last executing test programs: 3.228580387s ago: executing program 3 (id=705): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x1, 0x0, [0xfffffffffffffff8, 0x0, 0x8, 0x200003f0, 0x20000420], 0x0, 0x0, 0x0}, 0x1f0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000080)={'bridge_slave_0\x00', &(0x7f00000000c0)=@ethtool_sset_info={0x37, 0x1, 0x1005}}) syz_io_uring_setup(0x24f9, &(0x7f0000000180)={0x0, 0x0, 0x10100, 0x0, 0x1000000}, &(0x7f0000000100), &(0x7f0000000140)) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='rdma.current\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000040)=0x1df67, 0x4) 3.088052092s ago: executing program 3 (id=706): socket$rds(0x15, 0x5, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = socket$nl_generic(0x11, 0x3, 0x10) syz_emit_ethernet(0x2b, &(0x7f0000000000)={@link_local, @random="a538ae464632", @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1d, 0x0, 0x0, 0x0, 0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x11, 0x0, 0x0, @multicast1, '\x00'}}}}}, 0x0) sendmsg(r0, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x36}], 0x2, 0x0, 0x0, 0x11000000}, 0x0) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe05000000000000000000009500"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) socket$nl_netfilter(0x10, 0x3, 0xc) r5 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) setsockopt$inet6_MCAST_MSFILTER(r5, 0x29, 0x30, &(0x7f0000000340)={0xd4b, {{0xa, 0x4e21, 0xffff8000, @mcast1}}, 0x1, 0x3, [{{0xa, 0x4e24, 0x30de5763, @local, 0x2}}, {{0xa, 0x4e22, 0x5, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x401}}, {{0xa, 0x4e21, 0x4, @remote, 0x7}}]}, 0x210) openat$adsp1(0xffffff9c, &(0x7f0000000000), 0x106201, 0x0) 2.145795426s ago: executing program 3 (id=717): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000001340)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="190000000400000008000000ff7f", @ANYRES32=0x0], 0x48) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000000006000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000001a000000000000", @ANYRES16=r0, @ANYRES32, @ANYBLOB], 0x48) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000f4) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000040)={'veth0_to_batadv\x00', &(0x7f0000000000)=@ethtool_cmd={0x2c, 0x2}}) ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x2, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'hsr0\x00', 0x0}) sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r6}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x44}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_usb_disconnect(0xffffffffffffffff) 1.384657982s ago: executing program 0 (id=723): open_tree(0xffffffffffffffff, 0x0, 0x81000) 1.367239891s ago: executing program 3 (id=725): r0 = socket$nl_route(0x10, 0x3, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000003c0)={'syztnl0\x00', &(0x7f0000000280)={'syztnl2\x00', 0x0, 0x7, 0x700, 0x9, 0x9, {{0x5, 0x4, 0x2, 0x7, 0x14, 0x67, 0x0, 0x2, 0x4, 0x0, @multicast2, @loopback}}}}) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000004000000e27f00000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000001000"/25], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000380), &(0x7f0000001340), 0x2931990f, r2}, 0x38) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r4 = dup2(r3, r2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r4}, 0x10) r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$SCSI_IOCTL_GET_PCI(r6, 0x5393, &(0x7f0000000000)) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x6, 0x9, &(0x7f0000000140)=@raw=[@printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xa}}, @call={0x85, 0x0, 0x0, 0xc}], &(0x7f0000000000)='GPL\x00', 0x9, 0x51, &(0x7f0000000200)=""/81, 0x41100, 0x40, '\x00', r1, 0x25, r4, 0x8, &(0x7f0000000400)={0x9, 0x5}, 0x8, 0x10, &(0x7f00000004c0)={0x4, 0x2, 0xb17, 0xfffffffb}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000500)=[0xffffffffffffffff, r6, 0x1], &(0x7f0000000540)=[{0x3, 0x1, 0x8, 0x4}, {0x4, 0x5, 0x4, 0x1}], 0x10, 0x7, @void, @value}, 0x94) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x1e, 0x2f, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000080000000000", @ANYBLOB="0000000000000000b7020000140000fbb7030000000000008500000083000000bf090000000000005509010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_lookup, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000440)='sched_switch\x00', r7}, 0x10) gettid() finit_module(0xffffffffffffffff, 0x0, 0x0) r8 = openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0) write$cgroup_devices(r8, &(0x7f0000000200)=ANY=[], 0xa) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00'}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r9, 0x8933, &(0x7f00000000c0)) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000780)=@newlink={0x20, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x7}}, 0x20}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18) 1.288372982s ago: executing program 0 (id=727): mkdirat(0xffffffffffffff9c, 0x0, 0x1c0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0x81c0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1/file3\x00', 0x1c0) mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x1c0) mount$tmpfs(0x0, &(0x7f0000000180)='./file1/file4\x00', &(0x7f00000001c0), 0x0, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000200)='./file1/file4/file5\x00', 0x81c0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file4/file6\x00', 0x1c0) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file1/file4/file7\x00', 0x1d0) r0 = landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x200000, 0x0) landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000340)={0x2000, r1}, 0x0) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) landlock_restrict_self(r0, 0x0) linkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0/file2\x00', 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000400)='./file1/file3\x00', 0xffffffffffffff9c, &(0x7f0000000440)='./file0/file3\x00', 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000080)="0f3800bbf540dceb260f015f009d0f6f140f20d86635080000000f22d867660f3802df66b96c0800000f322e2e0f88070066b9800000c00f326635010000000f30", 0x41}], 0x56, 0x0, 0x0, 0xffffffffffffff2d) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000240)='netlink_extack\x00'}, 0x10) r2 = socket$inet6(0xa, 0x5, 0xfffffffc) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x7, 0x0, &(0x7f00000064c0)) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=ANY=[@ANYBLOB="2c00000039000900000000000000000003000000040000000c0001"], 0x2c}}, 0x0) writev(r3, &(0x7f0000000000)=[{&(0x7f0000000080)="390000001300090468fe0700000000000000ff3f04000000480100100000000004002b000a00010014a4ee1ee438d2fd000000000000007208", 0x39}], 0x1) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10) writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000040)="3900000013000318680907070000000f0000ff3f04000000170a001700000000040037000d00030001332564aa58b9a64411f6bbf44dc48f57", 0x39}], 0x1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='irq_handler_exit\x00'}, 0x10) 1.288080376s ago: executing program 3 (id=728): bpf$OBJ_GET_MAP(0x7, &(0x7f00000001c0)=@o_path={0x0}, 