last executing test programs: 390.449736ms ago: executing program 2 (id=4549): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)={0x20, 0x3, 0x8, 0x301, 0x0, 0x0, {0x2, 0x0, 0x9}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x1}, @CTA_TIMEOUT_DATA={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000001}, 0x1000) 317.534688ms ago: executing program 2 (id=4545): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=@ipv4_delroute={0x24, 0x18, 0x901, 0x0, 0x0, {0x2, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, [@RTA_DST={0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x2}}]}, 0x24}}, 0x0) 311.635573ms ago: executing program 2 (id=4552): r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$SOCK_DIAG_BY_FAMILY(r0, &(0x7f0000001ec0)={0x0, 0x0, &(0x7f0000001e80)={&(0x7f0000001a80)={0x18, 0x14, 0x1, 0x0, 0x0, {0x1e}, [@INET_DIAG_REQ_BYTECODE={0x4}]}, 0x18}}, 0x0) 269.820943ms ago: executing program 2 (id=4560): r0 = socket$inet6(0xa, 0x3, 0x2c) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000001640)=@raw={'raw\x00', 0x3c1, 0x3, 0x2b0, 0x110, 0x1170, 0x1170, 0x110, 0x1170, 0x110, 0x1398, 0x1398, 0x1e0, 0x1398, 0x3, 0x0, {[{{@ipv6={@private1, @private0, [], [], 'hsr0\x00', 'bond0\x00'}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz1\x00'}}}, {{@ipv6={@mcast2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'veth0_to_bond\x00', 'tunl0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@AUDIT={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310) 222.467403ms ago: executing program 2 (id=4554): r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0) ioctl$CDROMVOLCTRL(r0, 0x5392, &(0x7f0000000040)={0x3, 0xd, 0x4c}) 221.104706ms ago: executing program 1 (id=4563): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x40, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000080)={0xd, 0x1, 0x0, "27050000000000f3ff04d700000000000400"}) 171.544995ms ago: executing program 1 (id=4558): r0 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000180)={0x1, @pix_mp={0x0, 0x0, 0x34325258}}) 171.471156ms ago: executing program 3 (id=4561): r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) getsockopt$llc_int(r0, 0x10c, 0x4, &(0x7f0000001b00), &(0x7f00000004c0)=0x4) 169.641923ms ago: executing program 3 (id=4564): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000040)={'filter\x00', 0x10, 0x4, 0x3c8, 0x110, 0x0, 0x0, 0x2e0, 0x2e0, 0x2e0, 0x4, 0x0, {[{{@arp={@private, @rand_addr, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth1_virt_wifi\x00', 'veth1_to_bridge\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x4, {@empty, @mac=@dev, @dev, @broadcast}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffb}}, {{@arp={@empty, @empty, 0x0, 0x0, 0x0, 0x0, {@mac}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'dvmrp0\x00', 'tunl0\x00'}, 0xc0, 0xe8}, @unspec=@MARK={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x418) 169.559642ms ago: executing program 1 (id=4567): r0 = syz_open_procfs$pagemap(0x0, &(0x7f0000000000)) ioctl$PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f0000000340)={0x60, 0x0, &(0x7f0000001000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x401, 0x0, 0x58, 0x7ff, 0x1, 0x0, 0x18, 0x65}) 112.059881ms ago: executing program 2 (id=4565): syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040e06006220"], 0x9) 111.783445ms ago: executing program 1 (id=4566): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r1, 0x10e, 0xc, &(0x7f00000000c0)=0x8004, 0x4) write$tun(0xffffffffffffffff, 0x0, 0x46) syz_emit_vhci(&(0x7f0000000400)=ANY=[@ANYBLOB="040f04080019041422c181cdaf2f7e81ee6ac15afd2ad635d949794e0043f8e9e21c901d81bf88682df4f341715730e91eba846f9d95049fe37b3ad50e5b31d9bb39238f595c4d084786d970b912c72d43bfbe3918f1d94c722bee81b988bbd8da88bd14ca12becaa9e7bf1796a584502fdd1f59b16c15234019e70ab751886b8448bf1d2d9afeb93f73a102d9e409f979"], 0x7) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000640)={&(0x7f0000000600)='netlink_extack\x00', r2}, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000280)=@newqdisc={0x24, 0x24, 0x1, 0x0, 0x4, {0x0, 0x0, 0x0, 0x0, {0x9}, {}, {0x2, 0x5}}}, 0x24}}, 0x4004811) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="6400000010000305160000000000000000008847", @ANYRES32=0x0, @ANYBLOB="00000000000000004400128009000100626f6e6400000000340002800800b43d210c000005000c00000000000a001a"], 0xc3}, 0x1, 0x100000000000000}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[], 0xa0}}, 0x0) r3 = socket(0x10, 0x3, 0x0) sendmmsg(r3, &(0x7f0000000000), 0x4000000000001f2, 0x0) r4 = socket(0x23, 0x80000, 0x6) r5 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000007bc0), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_NEW_KEY(r7, 0x0, 0x0) sendmsg$NL80211_CMD_FRAME(r4, &(0x7f00000007c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000740)={&(0x7f0000000380)={0x150, r6, 0x200, 0x70bd27, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_DURATION={0x8, 0x57, 0xa3a}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_FRAME={0xfd, 0x33, @probe_request={{{0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1}, {0x344}, @device_b, @broadcast, @from_mac=@broadcast, {0x3, 0x4}, @value=@ver_80211n={0x0, 0x397c, 0x2, 0x1, 0x0, 0x3}}, @void, @void, @void, @val={0x2d, 0x1a, {0x300}}, @val={0x72, 0x6}, [{0xdd, 0xb7, "221c26ded008641405581e923c6072d8eca34db5b5bfc938c3a9e9df147a8975b705309909fb55dfb1b7027516290abb5aef84a7db5e9542d1d34a17eaeed83045298301d9d267b61c04a5d36e50164fe181eaec3bb8b7036908591613cc2372d37076b1bf957ce623c37dbcc4604c6b2363b7629651cf72ebf38d0b2452cd1531cb109cc1c79b79b006921de154c7dc9671014c062ae4acc22dba2bfff962568b028e43199474505de27bec6527d8a56b59eb183f7a36"}]}}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x16, 0xcd, [0x0, 0x0, 0x3b, 0x7, 0xff, 0x8000, 0x1, 0x3ff, 0x1]}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1a5}], @NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x833}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}]}, 0x150}, 0x1, 0x0, 0x0, 0x90}, 0x40000) syz_genetlink_get_family_id$batadv(&(0x7f0000000100), r3) socket$inet6_tcp(0xa, 0x1, 0x0) r8 = socket$nl_audit(0x10, 0x3, 0x9) r9 = socket$nl_audit(0x10, 0x3, 0x9) bind$netlink(r9, &(0x7f0000000000)={0x10, 0x0, 0x25dfdbff}, 0xc) bind$netlink(r8, &(0x7f0000002840)={0x10, 0x0, 0x25dfdbff, 0x2}, 0xc) r10 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="040100001a0001000000000001000000ff010000000000000000000000000001e000000200000000000010000000000000000000000000000800000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000005000000000000000000000000000014403c0000007f00000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a"], 0x104}}, 0x0) syz_emit_ethernet(0x56, &(0x7f00000001c0)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "00fbff", 0x20, 0x6, 0x0, @dev, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, {[@sack={0x5, 0xa, [0x0, 0x0]}]}}}}}}}}, 0x0) sendmsg$netlink(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="180000005600010610000000000000000700000000070000"], 0x18}], 0x1}, 0x0) 111.630761ms ago: executing program 0 (id=4568): syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_le_credits={{0x16, 0x4, 0x4}, {0xa, 0x100}}}}, 0x11) syz_emit_vhci(0x0, 0x7) 111.439427ms ago: executing program 3 (id=4569): r0 = syz_open_procfs$pagemap(0x0, &(0x7f0000000480)) ioctl$PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f0000000580)={0x60, 0x0, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x80000001, 0x0, 0x0, 0x9, 0x24, 0x0, 0x0, 0x8}) 111.393609ms ago: executing program 0 (id=4570): r0 = open(&(0x7f0000000040)='./cgroup.cpu/cpuset.cpus\x00', 0x121342, 0x0) write$tcp_mem(r0, &(0x7f0000000340)={0x0, 0x2d, 0x0, 0x2, 0x0, 0x2c}, 0x48) 110.700985ms ago: executing program 3 (id=4574): r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0) ioctl$CDROMVOLCTRL(r0, 0x5392, &(0x7f0000000040)={0x3, 0xd, 0x4c}) 62.236012ms ago: executing program 0 (id=4571): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x206, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000180)={0x31, 0x2, 0x0, "b43d71dde500c67f000000100000020000000000000200"}) 61.979931ms ago: executing program 0 (id=4572): r0 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000180)={0x1, @pix_mp={0x0, 0x0, 0x34325258}}) 60.749756ms ago: executing program 0 (id=4580): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f00000001c0)={'syztnl1\x00', &(0x7f0000000180)={'gre0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @local}}}}) 1.239598ms ago: executing program 3 (id=4573): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount$bpf(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0), 0x0, &(0x7f0000000300)={[{@gid}], [{@uid_eq}]}) 995.891µs ago: executing program 1 (id=4575): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000f80)={'wlan1\x00', &(0x7f0000000200)=@ethtool_ringparam={0x50}}) 900.692µs ago: executing program 0 (id=4576): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000009a40)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x54}}, 0x0) 78.071µs ago: executing program 3 (id=4577): r0 = open(&(0x7f0000000040)='./cgroup.cpu/cpuset.cpus\x00', 0x121342, 0x0) write$tcp_mem(r0, &(0x7f0000000600)={0xfffffffffffffffe, 0x2d, 0xd1d8, 0xa, 0x10000000000000, 0x2c}, 0x48) 0s ago: executing program 1 (id=4578): r0 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000340)=ANY=[@ANYBLOB="00000000000000001a000aff"]) kernel console output (not intermixed with test programs): 113.463549][ T8337] tipc: Started in network mode [ 113.465315][ T8337] tipc: Node identity b62209b4ef4d, cluster identity 4711 [ 113.467998][ T8337] tipc: Enabled bearer , priority 0 [ 114.275584][ T5344] Bluetooth: hci4: command 0x1003 tx timeout [ 114.275610][ T5335] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 114.402699][ T8348] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1040'. [ 114.587742][ T8337] tipc: Disabling bearer [ 115.079071][ T8371] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1048'. [ 115.177781][ T8380] tipc: Cannot configure node identity twice [ 115.232387][ T39] audit: type=1400 audit(1726856476.440:1262): avc: denied { unlink } for pid=8376 comm="syz.0.1050" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="9p" ino=36701736 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sock_file permissive=1 [ 115.261807][ T8361] coredump: 626(syz.1.1052): written to core: VMAs: 41, size 103211008; core: 65722202 bytes, pos 103231488 [ 115.315629][ T4780] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 116.899456][ T8423] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1062'. [ 117.471504][ T8462] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1078'. [ 121.641916][ T8580] team0: Port device team_slave_0 removed [ 121.665845][ T8580] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check. [ 124.530295][ T8666] openvswitch: netlink: Missing key (keys=8040, expected=200000) [ 124.571180][ T8665] team0: Port device team_slave_0 removed [ 124.572872][ T8665] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check. [ 126.429225][ T8712] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1152'. [ 126.569120][ T8717] netlink: 'syz.0.1153': attribute type 10 has an invalid length. [ 126.692887][ T8730] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1161'. [ 126.706726][ T8737] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1163'. [ 126.777165][ T8745] vim2m vim2m.0: Fourcc format (0x42474752) invalid. [ 126.842927][ T8759] program syz.3.1174 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 126.894887][ T8777] tmpfs: User quota inode hardlimit too large. [ 126.924919][ T8786] netlink: 256 bytes leftover after parsing attributes in process `syz.1.1186'. [ 126.928520][ T8782] netlink: 'syz.3.1187': attribute type 1 has an invalid length. [ 126.930569][ T8782] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1187'. [ 127.002614][ T8799] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1192'. [ 127.399255][ T8864] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1221'. [ 127.464324][ T8861] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1220'. [ 128.378245][ T8871] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check. [ 128.468527][ T8887] netlink: 'syz.1.1227': attribute type 13 has an invalid length. [ 128.470626][ T8887] netlink: 'syz.1.1227': attribute type 58 has an invalid length. [ 128.472739][ T8887] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1227'. [ 128.621883][ T8902] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1233'. [ 129.446406][ T8921] syzkaller1: entered promiscuous mode [ 129.448513][ T8921] syzkaller1: entered allmulticast mode [ 129.751695][ T8932] netlink: 'syz.0.1242': attribute type 1 has an invalid length. [ 129.795200][ T8939] MTD: Attempt to mount non-MTD device "/dev/nullb0" [ 129.798157][ T8939] VFS: Can't find a romfs filesystem on dev nullb0. [ 129.798157][ T8939] [ 130.461666][ T9082] netlink: ct family unspecified [ 130.463064][ T9082] openvswitch: netlink: Actions may not be safe on all matching packets [ 130.514603][ T9094] hpfs: Bad magic ... probably not HPFS [ 130.523765][ T9099] program syz.3.1318 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 130.625287][ T9126] netlink: 'syz.3.1331': attribute type 2 has an invalid length. [ 130.629756][ T9126] netlink: 'syz.3.1331': attribute type 1 has an invalid length. [ 130.656363][ T39] audit: type=1400 audit(1726856491.910:1263): avc: denied { append } for pid=9134 comm="syz.2.1333" name="dlm-control" dev="devtmpfs" ino=100 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 130.659207][ T9136] dlm: no locking on control device [ 130.673635][ T9138] tmpfs: User quota block hardlimit too large. [ 131.208579][ T1072] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1 [ 131.211507][ T1072] ata1: failed to read log page 10h (errno=-5) [ 131.213328][ T1072] ata1.00: exception Emask 0x1 SAct 0x200 SErr 0x0 action 0x0 [ 131.218516][ T1072] ata1.00: irq_stat 0x40000000 [ 131.219969][ T1072] ata1.00: failed command: WRITE FPDMA QUEUED [ 131.221801][ T1072] ata1.00: cmd 61/00:48:f2:5c:08/01:00:00:00:00/40 tag 9 ncq dma 131072 out [ 131.221801][ T1072] res 50/00:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error) [ 131.229517][ T1072] ata1.00: status: { DRDY } [ 131.269746][ T1072] ata1.00: configured for UDMA/100 [ 131.272706][ T1072] ata1: EH complete [ 131.695709][ T39] audit: type=1400 audit(1726856492.950:1264): avc: denied { ioctl } for pid=9182 comm="syz.0.1351" path="socket:[23339]" dev="sockfs" ino=23339 ioctlcmd=0x8990 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 131.703851][ T9183] bond0: (slave caif0): Error: Device type is different from other slaves [ 131.757920][ T9200] program syz.1.1359 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 131.780739][ T9204] __nla_validate_parse: 15 callbacks suppressed [ 131.780747][ T9204] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1362'. [ 131.799479][ T9211] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1364'. [ 131.824642][ T9216] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1367'. [ 131.828475][ T9216] netlink: set zone limit has 4 unknown bytes [ 131.851006][ T9217] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1366'. [ 131.923756][ T9237] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1375'. [ 132.440414][ T1379] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.442283][ T1379] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.795832][ T9273] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1389'. [ 132.920256][ T9287] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1394'. [ 132.951286][ T9298] syz.2.1400: attempt to access beyond end of device [ 132.951286][ T9298] nbd2: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 132.954911][ T9298] XFS (nbd2): SB validate failed with error -5. [ 133.000802][ T9303] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check. [ 133.019259][ T9315] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1405'. [ 133.021838][ T9315] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1405'. [ 133.112047][ T9333] netlink: 'syz.0.1414': attribute type 1 has an invalid length. [ 133.114113][ T9333] netlink: 'syz.0.1414': attribute type 3 has an invalid length. [ 133.117833][ T9333] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1414'. [ 133.120198][ T9333] NCSI netlink: No device for ifindex 0 [ 134.317127][ T9394] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow [ 134.319348][ T9392] netlink: 'syz.1.1434': attribute type 2 has an invalid length. [ 134.748150][ T9462] ERROR: device name not specified. [ 134.754979][ T9464] cannot load conntrack support for proto=3 [ 134.817482][ T9472] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 134.860560][ T9476] bpf: Bad value for 'mode' [ 135.253220][ T9494] netlink: 'syz.0.1485': attribute type 1 has an invalid length. [ 135.374797][ T9503] netlink: 'syz.0.1480': attribute type 21 has an invalid length. [ 135.675252][ T9523] netlink: 'syz.0.1491': attribute type 4 has an invalid length. [ 135.744837][ T9538] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048) [ 136.331440][ T9606] syzkaller1: entered promiscuous mode [ 136.334148][ T9606] syzkaller1: entered allmulticast mode [ 136.791131][ T9613] netlink: 'syz.2.1528': attribute type 10 has an invalid length. [ 136.793992][ T9613] __nla_validate_parse: 21 callbacks suppressed [ 136.794002][ T9613] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1528'. [ 136.800191][ T9613] team0: Device lo is loopback device. Loopback devices can't be added as a team port [ 136.803446][ T9613] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 136.816720][ T9615] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1529'. [ 136.991215][ T9647] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1544'. [ 137.046417][ T9667] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1554'. [ 137.089234][ T9678] Unknown options in mask 1f4 [ 137.116100][ T9682] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1565'. [ 137.164438][ T9700] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1570'. [ 137.177033][ T9695] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1568'. [ 137.183147][ T9703] netlink: 288 bytes leftover after parsing attributes in process `syz.3.1571'. [ 137.187750][ T9705] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1572'. [ 137.192040][ T9705] IPv6: sit2: Disabled Multicast RS [ 137.193952][ T9705] sit2: entered allmulticast mode [ 137.263221][ T9719] netlink: 'syz.3.1577': attribute type 1 has an invalid length. [ 137.265260][ T9719] netlink: 'syz.3.1577': attribute type 1 has an invalid length. [ 137.271127][ T9719] netlink: 112860 bytes leftover after parsing attributes in process `syz.3.1577'. [ 138.167390][ T9775] netlink: 'syz.3.1605': attribute type 21 has an invalid length. [ 138.169463][ T9775] netlink: 'syz.3.1605': attribute type 20 has an invalid length. [ 138.171508][ T9775] IPv6: NLM_F_CREATE should be specified when creating new route [ 138.192882][ T9781] netlink: 'syz.3.1609': attribute type 10 has an invalid length. [ 138.197309][ T9781] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check. [ 138.226669][ T9790] netlink: 'syz.3.1613': attribute type 10 has an invalid length. [ 138.229780][ T9790] bridge0: port 3(team0) entered blocking state [ 138.231903][ T9790] bridge0: port 3(team0) entered forwarding state [ 138.234295][ T9790] bridge0: port 2(bridge_slave_1) entered blocking state [ 138.236670][ T9790] bridge0: port 2(bridge_slave_1) entered forwarding state [ 138.239174][ T9790] bridge0: port 1(bridge_slave_0) entered blocking state [ 138.241570][ T9790] bridge0: port 1(bridge_slave_0) entered forwarding state [ 138.247061][ T9790] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 138.422013][ T9822] netlink: 'syz.3.1626': attribute type 1 has an invalid length. [ 138.582935][ T9834] syzkaller1: entered promiscuous mode [ 138.584448][ T9834] syzkaller1: entered allmulticast mode [ 138.764773][ T9839] xt_cgroup: path and classid specified [ 139.102900][ T9877] tmpfs: Bad value for 'mpol' [ 139.207858][ T9905] usb usb9: usbfs: process 9905 (syz.0.1662) did not claim interface 0 before use [ 139.244375][ T9907] netlink: 'syz.2.1663': attribute type 16 has an invalid length. [ 139.283441][ T9916] syzkaller1: entered promiscuous mode [ 139.284962][ T9916] syzkaller1: entered allmulticast mode [ 139.294939][ T9919] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 139.297546][ T9919] syz.0.1668: attempt to access beyond end of device [ 139.297546][ T9919] loop0: rw=0, sector=0, nr_sectors = 2 limit=0 [ 139.738618][ T9962] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 140.514997][T10001] sch_tbf: burst 0 is lower than device lo mtu (14) ! [ 140.561176][T10002] bridge0: port 3(team0) entered blocking state [ 140.563089][T10002] bridge0: port 3(team0) entered disabled state [ 140.564877][T10002] team0: entered allmulticast mode [ 140.566503][T10002] team_slave_1: entered allmulticast mode [ 140.568202][T10002] mac80211_hwsim hwsim7 wlan1: entered allmulticast mode [ 140.573729][T10002] team0: entered promiscuous mode [ 140.575145][T10002] team_slave_1: entered promiscuous mode [ 140.576901][T10002] mac80211_hwsim hwsim7 wlan1: entered promiscuous mode [ 141.874762][T10045] __nla_validate_parse: 27 callbacks suppressed [ 141.874773][T10045] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1708'. [ 141.994085][ T39] audit: type=1400 audit(1726856503.240:1265): avc: denied { ioctl } for pid=10046 comm="syz.0.1707" path="/dev/snapshot" dev="devtmpfs" ino=98 ioctlcmd=0x3309 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 142.556177][T10087] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1719'. [ 142.592703][T10090] bridge0: port 3(team0) entered blocking state [ 142.594677][T10090] bridge0: port 3(team0) entered disabled state [ 142.598099][T10090] team0: entered allmulticast mode [ 142.600495][T10090] team_slave_1: entered allmulticast mode [ 142.603242][T10090] team0: entered promiscuous mode [ 142.604704][T10090] team_slave_1: entered promiscuous mode [ 142.606967][T10090] bridge0: port 3(team0) entered blocking state [ 142.608718][T10090] bridge0: port 3(team0) entered forwarding state [ 143.028244][T10098] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1723'. [ 143.029139][T10095] sch_tbf: burst 0 is lower than device lo mtu (14) ! [ 143.839565][T10128] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1732'. [ 143.931359][T10137] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1735'. [ 145.258512][T10176] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1743'. [ 145.486773][T10183] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1745'. [ 147.726062][T10223] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1754'. [ 149.628187][T10263] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1766'. [ 152.163454][T10309] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1774'. [ 152.451021][T10332] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1779'. [ 152.735886][T10347] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(13) [ 152.735921][T10347] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 152.736059][T10347] vhci_hcd vhci_hcd.0: Device attached [ 153.337692][T10349] vhci_hcd: connection closed [ 153.375639][ T1137] vhci_hcd: stop threads [ 153.378947][ T1137] vhci_hcd: release socket [ 153.380599][ T1137] vhci_hcd: disconnect device [ 153.493446][T10356] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1785'. [ 154.431931][T10380] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1792'. [ 154.679795][T10397] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1802'. [ 154.711340][T10376] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1788'. [ 156.712999][T10428] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1799'. [ 156.748060][T10427] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(13) [ 156.749818][T10427] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 156.751897][T10427] vhci_hcd vhci_hcd.0: Device attached [ 156.925752][ T62] vhci_hcd: vhci_device speed not set [ 156.985482][ T62] usb 13-1: new full-speed USB device number 2 using vhci_hcd [ 157.378590][T10434] vhci_hcd: connection reset by peer [ 157.381465][ T69] vhci_hcd: stop threads [ 157.383196][ T69] vhci_hcd: release socket [ 157.384479][ T69] vhci_hcd: disconnect device [ 157.486136][T10438] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1805'. [ 157.545551][ T39] audit: type=1326 audit(1726856518.790:1266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10437 comm="syz.1.1803" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f81ae77def9 code=0x0 [ 157.736739][T10451] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1807'. [ 158.233887][T10471] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1811'. [ 158.746161][T10481] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1814'. [ 159.149641][T10487] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1815'. [ 159.417978][T10495] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1825'. [ 159.459815][ T39] audit: type=1326 audit(1726856520.710:1267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10496 comm="syz.2.1817" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f753957def9 code=0x0 [ 159.570404][T10512] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1821'. [ 159.814473][T10525] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1822'. [ 159.834442][T10515] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(13) [ 159.836953][T10515] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 159.840563][T10515] vhci_hcd vhci_hcd.0: Device attached [ 160.353407][ T8] vhci_hcd: vhci_device speed not set [ 160.371074][T10523] vhci_hcd: connection closed [ 160.374976][ T1137] vhci_hcd: stop threads [ 160.378738][ T1137] vhci_hcd: release socket [ 160.380462][ T1137] vhci_hcd: disconnect device [ 160.415533][ T8] usb 15-1: new full-speed USB device number 3 using vhci_hcd [ 160.418277][ T8] usb 15-1: enqueue for inactive port 0 [ 160.485592][ T8] vhci_hcd: vhci_device speed not set [ 161.022088][T10539] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1827'. [ 161.117490][T10545] bridge0: port 3(team0) entered blocking state [ 161.119250][T10545] bridge0: port 3(team0) entered disabled state [ 161.120976][T10545] team0: entered allmulticast mode [ 161.122313][T10545] team_slave_0: entered allmulticast mode [ 161.123833][T10545] team_slave_1: entered allmulticast mode [ 161.130472][T10545] team0: entered promiscuous mode [ 161.131919][T10545] team_slave_0: entered promiscuous mode [ 161.133456][T10545] team_slave_1: entered promiscuous mode [ 161.136120][T10542] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(13) [ 161.137142][T10545] bridge0: port 3(team0) entered blocking state [ 161.138320][T10542] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 161.140018][T10545] bridge0: port 3(team0) entered forwarding state [ 161.144117][T10542] vhci_hcd vhci_hcd.0: Device attached [ 161.206652][T10548] input: syz1 as /devices/virtual/input/input18 [ 161.219012][T10552] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1824'. [ 161.723393][T10549] vhci_hcd: connection closed [ 161.723543][ T12] vhci_hcd: stop threads [ 161.724868][ T12] vhci_hcd: release socket [ 161.727806][ T12] vhci_hcd: disconnect device [ 162.094802][T10562] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1830'. [ 162.105582][ T62] vhci_hcd: vhci_device speed not set [ 162.354806][ T39] audit: type=1326 audit(1726856523.600:1268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10566 comm="syz.0.1831" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc97997def9 code=0x0 [ 162.430624][T10572] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1832'. [ 162.530398][T10576] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1842'. [ 162.976516][T10585] syzkaller1: entered promiscuous mode [ 162.978082][T10585] syzkaller1: entered allmulticast mode [ 163.401896][T10597] debugfs: Directory 'C|+i!3rU&6 bOo '1©|y' with parent 'ieee80211' already present! [ 163.425922][ T1028] tipc: Subscription rejected, illegal request [ 164.363449][T10603] input: syz1 as /devices/virtual/input/input19 [ 164.425498][ T39] audit: type=1326 audit(1726856525.670:1269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10605 comm="syz.2.1845" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f753957def9 code=0x0 [ 164.505533][T10612] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(13) [ 164.507288][T10612] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 164.509559][T10612] vhci_hcd vhci_hcd.0: Device attached [ 165.072307][T10618] vhci_hcd: connection closed [ 165.072640][ T1028] vhci_hcd: stop threads [ 165.074349][ T1028] vhci_hcd: release socket [ 165.076501][ T1028] vhci_hcd: disconnect device [ 165.087697][T10622] __nla_validate_parse: 3 callbacks suppressed [ 165.087707][T10622] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1847'. [ 165.742650][T10631] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1856'. [ 165.770641][T10626] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1850'. [ 165.810176][T10636] syzkaller1: entered promiscuous mode [ 165.811620][T10636] syzkaller1: entered allmulticast mode [ 166.654697][T10644] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1861'. [ 166.735305][T10640] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1853'. [ 167.616241][T10666] debugfs: Directory 'C|+i!3rU&6 bOo '1©|y' with parent 'ieee80211' already present! [ 167.695514][ T12] tipc: Subscription rejected, illegal request [ 167.956639][T10664] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(13) [ 167.958435][T10664] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 167.960568][T10664] vhci_hcd vhci_hcd.0: Device attached [ 168.218628][T10670] vhci_hcd: connection closed [ 168.219995][ T12] vhci_hcd: stop threads [ 168.222194][ T12] vhci_hcd: release socket [ 168.223404][ T12] vhci_hcd: disconnect device [ 168.467018][T10676] input: syz1 as /devices/virtual/input/input20 [ 168.491012][ T39] audit: type=1326 audit(1726856529.740:1270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10672 comm="syz.0.1858" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc97997def9 code=0x0 [ 168.708012][T10681] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1860'. [ 168.766245][T10685] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1872'. [ 168.804529][T10686] syzkaller1: entered promiscuous mode [ 168.806110][T10686] syzkaller1: entered allmulticast mode [ 169.098134][T10692] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1866'. [ 169.182512][T10694] netlink: 'syz.3.1867': attribute type 3 has an invalid length. [ 169.184540][T10694] netlink: 'syz.3.1867': attribute type 11 has an invalid length. [ 169.186717][T10694] netlink: 128512 bytes leftover after parsing attributes in process `syz.3.1867'. [ 169.933834][T10703] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=256 sclass=netlink_route_socket pid=10703 comm=syz.3.1870 [ 169.987079][T10706] input: syz1 as /devices/virtual/input/input21 [ 170.052083][ T1028] tipc: Subscription rejected, illegal request [ 170.316347][ T39] audit: type=1326 audit(1726856531.570:1271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10711 comm="syz.0.1873" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc97997def9 code=0x0 [ 170.459363][T10717] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1874'. [ 170.696160][T10720] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(13) [ 170.697929][T10720] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 170.700042][T10720] vhci_hcd vhci_hcd.0: Device attached [ 170.848298][T10726] syzkaller1: entered promiscuous mode [ 170.849981][T10726] syzkaller1: entered allmulticast mode [ 171.079675][T10728] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1877'. [ 171.217875][T10722] vhci_hcd: connection closed [ 171.243712][ T1137] vhci_hcd: stop threads [ 171.250610][ T1137] vhci_hcd: release socket [ 171.251708][ T1137] vhci_hcd: disconnect device [ 171.291667][T10734] sysfs: cannot create duplicate filename '/class/ieee80211/C|+i!3rU&6 bOo '1©|y' [ 171.294614][T10734] CPU: 0 UID: 0 PID: 10734 Comm: syz.1.1878 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0 [ 171.297325][T10734] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 171.300105][T10734] Call Trace: [ 171.300996][T10734] [ 171.301782][T10734] dump_stack_lvl+0x16c/0x1f0 [ 171.303044][T10734] sysfs_warn_dup+0x7f/0xa0 [ 171.304242][T10734] sysfs_do_create_link_sd+0x124/0x140 [ 171.305679][T10734] sysfs_create_link+0x61/0xc0 [ 171.306937][T10734] device_add+0x62e/0x1a70 [ 171.308122][T10734] ? __pfx_device_add+0x10/0x10 [ 171.309416][T10734] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 171.310970][T10734] ? ieee80211_set_bitrate_flags+0x249/0x6a0 [ 171.312542][T10734] wiphy_register+0x2101/0x2d00 [ 171.313840][T10734] ? __pfx_wiphy_register+0x10/0x10 [ 171.315200][T10734] ? ieee80211_init_rate_ctrl_alg+0x125/0x6b0 [ 171.316796][T10734] ieee80211_register_hw+0x2aaa/0x41b0 [ 171.318227][T10734] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 171.319759][T10734] ? kasan_check_range+0x105/0x1a0 [ 171.321109][T10734] ? __asan_memset+0x23/0x50 [ 171.322328][T10734] ? __hrtimer_init+0x106/0x2c0 [ 171.323628][T10734] mac80211_hwsim_new_radio+0x304e/0x54d0 [ 171.325138][T10734] ? trace_kmalloc+0x2d/0xe0 [ 171.326356][T10734] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 171.327940][T10734] ? hwsim_new_radio_nl+0x9ff/0x12b0 [ 171.329392][T10734] ? __asan_memcpy+0x3c/0x60 [ 171.330623][T10734] hwsim_new_radio_nl+0xb42/0x12b0 [ 171.331968][T10734] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 171.333423][T10734] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 171.335345][T10734] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 171.337276][T10734] genl_family_rcv_msg_doit+0x202/0x2f0 [ 171.338726][T10734] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 171.340318][T10734] ? bpf_lsm_capable+0x9/0x10 [ 171.341568][T10734] ? security_capable+0x7e/0x260 [ 171.342874][T10734] ? ns_capable+0xd7/0x110 [ 171.344056][T10734] genl_rcv_msg+0x565/0x800 [ 171.345278][T10734] ? __pfx_genl_rcv_msg+0x10/0x10 [ 171.346602][T10734] ? __pfx___lock_acquire+0x10/0x10 [ 