102] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1612.734712][T10102] ? __pfx_futex_wake_mark+0x10/0x10 [ 1612.734729][T10102] ___sys_sendmsg+0x134/0x1d0 [ 1612.734745][T10102] ? __pfx____sys_sendmsg+0x10/0x10 [ 1612.734759][T10102] ? __lock_acquire+0x622/0x1c90 [ 1612.734792][T10102] __sys_sendmsg+0x16d/0x220 [ 1612.734808][T10102] ? __pfx___sys_sendmsg+0x10/0x10 [ 1612.734827][T10102] ? __x64_sys_futex+0x1e0/0x4c0 [ 1612.734855][T10102] do_syscall_64+0xcd/0xfa0 [ 1612.734874][T10102] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1612.734894][T10102] RIP: 0033:0x7f717d38f6c9 [ 1612.734909][T10102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1612.734926][T10102] RSP: 002b:00007f717e25e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1612.734942][T10102] RAX: ffffffffffffffda RBX: 00007f717d5e5fa0 RCX: 00007f717d38f6c9 [ 1612.734952][T10102] RDX: 0000000000000080 RSI: 00002000000002c0 RDI: 0000000000000004 [ 1612.734961][T10102] RBP: 00007f717d411f91 R08: 0000000000000000 R09: 0000000000000000 [ 1612.734970][T10102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1612.734979][T10102] R13: 00007f717d5e6038 R14: 00007f717d5e5fa0 R15: 00007fff04a15a98 [ 1612.735000][T10102] [ 1612.735021][T10102] Mem-Info: [ 1612.888597][T10102] active_anon:29933 inactive_anon:6 isolated_anon:0 [ 1612.888597][T10102] active_file:22545 inactive_file:638 isolated_file:0 [ 1612.888597][T10102] unevictable:1768 dirty:145 writeback:0 [ 1612.888597][T10102] slab_reclaimable:22011 slab_unreclaimable:372297 [ 1612.888597][T10102] mapped:23015 shmem:28975 pagetables:1219 [ 1612.888597][T10102] sec_pagetables:343 bounce:0 [ 1612.888597][T10102] kernel_misc_reclaimable:0 [ 1612.888597][T10102] free:83384 free_pcp:41068 free_cma:0 [ 1612.905447][T10102] Node 0 active_anon:320kB inactive_anon:0kB active_file:164kB inactive_file:0kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:12kB dirty:12kB writeback:0kB shmem:2688kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:25296kB pagetables:2952kB sec_pagetables:1304kB all_unreclaimable? yes Balloon:0kB [ 1612.917789][T10102] Node 1 active_anon:114576kB inactive_anon:24kB active_file:90016kB inactive_file:2552kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:92048kB dirty:568kB writeback:0kB shmem:108252kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:14992kB pagetables:1924kB sec_pagetables:68kB all_unreclaimable? no Balloon:0kB [ 1612.930536][T10102] Node 0 DMA free:5380kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:268kB local_pcp:96kB free_cma:0kB [ 1612.943370][T10102] lowmem_reserve[]: 0 1239 1239 1239 1239 [ 1612.945680][T10102] Node 0 DMA32 free:38100kB boost:4096kB min:31676kB low:38568kB high:45460kB reserved_highatomic:0KB free_highatomic:0KB active_anon:316kB inactive_anon:0kB active_file:164kB inactive_file:0kB unevictable:3536kB writepending:12kB zspages:0kB present:2080628kB managed:1269476kB mlocked:0kB bounce:0kB free_pcp:33276kB local_pcp:8272kB free_cma:0kB [ 1612.956597][T10102] lowmem_reserve[]: 0 0 0 0 0 [ 1612.958192][T10102] Node 1 Normal free:291476kB boost:0kB min:39660kB low:49572kB high:59484kB reserved_highatomic:0KB free_highatomic:0KB active_anon:105400kB inactive_anon:24kB active_file:90016kB inactive_file:2552kB unevictable:3536kB writepending:568kB zspages:5304kB present:2097152kB managed:1781892kB mlocked:0kB bounce:0kB free_pcp:144280kB local_pcp:48724kB free_cma:0kB [ 1612.969266][T10102] lowmem_reserve[]: 0 0 0 0 0 [ 1612.970966][T10102] Node 0 DMA: 21*4kB (UM) 2*8kB (UM) 2*16kB (UM) 6*32kB (M) 1*64kB (U) 1*128kB (M) 3*256kB (UM) 2*512kB (M) 3*1024kB (UM) 0*2048kB 0*4096kB = 5380kB [ 1612.976181][T10102] Node 0 DMA32: 1961*4kB (UME) 1252*8kB (UME) 57*16kB (UME) 128*32kB (UME) 60*64kB (UM) 13*128kB (ME) 14*256kB (UM) 6*512kB (UME) 3*1024kB (UM) 0*2048kB 0*4096kB = 38100kB [ 1612.981935][T10102] Node 1 Normal: 476*4kB (UME) 85*8kB (UME) 37*16kB (UME) 158*32kB (UME) 246*64kB (UME) 167*128kB (UM) 92*256kB (UM) 35*512kB (UM) 22*1024kB (UME) 7*2048kB (UME) 41*4096kB (M) = 291624kB [ 1612.988252][T10102] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1612.992088][T10102] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 1612.996206][T10102] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1613.000250][T10102] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 1613.004413][T10102] 46177 total pagecache pages [ 1613.006501][T10102] 1037 pages in swap cache [ 1613.008484][T10102] Free swap = 105584kB [ 1613.010315][T10102] Total swap = 124996kB [ 1613.012159][T10102] 1048443 pages RAM [ 1613.013945][T10102] 0 pages HighMem/MovableOnly [ 1613.016011][T10102] 281761 pages reserved [ 1613.017621][T10102] 0 pages cma reserved [ 1613.076832][T10156] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1613.273227][T10165] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=10165 comm=syz.2.29380 [ 1613.637377][T10190] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1613.707211][T10198] netlink: 20 bytes leftover after parsing attributes in process `syz.3.29396'. [ 1613.774141][ T40] audit: type=1400 audit(1763393875.818:822): avc: denied { ioctl } for pid=10205 comm="syz.0.29400" path="socket:[732888]" dev="sockfs" ino=732888 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 1613.902349][T10219] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1613.933041][ T40] audit: type=1400 audit(1763393875.978:823): avc: denied { sqpoll } for pid=10222 comm="syz.3.29408" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 1614.137629][T10249] netlink: 48 bytes leftover after parsing attributes in process `syz.2.29420'. [ 1614.420627][ T40] audit: type=1400 audit(1763393876.468:824): avc: denied { create } for pid=10287 comm="syz.2.29439" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 1614.711889][T10324] binder_alloc: 10323: binder_alloc_buf, no vma [ 1614.900612][T10340] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1615.415382][T10361] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1615.773064][T10385] netlink: 20 bytes leftover after parsing attributes in process `syz.0.29485'. [ 1615.976524][T10404] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1616.037325][T10410] netlink: 20 bytes leftover after parsing attributes in process `syz.3.29496'. [ 1616.242228][T10432] binder: BINDER_SET_CONTEXT_MGR already set [ 1616.245327][T10432] binder: 10431:10432 ioctl 4018620d 200000000040 returned -16 [ 1616.298805][T10438] netlink: 'syz.0.29509': attribute type 4 has an invalid length. [ 1616.396328][T10448] program syz.0.29515 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1616.464631][T10453] netlink: 20 bytes leftover after parsing attributes in process `syz.0.29517'. [ 1616.576124][T10458] netlink: 'syz.3.29520': attribute type 4 has an invalid length. [ 1616.986743][T10473] netlink: 20 bytes leftover after parsing attributes in process `syz.2.29526'. [ 1617.299038][T10487] netlink: 12 bytes leftover after parsing attributes in process `syz.1.29534'. [ 1617.469522][T10500] netlink: 48 bytes leftover after parsing attributes in process `syz.1.29540'. [ 1617.540468][T10506] netlink: 20 bytes leftover after parsing attributes in process `syz.1.29542'. [ 1617.652724][T10522] netlink: 48 bytes leftover after parsing attributes in process `syz.1.29550'. [ 1619.005943][ T1524] hid_parser_main: 8 callbacks suppressed [ 1619.005956][ T1524] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 1619.015398][ T1524] hid-generic 0000:0000:0000.000D: hidraw1: HID v0.00 Device [syz1] on syz0 [ 1619.340323][T10600] binder: BINDER_SET_CONTEXT_MGR already set [ 1619.342377][T10600] binder: 10598:10600 ioctl 4018620d 200000000040 returned -16 [ 1619.369895][T10602] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1619.631144][T10627] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1620.583111][T10675] __nla_validate_parse: 1 callbacks suppressed [ 1620.583122][T10675] netlink: 4 bytes leftover after parsing attributes in process `syz.1.29620'. [ 1620.592630][T10675] netlink: 12 bytes leftover after parsing attributes in process `syz.1.29620'. [ 1621.007551][ T3571] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1621.012111][ T3571] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1621.015373][ T3571] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1621.027700][ T3571] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1621.032097][ T3571] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1621.227787][T10735] chnl_net:caif_netlink_parms(): no params data found [ 1621.381660][T10735] bridge0: port 1(bridge_slave_0) entered blocking state [ 1621.385692][T10735] bridge0: port 1(bridge_slave_0) entered disabled state [ 1621.389338][T10735] bridge_slave_0: entered allmulticast mode [ 1621.394753][T10735] bridge_slave_0: entered promiscuous mode [ 1621.400988][T10735] bridge0: port 2(bridge_slave_1) entered blocking state [ 1621.405510][T10735] bridge0: port 2(bridge_slave_1) entered disabled state [ 1621.409273][T10735] bridge_slave_1: entered allmulticast mode [ 1621.414781][T10735] bridge_slave_1: entered promiscuous mode [ 1621.434999][T10770] overlayfs: failed to resolve './file0': -2 [ 1621.486015][T10735] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1621.496778][T10735] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1621.581219][T10735] team0: Port device team_slave_0 added [ 1621.593931][T10735] team0: Port device team_slave_1 added [ 1621.679587][T10735] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1621.682821][T10735] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1621.707167][T10735] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1621.715659][T10735] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1621.719068][T10735] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1621.731333][T10735] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1621.825314][T10735] hsr_slave_0: entered promiscuous mode [ 1621.829795][T10735] hsr_slave_1: entered promiscuous mode [ 1621.834099][T10735] debugfs: 'hsr0' already exists in 'hsr' [ 1621.836743][T10735] Cannot create hsr debugfs directory [ 1622.060759][ T40] audit: type=1800 audit(1763393884.108:825): pid=10782 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.2.29664" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 1622.205505][T10735] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1622.301388][T10735] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1622.425936][T10735] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1622.500290][T10735] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1622.625733][T10735] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1622.632040][T10735] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1622.645704][T10735] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1622.652224][T10735] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1622.766229][T10735] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1622.781490][T10735] 8021q: adding VLAN 0 to HW filter on device team0 [ 1622.792483][ T1144] bridge0: port 1(bridge_slave_0) entered blocking state [ 1622.795290][ T1144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1622.823727][ T1146] bridge0: port 2(bridge_slave_1) entered blocking state [ 1622.826247][ T1146] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1623.050343][T10735] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1623.109094][T10735] veth0_vlan: entered promiscuous mode [ 1623.118068][T10735] veth1_vlan: entered promiscuous mode [ 1623.123958][ T3571] Bluetooth: hci3: command tx timeout [ 1623.151216][T10735] veth0_macvtap: entered promiscuous mode [ 1623.161130][T10735] veth1_macvtap: entered promiscuous mode [ 1623.184068][T10735] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1623.199396][T10735] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1623.216615][ T1144] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1623.223321][ T1144] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1623.229273][ T1144] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1623.232261][ T1144] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1623.355170][T21781] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1623.357811][T21781] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1623.410135][ T1146] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1623.413107][ T1146] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1623.911012][T10856] tipc: Started in network mode [ 1623.912957][T10856] tipc: Node identity 4, cluster identity 4711 [ 1623.915441][T10856] tipc: Node number set to 4 [ 1624.752408][T10885] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2 [ 1625.203722][ T3571] Bluetooth: hci3: command tx timeout [ 1625.237838][ T40] audit: type=1400 audit(1763393887.288:826): avc: denied { read } for pid=10919 comm="syz.1.29726" name="usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 1625.256393][ T40] audit: type=1400 audit(1763393887.288:827): avc: denied { open } for pid=10919 comm="syz.1.29726" path="/dev/usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 1625.274871][ T40] audit: type=1400 audit(1763393887.308:828): avc: denied { ioctl } for pid=10919 comm="syz.1.29726" path="/dev/usbmon0" dev="devtmpfs" ino=737 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 1626.456437][T11029] netlink: 48 bytes leftover after parsing attributes in process `syz.1.29778'. [ 1626.558041][T11035] netlink: 'syz.0.29781': attribute type 4 has an invalid length. [ 1626.569839][T11035] netlink: 'syz.0.29781': attribute type 5 has an invalid length. [ 1626.572945][T11035] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.29781'. [ 1627.283889][ T3571] Bluetooth: hci3: command tx timeout [ 1627.464691][T11103] netlink: 152 bytes leftover after parsing attributes in process `syz.0.29813'. [ 1627.859554][T11131] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1628.107309][T11162] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1628.789286][T11186] netlink: 48 bytes leftover after parsing attributes in process `syz.1.29846'. [ 1628.939928][T11203] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1628.989365][T11209] netlink: 48 bytes leftover after parsing attributes in process `syz.1.29857'. [ 1629.244870][T11236] netlink: 48 bytes leftover after parsing attributes in process `syz.2.29870'. [ 1629.312174][T11244] netlink: 12 bytes leftover after parsing attributes in process `syz.3.29874'. [ 1629.363719][ T3571] Bluetooth: hci3: command tx timeout [ 1629.480876][T11262] netlink: 20 bytes leftover after parsing attributes in process `syz.2.29882'. [ 1629.524891][T11265] netlink: 48 bytes leftover after parsing attributes in process `syz.2.29884'. [ 1629.584651][T11270] netlink: 12 bytes leftover after parsing attributes in process `syz.1.29886'. [ 1632.045232][T11320] netlink: 20 bytes leftover after parsing attributes in process `syz.2.29909'. [ 1632.072323][T11324] netlink: 8 bytes leftover after parsing attributes in process `syz.3.29912'. [ 1632.375143][T11382] loop6: detected capacity change from 0 to 2560 [ 1632.375869][ T40] audit: type=1400 audit(1763393894.418:829): avc: denied { append } for pid=11381 comm="syz.2.29938" name="loop6" dev="devtmpfs" ino=664 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 1632.379918][T10636] Buffer I/O error on dev loop6, logical block 0, async page read [ 1632.388075][T10636] Buffer I/O error on dev loop6, logical block 0, async page read [ 1632.390784][T10636] Buffer I/O error on dev loop6, logical block 0, async page read [ 1632.393615][T10636] Buffer I/O error on dev loop6, logical block 0, async page read [ 1632.396320][T10636] Buffer I/O error on dev loop6, logical block 0, async page read [ 1632.398983][T10636] Buffer I/O error on dev loop6, logical block 0, async page read [ 1632.402336][T10636] Buffer I/O error on dev loop6, logical block 0, async page read [ 1632.410481][T10636] Buffer I/O error on dev loop6, logical block 0, async page read [ 1632.413330][T10636] ldm_validate_partition_table(): Disk read failed. [ 1632.415927][T10636] Buffer I/O error on dev loop6, logical block 0, async page read [ 1632.418609][T10636] Buffer I/O error on dev loop6, logical block 0, async page read [ 1632.421411][T10636] Dev loop6: unable to read RDB block 0 [ 1632.426799][T10636] loop6: unable to read partition table [ 1632.434602][T11382] ldm_validate_partition_table(): Disk read failed. [ 1632.437531][T11382] Dev loop6: unable to read RDB block 0 [ 1632.444842][T11390] IPVS: Scheduler module ip_vs_ not found [ 1632.445549][T11382] loop6: unable to read partition table [ 1632.465288][T11382] loop_reread_partitions: partition scan of loop6 (3Ÿ ¾‚³˜) failed (rc=-5) [ 1632.695654][ T40] audit: type=1326 audit(1763393894.748:830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz.3.29951" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf0718f6c9 code=0x7ffc0000 [ 1632.706267][ T40] audit: type=1326 audit(1763393894.748:831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz.3.29951" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf0718f6c9 code=0x7ffc0000 [ 1632.715585][ T40] audit: type=1326 audit(1763393894.748:832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz.3.29951" exe="/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7fbf0718f6c9 code=0x7ffc0000 [ 1632.729923][ T40] audit: type=1326 audit(1763393894.748:833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz.3.29951" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf0718f6c9 code=0x7ffc0000 [ 1632.738000][ T40] audit: type=1326 audit(1763393894.748:834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz.3.29951" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf0718f6c9 code=0x7ffc0000 [ 1632.746215][ T40] audit: type=1326 audit(1763393894.758:835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz.3.29951" exe="/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7fbf0718f6c9 code=0x7ffc0000 [ 1632.753923][ T40] audit: type=1326 audit(1763393894.768:836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz.3.29951" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf0718f6c9 code=0x7ffc0000 [ 1632.761249][ T40] audit: type=1326 audit(1763393894.768:837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz.3.29951" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf0718f6c9 code=0x7ffc0000 [ 1632.770572][ T40] audit: type=1326 audit(1763393894.768:838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz.3.29951" exe="/syz-executor" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7fbf0718f6c9 code=0x7ffc0000 [ 1633.046814][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 1633.093478][T28904] usb 8-1: new full-speed USB device number 24 using dummy_hcd [ 1633.248371][T28904] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1633.252610][T28904] usb 8-1: New USB device found, idVendor=172f, idProduct=0037, bcdDevice= 0.00 [ 1633.256439][T28904] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1633.266050][T28904] usb 8-1: config 0 descriptor?? [ 1633.474412][T28904] usbhid 8-1:0.0: can't add hid device: -71 [ 1633.476265][T28904] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 1633.490126][T28904] usb 8-1: USB disconnect, device number 24 [ 1633.631779][T11483] netlink: 8 bytes leftover after parsing attributes in process `syz.1.29978'. [ 1634.159975][T11535] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1634.258126][T11546] netlink: 48 bytes leftover after parsing attributes in process `syz.2.30008'. [ 1634.398580][T11560] binder: 11558:11560 ioctl 4018620d 0 returned -22 [ 1634.488246][T11568] netlink: 48 bytes leftover after parsing attributes in process `syz.2.30019'. [ 1634.574200][T11575] netlink: 8 bytes leftover after parsing attributes in process `syz.2.30022'. [ 1634.762660][T11589] netlink: 48 bytes leftover after parsing attributes in process `syz.2.30029'. [ 1634.856421][T11593] binder: BINDER_SET_CONTEXT_MGR already set [ 1634.860136][T11593] binder: 11592:11593 ioctl 4018620d 200000000040 returned -16 [ 1635.200051][T11620] netlink: 48 bytes leftover after parsing attributes in process `syz.2.30043'. [ 1635.399204][T11628] binder: 11627:11628 ioctl c0306201 0 returned -14 [ 1635.523764][T11634] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1635.569845][T11636] netlink: 48 bytes leftover after parsing attributes in process `syz.2.30052'. [ 1636.125340][T11673] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1636.815680][T11689] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1637.142937][T11715] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1637.599413][ T40] kauditd_printk_skb: 8 callbacks suppressed [ 1637.599424][ T40] audit: type=1400 audit(1763393899.945:847): avc: denied { bind } for pid=11727 comm="syz.3.30093" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 1637.613426][ T40] audit: type=1400 audit(1763393899.956:848): avc: denied { read } for pid=11727 comm="syz.3.30093" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 1637.993474][T11746] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1639.287106][T11795] netlink: 8 bytes leftover after parsing attributes in process `syz.3.30125'. [ 1639.389220][T11801] netlink: 156 bytes leftover after parsing attributes in process `syz.2.30127'. [ 1639.569668][ T40] audit: type=1400 audit(1763393902.059:849): avc: denied { listen } for pid=11816 comm="syz.2.30134" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 1639.905872][T11842] overlayfs: missing 'lowerdir' [ 1640.204406][T11860] netlink: 8 bytes leftover after parsing attributes in process `syz.0.30147'. [ 1640.273005][T21157] usb 6-1: new high-speed USB device number 37 using dummy_hcd [ 1640.430858][T21157] usb 6-1: Using ep0 maxpacket: 32 [ 1640.433904][T21157] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 1640.436406][T21157] usb 6-1: config 0 has no interface number 0 [ 1640.438383][T21157] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1640.448376][T21157] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1640.454607][T21157] usb 6-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00 [ 1640.457508][T21157] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1640.477096][T21157] usb 6-1: config 0 descriptor?? [ 1640.548027][ T40] audit: type=1400 audit(1763393903.110:850): avc: denied { create } for pid=11890 comm="syz.0.30169" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 1640.556117][ T40] audit: type=1400 audit(1763393903.121:851): avc: denied { write } for pid=11890 comm="syz.0.30169" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 1640.594177][T11893] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1640.604972][T11895] netlink: 8 bytes leftover after parsing attributes in process `syz.3.30171'. [ 1640.785868][T11913] macvtap0: entered promiscuous mode [ 1640.790664][T11913] macvtap0: left promiscuous mode [ 1640.844979][T11918] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1640.876742][T11920] netlink: 48 bytes leftover after parsing attributes in process `syz.3.30182'. [ 1641.048391][T21157] input: HID 28bd:0094 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.1/0003:28BD:0094.000E/input/input18 [ 1641.137383][T21157] uclogic 0003:28BD:0094.000E: input,hidraw1: USB HID v0.00 Device [HID 28bd:0094] on usb-dummy_hcd.1-1/input1 [ 1641.194147][T11957] overlayfs: missing 'lowerdir' [ 1641.246634][T21157] usb 6-1: USB disconnect, device number 37 [ 1641.268453][T11963] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1641.376730][ T40] audit: type=1400 audit(1763393904.001:852): avc: denied { bind } for pid=11978 comm="syz.0.30209" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 1641.384779][ T40] audit: type=1400 audit(1763393904.001:853): avc: denied { name_bind } for pid=11978 comm="syz.0.30209" src=256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1 [ 1641.397578][ T40] audit: type=1400 audit(1763393904.001:854): avc: denied { node_bind } for pid=11978 comm="syz.0.30209" saddr=224.0.0.1 src=256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 1641.408522][T11983] netlink: 48 bytes leftover after parsing attributes in process `syz.3.30211'. [ 1641.601417][T12011] netlink: 48 bytes leftover after parsing attributes in process `syz.3.30223'. [ 1641.619580][T12013] netlink: 8 bytes leftover after parsing attributes in process `syz.2.30224'. [ 1641.798132][T12037] netlink: 48 bytes leftover after parsing attributes in process `syz.1.30233'. [ 1641.835009][T12039] netlink: 8 bytes leftover after parsing attributes in process `syz.1.30235'. [ 1642.005811][T12057] macvtap0: entered promiscuous mode [ 1642.020867][T12057] macvtap0: left promiscuous mode [ 1642.565617][ T6898] usb 6-1: new full-speed USB device number 38 using dummy_hcd [ 1642.714194][ T6898] usb 6-1: config index 0 descriptor too short (expected 35577, got 27) [ 1642.716982][ T6898] usb 6-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 1642.719819][ T6898] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 1642.722757][ T6898] usb 6-1: config 1 has no interface number 0 [ 1642.728440][ T6898] usb 6-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 1642.731899][ T6898] usb 6-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 1642.738208][ T6898] usb 6-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 1642.741185][ T6898] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1642.754891][ T6898] snd_usb_pod 6-1:1.1: Line 6 Pocket POD found [ 1643.112159][T12101] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1643.273945][ T6898] snd_usb_pod 6-1:1.1: Line 6 Pocket POD now attached [ 1643.448588][T12106] netlink: 'syz.0.30265': attribute type 3 has an invalid length. [ 1643.478414][ T5996] usb 6-1: USB disconnect, device number 38 [ 1643.482026][ T5996] snd_usb_pod 6-1:1.1: Line 6 Pocket POD now disconnected [ 1643.572470][T12112] evm: overlay not supported [ 1643.662742][T12116] overlayfs: missing 'lowerdir' [ 1643.881404][ T40] audit: type=1400 audit(1763393906.694:855): avc: denied { ioctl } for pid=12124 comm="syz.0.30275" path="/dev/ptyq4" dev="devtmpfs" ino=131 ioctlcmd=0x5420 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 1644.070581][T12145] binder: BINDER_SET_CONTEXT_MGR already set [ 1644.072622][T12145] binder: 12144:12145 ioctl 4018620d 200000000040 returned -16 [ 1644.161544][ T40] audit: type=1400 audit(1763393906.983:856): avc: denied { setattr } for pid=12149 comm="syz.1.30286" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 1644.382705][T21157] usb 7-1: new full-speed USB device number 20 using dummy_hcd [ 1644.524445][T21157] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 1644.528017][T21157] usb 7-1: New USB device found, idVendor=056a, idProduct=032f, bcdDevice= 0.00 [ 1644.530958][T21157] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1644.536691][T21157] usb 7-1: config 0 descriptor?? [ 1644.538973][T12155] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1644.732968][T21157] usbhid 7-1:0.0: can't add hid device: -71 [ 1644.736859][T21157] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 1644.743015][T21157] usb 7-1: USB disconnect, device number 20 [ 1645.055444][ T40] audit: type=1400 audit(1763393907.949:857): avc: denied { ioctl } for pid=12191 comm="syz.0.30307" path="socket:[745988]" dev="sockfs" ino=745988 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 1645.254719][T12206] overlayfs: missing 'lowerdir' [ 1645.346540][T12217] macvtap0: entered promiscuous mode [ 1645.352133][T12217] macvtap0: left promiscuous mode [ 1645.443121][T12234] overlayfs: missing 'lowerdir' [ 1645.467920][ T40] audit: type=1400 audit(1763393908.389:858): avc: denied { getopt } for pid=12237 comm="syz.2.30330" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 1645.507106][T12247] __nla_validate_parse: 1 callbacks suppressed [ 1645.507123][T12247] netlink: 4 bytes leftover after parsing attributes in process `syz.2.30332'. [ 1645.638441][T12267] macvtap0: entered promiscuous mode [ 1645.643835][T12267] macvtap0: left promiscuous mode [ 1645.853510][T12288] netlink: 8 bytes leftover after parsing attributes in process `syz.2.30352'. [ 1646.301366][T22105] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1646.307464][T22105] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1646.312362][T22105] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1646.316299][T22105] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1646.319408][T22105] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1646.350733][T12322] macvtap0: entered promiscuous mode [ 1646.354623][T12322] macvtap0: left promiscuous mode [ 1646.454461][ T40] audit: type=1400 audit(1763393909.451:859): avc: denied { module_request } for pid=12317 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 1646.465838][T12326] overlayfs: overlapping lowerdir path [ 1646.504202][T12317] chnl_net:caif_netlink_parms(): no params data found [ 1646.604778][T12338] netlink: 48 bytes leftover after parsing attributes in process `syz.0.30372'. [ 1646.651384][T12342] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1646.654553][T12317] bridge0: port 1(bridge_slave_0) entered blocking state [ 1646.661447][T12317] bridge0: port 1(bridge_slave_0) entered disabled state [ 1646.664500][T12317] bridge_slave_0: entered allmulticast mode [ 1646.674088][T12317] bridge_slave_0: entered promiscuous mode [ 1646.679930][T12317] bridge0: port 2(bridge_slave_1) entered blocking state [ 1646.682423][T12317] bridge0: port 2(bridge_slave_1) entered disabled state [ 1646.685722][T12317] bridge_slave_1: entered allmulticast mode [ 1646.693339][T12317] bridge_slave_1: entered promiscuous mode [ 1646.756568][T12317] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1646.768483][T12317] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1646.796599][T12359] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1646.808591][T12361] netlink: 48 bytes leftover after parsing attributes in process `syz.3.30383'. [ 1646.838403][T12317] team0: Port device team_slave_0 added [ 1646.845605][T12317] team0: Port device team_slave_1 added [ 1646.902275][T12317] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1646.903989][ T40] audit: type=1400 audit(1763393909.934:860): avc: denied { map } for pid=12366 comm="syz.3.30386" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=758 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 1646.905080][T12317] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1646.905105][T12317] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1646.907793][T12317] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1646.934099][T12317] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1646.965688][T12317] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1646.982925][T12373] macvtap0: entered promiscuous mode [ 1646.987104][T12373] macvtap0: left promiscuous mode [ 1647.069545][T12317] hsr_slave_0: entered promiscuous mode [ 1647.079135][T12317] hsr_slave_1: entered promiscuous mode [ 1647.083147][T12317] debugfs: 'hsr0' already exists in 'hsr' [ 1647.086007][T12317] Cannot create hsr debugfs directory [ 1647.097450][T12378] 9pnet_fd: Insufficient options for proto=fd [ 1647.131015][T12380] overlayfs: overlapping lowerdir path [ 1647.295076][T12396] macvtap0: entered promiscuous mode [ 1647.299658][T12396] macvtap0: left promiscuous mode [ 1647.335926][ T40] audit: type=1400 audit(1763393910.395:861): avc: denied { ioctl } for pid=12400 comm="syz.0.30401" path="socket:[746360]" dev="sockfs" ino=746360 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 1647.674547][T12317] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1647.680545][T12317] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1647.692704][T12317] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1647.707975][T12317] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1647.850765][T12317] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1647.868123][T12317] 8021q: adding VLAN 0 to HW filter on device team0 [ 1647.876480][ T1146] bridge0: port 1(bridge_slave_0) entered blocking state [ 1647.878907][ T1146] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1647.887278][T24972] usb 6-1: new full-speed USB device number 39 using dummy_hcd [ 1647.890205][ T1144] bridge0: port 2(bridge_slave_1) entered blocking state [ 1647.893006][ T1144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1647.989282][T22524] usb 8-1: new high-speed USB device number 25 using dummy_hcd [ 1648.028304][T24972] usb 6-1: config index 0 descriptor too short (expected 35577, got 27) [ 1648.030818][T24972] usb 6-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 1648.033419][T24972] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 1648.036040][T24972] usb 6-1: config 1 has no interface number 0 [ 1648.038063][T24972] usb 6-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 1648.041189][T24972] usb 6-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 1648.044940][T24972] usb 6-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 1648.047845][T24972] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1648.056168][T24972] snd_usb_pod 6-1:1.1: Line 6 Pocket POD found [ 1648.074561][T12317] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1648.121049][T12317] veth0_vlan: entered promiscuous mode [ 1648.128554][T12317] veth1_vlan: entered promiscuous mode [ 1648.130317][T22524] usb 8-1: Using ep0 maxpacket: 16 [ 