0x18) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0, r1}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = getpid() process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640), 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0xffffffffffffff31, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffead, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d00000067"], &(0x7f0000000240)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r4 = getpid() r5 = syz_open_dev$dri(&(0x7f0000000100), 0x20, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(r5, 0xc01064c1, &(0x7f0000000080)) process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) timer_create(0x0, 0x0, &(0x7f0000000100)) r6 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$vhost_msg_v2(r6, &(0x7f00000004c0)={0x2, 0x0, {&(0x7f0000000340)=""/126, 0x7e, &(0x7f00000003c0)=""/208, 0x3, 0x2}}, 0x48) close(0xffffffffffffffff) r7 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(camellia)\x00'}, 0x58) accept4(r7, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000051c0)=[{{0x0, 0x5, &(0x7f0000001c00)=[{&(0x7f0000000b40)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c00000000000000080000000000000000e0000004"], 0x1c}}, 0x0) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x7) r8 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r8, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) 1.158692889s ago: executing program 0 (id=729): bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000100)={{0xa, 0x4e24, 0x0, @local}, {0xa, 0x0, 0x2, @empty}, 0x0, {[0x2, 0x6, 0x401, 0x6, 0x0, 0x0, 0x8]}}, 0x5c) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x15, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) syz_open_dev$loop(&(0x7f0000000240), 0x20364, 0x1) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc601}) socket$kcm(0x2, 0xa, 0x2) r4 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000001a00), 0x2, 0x0) write$6lowpan_control(r4, &(0x7f0000001a40)='connect aa:aa:aa:aa:aa:10 2', 0x1b) 706.49722ms ago: executing program 1 (id=730): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x90000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@local}) ioctl$IOCTL_VMCI_CTX_ADD_NOTIFICATION(r0, 0x7af, &(0x7f00000001c0)={@host, 0x7}) ioctl$IOCTL_VMCI_CTX_ADD_NOTIFICATION(r0, 0x7af, &(0x7f0000000080)={@hyper}) r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000040)=0x90000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000240)={@hyper}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r2) r3 = socket$inet6_mptcp(0xa, 0x1, 0x106) listen(r3, 0x0) ioctl$sock_inet6_tcp_SIOCOUTQNSD(r2, 0x894b, &(0x7f0000000040)) openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x181000, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0) 706.294224ms ago: executing program 1 (id=731): madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) r0 = userfaultfd(0x1) ioperm(0x0, 0xbbd3, 0x1) r1 = getpid() syz_pidfd_open(r1, 0x0) open(0x0, 0x0, 0x8) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x657, 0xfeffffff) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) socket$netlink(0x10, 0x3, 0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000300)=0x1) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_GET_CAP(r4, 0xc010640c, &(0x7f00000000c0)={0x14}) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000100)={0x0, 0x0, 0x40, 0x2}, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) 567.867711ms ago: executing program 1 (id=732): write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0) syz_init_net_socket$ax25(0x3, 0x2, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f600000085000000430000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) fcntl$setlease(r1, 0x400, 0x1) bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) quotactl_fd$Q_QUOTAON(0xffffffffffffffff, 0x0, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c1000003e0007012ebd700004101c000100000004000002041001"], 0x101c}}, 0x0) 567.531339ms ago: executing program 1 (id=733): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) chdir(&(0x7f0000000100)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x40942, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r1, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000000)=0x8, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4) bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c) setsockopt$sock_int(r2, 0x1, 0x3e, &(0x7f0000000080)=0x9, 0x4) listen(r2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x4) writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000180)="580000001500add427323b470c0100560a067fffffff81004e22030d00ff0028925aa8002000eaa57b00090080020efffeffe809020000ff0004f03a09001a910039ffffffffffffffffffe7ee0000000000000000020000", 0x43}], 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0) open(&(0x7f0000000080)='./bus\x00', 0x105c42, 0x0) write$binfmt_script(r4, &(0x7f0000000500), 0x4) copy_file_range(r4, &(0x7f00000001c0), r0, 0x0, 0xffffffffa003e45c, 0x700000000000000) 467.840022ms ago: executing program 1 (id=734): inotify_init1(0x0) 418.002479ms ago: executing program 2 (id=735): setrlimit(0x7, &(0x7f0000000000)={0x5, 0x18fe}) socket$nl_route(0x10, 0x3, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x5) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'ip_vti0\x00'}) fanotify_init(0x0, 0x0) 417.744316ms ago: executing program 1 (id=736): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x800400, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_init_net_socket$llc(0x1a, 0x1, 0x0) r1 = userfaultfd(0x1) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)) fcntl$dupfd(0xffffffffffffffff, 0x406, r1) r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES64], 0x0) syz_usb_control_io$hid(r2, 0x0, 0x0) syz_usb_control_io(r2, 0x0, 0x0) syz_usb_control_io(r2, &(0x7f0000000380)={0x2c, &(0x7f0000000180)=ANY=[@ANYBLOB="d6d9c9fd38dd30010000003475e5881bed84ea8ae65d4240a337aa3c4bb2bead95ed97979a1eab98b3e741de5db413d49b769a455e2f1f96cfa676959f425ce2d62825016f5f91b5634bb7c28e9f9253aef04d0f70504806aea585cee81413c09cdade24c389ffc7faf1b2877c"], 0x0, 0x0, 0x0, 0x0}, 0x0) getpid() open_tree(0xffffffffffffffff, 0x0, 0x81000) 368.332867ms ago: executing program 2 (id=737): mkdirat(0xffffffffffffff9c, 0x0, 0x1c0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0x81c0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1/file3\x00', 0x1c0) mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x1c0) mount$tmpfs(0x0, &(0x7f0000000180)='./file1/file4\x00', &(0x7f00000001c0), 0x0, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000200)='./file1/file4/file5\x00', 0x81c0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file4/file6\x00', 0x1c0) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file1/file4/file7\x00', 0x1d0) r0 = landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x200000, 0x0) landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000340)={0x2000, r1}, 0x0) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) landlock_restrict_self(r0, 0x0) linkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0/file2\x00', 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000400)='./file1/file3\x00', 0xffffffffffffff9c, &(0x7f0000000440)='./file0/file3\x00', 