171.347973][T10734] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 171.349443][T10734] netlink_rcv_skb+0x16b/0x440 [ 171.350715][T10734] ? __pfx_genl_rcv_msg+0x10/0x10 [ 171.352040][T10734] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 171.353450][T10734] ? down_read+0xc9/0x330 [ 171.354599][T10734] ? __pfx_down_read+0x10/0x10 [ 171.355865][T10734] ? netlink_deliver_tap+0x1ae/0xd90 [ 171.357268][T10734] genl_rcv+0x28/0x40 [ 171.358321][T10734] netlink_unicast+0x53c/0x7f0 [ 171.359589][T10734] ? __pfx_netlink_unicast+0x10/0x10 [ 171.360995][T10734] netlink_sendmsg+0x8b8/0xd70 [ 171.362262][T10734] ? __pfx_netlink_sendmsg+0x10/0x10 [ 171.363653][T10734] ? __import_iovec+0x1fd/0x6e0 [ 171.364948][T10734] ____sys_sendmsg+0xaaf/0xc90 [ 171.366214][T10734] ? copy_msghdr_from_user+0x10b/0x160 [ 171.367643][T10734] ? __pfx_____sys_sendmsg+0x10/0x10 [ 171.369051][T10734] ? __pfx___lock_acquire+0x10/0x10 [ 171.370422][T10734] ? try_to_wake_up+0xc08/0x1440 [ 171.371730][T10734] ___sys_sendmsg+0x135/0x1e0 [ 171.372978][T10734] ? __pfx____sys_sendmsg+0x10/0x10 [ 171.374342][T10734] ? find_held_lock+0x2d/0x110 [ 171.375621][T10734] ? __fget_light+0x173/0x210 [ 171.376896][T10734] __sys_sendmsg+0x117/0x1f0 [ 171.378116][T10734] ? __pfx___sys_sendmsg+0x10/0x10 [ 171.379462][T10734] ? __x64_sys_futex+0x1e1/0x4c0 [ 171.380776][T10734] do_syscall_64+0xcd/0x250 [ 171.381970][T10734] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 171.384214][T10734] RIP: 0033:0x7f81ae77def9 [ 171.384226][T10734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 171.384236][T10734] RSP: 002b:00007f81af5fd038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 171.384248][T10734] RAX: ffffffffffffffda RBX: 00007f81ae936058 RCX: 00007f81ae77def9 [ 171.384255][T10734] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000007 [ 171.384262][T10734] RBP: 00007f81ae7f0b76 R08: 0000000000000000 R09: 0000000000000000 [ 171.384268][T10734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 171.401673][T10734] R13: 0000000000000000 R14: 00007f81ae936058 R15: 00007ffc44bf76a8 [ 171.403733][T10734] [ 171.808793][T10742] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1889'. [ 171.896812][T10744] netlink: 'syz.0.1881': attribute type 3 has an invalid length. [ 171.898873][T10744] netlink: 'syz.0.1881': attribute type 11 has an invalid length. [ 171.900911][T10744] netlink: 128512 bytes leftover after parsing attributes in process `syz.0.1881'. [ 172.645499][T10750] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1884'. [ 172.685067][T10756] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1893'. [ 172.750627][T10767] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=256 sclass=netlink_route_socket pid=10767 comm=syz.0.1886 [ 172.916849][ T11] tipc: Subscription rejected, illegal request [ 173.697129][T10787] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1896'. [ 173.703564][T10785] sysfs: cannot create duplicate filename '/class/ieee80211/C|+i!3rU&6 bOo '1©|y' [ 173.707234][T10785] CPU: 0 UID: 0 PID: 10785 Comm: syz.2.1894 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0 [ 173.710821][T10785] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 173.714434][T10785] Call Trace: [ 173.714443][T10785] [ 173.714448][T10785] dump_stack_lvl+0x16c/0x1f0 [ 173.714472][T10785] sysfs_warn_dup+0x7f/0xa0 [ 173.720166][T10785] sysfs_do_create_link_sd+0x124/0x140 [ 173.722009][T10785] sysfs_create_link+0x61/0xc0 [ 173.723644][T10785] device_add+0x62e/0x1a70 [ 173.725180][T10785] ? __pfx_device_add+0x10/0x10 [ 173.726861][T10785] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 173.728887][T10785] ? ieee80211_set_bitrate_flags+0x249/0x6a0 [ 173.730915][T10785] wiphy_register+0x2101/0x2d00 [ 173.732567][T10785] ? __pfx_wiphy_register+0x10/0x10 [ 173.734339][T10785] ? ieee80211_init_rate_ctrl_alg+0x125/0x6b0 [ 173.736393][T10785] ieee80211_register_hw+0x2aaa/0x41b0 [ 173.738262][T10785] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 173.740266][T10785] ? lockdep_init_map_type+0x16d/0x7d0 [ 173.740301][T10785] ? __asan_memset+0x23/0x50 [ 173.743318][T10785] ? __hrtimer_init+0x106/0x2c0 [ 173.744980][T10785] mac80211_hwsim_new_radio+0x304e/0x54d0 [ 173.746911][T10785] ? trace_kmalloc+0x2d/0xe0 [ 173.748500][T10785] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 173.750622][T10785] ? hwsim_new_radio_nl+0x9ff/0x12b0 [ 173.752524][T10785] ? __asan_memcpy+0x3c/0x60 [ 173.754126][T10785] hwsim_new_radio_nl+0xb42/0x12b0 [ 173.755857][T10785] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 173.757749][T10785] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 173.760232][T10785] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 173.762721][T10785] genl_family_rcv_msg_doit+0x202/0x2f0 [ 173.764589][T10785] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 173.766671][T10785] ? bpf_lsm_capable+0x9/0x10 [ 173.768279][T10785] ? security_capable+0x7e/0x260 [ 173.769982][T10785] ? ns_capable+0xd7/0x110 [ 173.771493][T10785] genl_rcv_msg+0x565/0x800 [ 173.773062][T10785] ? __pfx_genl_rcv_msg+0x10/0x10 [ 173.774774][T10785] ? __pfx___lock_acquire+0x10/0x10 [ 173.776545][T10785] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 173.778437][T10785] netlink_rcv_skb+0x16b/0x440 [ 173.780069][T10785] ? __pfx_genl_rcv_msg+0x10/0x10 [ 173.781809][T10785] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 173.783604][T10785] ? down_read+0xc9/0x330 [ 173.785070][T10785] ? __pfx_down_read+0x10/0x10 [ 173.786703][T10785] ? netlink_deliver_tap+0x1ae/0xd90 [ 173.788505][T10785] genl_rcv+0x28/0x40 [ 173.789887][T10785] netlink_unicast+0x53c/0x7f0 [ 173.791528][T10785] ? __pfx_netlink_unicast+0x10/0x10 [ 173.793423][T10785] netlink_sendmsg+0x8b8/0xd70 [ 173.795061][T10785] ? __pfx_netlink_sendmsg+0x10/0x10 [ 173.796865][T10785] ? __import_iovec+0x1fd/0x6e0 [ 173.798532][T10785] ____sys_sendmsg+0xaaf/0xc90 [ 173.800151][T10785] ? copy_msghdr_from_user+0x10b/0x160 [ 173.802005][T10785] ? __pfx_____sys_sendmsg+0x10/0x10 [ 173.803816][T10785] ? __pfx___lock_acquire+0x10/0x10 [ 173.805589][T10785] ? try_to_wake_up+0x14b/0x1440 [ 173.807276][T10785] ___sys_sendmsg+0x135/0x1e0 [ 173.808884][T10785] ? __pfx____sys_sendmsg+0x10/0x10 [ 173.810724][T10785] ? find_held_lock+0x2d/0x110 [ 173.812365][T10785] ? __fget_light+0x173/0x210 [ 173.813989][T10785] __sys_sendmsg+0x117/0x1f0 [ 173.815581][T10785] ? __pfx___sys_sendmsg+0x10/0x10 [ 173.817324][T10785] ? __x64_sys_futex+0x1e1/0x4c0 [ 173.819016][T10785] do_syscall_64+0xcd/0x250 [ 173.820556][T10785] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.822575][T10785] RIP: 0033:0x7f753957def9 [ 173.824092][T10785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 173.830536][T10785] RSP: 002b:00007f753a378038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 173.833343][T10785] RAX: ffffffffffffffda RBX: 00007f7539736058 RCX: 00007f753957def9 [ 173.835982][T10785] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000007 [ 173.838650][T10785] RBP: 00007f75395f0b76 R08: 0000000000000000 R09: 0000000000000000 [ 173.841302][T10785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 173.843940][T10785] R13: 0000000000000000 R14: 00007f7539736058 R15: 00007ffeca0aa7f8 [ 173.846604][T10785] [ 173.941876][T10789] netlink: 'syz.0.1895': attribute type 3 has an invalid length. [ 173.949769][T10789] netlink: 'syz.0.1895': attribute type 11 has an invalid length. [ 173.951827][T10789] netlink: 128512 bytes leftover after parsing attributes in process `syz.0.1895'. [ 173.965520][T10794] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1897'. [ 173.973033][T10794] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1897'. [ 174.938085][T10810] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=256 sclass=netlink_route_socket pid=10810 comm=syz.2.1902 [ 175.083679][T10815] netlink: 'syz.3.1909': attribute type 3 has an invalid length. [ 175.085883][T10815] netlink: 'syz.3.1909': attribute type 11 has an invalid length. [ 175.800511][T10827] __nla_validate_parse: 2 callbacks suppressed [ 175.800523][T10827] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1905'. [ 175.846622][T10830] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1907'. [ 176.478383][T10852] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1911'. [ 176.484700][T10852] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1911'. [ 176.802495][T10865] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1916'. [ 176.979537][T10875] sp0: Synchronizing with TNC [ 177.004197][T10873] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1919'. [ 177.103644][T10864] can0: slcan on ptm0. [ 177.120458][T10864] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 177.274332][T10883] netlink: 'syz.2.1920': attribute type 3 has an invalid length. [ 177.276688][T10883] netlink: 'syz.2.1920': attribute type 11 has an invalid length. [ 177.279412][T10883] netlink: 128512 bytes leftover after parsing attributes in process `syz.2.1920'. [ 177.307048][T10859] can0 (unregistered): slcan off ptm0. [ 177.723896][T10869] [U] [ 178.781426][T10922] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1925'. [ 178.895128][T10933] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1928'. [ 178.954381][T10926] netlink: 'syz.0.1933': attribute type 3 has an invalid length. [ 178.956701][T10926] netlink: 'syz.0.1933': attribute type 11 has an invalid length. [ 178.958779][T10926] netlink: 128512 bytes leftover after parsing attributes in process `syz.0.1933'. [ 180.068276][T10958] sp0: Synchronizing with TNC [ 180.337647][T10957] can0: slcan on ptm0. [ 180.368776][T10957] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 180.505828][T10948] can0 (unregistered): slcan off ptm0. [ 180.636517][T10971] mkiss: ax0: crc mode is auto. [ 180.786787][T10946] [U] [ 181.097302][T10987] can0: slcan on ptm1. [ 181.121060][T10987] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 181.425945][T10979] can0 (unregistered): slcan off ptm1. [ 181.616717][T11010] __nla_validate_parse: 2 callbacks suppressed [ 181.616728][T11010] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1938'. [ 181.702753][T11012] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1939'. [ 181.754802][T11023] netlink: 'syz.2.1941': attribute type 3 has an invalid length. [ 181.758559][T11023] netlink: 'syz.2.1941': attribute type 11 has an invalid length. [ 181.760627][T11023] netlink: 128512 bytes leftover after parsing attributes in process `syz.2.1941'. [ 182.058270][T11035] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1942'. [ 182.066964][T11035] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1942'. [ 182.810577][T11040] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1947'. [ 183.005622][ T8] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 183.042682][T11046] sp0: Synchronizing with TNC [ 183.161214][T11045] can0: slcan on ptm0. [ 183.175489][ T8] usb 7-1: Using ep0 maxpacket: 32 [ 183.180080][ T8] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 183.183090][ T8] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 183.186216][ T8] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 183.194293][ T8] usb 7-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 183.196794][ T8] usb 7-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 183.197995][T11045] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 183.199228][ T8] usb 7-1: Product: syz [ 183.203704][ T8] usb 7-1: Manufacturer: syz [ 183.205080][ T8] usb 7-1: SerialNumber: syz [ 183.217454][T11038] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 183.229833][ T8] input: appletouch as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:1.0/input/input22 [ 183.389925][T11041] can0 (unregistered): slcan off ptm0. [ 183.542803][T11043] [U] [ 184.968847][ T5370] usb 7-1: USB disconnect, device number 5 [ 184.977171][ T5370] appletouch 7-1:1.0: input: appletouch disconnected [ 185.514106][T11063] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1952'. [ 185.607947][T11071] mkiss: ax0: crc mode is auto. [ 185.757093][T11070] sp0: Synchronizing with TNC [ 185.955510][T11075] can0: slcan on ptm2. [ 185.974845][T11075] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 186.246321][T11067] can0 (unregistered): slcan off ptm2. [ 186.413714][T11069] [U] [ 186.858612][T11105] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1955'. [ 187.072060][T11122] netlink: 'syz.2.1956': attribute type 3 has an invalid length. [ 187.074240][T11122] netlink: 'syz.2.1956': attribute type 11 has an invalid length. [ 187.077876][T11122] netlink: 128512 bytes leftover after parsing attributes in process `syz.2.1956'. [ 187.849801][T11135] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1963'. [ 187.865336][T11132] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1958'. [ 187.937228][T11142] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 187.973341][T11147] sp0: Synchronizing with TNC [ 188.105645][ T8] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 188.325494][ T8] usb 8-1: Using ep0 maxpacket: 32 [ 188.329415][ T8] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 188.332442][ T8] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 188.335504][ T8] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 188.340978][ T8] usb 8-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 188.343423][ T8] usb 8-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 188.345715][ T8] usb 8-1: Product: syz [ 188.346870][ T8] usb 8-1: Manufacturer: syz [ 188.348126][ T8] usb 8-1: SerialNumber: syz [ 188.358264][T11131] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 188.381855][ T8] input: appletouch as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:1.0/input/input23 [ 189.408953][T11137] [U] [ 189.464530][ T74] usb 8-1: USB disconnect, device number 7 [ 189.471049][ T74] appletouch 8-1:1.0: input: appletouch disconnected [ 189.573275][T11156] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1969'. [ 189.672323][T11163] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode [ 189.683700][T11163] netlink: 'syz.1.1968': attribute type 10 has an invalid length. [ 189.685934][T11163] mac80211_hwsim hwsim5 wlan1: left allmulticast mode [ 189.696488][T11163] mac80211_hwsim hwsim5 wlan1: entered promiscuous mode [ 189.698710][T11163] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode [ 189.702970][T11163] team0: Port device wlan1 added [ 189.817238][T11170] netlink: 'syz.2.1972': attribute type 3 has an invalid length. [ 189.819653][T11170] netlink: 'syz.2.1972': attribute type 11 has an invalid length. [ 189.821852][T11170] netlink: 128512 bytes leftover after parsing attributes in process `syz.2.1972'. [ 190.472433][T11180] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1974'. [ 190.827803][T11188] kAFS: unparsable volume name [ 191.405744][T11214] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 191.463921][T11212] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1980'. [ 191.596529][ T39] audit: type=1326 audit(1726856552.850:1272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11209 comm="syz.1.1979" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f81ae77def9 code=0x0 [ 191.835865][T11235] sp0: Synchronizing with TNC [ 191.855523][ T62] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 192.005553][ T62] usb 8-1: Using ep0 maxpacket: 32 [ 192.018534][ T62] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 192.021628][ T62] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 192.025075][ T62] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 192.032500][ T62] usb 8-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 192.034941][ T62] usb 8-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 192.037434][ T62] usb 8-1: Product: syz [ 192.038617][ T62] usb 8-1: Manufacturer: syz [ 192.040999][ T62] usb 8-1: SerialNumber: syz [ 192.045314][T11233] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 192.050361][ T62] input: appletouch as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:1.0/input/input24 [ 192.456358][ C2] appletouch 8-1:1.0: atp_complete: usb_submit_urb failed with result -1 [ 192.459306][ T62] usb 8-1: USB disconnect, device number 8 [ 192.464607][ T62] appletouch 8-1:1.0: input: appletouch disconnected [ 192.504558][T11242] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 193.131958][T11267] netlink: 'syz.3.1988': attribute type 3 has an invalid length. [ 193.134026][T11267] netlink: 'syz.3.1988': attribute type 11 has an invalid length. [ 193.136444][T11267] netlink: 128512 bytes leftover after parsing attributes in process `syz.3.1988'. [ 193.876893][ T1379] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.878707][ T1379] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.067884][T11280] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 194.126085][T11288] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1994'. [ 194.160631][T11278] kAFS: unparsable volume name [ 194.215817][T11276] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode [ 194.228089][T11276] netlink: 'syz.3.1991': attribute type 10 has an invalid length. [ 194.230198][T11276] mac80211_hwsim hwsim9 wlan1: left allmulticast