1648.134759][T22524] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1648.139946][T22524] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1648.149533][T22524] usb 8-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00 [ 1648.150856][T12317] veth0_macvtap: entered promiscuous mode [ 1648.152589][T22524] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1648.158478][T12317] veth1_macvtap: entered promiscuous mode [ 1648.160498][T22524] usb 8-1: config 0 descriptor?? [ 1648.172614][T12317] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1648.185684][T12317] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1648.199963][ T62] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1648.204945][ T62] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1648.208800][ T62] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1648.213048][T22105] Bluetooth: hci0: command tx timeout [ 1648.217664][ T62] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1648.249246][T24972] snd_usb_pod 6-1:1.1: Line 6 Pocket POD now attached [ 1648.290309][ T1146] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1648.293012][ T1146] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1648.349164][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1648.352938][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1648.437445][T24972] usb 6-1: USB disconnect, device number 39 [ 1648.440110][T24972] snd_usb_pod 6-1:1.1: Line 6 Pocket POD now disconnected [ 1648.519715][T12479] netlink: 8 bytes leftover after parsing attributes in process `syz.2.30432'. [ 1648.552695][T22524] hid-multitouch 0003:1FD2:6007.000F: hidraw1: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.3-1/input0 [ 1648.740920][ T29] usb 8-1: USB disconnect, device number 25 [ 1648.949485][ T40] audit: type=1326 audit(1763393912.133:862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12484 comm="syz.1.30434" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f717d38f6c9 code=0x7ffc0000 [ 1648.957787][ T40] audit: type=1326 audit(1763393912.133:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12484 comm="syz.1.30434" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f717d38f6c9 code=0x7ffc0000 [ 1648.966152][ T40] audit: type=1326 audit(1763393912.133:864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12484 comm="syz.1.30434" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f717d38f6c9 code=0x7ffc0000 [ 1648.978705][ T40] audit: type=1326 audit(1763393912.133:865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12484 comm="syz.1.30434" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f717d38f6c9 code=0x7ffc0000 [ 1648.988656][ T40] audit: type=1326 audit(1763393912.133:866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12484 comm="syz.1.30434" exe="/syz-executor" sig=0 arch=c000003e syscall=327 compat=0 ip=0x7f717d38f6c9 code=0x7ffc0000 [ 1648.997995][ T40] audit: type=1326 audit(1763393912.133:867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12484 comm="syz.1.30434" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f717d38f6c9 code=0x7ffc0000 [ 1649.007197][ T40] audit: type=1326 audit(1763393912.133:869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12484 comm="syz.1.30434" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f717d38f6c9 code=0x7ffc0000 [ 1649.014009][ T40] audit: type=1326 audit(1763393912.133:868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12484 comm="syz.1.30434" exe="/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f717d38f6c9 code=0x7ffc0000 [ 1649.021307][ T40] audit: type=1326 audit(1763393912.133:870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12484 comm="syz.1.30434" exe="/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f717d38f6c9 code=0x7ffc0000 [ 1649.251354][T12497] overlayfs: overlapping lowerdir path [ 1649.806785][T29944] usb 5-1: new full-speed USB device number 43 using dummy_hcd [ 1649.976621][T29944] usb 5-1: config index 0 descriptor too short (expected 35577, got 27) [ 1649.981549][T29944] usb 5-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 1649.986885][T29944] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 1649.990488][T29944] usb 5-1: config 1 has no interface number 0 [ 1649.993019][T29944] usb 5-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 1649.998081][T29944] usb 5-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 1650.011424][T29944] usb 5-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 1650.016309][T29944] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1650.033151][T29944] snd_usb_pod 5-1:1.1: Line 6 Pocket POD found [ 1650.152858][T22105] Bluetooth: hci0: command tx timeout [ 1650.216149][T29944] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now attached [ 1650.341639][T12530] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1650.390416][T12537] overlayfs: overlapping lowerdir path [ 1650.397892][T12538] overlayfs: missing 'lowerdir' [ 1650.404319][T24972] usb 5-1: USB disconnect, device number 43 [ 1650.411388][ T40] audit: type=1400 audit(1763393913.689:871): avc: denied { read append } for pid=12539 comm="syz.1.30461" name="nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 1650.420004][T24972] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now disconnected [ 1650.684728][T12566] overlayfs: overlapping lowerdir path [ 1650.719355][T12569] overlayfs: missing 'lowerdir' [ 1651.449923][T12590] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1652.100934][T22105] Bluetooth: hci0: command tx timeout [ 1652.277456][T12619] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1652.281295][T12619] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 1652.286273][T12619] overlayfs: missing 'lowerdir' [ 1652.625204][ T54] usb 7-1: new full-speed USB device number 21 using dummy_hcd [ 1652.781593][ T54] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 1652.786668][ T54] usb 7-1: New USB device found, idVendor=056a, idProduct=032f, bcdDevice= 0.00 [ 1652.791465][ T54] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1652.798527][ T54] usb 7-1: config 0 descriptor?? [ 1652.806212][T12631] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1653.018526][ T54] usbhid 7-1:0.0: can't add hid device: -71 [ 1653.021564][ T54] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 1653.036064][ T54] usb 7-1: USB disconnect, device number 21 [ 1653.330772][T12673] netlink: 8 bytes leftover after parsing attributes in process `syz.1.30524'. [ 1653.580028][T12695] warning: `syz.2.30535' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 1653.701147][T12709] overlayfs: missing 'lowerdir' [ 1653.803712][T12715] overlayfs: missing 'workdir' [ 1653.853901][T12717] netlink: 52 bytes leftover after parsing attributes in process `syz.2.30546'. [ 1653.891956][T12719] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1654.029151][T22105] Bluetooth: hci0: command tx timeout [ 1654.441485][ T40] kauditd_printk_skb: 3 callbacks suppressed [ 1654.441498][ T40] audit: type=1400 audit(1763393918.024:875): avc: denied { mounton } for pid=12736 comm="syz.1.30558" path="/371/file0" dev="overlay" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 1654.548794][T12752] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1654.554007][T12752] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1654.631715][T12744] kvm: pic: non byte write [ 1654.637467][T12744] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4294967295 (34359738360 ns) > initial count (3800 ns). Using initial count to start timer. [ 1654.682463][T12765] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1654.749708][T12774] netlink: 8 bytes leftover after parsing attributes in process `syz.2.30574'. [ 1654.987219][T12799] netlink: 8 bytes leftover after parsing attributes in process `syz.0.30586'. [ 1655.060389][T12807] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1655.269105][ T54] usb 7-1: new full-speed USB device number 22 using dummy_hcd [ 1655.411921][ T54] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 1655.415467][ T54] usb 7-1: New USB device found, idVendor=056a, idProduct=032f, bcdDevice= 0.00 [ 1655.418734][ T54] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1655.428739][ T54] usb 7-1: config 0 descriptor?? [ 1655.431129][T12803] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1655.626232][ T54] usbhid 7-1:0.0: can't add hid device: -71 [ 1655.628259][ T54] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 1655.639626][ T54] usb 7-1: USB disconnect, device number 22 [ 1655.733136][T12832] binder: Unknown parameter 'con' [ 1655.966583][T12848] IPVS: persistence engine module ip_vs_pe_* not found [ 1656.185440][T12861] netlink: 8 bytes leftover after parsing attributes in process `syz.1.30616'. [ 1656.342048][T12867] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1656.850811][T12891] overlayfs: missing 'lowerdir' [ 1656.928960][T12894] overlayfs: overlapping lowerdir path [ 1656.934514][T12894] overlayfs: overlapping lowerdir path [ 1657.158777][T12916] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1657.285197][T12937] overlayfs: overlapping lowerdir path [ 1657.332113][T12942] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1657.712100][T12963] overlayfs: overlapping lowerdir path [ 1658.607078][T13009] macvtap0: entered promiscuous mode [ 1658.611064][T13009] macvtap0: left promiscuous mode [ 1659.025477][T13037] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1659.691028][T13062] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1659.750700][ T40] audit: type=1400 audit(1763393923.710:876): avc: denied { connect } for pid=13067 comm="syz.2.30713" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 1659.943980][T13079] overlayfs: missing 'lowerdir' [ 1660.119246][T13104] overlayfs: missing 'lowerdir' [ 1660.269089][T13127] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1660.298869][T13129] overlayfs: missing 'lowerdir' [ 1660.842183][T13175] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1661.763713][T13249] macvtap0: entered promiscuous mode [ 1661.768290][T13249] macvtap0: left promiscuous mode [ 1661.907411][T13264] overlayfs: overlapping lowerdir path [ 1662.039834][T13284] macvtap0: entered promiscuous mode [ 1662.044069][T13284] macvtap0: left promiscuous mode [ 1662.130685][T13297] overlayfs: missing 'lowerdir' [ 1662.277785][T23628] usb 8-1: new full-speed USB device number 26 using dummy_hcd [ 1662.301787][T13322] overlayfs: missing 'lowerdir' [ 1662.428481][T23628] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 1662.432482][T23628] usb 8-1: New USB device found, idVendor=056a, idProduct=032f, bcdDevice= 0.00 [ 1662.435472][T23628] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1662.444072][T23628] usb 8-1: config 0 descriptor?? [ 1662.446577][T13288] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1662.457852][T13344] overlayfs: missing 'lowerdir' [ 1662.457915][T13346] macvtap0: entered promiscuous mode [ 1662.465049][T13346] macvtap0: left promiscuous mode [ 1662.640161][T23628] usbhid 8-1:0.0: can't add hid device: -71 [ 1662.642362][T23628] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 1662.654421][T23628] usb 8-1: USB