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000080)="0f3800bbf540dceb260f015f009d0f6f140f20d86635080000000f22d867660f3802df66b96c0800000f322e2e0f88070066b9800000c00f326635010000000f30", 0x41}], 0x56, 0x0, 0x0, 0xffffffffffffff2d) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000240)='netlink_extack\x00'}, 0x10) r2 = socket$inet6(0xa, 0x5, 0xfffffffc) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x7, 0x0, &(0x7f00000064c0)) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=ANY=[@ANYBLOB="2c00000039000900000000000000000003000000040000000c0001"], 0x2c}}, 0x0) writev(r3, &(0x7f0000000000)=[{&(0x7f0000000080)="390000001300090468fe0700000000000000ff3f04000000480100100000000004002b000a00010014a4ee1ee438d2fd000000000000007208", 0x39}], 0x1) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10) writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000040)="3900000013000318680907070000000f0000ff3f04000000170a001700000000040037000d00030001332564aa58b9a64411f6bbf44dc48f57", 0x39}], 0x1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='irq_handler_exit\x00'}, 0x10) 278.459107ms ago: executing program 3 (id=738): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) chdir(&(0x7f0000000100)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x40942, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r1, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000000)=0x8, 0x4) socket$inet6_tcp(0xa, 0x1, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000500), 0x4) copy_file_range(r2, &(0x7f00000001c0), r0, 0x0, 0xffffffffa003e45c, 0x700000000000000) creat(&(0x7f00000003c0)='./bus\x00', 0xa) 278.080523ms ago: executing program 2 (id=739): setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000000)='nr0\x00', 0x10) sendmmsg$inet(0xffffffffffffffff, &(0x7f00000020c0)=[{{0x0, 0x4000, &(0x7f0000000680)=[{&(0x7f00000004c0)='\f', 0x1}], 0x1}}], 0xfdef, 0x0) 218.421587ms ago: executing program 2 (id=740): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x90000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@local}) ioctl$IOCTL_VMCI_CTX_ADD_NOTIFICATION(r0, 0x7af, &(0x7f00000001c0)={@host, 0x7}) ioctl$IOCTL_VMCI_CTX_ADD_NOTIFICATION(r0, 0x7af, &(0x7f0000000080)={@hyper}) r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000040)=0x90000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000240)={@hyper}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r2) r3 = socket$inet6_mptcp(0xa, 0x1, 0x106) listen(r3, 0x0) ioctl$sock_inet6_tcp_SIOCOUTQNSD(r2, 0x894b, &(0x7f0000000040)) openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x181000, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0) 218.259351ms ago: executing program 0 (id=741): madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) r0 = userfaultfd(0x1) ioperm(0x0, 0xbbd3, 0x1) r1 = getpid() syz_pidfd_open(r1, 0x0) open(0x0, 0x0, 0x8) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x657, 0xfeffffff) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) socket$netlink(0x10, 0x3, 0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000300)=0x1) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_GET_CAP(r4, 0xc010640c, &(0x7f00000000c0)={0x14}) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) 218.13803ms ago: executing program 2 (id=742): write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0) syz_init_net_socket$ax25(0x3, 0x2, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f600000085000000430000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) quotactl_fd$Q_QUOTAON(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c1000003e0007012ebd700004101c000100000004000002041001"], 0x101c}}, 0x0) 128.373538ms ago: executing program 2 (id=743): openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) ioctl$KVM_SET_NESTED_STATE(0xffffffffffffffff, 0x4080aebf, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r1, &(0x7f0000000000), 0xe) listen(r1, 0x0) accept4$bt_l2cap(r1, 0x0, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) 54.743027ms ago: executing program 0 (id=744): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) chdir(&(0x7f0000000100)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x40942, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r1, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000000)=0x8, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4) bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c) setsockopt$sock_int(r2, 0x1, 0x3e, &(0x7f0000000080)=0x9, 0x4) listen(r2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x4) writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000180)="580000001500add427323b470c0100560a067fffffff81004e22030d00ff0028925aa8002000eaa57b00090080020efffeffe809020000ff0004f03a09001a910039ffffffffffffffffffe7ee0000000000000000020000", 0x43}], 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0) open(&(0x7f0000000080)='./bus\x00', 0x105c42, 0x0) write$binfmt_script(r4, &(0x7f0000000500), 0x4) copy_file_range(r4, &(0x7f00000001c0), r0, 0x0, 0xffffffffa003e45c, 0x700000000000000) 0s ago: executing program 0 (id=745): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x800400, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_init_net_socket$llc(0x1a, 0x1, 0x0) r1 = userfaultfd(0x1) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)) r2 = fcntl$dupfd(0xffffffffffffffff, 0x406, r1) r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES64], 0x0) syz_usb_control_io$hid(r3, 0x0, 0x0) syz_usb_control_io(r3, 0x0, 0x0) syz_usb_control_io(r3, &(0x7f0000000380)={0x2c, &(0x7f0000000180)=ANY=[@ANYBLOB="d6d9c9fd38dd30010000003475e5881bed84ea8ae65d4240a337aa3c4bb2bead95ed97979a1eab98b3e741de5db413d49b769a455e2f1f96cfa676959f425ce2d62825016f5f91b5634bb7c28e9f9253aef04d0f70504806aea585cee81413c09cdade24c389ffc7faf1b2877c"], 0x0, 0x0, 0x0, 0x0}, 0x0) r4 = getpid() prlimit64(0x0, 0x7, &(0x7f0000000080), 0x0) open_tree(0xffffffffffffffff, 0x0, 0x81000) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000070000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) sendmsg$MPTCP_PM_CMD_DEL_ADDR(r2, &(0x7f0000000700)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000006c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x44004}, 0x814) r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000500)='tlb_flush\x00', r5}, 0x10) process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640), 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x8, 0x4, 0x4, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x13, 0x8, &(0x7f0000000680)=ANY=[@ANYRES8=r4, @ANYRES8=r6, @ANYRES32=r5], &(0x7f0000000640)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff71, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r7, 0x0, 0xe, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f0800", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) syz_open_dev$hidraw(&(0x7f0000002300), 0x0, 0x0) fchdir(0xffffffffffffffff) inotify_init1(0x0) kernel console output (not intermixed with test programs): nfig 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 75.031558][ T57] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 75.033998][ T57] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 75.055657][ T57] usb 6-1: config 0 descriptor?? [ 75.057811][ T6380] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 75.157154][ T6392] overlay: Unknown parameter '/' [ 75.199940][ T6397] input input6: cannot allocate more than FF_MAX_EFFECTS effects [ 75.555046][ T6409] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 75.564875][ T6409] evm: overlay not supported [ 75.628928][ T6413] syzkaller1: entered allmulticast mode [ 75.687442][ T57] usbhid 6-1:0.0: can't add hid device: -71 [ 75.689248][ T57] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 75.695264][ T57] usb 6-1: USB disconnect, device number 6 [ 75.737830][ T6409] nbd0: detected capacity change from 0 to 12 [ 75.746706][ T5331] block nbd0: Send control failed (result -89) [ 75.748773][ T5331] block nbd0: Request send failed, requeueing [ 75.751415][ T5355] block nbd0: Receive control failed (result -32) [ 75.752662][ T51] block nbd0: Dead connection, failed to find a fallback [ 75.755547][ T51] block nbd0: shutting down sockets [ 75.757067][ T51] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 75.761687][ T51] Buffer I/O error on dev nbd0, logical block 0, async page read [ 75.764514][ T5331] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 75.767214][ T5331] Buffer I/O error on dev nbd0, logical block 0, async page read [ 75.771391][ T5331] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 75.773771][ T5331] Buffer I/O error on dev nbd0, logical block 0, async page read [ 75.776128][ T5331] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 75.778828][ T5331] Buffer I/O error on dev nbd0, logical block 0, async page read [ 75.782781][ T5331] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 75.785116][ T5331] Buffer I/O error on dev nbd0, logical block 0, async page read [ 75.787108][ T5331] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 75.789556][ T6417] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6417 comm=syz.3.317 [ 75.789851][ T5331] Buffer I/O error on dev nbd0, logical block 0, async page read [ 75.795023][ T5331] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 75.797283][ T5331] Buffer I/O error on dev nbd0, logical block 0, async page read [ 75.799398][ T5331] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 75.801749][ T5331] Buffer I/O error on dev nbd0, logical block 0, async page read [ 75.803732][ T5331] ldm_validate_partition_table(): Disk read failed. [ 75.805654][ T5331] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 75.807899][ T5331] Buffer I/O error on dev nbd0, logical block 0, async page read [ 75.810538][ T5331] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 75.812883][ T5331] Buffer I/O error on dev nbd0, logical block 0, async page read [ 75.814923][ T5331] Dev nbd0: unable to read RDB block 0 [ 75.816518][ T5331] nbd0: unable to read partition table [ 75.818198][ T5331] nbd0: partition table beyond EOD, truncated [ 75.859225][ T5331] ldm_validate_partition_table(): Disk read failed. [ 75.861070][ T5331] Dev nbd0: unable to read RDB block 0 [ 75.862622][ T5331] nbd0: unable to read partition table [ 75.864245][ T5331] nbd0: partition table beyond EOD, truncated [ 76.132882][ T6427] batadv0: entered promiscuous mode [ 76.134848][ T6427] batadv_slave_0: entered promiscuous mode [ 76.136483][ T6427] batadv_slave_0: left promiscuous mode [ 76.140226][ T6427] batadv0: left promiscuous mode [ 76.180256][ T830] cfg80211: failed to load regulatory.db [ 76.448967][ T6442] FAULT_INJECTION: forcing a failure. [ 76.448967][ T6442] name failslab, interval 1, probability 0, space 0, times 0 [ 76.453439][ T6442] CPU: 1 UID: 0 PID: 6442 Comm: syz.1.324 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 76.457195][ T6442] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 76.460896][ T6442] Call Trace: [ 76.462116][ T6442] [ 76.463214][ T6442] dump_stack_lvl+0x16c/0x1f0 [ 76.464915][ T6442] should_fail_ex+0x497/0x5b0 [ 76.466560][ T6442] ? fs_reclaim_acquire+0xae/0x160 [ 76.468398][ T6442] should_failslab+0xc2/0x120 [ 76.470114][ T6442] __kmalloc_noprof+0xcb/0x400 [ 76.471776][ T6442] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 76.473721][ T6442] tomoyo_realpath_from_path+0xb9/0x720 [ 76.475650][ T6442] ? tomoyo_path_number_perm+0x232/0x590 [ 76.477668][ T6442] tomoyo_path_number_perm+0x245/0x590 [ 76.479523][ T6442] ? tomoyo_path_number_perm+0x232/0x590 [ 76.481554][ T6442] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 76.483689][ T6442] ? kmem_cache_free+0x152/0x4b0 [ 76.485452][ T6442] ? trace_lock_acquire+0x14a/0x1d0 [ 76.487299][ T6442] ? lock_acquire+0x2f/0xb0 [ 76.488950][ T6442] ? __fget_files+0x40/0x3f0 [ 76.490652][ T6442] ? __fget_files+0x244/0x3f0 [ 76.492333][ T6442] security_file_ioctl+0x9b/0x240 [ 76.494121][ T6442] __x64_sys_ioctl+0xbb/0x220 [ 76.495740][ T6442] do_syscall_64+0xcd/0x250 [ 76.497333][ T6442] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.499312][ T6442] RIP: 0033:0x7f057417dbfb [ 76.500962][ T6442] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00 [ 76.507581][ T6442] RSP: 002b:00007f0574f8a490 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 76.510556][ T6442] RAX: ffffffffffffffda RBX: 00007f0574f8abe0 RCX: 00007f057417dbfb [ 76.513272][ T6442] RDX: 00007f0574f8abe0 RSI: 00000000c008ae05 RDI: 0000000000000008 [ 76.516123][ T6442] RBP: 0000000020fde000 R08: 0000000000000000 R09: 0000000000000008 [ 76.518832][ T6442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 76.521522][ T6442] R13: 0000000000000063 R14: 0000000020fdd000 R15: 0000000020fde800 [ 76.524232][ T6442] [ 76.530034][ T6442] ERROR: Out of memory at tomoyo_realpath_from_path. [ 77.098152][ T5429] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 77.163080][ T6464] netlink: 12 bytes leftover after parsing attributes in process `syz.0.329'. [ 77.259832][ T5429] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 77.262709][ T5429] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 77.265405][ T5429] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 77.268932][ T5429] usb 6-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 77.271287][ T5429] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 77.274577][ T5429] usb 6-1: config 0 descriptor?? [ 77.709194][ T5429] acrux 0003:1A34:0802.0004: hidraw1: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.1-1/input0 [ 77.712915][ T5429] acrux 0003:1A34:0802.0004: no inputs found [ 77.714849][ T5429] acrux 0003:1A34:0802.0004: Failed to enable force feedback support, error: -19 [ 77.755392][ T6505] netfs: Couldn't get user pages (rc=-14) [ 77.760357][ T6507] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.761998][ T6505] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 77.763227][ T6507] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.767222][ T6505] xt_CHECKSUM: unsupported CHECKSUM operation f4 [ 77.770404][ T6507] bridge0: entered allmulticast mode [ 77.777543][ T6507] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.780370][ T6507] bridge0: port 2(bridge_slave_1) entered forwarding state [ 77.783187][ T6507] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.785668][ T6507] bridge0: port 1(bridge_slave_0) entered forwarding state [ 77.789046][ T6507] bridge0: entered promiscuous mode [ 77.833168][ T6510] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 77.901929][ T5779] usb 6-1: USB disconnect, device number 7 [ 78.011986][ T6514] netlink: 8 bytes leftover after parsing attributes in process `syz.0.336'. [ 