mode [ 194.233931][T11276] mac80211_hwsim hwsim9 wlan1: entered promiscuous mode [ 194.235861][T11276] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode [ 194.237803][T11276] team0: Port device wlan1 added [ 194.457692][ T39] audit: type=1326 audit(1726856555.710:1273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11296 comm="syz.0.1996" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc97997def9 code=0x0 [ 194.535085][T11301] sp0: Synchronizing with TNC [ 194.902957][T11307] trusted_key: encrypted_key: keylen parameter is missing [ 194.907106][ T74] IPVS: starting estimator thread 0... [ 195.005622][T11308] IPVS: using max 36 ests per chain, 86400 per kthread [ 195.655553][ T30] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 195.805498][ T30] usb 8-1: Using ep0 maxpacket: 32 [ 195.808529][ T30] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 195.811318][ T30] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 195.814091][ T30] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 195.818795][ T30] usb 8-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 195.821083][ T30] usb 8-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 195.823150][ T30] usb 8-1: Product: syz [ 195.824212][ T30] usb 8-1: Manufacturer: syz [ 195.825464][ T30] usb 8-1: SerialNumber: syz [ 195.827880][T11317] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 195.830965][ T30] input: appletouch as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:1.0/input/input25 [ 196.107045][ T30] usb 8-1: USB disconnect, device number 9 [ 196.113555][ T30] appletouch 8-1:1.0: input: appletouch disconnected [ 196.908063][ T39] audit: type=1326 audit(1726856558.150:1274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11327 comm="syz.0.2012" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc97997def9 code=0x0 [ 196.966814][T11341] sp0: Synchronizing with TNC [ 197.315514][ T30] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 197.465444][ T30] usb 7-1: Using ep0 maxpacket: 16 [ 197.467951][ T30] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 197.470921][ T30] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 197.470942][ T30] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 197.470954][ T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 197.479879][ T30] usb 7-1: config 0 descriptor?? [ 197.602838][T11351] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2006'. [ 197.658764][T11358] kAFS: unparsable volume name [ 197.752467][T11352] netlink: 'syz.1.2008': attribute type 10 has an invalid length. [ 197.837433][T11361] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 198.748152][T11376] netlink: 'syz.1.2021': attribute type 10 has an invalid length. [ 199.570135][T11382] trusted_key: encrypted_key: keylen parameter is missing [ 199.574560][ T828] IPVS: starting estimator thread 0... [ 199.588163][T11384] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 199.664646][ T30] usbhid 7-1:0.0: can't add hid device: -71 [ 199.666357][ T30] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 199.669607][ T30] usb 7-1: USB disconnect, device number 6 [ 199.676003][T11385] IPVS: using max 36 ests per chain, 86400 per kthread [ 199.727560][T11398] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2016'. [ 199.731102][T11398] syzkaller1: entered promiscuous mode [ 199.732655][T11398] syzkaller1: entered allmulticast mode [ 200.132748][ T39] audit: type=1326 audit(1726856561.380:1275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11406 comm="syz.3.2018" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f620f17def9 code=0x0 [ 200.160820][T11418] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2020'. [ 200.282683][T11422] sp0: Synchronizing with TNC [ 200.810940][T11431] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2031'. [ 200.901325][T11434] netlink: 'syz.1.2024': attribute type 10 has an invalid length. [ 201.002210][T11438] kAFS: unparsable volume name [ 202.094420][T11452] netlink: 'syz.1.2035': attribute type 10 has an invalid length. [ 202.807792][T11459] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2028'. [ 202.811505][T11459] syzkaller1: entered promiscuous mode [ 202.812972][T11459] syzkaller1: entered allmulticast mode [ 202.899346][ T39] audit: type=1326 audit(1726856564.150:1276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11445 comm="syz.2.2036" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f753957def9 code=0x0 [ 203.027891][T11468] sp0: Synchronizing with TNC [ 203.095485][ T8] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 203.246223][ T8] usb 5-1: Using ep0 maxpacket: 16 [ 203.249087][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 203.252545][ T8] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 203.256203][ T8] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 203.258608][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 203.262145][ T8] usb 5-1: config 0 descriptor?? [ 203.938583][T11495] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2034'. [ 204.181984][T11502] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2038'. [ 204.200833][T11502] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2038'. [ 204.222748][T11503] Invalid ELF header type: 0 != 1 [ 204.366728][T11510] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 204.387147][T11504] ALSA: mixer_oss: invalid OSS volume 'ELF' [ 204.388869][T11504] ALSA: mixer_oss: invalid OSS volume 'ԩ6~f`{XSԒj?)]0\' [ 204.391130][T11504] ALSA: mixer_oss: invalid OSS volume ']qM3T=\S12$*' [ 204.393384][T11504] ALSA: mixer_oss: invalid OSS volume ' ;*7 c+PqgU' [ 204.396243][T11504] ALSA: mixer_oss: invalid OSS volume 'hv9gO= RpрH[t77' [ 204.615468][ T74] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 204.642579][ T39] audit: type=1326 audit(1726856565.890:1277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11511 comm="syz.1.2043" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f81ae77def9 code=0x0 [ 204.767935][T11513] sp0: Synchronizing with TNC [ 204.768148][ T74] usb 7-1: too many configurations: 12, using maximum allowed: 8 [ 204.792824][ T74] usb 7-1: New USB device found, idVendor=5bd3, idProduct=317c, bcdDevice= 4.5e [ 204.795268][ T74] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 204.800078][ T74] usb 7-1: config 0 descriptor?? [ 205.013360][T11510] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(9) [ 205.015084][T11510] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 205.017419][T11510] vhci_hcd vhci_hcd.0: Device attached [ 205.195490][ T5370] vhci_hcd: vhci_device speed not set [ 205.255494][ T5370] usb 17-2: new full-speed USB device number 2 using vhci_hcd [ 205.512632][T11516] vhci_hcd: connection reset by peer [ 205.514646][ T12] vhci_hcd: stop threads [ 205.515252][ T74] usb 7-1: string descriptor 0 read error: -71 [ 205.515928][ T12] vhci_hcd: release socket [ 205.518813][ T12] vhci_hcd: disconnect device [ 205.519618][ T74] usb 7-1: USB disconnect, device number 7 [ 205.796821][T11537] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2047'. [ 205.800465][ T8] usbhid 5-1:0.0: can't add hid device: -71 [ 205.802108][ T8] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 205.806167][ T8] usb 5-1: USB disconnect, device number 7 [ 205.811839][T11541] ip6_tunnel: non-ECT from fe88:0000:0000:0000:0000:0000:0000:0002 with DS=0x7 [ 205.868939][T11545] 9pnet_fd: Insufficient options for proto=fd [ 206.385336][T11555] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2050'. [ 206.417195][T11555] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2050'. [ 206.457946][T11552] ALSA: mixer_oss: invalid OSS volume 'ELF' [ 206.459671][T11552] ALSA: mixer_oss: invalid OSS volume 'ԩ6~f`{XSԒj?)]0\' [ 206.462956][T11552] ALSA: mixer_oss: invalid OSS volume ']qM3T=\S12$*' [ 206.465289][T11552] ALSA: mixer_oss: invalid OSS volume ' ;*7 c+PqgU' [ 206.471827][T11552] ALSA: mixer_oss: invalid OSS volume 'hv9gO= RpрH[t77' [ 206.546764][T11561] pim6reg: entered allmulticast mode [ 206.714140][T11564] macvlan1: entered allmulticast mode [ 206.717419][T11564] veth1_vlan: entered allmulticast mode [ 208.200419][T11576] Invalid ELF header type: 0 != 1 [ 208.228725][ T39] audit: type=1326 audit(1726856569.480:1278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11559 comm="syz.3.2054" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f620f17def9 code=0x0 [ 208.316096][T11580] sp0: Synchronizing with TNC [ 208.594400][T11588] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2060'. [ 208.798156][T11591] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 208.855567][ T74] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 209.005842][ T74] usb 5-1: Using ep0 maxpacket: 16 [ 209.012729][ T74] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 209.017812][ T74] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 209.022350][ T74] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 209.029801][ T74] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 209.065934][ T74] usb 5-1: config 0 descriptor?? [ 210.345925][ T5370] vhci_hcd: vhci_device speed not set [ 211.616979][ T74] usbhid 5-1:0.0: can't add hid device: -71 [ 211.618596][ T74] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 211.621840][ T74] usb 5-1: USB disconnect, device number 8 [ 211.648994][T11599] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2063'. [ 211.655265][T11599] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2063'. [ 211.717589][T11606] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 211.719256][T11608] pim6reg: entered allmulticast mode [ 211.758361][T11601] ALSA: mixer_oss: invalid OSS volume 'ELF' [ 211.760016][T11601] ALSA: mixer_oss: invalid OSS volume 'ԩ6~f`{XSԒj?)]0\' [ 211.762922][T11601] ALSA: mixer_oss: invalid OSS volume ']qM3T=\S12$*' [ 211.765296][T11601] ALSA: mixer_oss: invalid OSS volume ' ;*7 c+PqgU' [ 211.768120][T11601] ALSA: mixer_oss: invalid OSS volume 'hv9gO= RpрH[t77' [ 211.873861][T11610] macvlan1: entered allmulticast mode [ 211.875642][T11610] veth1_vlan: entered allmulticast mode [ 212.045448][ T74] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 212.195900][ T74] usb 5-1: too many configurations: 12, using maximum allowed: 8 [ 212.205608][ T74] usb 5-1: New USB device found, idVendor=5bd3, idProduct=317c, bcdDevice= 4.5e [ 212.207905][ T74] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 212.211015][ T74] usb 5-1: config 0 descriptor?? [ 212.436304][T11606] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(9) [ 212.438504][T11606] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 212.441135][T11606] vhci_hcd vhci_hcd.0: Device attached [ 212.625477][ T5370] vhci_hcd: vhci_device speed not set [ 212.685488][ T5370] usb 13-2: new full-speed USB device number 3 using vhci_hcd [ 212.766955][T11611] vhci_hcd: connection reset by peer [ 212.770056][ T1103] vhci_hcd: stop threads [ 212.771504][ T1103] vhci_hcd: release socket [ 212.773023][ T1103] vhci_hcd: disconnect device [ 212.775937][ T74] usb 5-1: string descriptor 0 read error: -71 [ 212.788849][ T74] usb 5-1: USB disconnect, device number 9 [ 213.310081][T11620] 9pnet_fd: Insufficient options for proto=fd [ 213.515464][ T8] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 213.685627][ T8] usb 6-1: Using ep0 maxpacket: 16 [ 213.689198][ T8] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 213.692300][ T8] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 213.696144][ T8] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 213.698657][ T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 213.705048][ T8] usb 6-1: config 0 descriptor?? [ 214.253265][ T39] audit: type=1326 audit(1726856575.500:1279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11628 comm="syz.2.2069" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f753957def9 code=0x0 [ 214.284668][T11637] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2071'. [ 214.289607][T11640] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 214.535513][ T9] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 214.632239][ T39] audit: type=1326 audit(1726856575.880:1280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11642 comm="syz.3.2072" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f620f17def9 code=0x0 [ 214.718014][T11649] sp0: Synchronizing with TNC [ 214.718469][ T9] usb 5-1: too many configurations: 12, using maximum allowed: 8 [ 214.769831][ T9] usb 5-1: New USB device found, idVendor=5bd3, idProduct=317c, bcdDevice= 4.5e [ 214.772564][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 214.782813][ T9] usb 5-1: config 0 descriptor?? [ 214.785462][ T30] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 214.957468][ T30] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 214.960143][ T30] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 214.965317][ T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 214.971406][ T30] usb 7-1: config 0 descriptor?? [ 215.029553][T11640] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(9) [ 215.031281][T11640] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 215.034023][T11640] vhci_hcd vhci_hcd.0: Device attached [ 215.268545][T11650] vhci_hcd: connection closed [ 215.269456][ T12] vhci_hcd: stop threads [ 215.269571][ T9] usb 5-1: string descriptor 0 read error: -71 [ 215.271034][ T12] vhci_hcd: release socket [ 215.272343][ T12] vhci_hcd: disconnect device [ 215.276035][ T9] usb 5-1: USB disconnect, device number 10 [ 215.360442][T11654] Invalid ELF header type: 0 != 1 [ 216.283166][ T8] usbhid 6-1:0.0: can't add hid device: -71 [ 216.284808][ T8] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 216.381592][ T8] usb 6-1: USB disconnect, device number 5 [ 216.421836][ T39] audit: type=1326 audit(1726856577.670:1281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11658 comm="syz.0.2084" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc97997def9 code=0x0 [ 216.446649][T11665] pim6reg: entered allmulticast mode [ 216.485795][T11660] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 216.537690][T11669] sp0: Synchronizing with TNC [ 216.615616][T11670] macvlan1: entered allmulticast mode [ 216.621770][T11670] veth1_vlan: entered allmulticast mode [ 217.291750][ T62] usb 7-1: USB disconnect, device number 8 [ 217.346438][T11677] 9pnet_fd: Insufficient options for proto=fd [ 217.792944][ T5370] vhci_hcd: vhci_device speed not set [ 217.984571][T11696] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2082'. [ 218.147291][T11699] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2083'. [ 218.149672][T11699] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2083'. [ 218.163108][T11699] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2083'. [ 218.220363][T11704] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 218.221215][T11703] ip6_tunnel: non-ECT from fe88:0000:0000:0000:0000:0000:0000:0003 with DS=0x7 [ 218.281527][T11707] 9pnet_fd: Insufficient options for proto=fd [ 218.485461][ T62] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 218.502297][T11713] netlink: 'syz.3.2086': attribute type 4 has an invalid length. [ 218.646332][ T62] usb 5-1: too many configurations: 12, using maximum allowed: 8 [ 218.729688][ T62] usb 5-1: New USB device found, idVendor=5bd3, idProduct=317c, bcdDevice= 4.5e [ 218.733010][ T62] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 218.737892][ T62] usb 5-1: config 0 descriptor?? [ 218.959225][T11701] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(9) [ 218.961432][T11701] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 218.964325][T11701] vhci_hcd vhci_hcd.0: Device attached [ 218.973026][T11714] vhci_hcd: connection closed [ 218.973310][ T1103] vhci_hcd: stop threads [ 218.976698][ T62] usb 5-1: string descriptor 0 read error: -71 [ 218.977711][ T1103] vhci_hcd: release socket [ 218.979995][ T1103] vhci_hcd: disconnect device [ 218.983941][ T62] usb 5-1: USB disconnect, device number 11 [ 219.170327][T11720] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2096'. [ 219.219699][T11725] ip6erspan0: entered allmulticast mode [ 219.290478][T11724] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 219.356683][ T39] audit: type=1326 audit(1726856580.610:1282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11726 comm="syz.1.2089" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f81ae77def9 code=0x0 [ 219.659989][T11716] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 219.915480][ T30] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 220.093402][ T30] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 220.096861][ T30] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 220.099256][ T30] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 220.102166][ T30] usb 6-1: config 0 descriptor?? [ 220.218780][T11745] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 222.319671][ T8] usb 6-1: USB disconnect, device number 6 [ 222.405828][T11759] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2097'. [ 222.408180][T11759] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2097'. [ 222.416427][T11759] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2097'. [ 