disconnect, device number 26 [ 1662.694533][T13373] overlayfs: failed to resolve './file1/file0': -2 [ 1662.942662][T13396] syzkaller0: entered promiscuous mode [ 1662.944715][T13396] syzkaller0: entered allmulticast mode [ 1663.317010][ T3571] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1663.320667][ T3571] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1663.324728][ T3571] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1663.328060][ T3571] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1663.338875][ T3571] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1663.494067][T13407] chnl_net:caif_netlink_parms(): no params data found [ 1663.593843][T13407] bridge0: port 1(bridge_slave_0) entered blocking state [ 1663.596278][T13407] bridge0: port 1(bridge_slave_0) entered disabled state [ 1663.599144][T13407] bridge_slave_0: entered allmulticast mode [ 1663.604845][T13407] bridge_slave_0: entered promiscuous mode [ 1663.609061][T13407] bridge0: port 2(bridge_slave_1) entered blocking state [ 1663.612507][T13407] bridge0: port 2(bridge_slave_1) entered disabled state [ 1663.615423][T13407] bridge_slave_1: entered allmulticast mode [ 1663.618982][T13407] bridge_slave_1: entered promiscuous mode [ 1663.660153][T13407] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1663.672583][T13407] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1663.711696][T13407] team0: Port device team_slave_0 added [ 1663.717196][T13407] team0: Port device team_slave_1 added [ 1663.757045][T13407] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1663.759373][T13407] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1663.768141][T13407] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1663.773947][T13407] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1663.776277][T13407] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1663.786499][T13407] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1663.841244][T13427] macvtap0: entered promiscuous mode [ 1663.846350][T13427] macvtap0: left promiscuous mode [ 1663.862250][T13407] hsr_slave_0: entered promiscuous mode [ 1663.867467][T13407] hsr_slave_1: entered promiscuous mode [ 1663.870861][T13407] debugfs: 'hsr0' already exists in 'hsr' [ 1663.873408][T13407] Cannot create hsr debugfs directory [ 1663.944137][T13435] overlayfs: failed to resolve './file1': -2 [ 1664.053626][T13407] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1664.159555][T13407] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1664.258510][T13452] netlink: 12 bytes leftover after parsing attributes in process `syz.2.30885'. [ 1664.318255][T13407] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1664.440935][T13407] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1664.568655][T13407] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1664.575402][T13407] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1664.583030][T13407] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1664.592885][T13407] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1664.699733][T13407] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1664.717837][T13407] 8021q: adding VLAN 0 to HW filter on device team0 [ 1664.727289][T21781] bridge0: port 1(bridge_slave_0) entered blocking state [ 1664.729805][T21781] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1664.741965][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 1664.744432][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1664.943015][T13407] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1664.996411][T13407] veth0_vlan: entered promiscuous mode [ 1665.003961][T13407] veth1_vlan: entered promiscuous mode [ 1665.025663][T13407] veth0_macvtap: entered promiscuous mode [ 1665.032185][T13407] veth1_macvtap: entered promiscuous mode [ 1665.044818][T13407] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1665.053903][T13407] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1665.063128][ T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1665.067711][ T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1665.076676][ T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1665.079857][ T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1665.163220][ T1145] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1665.166096][ T1145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1665.229679][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1665.232388][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1665.298721][T22105] Bluetooth: hci2: command tx timeout [ 1665.547600][T13536] overlayfs: missing 'lowerdir' [ 1665.617736][T13541] overlayfs: failed to resolve './file0': -2 [ 1665.635819][ T40] audit: type=1400 audit(1763393930.029:877): avc: denied { connect } for pid=13543 comm="syz.0.30914" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 1665.643186][ T40] audit: type=1400 audit(1763393930.029:878): avc: denied { ioctl } for pid=13543 comm="syz.0.30914" path="socket:[754388]" dev="sockfs" ino=754388 ioctlcmd=0x89ed scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 1665.666288][T13546] macvtap0: entered promiscuous mode [ 1665.672537][T13546] macvtap0: left promiscuous mode [ 1665.874127][T13572] overlayfs: failed to resolve './file0': -2 [ 1665.964012][T13579] macvtap0: entered promiscuous mode [ 1665.969988][T13579] macvtap0: left promiscuous mode [ 1666.008198][T13583] syzkaller0: entered promiscuous mode [ 1666.010327][T13583] syzkaller0: entered allmulticast mode [ 1666.115343][ T40] audit: type=1400 audit(1763393930.544:879): avc: denied { ioctl } for pid=13588 comm="syz.1.30935" path="/dev/nullb0" dev="devtmpfs" ino=707 ioctlcmd=0x1282 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 1666.158100][T13594] overlayfs: failed to resolve './file0': -2 [ 1666.364742][T13609] macvtap0: entered promiscuous mode [ 1666.368896][T13609] macvtap0: left promiscuous mode [ 1666.498878][T13618] syzkaller0: entered promiscuous mode [ 1666.500917][T13618] syzkaller0: entered allmulticast mode [ 1666.633045][T13622] overlayfs: failed to resolve './file0': -2 [ 1666.640719][T30910] usb 5-1: new full-speed USB device number 44 using dummy_hcd [ 1666.799717][T30910] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 1666.803457][T30910] usb 5-1: New USB device found, idVendor=056a, idProduct=032f, bcdDevice= 0.00 [ 1666.807339][T30910] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1666.823906][T30910] usb 5-1: config 0 descriptor?? [ 1666.826485][T13614] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1667.025351][T30910] usbhid 5-1:0.0: can't add hid device: -71 [ 1667.029414][T30910] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 1667.040617][T30910] usb 5-1: USB disconnect, device number 44 [ 1667.082436][T13637] syzkaller0: entered promiscuous mode [ 1667.084412][T13637] syzkaller0: entered allmulticast mode [ 1667.106858][T13639] overlayfs: failed to resolve './file0': -2 [ 1667.163238][T13641] overlayfs: overlapping lowerdir path [ 1667.227628][T22105] Bluetooth: hci2: command tx timeout [ 1667.230801][T13647] macvtap0: entered promiscuous mode [ 1667.235635][T13647] macvtap0: left promiscuous mode [ 1667.537815][T13657] overlayfs: missing 'lowerdir' [ 1668.040869][ T40] audit: type=1400 audit(1763393932.615:880): avc: denied { append } for pid=13662 comm="syz.2.30969" name="event3" dev="devtmpfs" ino=1298 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 1668.084185][T13667] macvtap0: entered promiscuous mode [ 1668.090736][T13667] macvtap0: left promiscuous mode [ 1668.316215][T13674] overlayfs: failed to resolve './file1': -2 [ 1668.523229][T11303] usb 7-1: new high-speed USB device number 23 using dummy_hcd [ 1668.697323][T11303] usb 7-1: unable to get BOS descriptor or descriptor too short [ 1668.700880][T11303] usb 7-1: no configurations [ 1668.702606][T11303] usb 7-1: can't read configurations, error -22 [ 1669.175454][T22105] Bluetooth: hci2: command tx timeout [ 1669.345593][T13707] overlayfs: missing 'lowerdir' [ 1669.497131][T13724] netlink: 8 bytes leftover after parsing attributes in process `syz.3.30998'. [ 1669.566266][T13728] overlayfs: missing 'lowerdir' [ 1669.632803][T13730] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 1669.756956][T13745] netlink: 8 bytes leftover after parsing attributes in process `syz.3.31007'. [ 1669.834910][T13747] overlayfs: overlapping lowerdir path [ 1670.029879][T13763] overlayfs: missing 'lowerdir' [ 1670.090943][T13770] overlayfs: overlapping lowerdir path [ 1670.298474][T13787] overlayfs: missing 'lowerdir' [ 1670.337847][T13791] syzkaller0: entered promiscuous mode [ 1670.339690][T13791] syzkaller0: entered allmulticast mode [ 1670.447164][T13797] overlayfs: overlapping lowerdir path [ 1670.544253][T13807] macvtap0: entered promiscuous mode [ 1670.548851][T13807] macvtap0: left promiscuous mode [ 1670.589494][T13812] overlayfs: missing 'lowerdir' [ 1670.706853][T13822] syzkaller0: entered promiscuous mode [ 1670.708693][T13822] syzkaller0: entered allmulticast mode [ 1670.870642][T13833] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 1670.929864][T13839] macvtap0: entered promiscuous mode [ 1670.934076][T13839] macvtap0: left promiscuous mode [ 1671.104157][T13863] netlink: 8 bytes leftover after parsing attributes in process `syz.2.31060'. [ 1671.105193][T22105] Bluetooth: hci2: command tx timeout [ 1671.258312][ T1419] ieee802154 phy0 wpan0: encryption failed: -22 [ 1671.260417][ T1419] ieee802154 phy1 wpan1: encryption failed: -22 [ 1671.290445][T30910] usb 8-1: new full-speed USB device number 27 using dummy_hcd [ 1671.451208][T30910] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 1671.455907][T30910] usb 8-1: New USB device found, idVendor=056a, idProduct=032f, bcdDevice= 0.00 [ 1671.459940][T30910] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1671.467457][T30910] usb 8-1: config 0 descriptor?? [ 1671.470529][T13859] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1671.586007][T13897] overlayfs: missing 'lowerdir' [ 1671.633980][T13901] syzkaller0: entered promiscuous mode [ 1671.637504][T13901] syzkaller0: entered allmulticast mode [ 1671.669281][T30910] usbhid 8-1:0.0: can't add hid device: -71 [ 1671.671359][T30910] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 1671.679990][T30910] usb 8-1: USB disconnect, device number 27 [ 1671.813112][ T5996] usb 6-1: new full-speed USB device number 40 using dummy_hcd [ 1671.933871][ T5996] usb 6-1: device descriptor read/64, error -71 [ 1672.003792][T13927] syzkaller0: entered promiscuous mode [ 1672.005634][T13927] syzkaller0: entered allmulticast mode [ 1672.158947][ T5996] usb 6-1: new full-speed USB device number 41 using dummy_hcd [ 1672.246840][T13946] netlink: 8 bytes leftover after parsing attributes in process `syz.2.31098'. [ 1672.298555][ T5996] usb 6-1: device descriptor read/64, error -71 [ 1672.409689][ T5996] usb usb6-port1: attempt power cycle [ 1672.606706][ T840] usb 5-1: new full-speed USB device number 45 using dummy_hcd [ 1672.726267][ T5996] usb 6-1: new full-speed USB device number 42 using dummy_hcd [ 1672.746308][ T5996] usb 6-1: device descriptor read/8, error -71 [ 1672.750992][ T840] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 1672.756589][ T840] usb 5-1: New USB device found, idVendor=056a, idProduct=032f, bcdDevice= 0.00 [ 1672.759458][ T840] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1672.764746][ T840] usb 5-1: config 0 descriptor?? [ 1672.767431][T13956] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1672.963334][ T840] usbhid 5-1:0.0: can't add hid device: -71 [ 1672.965732][ T840] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 1672.971920][ T840] usb 5-1: USB disconnect, device number 45 [ 1672.987038][ T5996] usb 6-1: new full-speed USB device number 43 using dummy_hcd [ 1673.006238][ T5996] usb 6-1: device descriptor read/8, error -71 [ 1673.108870][ T5996] usb usb6-port1: unable to enumerate USB device [ 1673.593265][T23628] usb 6-1: new full-speed USB device number 44 using dummy_hcd [ 1673.717686][T23628] usb 6-1: device descriptor read/64, error -71 [ 1673.948336][T23628] usb 6-1: new full-speed USB device number 45 using dummy_hcd [ 1674.068083][T23628] usb 6-1: device descriptor read/64, error -71 [ 1674.172496][T23628] usb usb6-port1: attempt power cycle [ 1674.669393][T13999] netlink: 132 bytes leftover after parsing attributes in process `syz.0.31124'. [ 1674.712917][T14001] netlink: 8 bytes leftover after parsing attributes in process `syz.0.31125'. [ 1674.972564][ T3938] usb 5-1: new full-speed USB device number 46 using dummy_hcd [ 1675.112454][ T3938] usb 5-1: device descriptor read/64, error -71 [ 1675.336119][ T3938] usb 5-1: new full-speed USB device number 47 using dummy_hcd [ 1675.476109][ T3938] usb 5-1: device descriptor read/64, error -71 [ 1675.583881][ T3938] usb usb5-port1: attempt power cycle [ 1675.895539][ T3938] usb 5-1: new full-speed USB device number 48 using dummy_hcd [ 1675.915155][ T3938] usb 5-1: device descriptor read/8, error -71 [ 1676.156459][ T3938] usb 5-1: new full-speed USB device number 49 using dummy_hcd [ 1676.175525][ T3938] usb 5-1: device descriptor read/8, error -71 [ 1676.286527][ T3938] usb usb5-port1: unable to enumerate USB device [ 1676.710075][T14015] netlink: 8 bytes leftover after parsing attributes in process `syz.2.31131'. [ 1676.827995][T14025] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1676.891029][T14031] overlayfs: overlapping lowerdir path [ 1676.944426][T14035] netlink: 132 bytes leftover after parsing attributes in process `syz.3.31141'. [ 1677.157060][T14043] macvtap0: entered promiscuous mode [ 1677.161532][T14043] macvtap0: left promiscuous mode [ 1677.565258][T14051] overlayfs: missing 'lowerdir' [ 1677.565942][T14053] netlink: 132 bytes leftover after parsing attributes in process `syz.3.31151'. [ 1677.645658][T14058] overlayfs: failed to resolve './file1': -2 [ 1677.793810][T14076] netlink: 132 bytes leftover after parsing attributes in process `syz.1.31162'. [ 1677.821807][T14078] macvtap0: entered promiscuous mode [ 1677.828642][T14078] macvtap0: left promiscuous mode [ 1677.905194][T14088] syzkaller0: entered promiscuous mode [ 1677.907524][T14088] syzkaller0: entered allmulticast mode [ 1678.058387][ T29] usb 5-1: new full-speed USB device number 50 using dummy_hcd [ 1678.091043][ T40] audit: type=1400 audit(1763393943.387:881): avc: denied { setopt } for pid=14098 comm="syz.2.31172" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 1678.156110][T14104] overlayfs: overlapping lowerdir path [ 1678.210199][ T29] usb 5-1: config index 0 descriptor too short (expected 249, got 27) [ 1678.213873][ T29] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1678.235384][ T29] usb 5-1: config 0 has no interfaces? [ 1678.237901][ T29] usb 5-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 1678.241389][ T29] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1678.252278][ T29] usb 5-1: config 0 descriptor?? [ 1678.789911][T14137] syzkaller0: entered promiscuous mode [ 1678.792438][T14137] syzkaller0: entered allmulticast mode [ 1679.456086][ T54] usb 8-1: new full-speed USB device number 28 using dummy_hcd [ 1679.596917][ T54] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 1679.604239][ T54] usb 8-1: New USB device found, idVendor=056a, idProduct=032f, bcdDevice= 0.00 [ 1679.607808][ T54] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1679.612073][ T54] usb 8-1: config 0 descriptor?? [ 1679.616994][T14155] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 1679.810387][ T54] usbhid 8-1:0.0: can't add hid device: -71 [ 1679.815389][ T54] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 1679.824414][ T54] usb 8-1: USB disconnect, device number 28 [ 1680.029763][T14166] overlayfs: failed to resolve './file0': -2 [ 1680.268222][T14174] netlink: 8 bytes leftover after parsing attributes in process `syz.1.31207'. [ 1680.323946][T14176] netlink: 8 bytes leftover after parsing attributes in process `syz.1.31209'. [ 1680.492948][T14190] overlayfs: missing 'lowerdir' [ 1680.552272][T14194] netlink: 8 bytes leftover after parsing attributes in process `syz.1.31218'. [ 1680.635884][T32660] usb 5-1: USB disconnect, device number 50 [ 1680.696684][T14210] overlayfs: missing 'lowerdir' [ 1680.727163][T14216] netlink: 8 bytes leftover after parsing attributes in process `syz.3.31228'. [ 1681.000862][T14241] netlink: 8 bytes leftover after parsing attributes in process `syz.2.31239'. [ 1681.013460][T14242] macvtap0: entered promiscuous mode [ 1681.017877][T14242] macvtap0: left promiscuous mode [ 1681.075567][T14244] overlayfs: failed to resolve './file0': -2 [ 1681.115047][T22524] usb 5-1: new full-speed USB device number 51 using dummy_hcd [ 1681.265658][T22524] usb 5-1: config index 0 descriptor too short (expected 249, got 27) [ 1681.268699][T22524] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1681.272008][T22524] usb 5-1: config 0 has no interfaces? [ 1681.276694][T22524] usb 5-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 1681.281043][T22524] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1681.296825][T22524] usb 5-1: config 0 descriptor?? [ 1681.815248][T14271] overlayfs: missing 'workdir' [ 1682.293802][T14293] macvtap0: entered promiscuous mode [ 1682.299719][T14293] macvtap0: left promiscuous mode [ 1682.383048][T14295] overlayfs: missing 'workdir' [ 1682.524217][T14309] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1682.790002][T14311] netlink: 8 bytes leftover after parsing attributes in process `syz.3.31268'. [ 1682.936636][T14318] netlink: 8 bytes leftover after parsing attributes in process `syz.1.31273'. [ 1683.047900][T14326] overlayfs: missing 'lowerdir' [ 1683.245684][T14344] netlink: 8 bytes leftover after parsing attributes in process `syz.3.31283'. [ 1683.287392][T14346] macvtap0: entered promiscuous mode [ 1683.292552][T14346] macvtap0: left promiscuous mode [ 1683.464027][T14354] overlayfs: missing 'lowerdir' [ 1683.499550][T14356] netlink: 8 bytes leftover after parsing attributes in process `syz.2.31289'. [ 1683.608052][T14365] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1683.614224][T14365] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1683.709110][T11303] usb 5-1: USB disconnect, device number 51 [ 1683.773057][T14377] overlayfs: missing 'lowerdir' [ 1683.850365][T14387] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1683.853265][T14387] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1684.071131][T14404] netlink: 8 bytes leftover after parsing attributes in process `syz.0.31311'. [ 1684.106983][T14410] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1684.109919][T14410] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1684.212035][T14415] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1684.269197][T14417] macvtap0: entered promiscuous mode [ 1684.275611][T14417] macvtap0: left promiscuous mode [ 1684.579110][T14431] overlayfs: overlapping lowerdir path [ 1684.628402][T14436] 9pnet_fd: Insufficient options for proto=fd [ 1685.054904][T14475] overlayfs: overlapping lowerdir path [ 1685.259232][T14498] __nla_validate_parse: 4 callbacks suppressed [ 1685.259249][T14498] netlink: 8 bytes leftover after parsing attributes in process `syz.1.31354'. [ 1685.355023][T14510] netlink: 'syz.1.31361': attribute type 3 has an invalid length. [ 1685.360282][T14510] netlink: 20 bytes leftover after parsing attributes in process `syz.1.31361'. [ 1685.363817][T14510] netlink: 'syz.1.31361': attribute type 1 has an invalid length. [ 1685.490515][T14521] overlayfs: missing 'lowerdir' [ 1685.534519][T14523] netlink: 8 bytes leftover after parsing attributes in process `syz.1.31367'. [ 1685.748321][T14543] overlayfs: missing 'lowerdir' [ 1685.932676][T14560] macvtap0: entered promiscuous mode [ 1685.937905][T14560] macvtap0: left promiscuous mode [ 1686.323703][T14578] overlayfs: missing 'lowerdir' [ 1686.411175][T14583] overlayfs: overlapping lowerdir path [ 1686.478439][T14587] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1686.825530][T14598] netlink: 8 bytes leftover after parsing attributes in process `syz.3.31403'. [ 1686.843381][T14600] overlayfs: missing 'lowerdir' [ 1686.932029][T14607] macvtap0: entered promiscuous mode [ 1686.937276][T14607] macvtap0: left promiscuous mode [ 1687.084713][T14620] netlink: 8 bytes leftover after parsing attributes in process `syz.2.31414'. [ 1687.226599][T14636] macvtap0: entered promiscuous mode [ 1687.234452][T14636] macvtap0: left promiscuous mode [ 1687.322428][ T8711] usb 5-1: new full-speed USB device number 52 using dummy_hcd [ 1687.384039][T14654] netlink: 8 bytes leftover after parsing attributes in process `syz.2.31426'. [ 1687.464120][ T8711] usb 5-1: config index 0 descriptor too short (expected 35577, got 27) [ 1687.467713][ T8711] usb 5-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 1687.474932][ T8711] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1687.480213][ T8711] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 1687.485017][ T8711] usb 5-1: config 1 has no interface number 0 [ 1687.488033][ T8711] usb 5-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 1687.493207][ T8711] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1687.513150][ T8711] snd_usb_pod 5-1:1.1: Line 6 Pocket POD found [ 1687.699627][ T8711] snd_usb_pod 5-1:1.1: endpoint not available, using fallback values [ 1687.702691][ T8711] snd_usb_pod 5-1:1.1: invalid control EP [ 1687.706795][ T8711] snd_usb_pod 5-1:1.1: cannot start listening: -22 [ 1687.709171][ T8711] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now disconnected [ 1687.712136][ T8711] snd_usb_pod 5-1:1.1: probe with driver snd_usb_pod failed with error -22 [ 1687.714838][T14679] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1687.739264][ T3571] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1687.748098][ T3571] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1687.752963][ T3571] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1687.762828][ T3571] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1687.773066][ T3571] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1687.890295][ T8711] usb 5-1: USB disconnect, device number 52 [ 1688.018130][T14680] chnl_net:caif_netlink_parms(): no params data found [ 