78.014545][ T6514] netlink: 9 bytes leftover after parsing attributes in process `syz.0.336'. [ 78.017532][ T6514] 1猉功D: entered promiscuous mode [ 78.019467][ T6514] 1猉功D: left allmulticast mode [ 78.025023][ T6514] netlink: 5 bytes leftover after parsing attributes in process `syz.0.336'. [ 78.029031][ T6514] 0猉功D: renamed from 31猉功D [ 78.032245][ T6514] 0猉功D: left promiscuous mode [ 78.033980][ T6514] 0猉功D: entered allmulticast mode [ 78.074895][ T6517] bond0: (slave erspan0): Opening slave failed [ 78.432758][ T6530] net_ratelimit: 12 callbacks suppressed [ 78.432770][ T6530] netlink: zone id is out of range [ 78.435634][ T6530] netlink: zone id is out of range [ 78.437041][ T6530] netlink: zone id is out of range [ 78.444509][ T6530] netlink: set zone limit has 4 unknown bytes [ 78.533888][ T6535] FAULT_INJECTION: forcing a failure. [ 78.533888][ T6535] name failslab, interval 1, probability 0, space 0, times 0 [ 78.537074][ T6535] CPU: 1 UID: 0 PID: 6535 Comm: syz.1.344 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 78.540374][ T6535] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 78.543249][ T6535] Call Trace: [ 78.544082][ T6535] [ 78.544803][ T6535] dump_stack_lvl+0x16c/0x1f0 [ 78.545982][ T6535] should_fail_ex+0x497/0x5b0 [ 78.547139][ T6535] ? __pfx___lock_acquire+0x10/0x10 [ 78.548478][ T6535] ? __pfx_mark_lock+0x10/0x10 [ 78.549635][ T6535] should_failslab+0xc2/0x120 [ 78.550778][ T6535] __kmalloc_cache_noprof+0x6b/0x300 [ 78.552143][ T6535] ? nsim_fib_event_nb+0x1b6/0xec0 [ 78.553397][ T6535] ? lock_acquire.part.0+0x11b/0x380 [ 78.554910][ T6535] nsim_fib_event_nb+0x1b6/0xec0 [ 78.556170][ T6535] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 78.557620][ T6535] ? rcu_is_watching+0x12/0xc0 [ 78.559150][ T6535] notifier_call_chain+0xb9/0x410 [ 78.561013][ T6535] ? __pfx_nsim_fib_event_nb+0x10/0x10 [ 78.562405][ T6535] atomic_notifier_call_chain+0x71/0x1c0 [ 78.563770][ T6535] call_fib_notifiers+0x33/0x70 [ 78.565058][ T6535] fib6_add+0x25ec/0x4b50 [ 78.566209][ T6535] ? __kmalloc_noprof+0x207/0x400 [ 78.567530][ T6535] ? __pfx_fib6_add+0x10/0x10 [ 78.568949][ T6535] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 78.570898][ T6535] ? lock_acquire+0x2f/0xb0 [ 78.572558][ T6535] ? ip6_route_add+0x7b/0x1c0 [ 78.574279][ T6535] ? ip6_route_add+0x8d/0x1c0 [ 78.576014][ T6535] ip6_route_add+0x8d/0x1c0 [ 78.577681][ T6535] addrconf_prefix_route+0x2fe/0x510 [ 78.579546][ T6535] ? __pfx_addrconf_prefix_route+0x10/0x10 [ 78.581710][ T6535] ? __local_bh_enable_ip+0xa4/0x120 [ 78.583604][ T6535] ? lockdep_hardirqs_on+0x7c/0x110 [ 78.585495][ T6535] ? ipv6_mc_config+0x73/0xf0 [ 78.587215][ T6535] inet6_addr_add+0x698/0xbc0 [ 78.588932][ T6535] inet6_rtm_newaddr+0x11d1/0x1aa0 [ 78.590765][ T6535] ? __pfx_inet6_rtm_newaddr+0x10/0x10 [ 78.592729][ T6535] ? __mutex_lock+0x1a6/0x9c0 [ 78.594536][ T6535] ? __pfx_inet6_rtm_newaddr+0x10/0x10 [ 78.596543][ T6535] rtnetlink_rcv_msg+0x3c7/0xea0 [ 78.598374][ T6535] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 78.600426][ T6535] netlink_rcv_skb+0x16b/0x440 [ 78.602174][ T6535] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 78.604177][ T6535] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 78.606133][ T6535] ? netlink_deliver_tap+0x1ae/0xd90 [ 78.608106][ T6535] netlink_unicast+0x53c/0x7f0 [ 78.609866][ T6535] ? __pfx_netlink_unicast+0x10/0x10 [ 78.611786][ T6535] netlink_sendmsg+0x8b8/0xd70 [ 78.613562][ T6535] ? __pfx_netlink_sendmsg+0x10/0x10 [ 78.615552][ T6535] ? __import_iovec+0x1fd/0x6e0 [ 78.617357][ T6535] ____sys_sendmsg+0xaaf/0xc90 [ 78.619103][ T6535] ? copy_msghdr_from_user+0x10b/0x160 [ 78.621019][ T6535] ? __pfx_____sys_sendmsg+0x10/0x10 [ 78.622695][ T6535] ? __pfx___lock_acquire+0x10/0x10 [ 78.624396][ T6535] ___sys_sendmsg+0x135/0x1e0 [ 78.626160][ T6535] ? __pfx____sys_sendmsg+0x10/0x10 [ 78.628083][ T6535] ? lock_acquire+0x2f/0xb0 [ 78.629744][ T6535] ? __fget_files+0x40/0x3f0 [ 78.631464][ T6535] ? fdget+0x176/0x210 [ 78.632989][ T6535] __sys_sendmsg+0x117/0x1f0 [ 78.634697][ T6535] ? __pfx___sys_sendmsg+0x10/0x10 [ 78.636594][ T6535] ? __fget_files+0x244/0x3f0 [ 78.638312][ T6535] do_syscall_64+0xcd/0x250 [ 78.639976][ T6535] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.642129][ T6535] RIP: 0033:0x7f057417dff9 [ 78.643772][ T6535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 78.650671][ T6535] RSP: 002b:00007f0574f8c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 78.653707][ T6535] RAX: ffffffffffffffda RBX: 00007f0574335f80 RCX: 00007f057417dff9 [ 78.656553][ T6535] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000006 [ 78.659403][ T6535] RBP: 00007f0574f8c090 R08: 0000000000000000 R09: 0000000000000000 [ 78.662310][ T6535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 78.665149][ T6535] R13: 0000000000000000 R14: 00007f0574335f80 R15: 00007fff2a3f2ed8 [ 78.667967][ T6535] [ 78.726472][ T6539] netlink: 8 bytes leftover after parsing attributes in process `syz.2.345'. [ 78.728176][ T5429] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 78.730623][ T6539] netlink: 9 bytes leftover after parsing attributes in process `syz.2.345'. [ 78.741755][ T6539] 0猉功D: entered promiscuous mode [ 78.743121][ T6539] 0猉功D: left allmulticast mode [ 78.747323][ T6539] netlink: 5 bytes leftover after parsing attributes in process `syz.2.345'. [ 78.750996][ T6539] 1猉功D: renamed from 30猉功D [ 78.753805][ T6539] 1猉功D: left promiscuous mode [ 78.755085][ T6539] 1猉功D: entered allmulticast mode [ 78.757174][ T6539] A link change request failed with some changes committed already. Interface 31猉功D may have been left with an inconsistent configuration, please check. [ 78.766837][ T6541] batadv0: entered promiscuous mode [ 78.769481][ T6541] batadv_slave_0: entered promiscuous mode [ 78.771124][ T6541] batadv_slave_0: left promiscuous mode [ 78.780383][ T6541] batadv0: left promiscuous mode [ 78.794600][ T6543] vivid-007: disconnect [ 78.799675][ T6542] vivid-007: reconnect [ 78.889486][ T5429] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 78.893205][ T5429] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 78.895609][ T5429] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 78.900456][ T5429] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 78.902700][ T5429] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 78.904771][ T5429] usb 5-1: Product: syz [ 78.905835][ T5429] usb 5-1: Manufacturer: syz [ 78.906964][ T5429] usb 5-1: SerialNumber: syz [ 78.928771][ T39] kauditd_printk_skb: 32 callbacks suppressed [ 78.928782][ T39] audit: type=1400 audit(1727760092.026:835): avc: denied { ioctl } for pid=6548 comm="syz.1.350" path="/dev/nullb0" dev="devtmpfs" ino=691 ioctlcmd=0x4c06 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 79.113591][ T5429] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 3 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 79.313846][ T1451] usb 5-1: USB disconnect, device number 3 [ 79.318516][ T1451] usblp0: removed [ 79.485748][ T6561] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 79.862365][ T6567] netlink: 8 bytes leftover after parsing attributes in process `syz.2.356'. [ 79.865021][ T6567] netlink: 9 bytes leftover after parsing attributes in process `syz.2.356'. [ 79.868263][ T6567] 1猉功D: entered