222.474933][ T39] audit: type=1326 audit(1726856583.720:1283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11761 comm="syz.2.2106" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f753957def9 code=0x0 [ 222.692900][T11760] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 222.935454][ T74] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 223.087148][ T74] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 223.089836][ T74] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 223.092204][ T74] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 223.095164][ T74] usb 7-1: config 0 descriptor?? [ 223.267026][T11774] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2099'. [ 223.491012][T11784] netlink: 'syz.0.2098': attribute type 4 has an invalid length. [ 223.648226][T11785] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2101'. [ 224.157390][T11789] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 225.113480][T11813] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 225.466098][ T30] usb 7-1: USB disconnect, device number 9 [ 225.825062][T11831] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2110'. [ 225.992910][T11841] netlink: 1752 bytes leftover after parsing attributes in process `syz.1.2112'. [ 226.036731][T11829] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 226.890025][T11852] netlink: 'syz.2.2114': attribute type 4 has an invalid length. [ 227.096002][T11847] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 227.607569][T11860] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.2127'. [ 227.620135][ T39] audit: type=1326 audit(1726856588.870:1284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11858 comm="syz.1.2119" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f81ae77def9 code=0x0 [ 227.738191][T11867] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2117'. [ 227.933296][ T39] audit: type=1326 audit(1726856589.180:1285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11872 comm="syz.3.2121" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f620f17def9 code=0x0 [ 228.115467][ T8] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 228.276544][ T8] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 228.279197][ T8] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 228.281544][ T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 228.288106][ T8] usb 6-1: config 0 descriptor?? [ 228.449540][T11878] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2123'. [ 229.662182][T11899] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2135'. [ 230.621942][T11917] netlink: 'syz.2.2129': attribute type 4 has an invalid length. [ 230.843303][ T5370] usb 6-1: USB disconnect, device number 7 [ 231.123895][T11925] netlink: 1752 bytes leftover after parsing attributes in process `syz.1.2133'. [ 231.302246][T11920] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 231.339899][T11929] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2134'. [ 231.909326][ T39] audit: type=1326 audit(1726856593.160:1286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11939 comm="syz.1.2136" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f81ae77def9 code=0x0 [ 231.942259][T11937] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2144'. [ 232.075879][T11948] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2138'. [ 232.845972][T11957] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2148'. [ 232.864787][T11962] bridge0: port 3(team0) entered disabled state [ 232.866646][T11962] bridge0: port 2(bridge_slave_1) entered disabled state [ 232.868574][T11962] bridge0: port 1(bridge_slave_0) entered disabled state [ 233.195899][ T39] audit: type=1326 audit(1726856594.450:1287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11971 comm="syz.3.2143" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f620f17def9 code=0x0 [ 233.393377][T11987] netlink: 'syz.1.2145': attribute type 4 has an invalid length. [ 233.695466][ T5370] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 233.846650][ T5370] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 233.850074][ T5370] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 233.853184][ T5370] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 233.857333][ T5370] usb 8-1: config 0 descriptor?? [ 234.027096][T11990] sctp: [Deprecated]: syz.2.2147 (pid 11990) Use of struct sctp_assoc_value in delayed_ack socket option. [ 234.027096][T11990] Use struct sctp_sack_info instead [ 234.751519][T12010] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2150'. [ 234.936872][T12015] netlink: 1752 bytes leftover after parsing attributes in process `syz.1.2151'. [ 235.039167][T12018] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2153'. [ 235.544863][T12029] bridge0: port 3(team0) entered disabled state [ 235.546652][T12029] bridge0: port 2(bridge_slave_1) entered disabled state [ 235.548533][T12029] bridge0: port 1(bridge_slave_0) entered disabled state [ 235.550608][T12029] bridge0: left promiscuous mode [ 235.551996][T12029] bridge0: left allmulticast mode [ 235.774119][T12038] binder: 12032:12038 ioctl c0306201 20000140 returned -14 [ 235.784006][T12038] cgroup: release_agent respecified [ 236.153449][ T74] usb 8-1: USB disconnect, device number 10 [ 236.594747][T12058] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2159'. [ 237.244572][T12069] sctp: [Deprecated]: syz.0.2161 (pid 12069) Use of struct sctp_assoc_value in delayed_ack socket option. [ 237.244572][T12069] Use struct sctp_sack_info instead [ 237.296029][T12065] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2163'. [ 237.734105][T12078] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2164'. [ 238.182161][T12084] bridge0: entered allmulticast mode [ 238.219958][T12084] bridge0: port 3(team0) entered blocking state [ 238.221700][T12084] bridge0: port 3(team0) entered forwarding state [ 238.223483][T12084] bridge0: port 2(bridge_slave_1) entered blocking state [ 238.225356][T12084] bridge0: port 2(bridge_slave_1) entered forwarding state [ 238.227351][T12084] bridge0: port 1(bridge_slave_0) entered blocking state [ 238.229263][T12084] bridge0: port 1(bridge_slave_0) entered forwarding state [ 238.245150][T12084] bridge0: entered promiscuous mode [ 238.282490][ T39] audit: type=1326 audit(1726856599.530:1288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12083 comm="syz.1.2165" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f81ae77def9 code=0x0 [ 238.428966][ T39] audit: type=1326 audit(1726856599.680:1289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12091 comm="syz.2.2169" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f753957def9 code=0x0 [ 238.915499][ T4792] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 239.053124][T12111] usb usb8: usbfs: process 12111 (syz.0.2171) did not claim interface 0 before use [ 239.067022][ T4792] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 239.070714][ T4792] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 239.073786][ T4792] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 239.078799][ T4792] usb 7-1: config 0 descriptor?? [ 240.009762][T12117] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2173'. [ 240.216675][T12126] binder: 12124:12126 ioctl c0306201 20000140 returned -14 [ 240.247134][T12126] cgroup: release_agent respecified [ 240.275791][ T4780] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 240.276421][ T5335] Bluetooth: hci4: command 0x1003 tx timeout [ 240.372667][T12129] sctp: [Deprecated]: syz.1.2176 (pid 12129) Use of struct sctp_assoc_value in delayed_ack socket option. [ 240.372667][T12129] Use struct sctp_sack_info instead [ 240.916980][T12135] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2177'. [ 241.414705][ T4792] usb 7-1: USB disconnect, device number 10 [ 241.621442][T12143] bridge0: port 3(team0) entered disabled state [ 241.623833][T12143] bridge0: port 2(bridge_slave_1) entered disabled state [ 241.625943][T12143] bridge0: port 1(bridge_slave_0) entered disabled state [ 241.752358][ T39] audit: type=1326 audit(1726856603.000:1290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12146 comm="syz.1.2187" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f81ae77def9 code=0x0 [ 241.837496][T12157] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2179'. [ 242.335597][ T35] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 242.487167][ T35] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 242.490726][ T35] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 242.505570][ T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 242.512094][ T35] usb 6-1: config 0 descriptor?? [ 244.692016][ T4792] usb 6-1: USB disconnect, device number 8 [ 244.802640][T12169] usb usb8: usbfs: process 12169 (syz.1.2182) did not claim interface 0 before use [ 244.802697][T12166] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2184'. [ 245.688752][T12179] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2196'. [ 246.490205][T12192] bridge0: entered allmulticast mode [ 246.502588][ T5335] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 246.505166][T12192] bridge0: port 3(team0) entered blocking state [ 246.505311][ T11] Bluetooth: hci4: Frame reassembly failed (-84) [ 246.506964][T12192] bridge0: port 3(team0) entered forwarding state [ 246.507051][T12192] bridge0: port 2(bridge_slave_1) entered blocking state [ 246.512521][T12192] bridge0: port 2(bridge_slave_1) entered forwarding state [ 246.514635][T12192] bridge0: port 1(bridge_slave_0) entered blocking state [ 246.516699][T12192] bridge0: port 1(bridge_slave_0) entered forwarding state [ 246.519174][T12192] bridge0: entered promiscuous mode [ 246.524846][ T39] audit: type=1326 audit(1726856607.770:1291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12188 comm="syz.2.2186" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f753957def9 code=0x0 [ 246.531510][ T11] Bluetooth: hci4: Frame reassembly failed (-84) [ 246.547258][T12191] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2199'. [ 246.685558][T12198] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2188'. [ 246.794262][T12203] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2202'. [ 247.548726][T12218] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2191'. [ 247.552988][T12215] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2205'. [ 247.861926][T12222] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2193'. [ 248.515534][ T5335] Bluetooth: hci4: command 0x1003 tx timeout [ 248.515561][ T4780] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 249.511046][T12246] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2207'. [ 249.553419][T12250] virtio-fs: tag <(null)> not found [ 249.563199][T12250] tipc: Started in network mode [ 249.564522][T12250] tipc: Node identity 6e07c94b9ca9, cluster identity 4711 [ 249.566633][T12250] tipc: Enabled bearer , priority 0 [ 249.737769][T12260] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2208'. [ 250.115254][T12265] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2209'. [ 250.620118][T12278] virtio-fs: tag <(null)> not found [ 250.629850][T12278] tipc: Enabled bearer , priority 0 [ 250.696491][ T4792] tipc: Node number set to 4071541067 [ 251.428032][T12278] tipc: Disabling bearer [ 251.711394][T12292] __nla_validate_parse: 1 callbacks suppressed [ 251.711405][T12292] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2222'. [ 252.466969][T12304] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2217'. [ 252.613660][T12314] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2230'. [ 253.147424][T12311] coredump: 1550(syz.0.2218): written to core: VMAs: 41, size 103211008; core: 65718106 bytes, pos 103231488 [ 253.220947][T12323] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2232'. [ 253.345565][T12333] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2223'. [ 253.374198][T12335] virtio-fs: tag <(null)> not found [ 253.376792][T12335] tipc: Enabling of bearer rejected, already enabled [ 253.461721][T12338] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2229'. [ 254.129256][T12348] tipc: Cannot configure node identity twice [ 254.726271][T12360] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2243'. [ 255.143276][T12373] virtio-fs: tag <(null)> not found [ 255.145126][T12373] tipc: Enabled bearer , priority 0 [ 255.316814][ T1379] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.318848][ T1379] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.488044][T12368] coredump: 1436(syz.2.2236): written to core: VMAs: 41, size 103211008; core: 65726298 bytes, pos 103231488 [ 255.978650][T12373] tipc: Disabling bearer [ 256.083641][T12375] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2238'. [ 256.205744][T12394] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2242'. [ 256.275451][T12397] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2247'. [ 257.217085][T12419] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2253'. [ 257.632800][T12408] coredump: 1447(syz.3.2248): written to core: VMAs: 41, size 103211008; core: 65722202 bytes, pos 103231488 [ 258.038773][T12429] syz.2.2260 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 258.041667][T12429] CPU: 3 UID: 0 PID: 12429 Comm: syz.2.2260 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0 [ 258.044386][T12429] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 258.047234][T12429] Call Trace: [ 258.048140][T12429] [ 258.048928][T12429] dump_stack_lvl+0x16c/0x1f0 [ 258.050205][T12429] dump_header+0x101/0x900 [ 258.051399][T12429] oom_kill_process+0x270/0xa60 [ 258.052700][T12429] out_of_memory+0x343/0x16b0 [ 258.053954][T12429] ? mutex_trylock+0xa0/0x140 [ 258.055218][T12429] ? __pfx_out_of_memory+0x10/0x10 [ 258.056584][T12429] ? find_held_lock+0x2d/0x110 [ 258.057861][T12429] mem_cgroup_out_of_memory+0x207/0x270 [ 258.059326][T12429] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 258.060938][T12429] ? do_raw_spin_unlock+0x172/0x230 [ 258.062317][T12429] try_charge_memcg+0x5b9/0xaf0 [ 258.063611][T12429] ? __pfx_try_charge_memcg+0x10/0x10 [ 258.065039][T12429] ? __pfx_lock_release+0x10/0x10 [ 258.066376][T12429] ? lookup_swap_cgroup_id+0x63/0x1c0 [ 258.067798][T12429] ? __radix_tree_lookup+0x21f/0x2c0 [ 258.069209][T12429] mem_cgroup_swapin_charge_folio+0x129/0x4e0 [ 258.070811][T12429] __read_swap_cache_async+0x4f0/0x630 [ 258.072266][T12429] ? __pfx___read_swap_cache_async+0x10/0x10 [ 258.073843][T12429] ? swp_swap_info+0xcf/0x130 [ 258.075091][T12429] ? __pfx_swp_swap_info+0x10/0x10 [ 258.076464][T12429] swap_cluster_readahead+0x4a9/0x6e0 [ 258.077881][T12429] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 258.079440][T12429] ? filemap_get_entry+0x1a8/0x3c0 [ 258.080812][T12429] ? filemap_get_entry+0x1b2/0x3c0 [ 258.082183][T12429] swapin_readahead+0x13b/0xe40 [ 258.083480][T12429] ? get_swap_device+0x362/0x5e0 [ 258.084796][T12429] ? __pfx_swapin_readahead+0x10/0x10 [ 258.086211][T12429] ? __filemap_get_folio+0x2a1/0xae0 [ 258.087620][T12429] ? swap_cache_get_folio+0x1e0/0x460 [ 258.089046][T12429] ? get_swap_device+0x245/0x5e0 [ 258.090356][T12429] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 258.091869][T12429] do_swap_page+0x54f/0x3f50 [ 258.093107][T12429] ? rcu_is_watching+0x12/0xc0 [ 258.094379][T12429] ? __pte_offset_map+0x1b9/0x540 [ 258.095714][T12429] ? __pfx_do_swap_page+0x10/0x10 [ 258.097070][T12429] ? pte_offset_map_nolock+0xfe/0x1c0 [ 258.098484][T12429] ? __pfx_pte_offset_map_nolock+0x10/0x10 [ 258.100032][T12429] ? lock_vma_under_rcu+0x1e2/0x8f0 [ 258.101427][T12429] ? lock_vma_under_rcu+0x1e2/0x8f0 [ 258.102806][T12429] __handle_mm_fault+0x14b3/0x56b0 [ 258.104171][T12429] ? __pfx_lock_release+0x10/0x10 [ 258.105504][T12429] ? down_read_trylock+0x1ed/0x3f0 [ 258.106860][T12429] ? lock_vma_under_rcu+0x1e2/0x8f0 [ 258.108251][T12429] ? __pfx___handle_mm_fault+0x10/0x10 [ 258.109701][T12429] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 258.111168][T12429] ? do_user_addr_fault+0xe50/0x13f0 [ 258.112595][T12429] handle_mm_fault+0x498/0xa60 [ 258.113870][T12429] ? __pkru_allows_pkey+0x51/0xb0 [ 258.115209][T12429] do_user_addr_fault+0x60d/0x13f0 [ 258.116579][T12429] exc_page_fault+0x5c/0xc0 [ 258.117798][T12429] asm_exc_page_fault+0x26/0x30 [ 258.119095][T12429] RIP: 0033:0x7f75394519c8 [ 258.120303][T12429] Code: 31 d2 48 f7 f1 48 01 d8 49 39 c4 4c 0f 42 e0 83 3d d8 60 2e 00 00 0f 8e 99 fd ff ff e8 21 e5 fe ff 49 39 c4 72 64 0f 1f 40 00 <69> 3d c6 3c e1 00 e8 03 00 00 48 8d 1d a7 45 2e 00 e8 72 c4 12 00 [ 258.125317][T12429] RSP: 002b:00007ffeca0aa960 EFLAGS: 00010206 [ 258.126951][T12429] RAX: 000000000003ef75 RBX: 00007f7539737a80 RCX: 000000000003ebe8 [ 258.129136][T12429] RDX: 000000000000038d RSI: 00007ffeca0aa940 RDI: 00007f753a39a090 [ 258.131215][T12429] RBP: 00007f7539737a80 R08: 000000000000c54c R09: 00007f753a39a080 [ 258.133295][T12429] R10: 0000000000000001 R11: 003529c85bef0b7c R12: 000000000003efcb [ 258.135369][T12429] R13: 00007ffeca0aaa60 R14: 0000000000000032 R15: ffffffffffffffff [ 258.137456][T12429] [ 258.139302][T12429] memory: usage 304080kB, limit 307200kB, failcnt 6466 [ 258.141141][T12429] memory+swap: usage 319156kB, limit 