1688.130542][T14680] bridge0: port 1(bridge_slave_0) entered blocking state [ 1688.133135][T14680] bridge0: port 1(bridge_slave_0) entered disabled state [ 1688.140486][T14680] bridge_slave_0: entered allmulticast mode [ 1688.146158][T14680] bridge_slave_0: entered promiscuous mode [ 1688.151906][T14680] bridge0: port 2(bridge_slave_1) entered blocking state [ 1688.155015][T14680] bridge0: port 2(bridge_slave_1) entered disabled state [ 1688.159877][T14680] bridge_slave_1: entered allmulticast mode [ 1688.164772][T14690] block nbd3: NBD_DISCONNECT [ 1688.167914][T14690] block nbd3: Disconnected due to user request. [ 1688.170090][T14690] block nbd3: shutting down sockets [ 1688.176171][T14680] bridge_slave_1: entered promiscuous mode [ 1688.232480][T14680] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1688.241914][T14680] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1688.301717][T14680] team0: Port device team_slave_0 added [ 1688.307620][T14680] team0: Port device team_slave_1 added [ 1688.378098][T14680] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1688.380489][T14680] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1688.392012][T14680] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1688.398004][T14680] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1688.400355][T14680] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1688.409020][T14680] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1688.461686][T14711] overlayfs: overlapping lowerdir path [ 1688.482727][T14680] hsr_slave_0: entered promiscuous mode [ 1688.486379][T14680] hsr_slave_1: entered promiscuous mode [ 1688.489575][T14680] debugfs: 'hsr0' already exists in 'hsr' [ 1688.491451][T14680] Cannot create hsr debugfs directory [ 1688.607795][T14730] netlink: 8 bytes leftover after parsing attributes in process `syz.3.31454'. [ 1688.666352][T14680] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1688.751909][T14680] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1688.775852][ T5996] usb 5-1: new full-speed USB device number 53 using dummy_hcd [ 1688.880878][T14680] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1688.898752][T14741] gtp0: entered promiscuous mode [ 1688.928746][ T5996] usb 5-1: config index 0 descriptor too short (expected 35577, got 27) [ 1688.932387][ T5996] usb 5-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 1688.936611][ T5996] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1688.941056][ T5996] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 1688.945537][ T5996] usb 5-1: config 1 has no interface number 0 [ 1688.948246][ T5996] usb 5-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 1688.952048][ T5996] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1688.969947][ T5996] snd_usb_pod 5-1:1.1: Line 6 Pocket POD found [ 1688.978352][T14680] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1689.057927][T14749] netlink: 8 bytes leftover after parsing attributes in process `syz.3.31463'. [ 1689.128013][T14680] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1689.137335][T14680] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1689.151057][T14680] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1689.155120][ T5996] snd_usb_pod 5-1:1.1: endpoint not available, using fallback values [ 1689.158689][ T5996] snd_usb_pod 5-1:1.1: invalid control EP [ 1689.160450][T14680] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1689.162437][ T5996] snd_usb_pod 5-1:1.1: cannot start listening: -22 [ 1689.170100][ T5996] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now disconnected [ 1689.175893][ T5996] snd_usb_pod 5-1:1.1: probe with driver snd_usb_pod failed with error -22 [ 1689.305130][T14680] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1689.326940][T14680] 8021q: adding VLAN 0 to HW filter on device team0 [ 1689.336229][T21781] bridge0: port 1(bridge_slave_0) entered blocking state [ 1689.339177][T21781] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1689.343657][T21157] usb 5-1: USB disconnect, device number 53 [ 1689.353885][T21781] bridge0: port 2(bridge_slave_1) entered blocking state [ 1689.356781][T21781] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1689.463276][T14772] netlink: 8 bytes leftover after parsing attributes in process `syz.3.31471'. [ 1689.528846][T14680] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1689.587055][T14680] veth0_vlan: entered promiscuous mode [ 1689.595540][T14680] veth1_vlan: entered promiscuous mode [ 1689.624772][T14680] veth0_macvtap: entered promiscuous mode [ 1689.631422][T14680] veth1_macvtap: entered promiscuous mode [ 1689.654294][T14680] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1689.670483][T14680] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1689.671750][ T3571] Bluetooth: hci4: command tx timeout [ 1689.685582][ T1151] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1689.697829][ T1151] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1689.701019][ T1151] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1689.704809][ T1151] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1689.764609][T24972] usb 8-1: new full-speed USB device number 29 using dummy_hcd [ 1689.792005][ T1144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1689.796118][ T1144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1689.825886][T14785] Bluetooth: MGMT ver 1.23 [ 1689.846633][ T1144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1689.849540][ T1144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1689.868364][T14789] netlink: 132 bytes leftover after parsing attributes in process `syz.2.31477'. [ 1689.924962][T24972] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 1689.930892][T24972] usb 8-1: New USB device found, idVendor=056a, idProduct=032f, bcdDevice= 0.00 [ 1689.937135][T24972] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1689.945121][T24972] usb 8-1: config 0 descriptor?? [ 1689.948056][T14776] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1690.132346][T14817] netlink: 132 bytes leftover after parsing attributes in process `syz.1.31486'. [ 1690.158645][T24972] usbhid 8-1:0.0: can't add hid device: -71 [ 1690.161312][T24972] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 1690.177132][T24972] usb 8-1: USB disconnect, device number 29 [ 1690.179405][T14825] netlink: 8 bytes leftover after parsing attributes in process `syz.1.31489'. [ 1690.794230][T14876] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1691.528765][T14937] overlayfs: missing 'lowerdir' [ 1691.581404][ T840] usb 8-1: new full-speed USB device number 30 using dummy_hcd [ 1691.610783][T22105] Bluetooth: hci4: command tx timeout [ 1691.654389][T14945] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1691.726005][ T3571] block nbd2: Receive control failed (result -32) [ 1691.732621][T14891] block nbd2: shutting down sockets [ 1691.742308][ T840] usb 8-1: unable to get BOS descriptor or descriptor too short [ 1691.745269][ T840] usb 8-1: not running at top speed; connect to a high speed hub [ 1691.748580][ T840] usb 8-1: config 1 interface 0 altsetting 247 endpoint 0x82 has invalid maxpacket 544, setting to 64 [ 1691.753280][ T840] usb 8-1: config 1 interface 0 altsetting 247 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1691.757581][ T840] usb 8-1: config 1 interface 0 has no altsetting 0 [ 1691.763903][ T840] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1691.766953][ T840] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1691.770078][ T840] usb 8-1: Product: syz [ 1691.771632][ T840] usb 8-1: Manufacturer: syz [ 1691.773184][ T840] usb 8-1: SerialNumber: syz [ 1691.779629][T14927] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1691.835743][T14961] netlink: 48 bytes leftover after parsing attributes in process `syz.1.31548'. [ 1691.839584][T14961] netlink: 20 bytes leftover after parsing attributes in process `syz.1.31548'. [ 1691.917903][T14967] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1691.984170][ T840] cdc_ether 8-1:1.0: probe with driver cdc_ether failed with error -71 [ 1691.996633][ T840] usb 8-1: USB disconnect, device number 30 [ 1692.038414][T14974] overlayfs: missing 'lowerdir' [ 1692.323000][T14986] netlink: 132 bytes leftover after parsing attributes in process `syz.2.31560'. [ 1692.573103][ T40] audit: type=1400 audit(1763393958.922:882): avc: denied { cmd } for pid=14993 comm="syz.3.31564" path="socket:[768379]" dev="sockfs" ino=768379 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 1692.815452][T15011] overlayfs: missing 'lowerdir' [ 1693.048895][T15027] netlink: 8 bytes leftover after parsing attributes in process `syz.2.31580'. [ 1693.343176][T15049] netlink: 124 bytes leftover after parsing attributes in process `syz.2.31589'. [ 1693.362157][ T40] audit: type=1400 audit(1763393959.770:883): avc: denied { accept } for pid=15050 comm="syz.0.31590" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 1693.387472][ T40] audit: type=1400 audit(1763393959.802:884): avc: denied { ioctl } for pid=15052 comm="syz.2.31591" path="/dev/fuse" dev="devtmpfs" ino=105 ioctlcmd=0xe500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 1693.526223][T15057] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1693.548573][ T3571] Bluetooth: hci4: command tx timeout [ 1694.429939][T15093] netlink: 8 bytes leftover after parsing attributes in process `syz.1.31600'. [ 1694.624029][ T40] audit: type=1326 audit(1763393961.133:885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15106 comm="syz.3.31616" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70b278f6c9 code=0x7ffc0000 [ 1694.637523][ T40] audit: type=1326 audit(1763393961.143:886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15106 comm="syz.3.31616" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70b278f6c9 code=0x7ffc0000 [ 1694.649629][ T40] audit: type=1326 audit(1763393961.154:887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15106 comm="syz.3.31616" exe="/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f70b278f6c9 code=0x7ffc0000 [ 1694.685185][ T40] audit: type=1326 audit(1763393961.154:888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15106 comm="syz.3.31616" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70b278f6c9 code=0x7ffc0000 [ 1694.712901][ T40] audit: type=1326 audit(1763393961.154:889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15106 comm="syz.3.31616" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70b278f6c9 code=0x7ffc0000 [ 1694.744023][ T40] audit: type=1400 audit(1763393961.165:890): avc: denied { create } for pid=15108 comm="syz.1.31617" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 1694.752797][ T40] audit: type=1400 audit(1763393961.176:891): avc: denied { write } for pid=15108 comm="syz.1.31617" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 1694.862737][T15115] netlink: 4 bytes leftover after parsing attributes in process `syz.3.31620'. [ 1694.866612][T15115] bridge_slave_1: left allmulticast mode [ 1694.868761][T15115] bridge_slave_1: left promiscuous mode [ 1694.889134][T15115] bridge0: port 2(bridge_slave_1) entered disabled state [ 