9007199254740988kB, failcnt 0 [ 258.143217][T12429] kmem: usage 303668kB, limit 9007199254740988kB, failcnt 0 [ 258.145158][T12429] Memory cgroup stats for /syz2: [ 258.145290][T12429] cache 385024 [ 258.148049][T12429] rss 0 [ 258.148856][T12429] rss_huge 0 [ 258.149725][T12429] shmem 0 [ 258.150521][T12429] mapped_file 385024 [ 258.151561][T12429] dirty 385024 [ 258.152504][T12429] writeback 0 [ 258.153415][T12429] workingset_refault_anon 2702 [ 258.154927][T12429] workingset_refault_file 0 [ 258.156228][T12429] swap 15437824 [ 258.157163][T12429] swapcached 0 [ 258.158088][T12429] pgpgin 340419 [ 258.159018][T12429] pgpgout 340325 [ 258.159985][T12429] pgfault 574073 [ 258.160947][T12429] pgmajfault 54 [ 258.161893][T12429] inactive_anon 0 [ 258.162882][T12429] active_anon 0 [ 258.163828][T12429] inactive_file 0 [ 258.165532][T12429] active_file 385024 [ 258.166607][T12429] unevictable 0 [ 258.167573][T12429] hierarchical_memory_limit 314572800 [ 258.169020][T12429] hierarchical_memsw_limit 9223372036854771712 [ 258.170663][T12429] total_cache 385024 [ 258.171722][T12429] total_rss 0 [ 258.172636][T12429] total_rss_huge 0 [ 258.173655][T12429] total_shmem 0 [ 258.174593][T12429] total_mapped_file 385024 [ 258.175949][T12429] total_dirty 385024 [ 258.177007][T12429] total_writeback 0 [ 258.178053][T12429] total_workingset_refault_anon 2702 [ 258.179467][T12429] total_workingset_refault_file 0 [ 258.180834][T12429] total_swap 15437824 [ 258.181972][T12429] total_swapcached 0 [ 258.183041][T12429] total_pgpgin 340419 [ 258.184135][T12429] total_pgpgout 340325 [ 258.185240][T12429] total_pgfault 574073 [ 258.186794][T12429] total_pgmajfault 54 [ 258.187888][T12429] total_inactive_anon 0 [ 258.189021][T12429] total_active_anon 0 [ 258.190111][T12429] total_inactive_file 0 [ 258.191232][T12429] total_active_file 385024 [ 258.192437][T12429] total_unevictable 0 [ 258.193516][T12429] anon_cost 0 [ 258.194422][T12429] file_cost 0 [ 258.195339][T12429] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.1680,pid=9967,uid=0 [ 258.199925][T12429] Memory cgroup out of memory: Killed process 9967 (syz.2.1680) total-vm:97492kB, anon-rss:652kB, file-rss:14460kB, shmem-rss:0kB, UID:0 pgtables:132kB oom_score_adj:1000 [ 258.228046][T12429] syz.2.2260 (12429) used greatest stack depth: 20192 bytes left [ 258.581262][T12459] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2273'. [ 259.197824][T12456] coredump: 1591(syz.0.2279): written to core: VMAs: 41, size 103211008; core: 65742682 bytes, pos 103231488 [ 259.385615][ T5331] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 259.388486][ T5331] CPU: 3 UID: 0 PID: 5331 Comm: syz-executor Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0 [ 259.391205][ T5331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 259.394006][ T5331] Call Trace: [ 259.394893][ T5331] [ 259.395702][ T5331] dump_stack_lvl+0x16c/0x1f0 [ 259.397101][ T5331] dump_header+0x101/0x900 [ 259.398290][ T5331] oom_kill_process+0x270/0xa60 [ 259.399587][ T5331] out_of_memory+0x343/0x16b0 [ 259.400847][ T5331] ? mutex_trylock+0xa0/0x140 [ 259.402106][ T5331] ? __pfx_out_of_memory+0x10/0x10 [ 259.403518][ T5331] ? find_held_lock+0x2d/0x110 [ 259.404820][ T5331] mem_cgroup_out_of_memory+0x207/0x270 [ 259.406275][ T5331] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 259.407885][ T5331] ? do_raw_spin_unlock+0x172/0x230 [ 259.409258][ T5331] try_charge_memcg+0x5b9/0xaf0 [ 259.410546][ T5331] ? __pfx_try_charge_memcg+0x10/0x10 [ 259.411960][ T5331] ? __pfx_lock_release+0x10/0x10 [ 259.413293][ T5331] ? lookup_swap_cgroup_id+0x63/0x1c0 [ 259.414708][ T5331] ? __radix_tree_lookup+0x21f/0x2c0 [ 259.416114][ T5331] mem_cgroup_swapin_charge_folio+0x129/0x4e0 [ 259.417711][ T5331] __read_swap_cache_async+0x4f0/0x630 [ 259.419145][ T5331] ? __pfx___read_swap_cache_async+0x10/0x10 [ 259.420729][ T5331] ? swp_swap_info+0xcf/0x130 [ 259.421978][ T5331] ? __pfx_swp_swap_info+0x10/0x10 [ 259.423334][ T5331] swap_cluster_readahead+0x4a9/0x6e0 [ 259.424752][ T5331] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 259.426309][ T5331] ? filemap_get_entry+0x1a8/0x3c0 [ 259.427675][ T5331] ? filemap_get_entry+0x1b2/0x3c0 [ 259.429035][ T5331] swapin_readahead+0x13b/0xe40 [ 259.430322][ T5331] ? get_swap_device+0x362/0x5e0 [ 259.431628][ T5331] ? __pfx_swapin_readahead+0x10/0x10 [ 259.433043][ T5331] ? __filemap_get_folio+0x2a1/0xae0 [ 259.434434][ T5331] ? swap_cache_get_folio+0x1e0/0x460 [ 259.435851][ T5331] ? get_swap_device+0x245/0x5e0 [ 259.437160][ T5331] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 259.438654][ T5331] do_swap_page+0x54f/0x3f50 [ 259.439887][ T5331] ? rcu_is_watching+0x12/0xc0 [ 259.441152][ T5331] ? __pte_offset_map+0x1b9/0x540 [ 259.442493][ T5331] ? __pfx_do_swap_page+0x10/0x10 [ 259.443834][ T5331] ? pte_offset_map_nolock+0xfe/0x1c0 [ 259.445272][ T5331] ? __pfx_pte_offset_map_nolock+0x10/0x10 [ 259.446857][ T5331] ? lock_vma_under_rcu+0x1e2/0x8f0 [ 259.448248][ T5331] ? lock_vma_under_rcu+0x1e2/0x8f0 [ 259.449641][ T5331] __handle_mm_fault+0x14b3/0x56b0 [ 259.450995][ T5331] ? __pfx_lock_release+0x10/0x10 [ 259.452335][ T5331] ? down_read_trylock+0x1ed/0x3f0 [ 259.453685][ T5331] ? lock_vma_under_rcu+0x1e2/0x8f0 [ 259.455055][ T5331] ? __pfx___handle_mm_fault+0x10/0x10 [ 259.456507][ T5331] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 259.457961][ T5331] handle_mm_fault+0x498/0xa60 [ 259.459239][ T5331] ? __pkru_allows_pkey+0x51/0xb0 [ 259.460579][ T5331] do_user_addr_fault+0x60d/0x13f0 [ 259.461935][ T5331] exc_page_fault+0x5c/0xc0 [ 259.463162][ T5331] asm_exc_page_fault+0x26/0x30 [ 259.464464][ T5331] RIP: 0033:0x7f81ae7affe8 [ 259.465668][ T5331] Code: 3c 24 48 89 4c 24 18 e8 c6 57 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 44 89 c7 <48> 89 04 24 e8 1f 58 ff ff 48 8b 04 24 48 83 c4 28 f7 d8 c3 0f 1f [ 259.470684][ T5331] RSP: 002b:00007ffc44bf79d0 EFLAGS: 00010293 [ 259.472287][ T5331] RAX: 0000000000000000 RBX: 00000000000005b7 RCX: 00007f81ae7affe5 [ 259.474352][ T5331] RDX: 00007ffc44bf7a10 RSI: 0000000000000000 RDI: 0000000000000000 [ 259.476432][ T5331] RBP: 00007ffc44bf7a6c R08: 0000000000000000 R09: 00007f81af61f080 [ 259.478469][ T5331] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032 [ 259.480539][ T5331] R13: 000000000003f238 R14: 000000000003f238 R15: 00007ffc44bf7ac0 [ 259.482621][ T5331] [ 259.484634][ T5331] memory: usage 284060kB, limit 307200kB, failcnt 4740 [ 259.486496][ T5331] memory+swap: usage 292496kB, limit 9007199254740988kB, failcnt 0 [ 259.488576][ T5331] kmem: usage 282756kB, limit 9007199254740988kB, failcnt 0 [ 259.490498][ T5331] Memory cgroup stats for /syz1: [ 259.490578][ T5331] cache 163840 [ 259.492794][ T5331] rss 0 [ 259.493539][ T5331] rss_huge 0 [ 259.494403][ T5331] shmem 0 [ 259.495191][ T5331] mapped_file 163840 [ 259.496394][ T5331] dirty 163840 [ 259.497311][ T5331] writeback 0 [ 259.498205][ T5331] workingset_refault_anon 2638 [ 259.499477][ T5331] workingset_refault_file 59 [ 259.500708][ T5331] swap 8638464 [ 259.501619][ T5331] swapcached 0 [ 259.502530][ T5331] pgpgin 334121 [ 259.503465][ T5331] pgpgout 334081 [ 259.504423][ T5331] pgfault 588719 [ 259.505788][ T5331] pgmajfault 44 [ 259.506725][ T5331] inactive_anon 0 [ 259.507704][ T5331] active_anon 0 [ 259.508639][ T5331] inactive_file 163840 [ 259.509720][ T5331] active_file 0 [ 259.510653][ T5331] unevictable 0 [ 259.511583][ T5331] hierarchical_memory_limit 314572800 [ 259.513006][ T5331] hierarchical_memsw_limit 9223372036854771712 [ 259.514622][ T5331] total_cache 163840 [ 259.516288][ T5331] total_rss 0 [ 259.517197][ T5331] total_rss_huge 0 [ 259.518198][ T5331] total_shmem 0 [ 259.519134][ T5331] total_mapped_file 163840 [ 259.520323][ T5331] total_dirty 163840 [ 259.521367][ T5331] total_writeback 0 [ 259.522388][ T5331] total_workingset_refault_anon 2638 [ 259.523793][ T5331] total_workingset_refault_file 59 [ 259.525149][ T5331] total_swap 8638464 [ 259.527372][ T5331] total_swapcached 0 [ 259.528745][ T5331] total_pgpgin 334121 [ 259.530098][ T5331] total_pgpgout 334081 [ 259.531466][ T5331] total_pgfault 588719 [ 259.532856][ T5331] total_pgmajfault 44 [ 259.534203][ T5331] total_inactive_anon 0 [ 259.535717][ T5331] total_active_anon 0 [ 259.537074][ T5331] total_inactive_file 163840 [ 259.538634][ T5331] total_active_file 0 [ 259.539993][ T5331] total_unevictable 0 [ 259.541346][ T5331] anon_cost 0 [ 259.542481][ T5331] file_cost 0 [ 259.543624][ T5331] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.1428,pid=9378,uid=0 [ 259.549082][ T5331] Memory cgroup out of memory: Killed process 9378 (syz.1.1428) total-vm:97492kB, anon-rss:696kB, file-rss:14460kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000 [ 259.874117][T12490] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2286'. [ 260.062002][T12512] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2302'. [ 260.102478][T12522] openvswitch: netlink: Missing key (keys=8040, expected=200000) [ 260.180153][T12528] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2309'. [ 260.259131][T12532] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2310'. [ 260.268361][T12539] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2315'. [ 260.429221][T12492] coredump: 1595(syz.0.2294): written to core: VMAs: 41, size 103211008; core: 65730394 bytes, pos 103231488 [ 260.561497][T12550] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2320'. [ 260.700686][T12567] openvswitch: netlink: Missing key (keys=8040, expected=200000) [ 260.703430][T12561] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2325'. [ 260.725025][T12571] netlink: 'syz.3.2316': attribute type 10 has an invalid length. [ 260.934232][T12594] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2330'. [ 260.956025][T12596] netlink: 'syz.1.2331': attribute type 10 has an invalid length. [ 261.017781][T12552] coredump: 1490(syz.2.2321): written to core: VMAs: 41, size 103211008; core: 65722202 bytes, pos 103231488 [ 261.229332][T12627] vim2m vim2m.0: Fourcc format (0x42474752) invalid. [ 261.305488][T12651] program syz.0.2357 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 261.311721][T12652] vim2m vim2m.0: Fourcc format (0x42474752) invalid. [ 261.442884][T12674] tmpfs: User quota inode hardlimit too large. [ 261.461890][T12678] program syz.1.2369 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 261.533195][T12695] netlink: 'syz.0.2377': attribute type 1 has an invalid length. [ 261.576791][T12706] tmpfs: User quota inode hardlimit too large. [ 261.695079][T12733] netlink: 'syz.1.2390': attribute type 1 has an invalid length. [ 262.046951][T12808] netlink: 'syz.2.2429': attribute type 13 has an invalid length. [ 262.049231][T12808] netlink: 'syz.2.2429': attribute type 58 has an invalid length. [ 262.194826][T12845] netlink: 'syz.0.2447': attribute type 13 has an invalid length. [ 262.197023][T12845] netlink: 'syz.0.2447': attribute type 58 has an invalid length. [ 262.218436][T12852] netlink: 'syz.1.2451': attribute type 1 has an invalid length. [ 262.245197][T12859] __nla_validate_parse: 18 callbacks suppressed [ 262.245206][T12859] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2456'. [ 262.250187][T12859] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2456'. [ 262.275114][T12861] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2458'. [ 262.363225][T12872] MTD: Attempt to mount non-MTD device "/dev/nullb0" [ 262.367727][T12872] VFS: Can't find a romfs filesystem on dev nullb0. [ 262.367727][T12872] [ 262.392721][T12874] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2469'. [ 262.407651][T12885] netlink: 'syz.2.2465': attribute type 1 has an invalid length. [ 262.409721][T12885] netlink: 161700 bytes leftover after parsing attributes in process `syz.2.2465'. [ 262.492921][T12901] MTD: Attempt to mount non-MTD device "/dev/nullb0" [ 262.494872][T12901] VFS: Can't find a romfs filesystem on dev nullb0. [ 262.494872][T12901] [ 262.520962][T12904] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2481'. [ 262.641798][T12931] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2494'. [ 262.757554][T12969] netlink: 256 bytes leftover after parsing attributes in process `syz.2.2507'. [ 262.833025][T12984] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2514'. [ 262.843740][T12994] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2518'. [ 263.395263][T13127] netlink: ct family unspecified [ 263.400648][T13127] openvswitch: netlink: Actions may not be safe on all matching packets [ 263.471011][T13144] netlink: ct family unspecified [ 263.473810][T13144] openvswitch: netlink: Actions may not be safe on all matching packets [ 263.564698][T13156] hpfs: Bad magic ... probably not HPFS [ 263.638001][T13175] hpfs: Bad magic ... probably not HPFS [ 263.638044][T13179] program syz.0.2599 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 263.707785][T13192] hpfs: Bad magic ... probably not HPFS [ 263.771729][T13208] program syz.1.2617 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 263.776491][T13209] dlm: no locking on control device [ 263.872854][T13222] tmpfs: User quota block hardlimit too large. [ 263.914860][T13233] dlm: no locking on control device [ 263.919656][T13235] tmpfs: User quota block hardlimit too large. [ 264.200682][T13307] bond0: (slave caif0): Error: Device type is different from other slaves [ 264.234433][T13315] program syz.3.2667 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 264.274881][T13329] netlink: set zone limit has 4 unknown bytes [ 264.333028][T13345] program syz.0.2680 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 264.372638][T13353] netlink: set zone limit has 4 unknown bytes [ 264.965761][T13495] NCSI netlink: No device for ifindex 0 [ 265.076789][T13507] NCSI netlink: No device for ifindex 0 [ 265.669847][T13605] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow [ 265.772165][T13630] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow [ 265.880955][T13664] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 265.923874][T13674] bpf: Bad value for 'mode' [ 265.963156][T13682] cannot load conntrack support for proto=3 [ 266.006117][T13698] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 266.051816][T13706] bpf: Bad value for 'mode' [ 266.093525][T13712] cannot load conntrack support for proto=3 [ 266.094902][T13714] ERROR: device name not specified. [ 266.177761][T13732] validate_nla: 10 callbacks suppressed [ 266.177771][T13732] netlink: 'syz.1.2855': attribute type 21 has an invalid length. [ 267.026637][T13738] ERROR: device name not specified. [ 267.030090][T13743] cannot load conntrack support for proto=3 [ 267.080809][T13750] netlink: 'syz.3.2868': attribute type 21 has an invalid length. [ 267.107611][T13760] cannot load conntrack support for proto=3 [ 268.106758][T13780] netlink: 'syz.2.2878': attribute type 1 has an invalid length. [ 268.108895][T13780] __nla_validate_parse: 52 callbacks suppressed [ 268.108902][T13780] netlink: 244 bytes leftover after parsing attributes in process `syz.2.2878'. [ 268.148324][T13791] netlink: 'syz.3.2885': attribute type 4 has an invalid length. [ 268.150371][T13791] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2885'. [ 268.195191][T13801] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2890'. [ 268.217487][T13810] netlink: 'syz.1.2893': attribute type 1 has an invalid length. [ 268.219514][T13810] netlink: 244 bytes leftover after parsing attributes in process `syz.1.2893'. [ 268.266723][ T1072] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1 [ 268.268501][ T1072] ata1: failed to read log page 10h (errno=-5) [ 268.270120][ T1072] ata1.00: exception Emask 0x1 SAct 0x80 SErr 0x0 action 0x0 [ 268.272110][ T1072] ata1.00: irq_stat 0x40000000 [ 268.273372][ T1072] ata1.00: failed command: WRITE FPDMA QUEUED [ 268.274959][ T1072] ata1.00: cmd 61/18:38:d2:0a:10/00:00:00:00:00/40 tag 7 ncq dma 12288 out [ 268.274959][ T1072] res 50/04:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error) [ 268.279649][ T1072] ata1.00: status: { DRDY } [ 268.280867][ T1072] ata1.00: error: { ABRT } [ 268.283436][ T1072] ata1.00: configured for UDMA/100 [ 268.284955][ T1072] ata1: EH complete [ 268.291162][T13821] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2896'. [ 268.292453][T13820] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048) [ 268.327597][T13827] netlink: 'syz.1.2899': attribute type 4 has an invalid length. [ 268.329644][T13827] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2899'. [ 268.359347][T13829] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2908'. [ 268.364750][T13838] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2905'. [ 268.367370][T13838] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2905'. [ 268.399077][T13845] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048) [ 268.399725][T13846] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2909'. [ 268.854113][T13933] netlink: 'syz.1.2943': attribute type 10 has an invalid length. [ 268.858145][T13933] team0: Device lo is loopback device. Loopback devices can't be added as a team port [ 268.861634][T13933] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 268.925865][T13953] netlink: 'syz.0.2962': attribute type 10 has an invalid length. [ 268.929594][T13953] team0: Device lo is loopback device. Loopback devices can't be added as a team port [ 268.932885][T13953] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 269.411297][T14054] Unknown options in mask 1f4 [ 269.509838][T14079] Unknown options in mask 1f4 [ 269.534037][T14087] IPv6: sit3: Disabled Multicast RS [ 269.536132][T14087] sit3: entered allmulticast mode [ 269.642625][T14113] netlink: 'syz.2.3031': attribute type 1 has an invalid length. [ 269.645733][T14113] netlink: 'syz.2.3031': attribute type 1 has an invalid length. [ 269.686360][T14125] IPv6: sit1: Disabled Multicast RS [ 269.688026][T14125] sit1: entered allmulticast mode [ 271.647839][T14201] validate_nla: 2 callbacks suppressed [ 271.647849][T14201] netlink: 'syz.1.3080': attribute type 10 has an invalid length. [ 271.652292][T14201] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check. [ 271.681447][T14212] netlink: 'syz.2.3076': attribute type 21 has an invalid length. [ 271.683723][T14212] netlink: 'syz.2.3076': attribute type 20 has an invalid length. [ 271.686162][T14212] IPv6: NLM_F_CREATE should be specified when creating new route [ 271.906820][T14239] netlink: 'syz.1.3089': attribute type 21 has an invalid length. [ 271.908956][T14239] netlink: 'syz.1.3089': attribute type 20 has an invalid length. [ 271.911022][T14239] IPv6: NLM_F_CREATE should be specified when creating new route [ 271.942051][T14245] netlink: 'syz.2.3092': attribute type 10 has an invalid length. [ 271.944981][T14245] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check. [ 271.988471][T14259] netlink: 'syz.2.3096': attribute type 10 has an invalid length. [ 271.990760][T14259] bridge0: port 3(team0) entered disabled state [ 271.992479][T14259] bridge0: port 2(bridge_slave_1) entered disabled state [ 271.994363][T14259] bridge0: port 1(bridge_slave_0) entered disabled state [ 271.998903][T14259] bridge0: left promiscuous mode [ 272.000271][T14259] bridge0: left allmulticast mode [ 272.003017][T14259] bridge0: port 3(team0) entered blocking state [ 272.004730][T14259] bridge0: port 3(team0) entered forwarding state [ 272.006550][T14259] bridge0: port 2(bridge_slave_1) entered blocking state [ 272.008437][T14259] bridge0: port 2(bridge_slave_1) entered forwarding state [ 272.010393][T14259] bridge0: port 1(bridge_slave_0) entered blocking state [ 272.012260][T14259] bridge0: port 1(bridge_slave_0) entered forwarding state [ 272.017018][T14259] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 272.124083][T14279] netlink: 'syz.0.3110': attribute type 10 has an invalid length. [ 272.127876][T14279] bridge0: port 3(team0) entered blocking state [ 272.129540][T14279] bridge0: port 3(team0) entered forwarding state [ 272.131311][T14279] bridge0: port 2(bridge_slave_1) entered blocking state [ 272.133161][T14279] bridge0: port 2(bridge_slave_1) entered forwarding state [ 272.135077][T14279] bridge0: port 1(bridge_slave_0) entered blocking state [ 272.136985][T14279] bridge0: port 1(bridge_slave_0) entered forwarding state [ 272.140231][T14279] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 272.198009][T14295] netlink: 'syz.0.3121': attribute type 10 has an invalid length. [ 272.201161][T14295] bridge0: port 3(team0) entered disabled state [ 272.202895][T14295] bridge0: port 2(bridge_slave_1) entered disabled state [ 272.204778][T14295] bridge0: port 1(bridge_slave_0) entered disabled state [ 272.240055][T14305] netlink: 'syz.1.3128': attribute type 10 has an invalid length. [ 272.242930][T14305] bridge0: port 3(team0) entered disabled state [ 272.244650][T14305] bridge0: port 2(bridge_slave_1) entered disabled state [ 272.246593][T14305] bridge0: port 1(bridge_slave_0) entered disabled state [ 272.249757][T14305] bridge0: left promiscuous mode [ 272.251107][T14305] bridge0: left allmulticast mode [ 272.356304][T14330] xt_cgroup: path and classid specified [ 272.472330][T14364] xt_cgroup: path and classid specified [ 272.512805][T14373] tmpfs: Bad value for 'mpol' [ 272.607314][T14394] tmpfs: Bad value for 'mpol' [ 272.611956][T14397] usb usb9: usbfs: process 14397 (syz.2.3168) did not claim interface 0 before use [ 272.743862][T14429] usb usb9: usbfs: process 14429 (syz.3.3176) did not claim interface 0 before use [ 272.807918][T14447] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 272.810067][T14447] syz.1.3182: attempt to access beyond end of device [ 272.810067][T14447] loop1: rw=0, sector=0, nr_sectors = 2 limit=0 [ 272.865052][T14458] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 272.868136][T14458] syz.3.3196: attempt to access beyond end of device [ 272.868136][T14458] loop3: rw=0, sector=0, nr_sectors = 2 limit=0 [ 272.922749][T14473] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 273.118002][T14508] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 273.179438][T14524] binder: 14522:14524 ioctl c0046209 0 returned -22 [ 273.220422][T14531] __nla_validate_parse: 57 callbacks suppressed [ 273.220432][T14531] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3226'. [ 273.279140][T14553] binder: 14552:14553 ioctl c0046209 0 returned -22 [ 273.317102][T14561] No such timeout policy "syz0" [ 273.318597][T14565] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3241'. [ 273.343375][ T39] audit: type=1400 audit(1726856634.590:1292): avc: denied { create } for pid=14570 comm="syz.3.3245" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 273.349782][ T39] audit: type=1400 audit(1726856634.610:1293): avc: denied { read } for pid=14570 comm="syz.3.3245" path="socket:[53210]" dev="sockfs" ino=53210 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 273.379662][T14583] binder: 14582:14583 ioctl c0046209 0 returned -22 [ 273.408185][T14581] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3248'. [ 273.422809][T14593] No such timeout policy "syz0" [ 273.444223][T14600] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3257'. [ 273.485174][T14611] binder: 14608:14611 ioctl c0046209 0 returned -22 [ 273.511165][T14617] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3271'. [ 273.520517][T14622] No such timeout policy "syz0" [ 273.533034][T14619] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3272'. [ 273.589647][T14641] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3280'. [ 273.589821][ T39] audit: type=1400 audit(1726856634.840:1294): avc: denied { connect } for pid=14638 comm="syz.2.3275" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 273.614269][T14645] No such timeout policy "syz0" [ 273.633355][T14649] netlink: 80 bytes leftover after parsing attributes in process `syz.2.3281'. [ 273.636669][T14651] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3279'. [ 273.687575][T14656] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3288'. [ 273.891001][ T39] audit: type=1400 audit(1726856635.140:1295): avc: denied { accept } for pid=14694 comm="syz.2.3301" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 274.104743][ T39] audit: type=1400 audit(1726856635.350:1296): avc: denied { connect } for pid=14754 comm="syz.3.3332" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 274.487841][ T39] audit: type=1400 audit(1726856635.740:1297): avc: denied { ioctl } for pid=14844 comm="syz.2.3372" path="socket:[55845]" dev="sockfs" ino=55845 ioctlcmd=0x8991 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 274.505762][ T39] audit: type=1400 audit(1726856635.750:1298): avc: denied { ioctl } for pid=14852 comm="syz.0.3374" path="socket:[55852]" dev="sockfs" ino=55852 ioctlcmd=0x890c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 274.625362][ T39] audit: type=1400 audit(1726856635.870:1299): avc: denied { read } for pid=14887 comm="syz.3.3392" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 274.631953][ T39] audit: type=1400 audit(1726856635.870:1300): avc: denied { open } for pid=14887 comm="syz.3.3392" path="/dev/autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 274.632444][T14889] autofs4:pid:14889:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(120.1), cmd(0xc018937e) [ 274.642599][T14889] autofs4:pid:14889:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc018937e) [ 274.645613][ T39] audit: type=1400 audit(1726856635.880:1301): avc: denied { ioctl } for pid=14887 comm="syz.3.3392" path="/dev/autofs" dev="devtmpfs" ino=104 ioctlcmd=0x937e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 274.836229][T14926] autofs4:pid:14926:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(120.1), cmd(0xc018937e) [ 274.839642][T14926] autofs4:pid:14926:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc018937e) [ 275.021786][T14951] autofs4:pid:14951:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(120.1), cmd(0xc018937e) [ 275.027187][T14951] autofs4:pid:14951:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc018937e) [ 275.264182][T14984] autofs4:pid:14984:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(120.1), cmd(0xc018937e) [ 275.267808][T14984] autofs4:pid:14984:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc018937e) [ 278.409196][ T39] kauditd_printk_skb: 1 callbacks suppressed [ 278.409205][ T39] audit: type=1400 audit(1726856639.660:1303): avc: denied { read } for pid=15185 comm="syz.2.3531" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 278.422378][ T39] audit: type=1400 audit(1726856639.670:1304): avc: denied { append } for pid=15189 comm="syz.3.3532" name="card2" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 278.566854][T15216] __nla_validate_parse: 33 callbacks suppressed [ 278.566864][T15216] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3542'. [ 279.427328][T15244] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3563'. [ 279.544928][ T39] audit: type=1400 audit(1726856640.790:1305): avc: denied { name_bind } for pid=15254 comm="syz.1.3557" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1 [ 279.566893][T15251] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3568'. [ 279.655773][T15265] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3572'. [ 279.746624][ T39] audit: type=1400 audit(1726856641.000:1306): avc: denied { create } for pid=15278 comm="syz.0.3566" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 279.758211][ T39] audit: type=1400 audit(1726856641.010:1307): avc: denied { write } for pid=15278 comm="syz.0.3566" path="socket:[57327]" dev="sockfs" ino=57327 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 279.764648][ T39] audit: type=1400 audit(1726856641.010:1308): avc: denied { nlmsg_read } for pid=15278 comm="syz.0.3566" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 279.804259][ T39] audit: type=1400 audit(1726856641.050:1309): avc: denied { read } for pid=15295 comm="syz.1.3582" name="usbmon6" dev="devtmpfs" ino=740 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 279.811718][ T39] audit: type=1400 audit(1726856641.050:1310): avc: denied { open } for pid=15295 comm="syz.1.3582" path="/dev/usbmon6" dev="devtmpfs" ino=740 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 279.818470][ T39] audit: type=1400 audit(1726856641.050:1311): avc: denied { ioctl } for pid=15295 comm="syz.1.3582" path="/dev/usbmon6" dev="devtmpfs" ino=740 ioctlcmd=0x9206 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 279.851531][T15303] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3584'. [ 279.938048][T15334] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3598'. [ 279.999123][T15344] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3605'. [ 280.023057][T15357] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3614'. [ 280.133141][T15386] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3623'. [ 280.166335][T15387] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3625'. [ 280.181242][T15401] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 280.260099][T15422] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 280.446821][T15449] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 280.580810][T15478] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 280.987911][ T39] audit: type=1400 audit(1726856642.240:1312): avc: denied { getopt } for pid=15558 comm="syz.1.3708" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 280.998491][T15562] validate_nla: 8 callbacks suppressed [ 280.998501][T15562] netlink: 'syz.3.3709': attribute type 2 has an invalid length. [ 281.141333][T15599] netlink: 'syz.2.3723': attribute type 2 has an invalid length. [ 281.169877][T15609] netlink: 'syz.0.3729': attribute type 2 has an invalid length. [ 281.214222][T15626] netlink: 'syz.1.3738': attribute type 2 has an invalid length. [ 281.343492][T15641] netlink: 'syz.1.3742': attribute type 2 has an invalid length. [ 281.372938][T15649] netlink: 'syz.3.3754': attribute type 2 has an invalid length. [ 281.419430][T15661] netlink: 'syz.0.3749': attribute type 2 has an invalid length. [ 281.479030][T15676] netlink: 'syz.2.3758': attribute type 2 has an invalid length. [ 281.518667][T15683] xt_connbytes: Forcing CT accounting to be enabled [ 281.520592][T15683] Cannot find del_set index 768 as target [ 281.615672][T15715] xt_connbytes: Forcing CT accounting to be enabled [ 281.617394][T15715] Cannot find del_set index 768 as target [ 281.741073][T15742] xt_connbytes: Forcing CT accounting to be enabled [ 281.743977][T15742] Cannot find del_set index 768 as target [ 281.852881][T15772] xt_connbytes: Forcing CT accounting to be enabled [ 281.854579][T15772] Cannot find del_set index 768 as target [ 282.159365][T15832] netlink: 'syz.0.3836': attribute type 11 has an invalid length. [ 282.284113][T15867] netlink: 'syz.1.3848': attribute type 11 has an invalid length. [ 282.559439][T15922] binder: BC_ACQUIRE_RESULT not supported [ 282.560930][T15922] binder: 15921:15922 ioctl c0306201 20000100 returned -22 [ 283.486632][ T39] kauditd_printk_skb: 5 callbacks suppressed [ 283.486647][ T39] audit: type=1400 audit(1726856644.740:1318): avc: denied { create } for pid=16133 comm="syz.0.3974" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 283.496009][ T39] audit: type=1400 audit(1726856644.740:1319): avc: denied { ioctl } for pid=16133 comm="syz.0.3974" path="socket:[63228]" dev="sockfs" ino=63228 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 283.608708][T16153] __nla_validate_parse: 56 callbacks suppressed [ 283.608719][T16153] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3983'. [ 283.734045][ T39] audit: type=1400 audit(1726856644.980:1320): avc: denied { getopt } for pid=16193 comm="syz.0.4003" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 283.761790][T16204] cgroup: Need name or subsystem set [ 283.811960][T16206] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4009'. [ 283.860426][T16232] cgroup: Need name or subsystem set [ 283.956987][T16255] cgroup: Need name or subsystem set [ 284.011856][T16262] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4034'. [ 284.100468][T16291] cgroup: Need name or subsystem set [ 284.116501][ T39] audit: type=1400 audit(1726856645.370:1321): avc: denied { checkpoint_restore } for pid=16293 comm="syz.2.4051" capability=40 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 284.170278][T16314] tipc: Trying to set illegal importance in message [ 284.183449][T16305] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4055'. [ 284.276311][T16339] tipc: Trying to set illegal importance in message [ 284.348011][T16352] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4078'. [ 284.464967][T16368] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4091'. [ 284.484135][T16376] tipc: Trying to set illegal importance in message [ 284.514078][T16380] Mount JFS Failure: -22 [ 284.516998][T16380] jfs_mount failed w/return code = -22 [ 284.556910][T16392] netlink: 212404 bytes leftover after parsing attributes in process `syz.1.4093'. [ 284.586740][T16404] tipc: Trying to set illegal importance in message [ 284.593696][T16395] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4101'. [ 284.606147][T16407] Mount JFS Failure: -22 [ 284.607324][T16407] jfs_mount failed w/return code = -22 [ 284.612633][T16410] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4103'. [ 284.614951][T16410] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4103'. [ 284.729326][T16435] Mount JFS Failure: -22 [ 284.730951][T16435] jfs_mount failed w/return code = -22 [ 284.878506][T16466] Mount JFS Failure: -22 [ 284.879638][T16466] jfs_mount failed w/return code = -22 [ 285.043839][T16504] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found [ 285.049269][T16504] UDF-fs: Scanning with blocksize 512 failed [ 285.052403][T16504] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found [ 285.054903][T16504] UDF-fs: Scanning with blocksize 1024 failed [ 285.057250][T16504] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found [ 285.059761][T16504] UDF-fs: Scanning with blocksize 2048 failed [ 285.062188][T16504] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found [ 285.064739][T16504] UDF-fs: Scanning with blocksize 4096 failed [ 286.036444][ T39] audit: type=1400 