1694.913672][T15115] bridge_slave_0: left allmulticast mode [ 1694.916191][T15115] bridge_slave_0: left promiscuous mode [ 1694.919587][T15115] bridge0: port 1(bridge_slave_0) entered disabled state [ 1694.961552][T15113] block nbd1: NBD_DISCONNECT [ 1695.354979][T15140] pim6reg: entered allmulticast mode [ 1695.368602][T15144] netlink: 132 bytes leftover after parsing attributes in process `syz.3.31633'. [ 1695.378567][T15142] netlink: 8 bytes leftover after parsing attributes in process `syz.0.31622'. [ 1695.496615][ T3571] Bluetooth: hci4: command tx timeout [ 1695.558976][T15172] netlink: 132 bytes leftover after parsing attributes in process `syz.0.31646'. [ 1695.566787][T15170] netlink: 8 bytes leftover after parsing attributes in process `syz.3.31645'. [ 1696.091329][T15199] netlink: 8 bytes leftover after parsing attributes in process `syz.0.31659'. [ 1696.538304][T15211] netlink: 108 bytes leftover after parsing attributes in process `syz.0.31666'. [ 1696.711390][T15219] netlink: 8 bytes leftover after parsing attributes in process `syz.0.31670'. [ 1696.864130][T15229] netlink: 8 bytes leftover after parsing attributes in process `syz.2.31674'. [ 1696.916012][T15238] netlink: 4 bytes leftover after parsing attributes in process `syz.3.31677'. [ 1697.081920][ T3938] usb 6-1: new full-speed USB device number 47 using dummy_hcd [ 1697.187689][T15263] nbd: must specify a device to reconfigure [ 1697.223550][ T3938] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 1697.231536][ T3938] usb 6-1: New USB device found, idVendor=056a, idProduct=032f, bcdDevice= 0.00 [ 1697.234560][ T3938] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1697.240509][ T3938] usb 6-1: config 0 descriptor?? [ 1697.248506][T15232] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 1697.269615][T15265] overlayfs: missing 'workdir' [ 1697.343632][T15259] nbd: couldn't find device at index 0 [ 1697.445341][ T3938] usbhid 6-1:0.0: can't add hid device: -71 [ 1697.447674][ T3938] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 1697.460001][ T3938] usb 6-1: USB disconnect, device number 47 [ 1697.569369][T15291] overlayfs: missing 'workdir' [ 1697.918278][ T40] kauditd_printk_skb: 1 callbacks suppressed [ 1697.918296][ T40] audit: type=1400 audit(1763393964.662:893): avc: denied { read } for pid=15326 comm="syz.2.31720" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 1697.975300][ T40] audit: type=1400 audit(1763393964.716:894): avc: denied { remount } for pid=15333 comm="syz.0.31722" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 1697.991146][ T40] audit: type=1400 audit(1763393964.738:895): avc: denied { unmount } for pid=10735 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 1698.397885][T15363] nbd: couldn't find device at index 0 [ 1698.596717][T15372] BUG: sleeping function called from invalid context at fs/inode.c:1928 [ 1698.600782][T15372] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 15372, name: syz.0.31739 [ 1698.605736][T15372] preempt_count: 1, expected: 0 [ 1698.607921][T15372] RCU nest depth: 0, expected: 0 [ 1698.609752][T15372] 2 locks held by syz.0.31739/15372: [ 1698.611707][T15372] #0: ffff888155bda0e0 (&type->s_umount_key#32){++++}-{4:4}, at: deactivate_super+0xd6/0x100 [ 1698.615458][T15372] #1: ffff888155bda998 (&s->s_inode_list_lock){+.+.}-{3:3}, at: hook_sb_delete+0x11c/0xbd0 [ 1698.619156][T15372] Preemption disabled at: [ 1698.619162][T15372] [<0000000000000000>] 0x0 [ 1698.622125][T15372] CPU: 0 UID: 0 PID: 15372 Comm: syz.0.31739 Not tainted syzkaller #0 PREEMPT(full) [ 1698.622140][T15372] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1698.622148][T15372] Call Trace: [ 1698.622152][T15372] [ 1698.622157][T15372] dump_stack_lvl+0x16c/0x1f0 [ 1698.622173][T15372] __might_resched+0x3c0/0x5e0 [ 1698.622188][T15372] ? find_held_lock+0x2b/0x80 [ 1698.622204][T15372] ? __pfx___might_resched+0x10/0x10 [ 1698.622220][T15372] ? hook_sb_delete+0x829/0xbd0 [ 1698.622238][T15372] iput+0x1e/0x40 [ 1698.622254][T15372] hook_sb_delete+0x8bb/0xbd0 [ 1698.622273][T15372] ? __pfx_hook_sb_delete+0x10/0x10 [ 1698.622289][T15372] ? __pfx_fsnotify_sb_delete+0x10/0x10 [ 1698.622304][T15372] ? __pfx_evict_inodes+0x10/0x10 [ 1698.622321][T15372] security_sb_delete+0x6d/0x110 [ 1698.622332][T15372] generic_shutdown_super+0xc2/0x390 [ 1698.622350][T15372] kill_litter_super+0x70/0xa0 [ 1698.622366][T15372] deactivate_locked_super+0xc1/0x1a0 [ 1698.622383][T15372] deactivate_super+0xde/0x100 [ 1698.622400][T15372] cleanup_mnt+0x225/0x450 [ 1698.622412][T15372] task_work_run+0x150/0x240 [ 1698.622425][T15372] ? __pfx_task_work_run+0x10/0x10 [ 1698.622438][T15372] ? __pfx___x64_sys_umount+0x10/0x10 [ 1698.622452][T15372] exit_to_user_mode_loop+0xec/0x130 [ 1698.622465][T15372] do_syscall_64+0x426/0xfa0 [ 1698.622478][T15372] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1698.622489][T15372] RIP: 0033:0x7f26da98f6c9 [ 1698.622499][T15372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1698.622510][T15372] RSP: 002b:00007f26db8d2038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1698.622521][T15372] RAX: 0000000000000000 RBX: 00007f26dabe5fa0 RCX: 00007f26da98f6c9 [ 1698.622528][T15372] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000002c0 [ 1698.622534][T15372] RBP: 00007f26daa11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1698.622541][T15372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1698.622548][T15372] R13: 00007f26dabe6038 R14: 00007f26dabe5fa0 R15: 00007ffd45819018 [ 1698.622561][T15372] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) VM DIAGNOSIS: 15:39:20 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000069 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85296b95 RDI=ffffffff9addb780 RBP=ffffffff9addb740 RSP=ffffc90005767740 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=0000000000000069 R14=ffffffff9addb740 R15=ffffffff85296b30 RIP=ffffffff85296bbf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f26db8d26c0 ffffffff 00c00000 GS =0000 ffff8880d6a05000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000200000000000 CR3=0000000135dcf000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff8790c150 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f18b3413050 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f18b341305d ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f18b3413057 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f18b341306b ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f18b34130f1 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f18b34131cf ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=0000000000000012 RCX=dffffc0000000000 RDX=ffff88802a108000 RSI=ffffffff84ad7ef1 RDI=0000000000000005 RBP=ffffc90003c4f2f0 RSP=ffffc90003c4f1b0 R8 =0000000000000005 R9 =0000000000000004 R10=0000000000000001 R11=0000000000000001 R12=1ffff92000789e40 R13=ffff88815d92d220 R14=0000000000000001 R15=ffffffff8bf09a65 RIP=ffffffff81bce840 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007fca8501b300 ffffffff 00c00000 GS =0000 ffff8880d6b05000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00005614bcaf7000 CR3=00000000318ab000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000003bf12 0000003000000012 0004000000080024 0000000000280034 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000007c02 0000001800000000 0000000000000000 0000000000000015 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f01ffffffffffff ffffed0809800322 000002f400000010 0000000100000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00088003000208ae 0980040210000008 000601589c0e0800 0980030fffffffff ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff040580041c10 0000080008014f88 0290100005900310 10000580030480a0 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 a0e010000fffffff ffffff0401080006 0168e000100005b8 8208000100000008 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0606011e9a000400 01c0c08408000980 04001000080049f4 006d766b2f766564 ZMM24=d36579c5d36579c5 d36579c5d36579c5 d36579c5d36579c5 d36579c5d36579c5 d36579c5d36579c5 d36579c5d36579c5 d36579c5d36579c5 d36579c5d36579c5 ZMM25=8e69263a8e69263a 8e69263a8e69263a 8e69263a8e69263a 8e69263a8e69263a 8e69263a8e69263a 8e69263a8e69263a 8e69263a8e69263a 8e69263a8e69263a ZMM26=02de5b2902de5b29 02de5b2902de5b29 02de5b2902de5b29 02de5b2902de5b29 02de5b2902de5b29 02de5b2902de5b29 02de5b2902de5b29 02de5b2902de5b29 ZMM27=15bd039e15bd039e 15bd039e15bd039e 15bd039e15bd039e 15bd039e15bd039e 15bd039e15bd039e 15bd039e15bd039e 15bd039e15bd039e 15bd039e15bd039e ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=05b1000005b10000 05b1000005b10000 05b1000005b10000 05b1000005b10000 05b1000005b10000 05b1000005b10000 05b1000005b10000 05b1000005b10000 info registers vcpu 2 CPU#2 RAX=0000000000000001 RBX=ffff88806a4426c0 RCX=ffffffff81b0dba1 RDX=ffff8880289e8000 RSI=0000000000000000 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90006397870 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=dffffc0000000000 R13=ffffed100d4884d9 R14=0000000000000001 R15=0000000000000000 RIP=ffffffff81bce1ec RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6c05000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c4f1e3a CR3=000000000e182000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00656d69745f7469 61775f70756f7267 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f70b2813050 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f70b281305d ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f70b2813057 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f70b281306b ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f70b28130f1 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f70b28131cf ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f70b29b74a8 00007f70b29b74a0 00007f70b29b7498 00007f70b29b7470 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f70b351d100 00007f70b29b7460 00007f70b29b0004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f70b29b74b8 00007f70b29b74b0 00007f70b29b74a8 00007f70b29b74a0 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000007 RBX=0000000000000009 RCX=ffffffff95ad9e08 RDX=0000000000000008 RSI=ffff88812905d458 RDI=ffff88812905c900 RBP=ffffc9000709ef60 RSP=ffffc9000709eec0 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000028 R11=0000000000000001 R12=ffff88812905d458 R13=0000000000000200 R14=0000000000000001 R15=ffff88812905c900 RIP=ffffffff81989bdd RFL=00000003 [------C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007f9d60b4a6c0 ffffffff 00c00000 GS =0000 ffff8880d6d05000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f26db8d1f98 CR3=0000000147dea000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcbcf6a0a0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9d5fe13050 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9d5fe1305d ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9d5fe13057 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9d5fe1306b ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9d5fe130f1 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9d5fe131cf ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000