audit(1726856647.290:1322): avc: denied { bind } for pid=16704 comm="syz.2.4244" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 286.077223][T16718] openvswitch: netlink: Actions may not be safe on all matching packets [ 286.194573][T16743] openvswitch: netlink: Actions may not be safe on all matching packets [ 286.235355][T16756] validate_nla: 2 callbacks suppressed [ 286.235368][T16756] netlink: 'syz.1.4266': attribute type 10 has an invalid length. [ 286.244872][T16756] team0: Device ipvlan1 failed to register rx_handler [ 286.305268][T16772] openvswitch: netlink: Actions may not be safe on all matching packets [ 286.386815][T16796] openvswitch: netlink: Actions may not be safe on all matching packets [ 286.392317][T16799] ======================================================= [ 286.392317][T16799] WARNING: The mand mount option has been deprecated and [ 286.392317][T16799] and is ignored by this kernel. Remove the mand [ 286.392317][T16799] option from the mount to silence this warning. [ 286.392317][T16799] ======================================================= [ 286.543151][ T39] audit: type=1400 audit(1726856647.790:1323): avc: denied { getopt } for pid=16817 comm="syz.3.4296" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 286.549628][T16820] program syz.1.4297 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 286.653976][T16848] program syz.0.4312 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 286.761521][T16874] program syz.2.4324 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 286.923034][T16902] program syz.3.4337 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 287.058792][ T39] audit: type=1400 audit(1726856648.310:1324): avc: denied { accept } for pid=16922 comm="syz.3.4346" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 287.223867][T16967] xt_hashlimit: overflow, try lower: 3/0 [ 287.322125][T16988] xt_hashlimit: overflow, try lower: 3/0 [ 287.439302][ T39] audit: type=1400 audit(1726856648.690:1325): avc: denied { read } for pid=17019 comm="syz.3.4400" name="btrfs-control" dev="devtmpfs" ino=1149 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1 [ 287.452330][ T39] audit: type=1400 audit(1726856648.690:1326): avc: denied { open } for pid=17019 comm="syz.3.4400" path="/dev/btrfs-control" dev="devtmpfs" ino=1149 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1 [ 287.458831][ T39] audit: type=1400 audit(1726856648.690:1327): avc: denied { ioctl } for pid=17019 comm="syz.3.4400" path="/dev/btrfs-control" dev="devtmpfs" ino=1149 ioctlcmd=0x9405 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1 [ 287.480844][T17028] xt_hashlimit: overflow, try lower: 3/0 [ 287.561043][T17052] xt_hashlimit: overflow, try lower: 3/0 [ 287.587012][T17058] autofs4:pid:17058:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(1.32), cmd(0xc018937e) [ 287.590438][T17058] autofs4:pid:17058:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc018937e) [ 287.637052][T17065] autofs4:pid:17065:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(1.32), cmd(0xc018937e) [ 287.640451][T17065] autofs4:pid:17065:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc018937e) [ 287.777728][T17088] autofs4:pid:17088:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(1.32), cmd(0xc018937e) [ 287.783338][T17088] autofs4:pid:17088:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc018937e) [ 287.857377][T17102] autofs4:pid:17102:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(1.32), cmd(0xc018937e) [ 287.860851][T17102] autofs4:pid:17102:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc018937e) [ 288.602821][ T39] audit: type=1400 audit(1726856649.850:1328): avc: denied { getopt } for pid=17278 comm="syz.2.4510" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 288.641569][T17283] __nla_validate_parse: 39 callbacks suppressed [ 288.641580][T17283] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4512'. [ 288.884220][T17340] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4536'. [ 289.004200][T17362] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4551'. [ 289.107464][ T39] audit: type=1400 audit(1726856650.360:1329): avc: denied { mount } for pid=17388 comm="syz.0.4557" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1 [ 289.117027][ T39] audit: type=1400 audit(1726856650.370:1330): avc: denied { unmount } for pid=5333 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1 [ 289.172711][T17405] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4566'. [ 289.297611][T17434] program syz.1.4578 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 289.300136][T17434] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 289.303447][T17434] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 289.305846][T17434] CPU: 3 UID: 0 PID: 17434 Comm: syz.1.4578 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0 [ 289.309950][T17434] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 289.312761][T17434] RIP: 0010:ata_msense_control_spgt2.isra.0+0x4ce/0x610 [ 289.314564][T17434] Code: 00 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc e8 23 70 92 fb 4c 89 e2 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <0f> b6 04 02 4c 89 e2 83 e2 07 38 d0 7f 08 84 c0 0f 85 12 01 00 00 [ 289.319686][T17434] RSP: 0018:ffffc90005eff4f0 EFLAGS: 00010046 [ 289.321282][T17434] RAX: dffffc0000000000 RBX: ffffffff9a8cbfd8 RCX: ffffc900069d1000 [ 289.323348][T17434] RDX: 0000000000000000 RSI: ffffffff85fa94fd RDI: 0000000000000001 [ 289.325441][T17434] RBP: 0000000000000007 R08: 0000000000000001 R09: 0000000000000007 [ 289.327518][T17434] R10: 0000000000000007 R11: 0000000000000000 R12: 0000000000000000 [ 289.329601][T17434] R13: 0000000000000007 R14: ffff888026822df8 R15: ffffffff9a8cbfcc [ 289.331688][T17434] FS: 00007f81af61e6c0(0000) GS:ffff88806a900000(0000) knlGS:0000000000000000 [ 289.334066][T17434] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 289.335806][T17434] CR2: 0000001b3101fffc CR3: 00000000663c6000 CR4: 0000000000350ef0 [ 289.337907][T17434] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000400 [ 289.339986][T17434] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 289.342037][T17434] Call Trace: [ 289.342920][T17434] [ 289.343706][T17434] ? die_addr+0x3b/0xa0 [ 289.344810][T17434] ? exc_general_protection+0x155/0x230 [ 289.346265][T17434] ? asm_exc_general_protection+0x26/0x30 [ 289.347773][T17434] ? ata_msense_control_spgt2.isra.0+0x4bd/0x610 [ 289.349430][T17434] ? ata_msense_control_spgt2.isra.0+0x4ce/0x610 [ 289.351080][T17434] ata_msense_control+0x1a4/0x6e0 [ 289.352407][T17434] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 289.353955][T17434] ata_scsi_simulate+0x1379/0x34c0 [ 289.355298][T17434] ? __pfx_ata_scsi_simulate+0x10/0x10 [ 289.356733][T17434] ? __pfx_lock_acquire+0x10/0x10 [ 289.358057][T17434] ? do_raw_spin_lock+0x12d/0x2c0 [ 289.359370][T17434] ? __pfx_ata_scsi_mode_select_xlat+0x10/0x10 [ 289.360990][T17434] __ata_scsi_queuecmd+0xb35/0x13c0 [ 289.362354][T17434] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 289.363910][T17434] ata_scsi_queuecmd+0xac/0x160 [ 289.365193][T17434] scsi_queue_rq+0x1273/0x3650 [ 289.366451][T17434] blk_mq_dispatch_rq_list+0x443/0x1dc0 [ 289.367921][T17434] ? __blk_mq_sched_dispatch_requests+0x1e5/0x1620 [ 289.369611][T17434] ? do_raw_spin_lock+0x12d/0x2c0 [ 289.370928][T17434] ? __pfx_blk_mq_dispatch_rq_list+0x10/0x10 [ 289.372503][T17434] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 289.373912][T17434] __blk_mq_sched_dispatch_requests+0x219/0x1620 [ 289.375573][T17434] ? __pfx___blk_mq_sched_dispatch_requests+0x10/0x10 [ 289.377330][T17434] ? blk_mq_run_hw_queue+0x5cf/0x9a0 [ 289.378713][T17434] ? __pfx_lock_release+0x10/0x10 [ 289.380053][T17434] ? do_raw_spin_unlock+0x172/0x230 [ 289.381416][T17434] ? _raw_spin_unlock+0x28/0x50 [ 289.382698][T17434] ? blk_mq_insert_request+0x2b3/0xcb0 [ 289.384154][T17434] blk_mq_sched_dispatch_requests+0xd4/0x150 [ 289.385729][T17434] blk_mq_run_hw_queue+0x645/0x9a0 [ 289.387068][T17434] ? rcu_is_watching+0x12/0xc0 [ 289.388333][T17434] blk_execute_rq+0x198/0x410 [ 289.389578][T17434] ? __pfx_blk_execute_rq+0x10/0x10 [ 289.390939][T17434] ? bpf_lsm_capable+0x9/0x10 [ 289.392187][T17434] ? security_capable+0x7e/0x260 [ 289.393482][T17434] scsi_ioctl+0x983/0x1840 [ 289.394663][T17434] ? __pfx_scsi_ioctl+0x10/0x10 [ 289.395966][T17434] ? avc_has_perm_noaudit+0x143/0x3a0 [ 289.397399][T17434] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 289.398940][T17434] ? do_vfs_ioctl+0x50f/0x1aa0 [ 289.400211][T17434] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 289.401536][T17434] sg_ioctl+0xaf3/0x2750 [ 289.402631][T17434] ? inode_has_perm+0x16f/0x1d0 [ 289.403923][T17434] ? file_has_perm+0x280/0x350 [ 289.405181][T17434] ? __pfx_sg_ioctl+0x10/0x10 [ 289.406422][T17434] ? selinux_file_ioctl+0xb4/0x270 [ 289.407781][T17434] ? __pfx_sg_ioctl+0x10/0x10 [ 289.409019][T17434] __x64_sys_ioctl+0x18d/0x210 [ 289.410278][T17434] do_syscall_64+0xcd/0x250 [ 289.411668][T17434] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.413467][T17434] RIP: 0033:0x7f81ae77def9 [ 289.414736][T17434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 289.419700][T17434] RSP: 002b:00007f81af61e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 289.422113][T17434] RAX: ffffffffffffffda RBX: 00007f81ae935f80 RCX: 00007f81ae77def9 [ 289.424232][T17434] RDX: 0000000020000340 RSI: 0000000000000001 RDI: 0000000000000003 [ 289.426285][T17434] RBP: 00007f81ae7f0b76 R08: 0000000000000000 R09: 0000000000000000 [ 289.428352][T17434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 289.430404][T17434] R13: 0000000000000000 R14: 00007f81ae935f80 R15: 00007ffc44bf76a8 [ 289.432463][T17434] [ 289.433277][T17434] Modules linked in: [ 289.434304][T17434] ---[ end trace 0000000000000000 ]--- [ 289.435717][T17434] RIP: 0010:ata_msense_control_spgt2.isra.0+0x4ce/0x610 [ 289.437501][T17434] Code: 00 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc e8 23 70 92 fb 4c 89 e2 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <0f> b6 04 02 4c 89 e2 83 e2 07 38 d0 7f 08 84 c0 0f 85 12 01 00 00 [ 289.442463][T17434] RSP: 0018:ffffc90005eff4f0 EFLAGS: 00010046 [ 289.444044][T17434] RAX: dffffc0000000000 RBX: ffffffff9a8cbfd8 RCX: ffffc900069d1000 [ 289.446084][T17434] RDX: 0000000000000000 RSI: ffffffff85fa94fd RDI: 0000000000000001 [ 289.448138][T17434] RBP: 0000000000000007 R08: 0000000000000001 R09: 0000000000000007 [ 289.450197][T17434] R10: 0000000000000007 R11: 0000000000000000 R12: 0000000000000000 [ 289.452262][T17434] R13: 0000000000000007 R14: ffff888026822df8 R15: ffffffff9a8cbfcc [ 289.454308][T17434] FS: 00007f81af61e6c0(0000) GS:ffff88806a900000(0000) knlGS:0000000000000000 [ 289.456621][T17434] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 289.458340][T17434] CR2: 0000001b3101fffc CR3: 00000000663c6000 CR4: 0000000000350ef0 [ 289.460409][T17434] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000400 [ 289.462454][T17434] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 289.464504][T17434] Kernel panic - not syncing: Fatal exception [ 289.466428][T17434] Kernel Offset: disabled [ 289.467576][T17434] Rebooting in 86400 seconds.. VM DIAGNOSIS: 18:24:10 Registers: info registers vcpu 0 CPU#0 RAX=0000000000ffe8e4 RBX=0000000000000000 RCX=ffffffff8b1b9d09 RDX=ffffed100d4c7026 RSI=ffffffff8bb159a0 RDI=ffffffff8164055c RBP=fffffbfff1b92af8 RSP=ffffffff8dc07e20 R8 =0000000000000000 R9 =ffffed100d4c7025 R10=ffff88806a63812b R11=0000000000000001 R12=0000000000000000 R13=ffffffff8dc957c0 R14=ffffffff903e6bd8 R15=0000000000000000 RIP=ffffffff8b1bb0ef RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f620f337a8c CR3=0000000025052000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000400 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 ZMM17=5683e0824cde64c7 3ee5ffb77abaf99f 5683e0824cde64c7 3ee5ffb77abaf99f 5683e0824cde64c7 3ee5ffb77abaf99f 5683e0824cde64c7 3ee5ffb77abaf99f ZMM18=c5daf9ba2da9b27f 5c5e0fedfc98508a c5daf9ba2da9b27f 5c5e0fedfc98508a c5daf9ba2da9b27f 5c5e0fedfc98508a c5daf9ba2da9b27f 5c5e0fedfc98508a ZMM19=fc27000000000000 0000000000000008 fc27000000000000 0000000000000007 fc27000000000000 0000000000000006 fc27000000000000 0000000000000005 ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=c82db9bcc82db9bc c82db9bcc82db9bc c82db9bcc82db9bc c82db9bcc82db9bc c82db9bcc82db9bc c82db9bcc82db9bc c82db9bcc82db9bc c82db9bcc82db9bc ZMM22=ef824829ef824829 ef824829ef824829 ef824829ef824829 ef824829ef824829 ef824829ef824829 ef824829ef824829 ef824829ef824829 ef824829ef824829 ZMM23=2d75ea8f2d75ea8f 2d75ea8f2d75ea8f 2d75ea8f2d75ea8f 2d75ea8f2d75ea8f 2d75ea8f2d75ea8f 2d75ea8f2d75ea8f 2d75ea8f2d75ea8f 2d75ea8f2d75ea8f ZMM24=b49e1be1b49e1be1 b49e1be1b49e1be1 b49e1be1b49e1be1 b49e1be1b49e1be1 b49e1be1b49e1be1 b49e1be1b49e1be1 b49e1be1b49e1be1 b49e1be1b49e1be1 ZMM25=a06276e6a06276e6 a06276e6a06276e6 a06276e6a06276e6 a06276e6a06276e6 a06276e6a06276e6 a06276e6a06276e6 a06276e6a06276e6 a06276e6a06276e6 ZMM26=7b49b9a27b49b9a2 7b49b9a27b49b9a2 7b49b9a27b49b9a2 7b49b9a27b49b9a2 7b49b9a27b49b9a2 7b49b9a27b49b9a2 7b49b9a27b49b9a2 7b49b9a27b49b9a2 ZMM27=ffbf72d5ffbf72d5 ffbf72d5ffbf72d5 ffbf72d5ffbf72d5 ffbf72d5ffbf72d5 ffbf72d5ffbf72d5 ffbf72d5ffbf72d5 ffbf72d5ffbf72d5 ffbf72d5ffbf72d5 ZMM28=000000400000003f 0000003e0000003d 0000003c0000003b 0000003a00000039 0000003800000037 0000003600000035 0000003400000033 0000003200000031 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=ec1b0000ec1b0000 ec1b0000ec1b0000 ec1b0000ec1b0000 ec1b0000ec1b0000 ec1b0000ec1b0000 ec1b0000ec1b0000 ec1b0000ec1b0000 ec1b0000ec1b0000 info registers vcpu 1 CPU#1 RAX=0000000000000001 RBX=0000000000000000 RCX=0000000000000003 RDX=0000000000000000 RSI=0000000000000000 RDI=ffffc90003e97f58 RBP=ffffc90003e97f48 RSP=ffffc90003e97f28 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff8b201dc5 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000555579054500 ffffffff 00c00000 GS =0000 ffff88806a700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f620ebfef98 CR3=000000002475a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000c0fffc00 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555579070630 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555579067490 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557906eff8 000055557906ef50 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8080880001800300 1000108210002680 0400080008012cde 0003040826800304 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 a00307b882080001 980307b880080001 9003000800018803 0f98f198ea018080 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0001e00300100001 d00300100001c003 04040001b0030408 0001a80300080001 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 fc040002b0030010 0002a00300100002 9003021000028003 0a100001f0030210 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0101800402100000 080006012cc80008 0002c80300080002 c00300040002b803 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 36040002b40307ff fc040002b0030010 0002a00300100002 9003021000028003 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a100001f0030210 0001e00300100001 d00300100001c003 04040001b0030408 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0001a80300080001 a00307b882080001 980307b880080001 9003000800018803 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00100010c0030008 0010b00303d00400 10ac030380040010 a803000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=ffff88801cecb000 RBX=ffff88801e6e16c0 RCX=ffffffff82074212 RDX=1ffff11003cdc2f6 RSI=ffffffff82074221 RDI=ffff88801e6e17b0 RBP=1ffff92005001f38 RSP=ffffc9002800f990 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=ffffc9002800f9e0 R13=0000000000000000 R14=ffffc9002800fc30 R15=0000000000000000 RIP=ffffffff8207424a RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f88e89ad108 CR3=0000000048d1c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000010000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000ff00 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000069 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85057f85 RDI=ffffffff9a8ab680 RBP=ffffffff9a8ab640 RSP=ffffc90005efee50 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=552033203a555043 R12=0000000000000000 R13=0000000000000069 R14=ffffffff85057f20 R15=0000000000000000 RIP=ffffffff85057faf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f81af61e6c0 ffffffff 00c00000 GS =0000 ffff88806a900000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000001b3101fffc CR3=00000000663c6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000400 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000004000 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc44bf7a40 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f81ae7f199a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f81ae7f19a7 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f81ae7f19a1 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f81ae7f19b5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f81ae7f1a3b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f81ae7f1b19 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000