promiscuous mode [ 79.869675][ T6567] 1猉功D: left allmulticast mode [ 79.873057][ T6567] netlink: 5 bytes leftover after parsing attributes in process `syz.2.356'. [ 79.875496][ T6567] 0猉功D: renamed from 31猉功D [ 79.877564][ T6567] 0猉功D: left promiscuous mode [ 79.879071][ T6567] 0猉功D: entered allmulticast mode [ 79.882501][ T6567] A link change request failed with some changes committed already. Interface 30猉功D may have been left with an inconsistent configuration, please check. [ 80.192613][ T6582] netlink: 8 bytes leftover after parsing attributes in process `syz.2.362'. [ 80.195593][ T6582] netlink: 9 bytes leftover after parsing attributes in process `syz.2.362'. [ 80.199778][ T6582] 0猉功D: entered promiscuous mode [ 80.201402][ T6582] 0猉功D: left allmulticast mode [ 80.208485][ T6582] netlink: 5 bytes leftover after parsing attributes in process `syz.2.362'. [ 80.211890][ T6582] 1猉功D: renamed from 30猉功D [ 80.215148][ T6582] 1猉功D: left promiscuous mode [ 80.216953][ T6582] 1猉功D: entered allmulticast mode [ 80.220224][ T6582] A link change request failed with some changes committed already. Interface 31猉功D may have been left with an inconsistent configuration, please check. [ 80.274788][ T6584] batadv0: entered promiscuous mode [ 80.277927][ T6584] batadv_slave_0: entered promiscuous mode [ 80.280168][ T6584] batadv_slave_0: left promiscuous mode [ 80.282482][ T6584] batadv0: left promiscuous mode [ 80.394528][ T39] audit: type=1400 audit(1727760093.486:836): avc: denied { create } for pid=6587 comm="syz.2.364" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 80.401758][ T39] audit: type=1400 audit(1727760093.486:837): avc: denied { setopt } for pid=6587 comm="syz.2.364" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 80.408875][ T39] audit: type=1400 audit(1727760093.486:838): avc: denied { write } for pid=6587 comm="syz.2.364" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 80.523581][ T6591] netlink: 8 bytes leftover after parsing attributes in process `syz.2.365'. [ 80.529486][ T6591] 1猉功D: entered promiscuous mode [ 80.531433][ T6591] 1猉功D: left allmulticast mode [ 80.537244][ T6591] 0猉功D: renamed from 31猉功D [ 80.540744][ T6591] 0猉功D: left promiscuous mode [ 80.542614][ T6591] 0猉功D: entered allmulticast mode [ 80.545741][ T6591] A link change request failed with some changes committed already. Interface 30猉功D may have been left with an inconsistent configuration, please check. [ 80.642660][ T6597] FAULT_INJECTION: forcing a failure. [ 80.642660][ T6597] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 80.646032][ T6597] CPU: 0 UID: 0 PID: 6597 Comm: syz.2.368 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 80.648993][ T6597] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 80.652664][ T6597] Call Trace: [ 80.653887][ T6597] [ 80.654976][ T6597] dump_stack_lvl+0x16c/0x1f0 [ 80.656706][ T6597] should_fail_ex+0x497/0x5b0 [ 80.658336][ T6597] _copy_from_user+0x30/0xf0 [ 80.660116][ T6597] sctp_getsockopt+0x2cad/0x74a0 [ 80.661927][ T6597] ? avc_has_perm_noaudit+0x119/0x3a0 [ 80.663872][ T6597] ? __pfx_lock_release+0x10/0x10 [ 80.665716][ T6597] ? trace_lock_acquire+0x14a/0x1d0 [ 80.667498][ T6597] ? __pfx_mark_lock+0x10/0x10 [ 80.668974][ T6597] ? __pfx_sctp_getsockopt+0x10/0x10 [ 80.670332][ T6597] ? avc_has_perm+0x11b/0x1c0 [ 80.671561][ T6597] ? __pfx___lock_acquire+0x10/0x10 [ 80.672914][ T6597] ? find_held_lock+0x2d/0x110 [ 80.674163][ T6597] ? __might_fault+0x13b/0x190 [ 80.675408][ T6597] ? __pfx_lock_release+0x10/0x10 [ 80.676718][ T6597] ? trace_lock_acquire+0x14a/0x1d0 [ 80.678079][ T6597] ? lock_acquire+0x2f/0xb0 [ 80.679378][ T6597] ? __might_fault+0xe3/0x190 [ 80.680619][ T6597] ? __might_fault+0xe3/0x190 [ 80.681835][ T6597] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 80.683366][ T6597] ? do_sock_getsockopt+0x3fe/0x800 [ 80.684724][ T6597] do_sock_getsockopt+0x3fe/0x800 [ 80.686039][ T6597] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 80.687461][ T6597] ? __fget_files+0x244/0x3f0 [ 80.688811][ T6597] __sys_getsockopt+0x1a1/0x270 [ 80.690078][ T6597] ? __pfx___sys_getsockopt+0x10/0x10 [ 80.691455][ T6597] ? fput+0x30/0x390 [ 80.692474][ T6597] ? ksys_write+0x1ad/0x260 [ 80.693654][ T6597] ? __pfx_ksys_write+0x10/0x10 [ 80.694914][ T6597] __x64_sys_getsockopt+0xbd/0x160 [ 80.696247][ T6597] ? do_syscall_64+0x91/0x250 [ 80.697466][ T6597] ? lockdep_hardirqs_on+0x7c/0x110 [ 80.698962][ T6597] do_syscall_64+0xcd/0x250 [ 80.700603][ T6597] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 80.702683][ T6597] RIP: 0033:0x7f981c77dff9 [ 80.704317][ T6597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 80.709800][ T6597] RSP: 002b:00007f981d4a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 80.711946][ T6597] RAX: ffffffffffffffda RBX: 00007f981c935f80 RCX: 00007f981c77dff9 [ 80.713988][ T6597] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000005 [ 80.716028][ T6597] RBP: 00007f981d4a5090 R08: 0000000020000180 R09: 0000000000000000 [ 80.718061][ T6597] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001 [ 80.720164][ T6597] R13: 0000000000000000 R14: 00007f981c935f80 R15: 00007fff797cdb68 [ 80.722197][ T6597] [ 80.799380][ T39] audit: type=1400 audit(1727760093.896:839): avc: denied { write } for pid=6602 comm="syz.2.371" name="ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 80.809901][ T39] audit: type=1400 audit(1727760093.896:840): avc: denied { bind } for pid=6602 comm="syz.2.371" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 80.816720][ T39] audit: type=1400 audit(1727760093.896:841): avc: denied { create } for pid=6602 comm="syz.2.371" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 80.823480][ T39] audit: type=1400 audit(1727760093.896:842): avc: denied { ioctl } for pid=6602 comm="syz.2.371" path="socket:[16557]" dev="sockfs" ino=16557 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 80.831740][ T39] audit: type=1400 audit(1727760093.906:843): avc: denied { listen } for pid=6598 comm="syz.1.369" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 80.839372][ T39] audit: type=1400 audit(1727760093.906:844): avc: denied { read } for pid=6598 comm="syz.1.369" path="socket:[15509]" dev="sockfs" ino=15509 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 80.932667][ T6613] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=6613 comm=syz.0.372 [ 80.975327][ T6616] dummy0: left allmulticast mode [ 81.180556][ T6619] 1猉功D: entered promiscuous mode [ 81.181962][ T6619] 1猉功D: left allmulticast mode [ 81.208702][ T6619] 0猉功D: renamed from 31猉功D [ 81.229590][ T6619] 0猉功D: left promiscuous mode [ 81.231322][ T6619] 0猉功D: entered allmulticast mode [ 81.234934][ T6619] A link change request failed with some changes committed already. Interface 30猉功D may have been left with an inconsistent configuration, please check. [ 81.378613][ T6624] sp0: Synchronizing with TNC [ 82.755265][ T6651] binder: BINDER_SET_CONTEXT_MGR already set [ 82.757033][ T6651] binder: 6649:6651 ioctl 4018620d 20000040 returned -16 [ 82.762582][ T6651] binder: 6649:6651 ioctl c0306201 0 returned -14 [ 83.042555][ T6660] 0猉功D: entered promiscuous mode [ 83.044657][ T6660] 0猉功D: left allmulticast mode [ 83.051552][ T6660] 1猉功D: renamed from 30猉功D [ 83.054189][ T6660] 1猉功D: left promiscuous mode [ 83.056739][ T6660] 1猉功D: entered allmulticast mode [ 83.063858][ T6660] A link change request failed with some changes committed already. Interface 31猉功D may have been left with an inconsistent configuration, please check. [ 83.260325][ T6665] ======================================================= [ 83.260325][ T6665] WARNING: The mand mount option has been deprecated and [ 83.260325][ T6665] and is ignored by this kernel. Remove the mand [ 83.260325][ T6665] option from the mount to silence this warning. [ 83.260325][ T6665] ======================================================= [ 83.273627][ T6665] fuse: Unknown parameter '' [ 83.541161][ T6651] syz.3.381 (6651): drop_caches: 2 [ 84.123705][ T39] kauditd_printk_skb: 61 callbacks suppressed [ 84.123722][ T39] audit: type=1400 audit(1727760097.216:906): avc: denied { connect } for pid=6677 comm="syz.2.390" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 84.138147][ T6681] xt_socket: unknown flags 0x8 [ 84.216332][ T39] audit: type=1400 audit(1727760097.306:907): avc: denied { write } for pid=6677 comm="syz.2.390" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 84.388113][ T6688] __nla_validate_parse: 9 callbacks suppressed [ 84.388125][ T6688] netlink: 8 bytes leftover after parsing attributes in process `syz.0.393'. [ 84.397869][ T6688] netlink: 9 bytes leftover after parsing attributes in process `syz.0.393'. [ 84.407659][ T6688] 0猉功D: entered promiscuous mode [ 84.409064][ T6688] 0猉功D: left allmulticast mode [ 84.412247][ T6688] netlink: 5 bytes leftover after parsing attributes in process `syz.0.393'. [ 84.414772][ T6688] 1猉功D: renamed from 30猉功D [ 84.422986][ T6688] 1猉功D: left promiscuous mode [ 84.424351][ T6688] 1猉功D: entered allmulticast mode [ 84.426335][ T6688] A link change request failed with some changes committed already. Interface 31猉功D may have been left with an inconsistent configuration, please check. [ 84.436829][ T39] audit: type=1326 audit(1727760097.526:908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6689 comm="syz.3.394" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f812797dff9 code=0x7ffc0000 [ 84.446884][ T6690] No such timeout policy "syz0" [ 84.456015][ T39] audit: type=1326 audit(1727760097.526:909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6689 comm="syz.3.394" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f812797dff9 code=0x7ffc0000 [ 84.462380][ T39] audit: type=1326 audit(1727760097.526:910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6689 comm="syz.3.394" exe="/syz-executor" sig=0 arch=c000003e syscall=300 compat=0 ip=0x7f812797dff9 code=0x7ffc0000 [ 84.475290][ T39] audit: type=1326 audit(1727760097.526:911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6689 comm="syz.3.394" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f812797dff9 code=0x7ffc0000 [ 84.481478][ T39] audit: type=1326 audit(1727760097.526:912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6689 comm="syz.3.394" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f812797dff9 code=0x7ffc0000 [ 84.487411][ T39] audit: type=1326 audit(1727760097.526:913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6689 comm="syz.3.394" exe="/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f812797dff9 code=0x7ffc0000 [ 84.494337][ T39] audit: type=1326 audit(1727760097.526:914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6689 comm="syz.3.394" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f812797dff9 code=0x7ffc0000 [ 84.500523][ T39] audit: type=1326 audit(1727760097.526:915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6689 comm="syz.3.394" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f812797dff9 code=0x7ffc0000 [ 84.961904][ T6704] netlink: set zone limit has 4 unknown bytes [ 85.060513][ T6715] fuse: Unknown parameter '00000000000000000003' [ 85.102815][ T6716] FAULT_INJECTION: forcing a failure. [ 85.102815][ T6716] name failslab, interval 1, probability 0, space 0, times 0 [ 85.107248][ T6716] CPU: 0 UID: 0 PID: 6716 Comm: syz.2.401 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 85.110776][ T6716] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 85.114335][ T6716] Call Trace: [ 85.115452][ T6716] [ 85.116460][ T6716] dump_stack_lvl+0x16c/0x1f0 [ 85.118033][ T6716] should_fail_ex+0x497/0x5b0 [ 85.119728][ T6716] ? fs_reclaim_acquire+0xae/0x160 [ 85.121521][ T6716] should_failslab+0xc2/0x120 [ 85.123129][ T6716] __kmalloc_cache_noprof+0x6b/0x300 [ 85.123932][ T6717] binder: BINDER_SET_CONTEXT_MGR already set [ 85.124896][ T6716] ? vsock_connect+0x10e/0xe90 [ 85.127368][ T6717] binder: 6714:6717 ioctl 4018620d 20000040 returned -16 [ 85.128088][ T6716] ? virtio_transport_do_socket_init+0x4a/0x350 [ 85.128116][ T6716] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 85.128138][ T6716] virtio_transport_do_socket_init+0x4a/0x350 [ 85.128153][ T6716] vsock_assign_transport+0x452/0x790 [ 85.128168][ T6716] vsock_connect+0x204/0xe90 [ 85.133652][ T6717] binder: 6714:6717 ioctl c0306201 0 returned -14 [ 85.133835][ T6716] ? selinux_netlbl_socket_connect+0x30/0x40 [ 85.143209][ T6716] ? __pfx_vsock_connect+0x10/0x10 [ 85.144979][ T6716] ? lock_acquire+0x2f/0xb0 [ 85.146496][ T6716] ? selinux_netlbl_socket_connect+0x30/0x40 [ 85.148519][ T6716] ? __pfx_autoremove_wake_function+0x10/0x10 [ 85.150558][ T6716] ? lockdep_hardirqs_on+0x7c/0x110 [ 85.152327][ T6716] ? selinux_netlbl_socket_connect+0x30/0x40 [ 85.154359][ T6716] ? __local_bh_enable_ip+0xa4/0x120 [ 85.156146][ T6716] ? selinux_netlbl_socket_connect+0x30/0x40 [ 85.158156][ T6716] ? selinux_socket_connect+0x6b/0x80 [ 85.160041][ T6716] ? __pfx_vsock_connect+0x10/0x10 [ 85.161759][ T6716] __sys_connect_file+0x14d/0x190 [ 85.163447][ T6716] __sys_connect+0x147/0x180 [ 85.165019][ T6716] ? __pfx___sys_connect+0x10/0x10 [ 85.166731][ T6716] ? __pfx_ksys_write+0x10/0x10 [ 85.168392][ T6716] __x64_sys_connect+0x72/0xb0 [ 85.169996][ T6716] ? lockdep_hardirqs_on+0x7c/0x110 [ 85.171728][ T6716] do_syscall_64+0xcd/0x250 [ 85.173269][ T6716] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.175249][ T6716] RIP: 0033:0x7f981c77dff9 [ 85.176746][ T6716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.183204][ T6716] RSP: 002b:00007f981c1ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 85.185536][ T6716] RAX: ffffffffffffffda RBX: 00007f981c936058 RCX: 00007f981c77dff9 [ 85.187532][ T6716] RDX: 0000000000000010 RSI: 0000000020000080 RDI: 0000000000000006 [ 85.189520][ T6716] RBP: 00007f981c1ff090 R08: 0000000000000000 R09: 0000000000000000 [ 85.191494][ T6716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 85.193529][ T6716] R13: 0000000000000000 R14: 00007f981c936058 R15: 00007fff797cdb68 [ 85.195589][ T6716] [ 85.257663][ T830] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 85.289293][ T6717] syz.3.402 (6717): drop_caches: 2 [ 85.399077][ T6720] netlink: 8 bytes leftover after parsing attributes in process `syz.0.403'. [ 85.403240][ T6720] netlink: 9 bytes leftover after parsing attributes in process `syz.0.403'. [ 85.406615][ T6720] 1猉功D: entered promiscuous mode [ 85.408036][ T6720] 1猉功D: left allmulticast mode [ 85.412304][ T6720] netlink: 5 bytes leftover after parsing attributes in process `syz.0.403'. [ 85.415057][ T6720] 0猉功D: renamed from 31猉功D [ 85.417142][ T6722] cgroup: Unknown subsys name 'obj_type' [ 85.417206][ T6720] 0猉功D: left promiscuous mode [ 85.417922][ T830] usb 6-1: Using ep0 maxpacket: 8 [ 85.419203][ T830] usb 6-1: config 179 has an invalid interface number: 65 but max is 0 [ 85.421011][ T6720] 0猉功D: entered allmulticast mode [ 85.421895][ T830] usb 6-1: config 179 has no interface number 0 [ 85.425158][ T6720] A link change request failed with some changes committed already. Interface 30猉功D may have been left with an inconsistent configuration, please check. [ 85.425319][ T830] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 85.434300][ T830] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 85.437183][ T830] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 85.440433][ T830] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 85.443976][ T830] usb 6-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 85.448569][ T830] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 85.451931][ T830] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 85.458700][ T6707] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 85.500321][ T5383] kernel write not supported for file /sg0 (pid: 5383 comm: kworker/1:3) [ 85.679925][ T830] input: Generic X-Box pad as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:179.65/input/input8 [ 85.802761][ T6732] netlink: zone id is out of range [ 85.804256][ T6732] netlink: zone id is out of range [ 85.805904][ T6732] netlink: zone id is out of range [ 85.810505][ T6732] netlink: zone id is out of range [ 85.820105][ T6732] netlink: set zone limit has 4 unknown bytes [ 85.874126][ T6705] netlink: 'syz.1.399': attribute type 2 has an invalid length. [ 85.905876][ T5383] usb 6-1: USB disconnect, device number 8 [ 85.905886][ C0] xpad 6-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 85.910560][ T5383] xpad 6-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 86.064730][ T6742] process 'syz.1.409' launched './file2' with NULL argv: empty string added [ 86.591770][ T6759] batadv_slave_1: entered promiscuous mode [ 86.597941][ T6753] batadv_slave_1: left promiscuous mode [ 86.664000][ T6763] netlink: 88 bytes leftover after parsing attributes in process `syz.0.417'. [ 86.664689][ T6764] netlink: zone id is out of range [ 86.669266][ T6764] netlink: zone id is out of range [ 86.788082][ T6772] tmpfs: Bad value for 'size' [ 87.003290][ T6776] team_slave_1: left promiscuous mode [ 87.004865][ T6776] team_slave_1: left allmulticast mode [ 87.014889][ T6776] team0: Port device team_slave_1 removed [ 87.018887][ T6776] netlink: 4 bytes leftover after parsing attributes in process `syz.3.421'. [ 87.110778][ T6786] team_slave_1: entered promiscuous mode [ 87.112606][ T6786] team_slave_1: left allmulticast mode [ 87.118442][ T6786] team0: Port device team_slave_1 removed [ 87.121820][ T6786] netlink: 4 bytes leftover after parsing attributes in process `syz.0.425'. [ 87.149258][ T6791] mmap: syz.0.427 (6791) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 87.451908][ T6805] netlink: 8 bytes leftover after parsing attributes in process `syz.2.431'. [ 87.456390][ T6805] 1猉功D: entered promiscuous mode [ 87.458008][ T6805] 1猉功D: left allmulticast mode [ 87.461810][ T6805] 0猉功D: renamed from 31猉功D [ 87.466172][ T6805] 0猉功D: left promiscuous mode [ 87.467401][ T6805] 0猉功D: entered allmulticast mode [ 87.477774][ T830] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 87.570345][ T6815] FAULT_INJECTION: forcing a failure. [ 87.570345][ T6815] name failslab, interval 1, probability 0, space 0, times 0 [ 87.574631][ T6815] CPU: 0 UID: 0 PID: 6815 Comm: syz.1.435 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 87.578231][ T6815] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.581885][ T6815] Call Trace: [ 87.583047][ T6815] [ 87.584083][ T6815] dump_stack_lvl+0x16c/0x1f0 [ 87.585711][ T6815] should_fail_ex+0x497/0x5b0 [ 87.587343][ T6815] ? fs_reclaim_acquire+0xae/0x160 [ 87.589115][ T6815] should_failslab+0xc2/0x120 [ 87.590736][ T6815] kmem_cache_alloc_node_noprof+0x71/0x310 [ 87.592740][ T6815] ? __alloc_skb+0x2b1/0x380 [ 87.594336][ T6815] __alloc_skb+0x2b1/0x380 [ 87.595902][ T6815] ? __pfx___alloc_skb+0x10/0x10 [ 87.597583][ T6815] ? rtnetlink_rcv_msg+0x3e6/0xea0 [ 87.598925][ T6815] netlink_ack+0x164/0xb90 [ 87.600245][ T6815] netlink_rcv_skb+0x348/0x440 [ 87.601892][ T6815] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 87.603748][ T6815] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 87.605571][ T6815] ? netlink_deliver_tap+0x1ae/0xd90 [ 87.607379][ T6815] netlink_unicast+0x53c/0x7f0 [ 87.609036][ T6815] ? __pfx_netlink_unicast+0x10/0x10 [ 87.610846][ T6815] netlink_sendmsg+0x8b8/0xd70 [ 87.612496][ T6815] ? __pfx_netlink_sendmsg+0x10/0x10 [ 87.614293][ T6815] ? __import_iovec+0x1fd/0x6e0 [ 87.615971][ T6815] ____sys_sendmsg+0xaaf/0xc90 [ 87.617615][ T6815] ? copy_msghdr_from_user+0x10b/0x160 [ 87.619471][ T6815] ? __pfx_____sys_sendmsg+0x10/0x10 [ 87.621313][ T6815] ? __pfx___lock_acquire+0x10/0x10 [ 87.623093][ T6815] ___sys_sendmsg+0x135/0x1e0 [ 87.624725][ T6815] ? __pfx____sys_sendmsg+0x10/0x10 [ 87.626512][ T6815] ? lock_acquire+0x2f/0xb0 [ 87.628225][ T6815] ? __fget_files+0x40/0x3f0 [ 87.630080][ T6815] ? fdget+0x176/0x210 [ 87.631510][ T6815] __sys_sendmsg+0x117/0x1f0 [ 87.633160][ T6815] ? __pfx___sys_sendmsg+0x10/0x10 [ 87.634940][ T6815] ? __fget_files+0x244/0x3f0 [ 87.636595][ T6815] do_syscall_64+0xcd/0x250 [ 87.638043][ T6815] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.639774][ T6815] RIP: 0033:0x7f057417dff9 [ 87.641323][ T6815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 87.647869][ T6815] RSP: 002b:00007f0574f8c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 87.650705][ T6815] RAX: ffffffffffffffda RBX: 00007f0574335f80 RCX: 00007f057417dff9 [ 87.653397][ T6815] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 87.656080][ T6815] RBP: 00007f0574f8c090 R08: 0000000000000000 R09: 0000000000000000 [ 87.658590][ T6815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 87.661310][ T6815] R13: 0000000000000000 R14: 00007f0574335f80 R15: 00007fff2a3f2ed8 [ 87.664018][ T6815] [ 87.687731][ T830] usb 8-1: Using ep0 maxpacket: 16 [ 87.694125][ T830] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 87.697993][ T830] usb 8-1: config 0 has no interfaces? [ 87.700013][ T830] usb 8-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 87.703412][ T830] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 87.707008][ T6817] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6817 comm=syz.1.436 [ 87.718370][ T830] usb 8-1: config 0 descriptor?? [ 87.926195][ T830] usb 8-1: USB disconnect, device number 5 [ 88.486378][ T6833] netfs: Couldn't get user pages (rc=-14) [ 88.493737][ T6833] xt_CHECKSUM: unsupported CHECKSUM operation f4 [ 88.980858][ T6850] FAULT_INJECTION: forcing a failure. [ 88.980858][ T6850] name failslab, interval 1, probability 0, space 0, times 0 [ 88.984564][ T6850] CPU: 2 UID: 0 PID: 6850 Comm: syz.2.445 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 88.987317][ T6850] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 88.990112][ T6850] Call Trace: [ 88.990993][ T6850] [ 88.991776][ T6850] dump_stack_lvl+0x16c/0x1f0 [ 88.993033][ T6850] should_fail_ex+0x497/0x5b0 [ 88.994277][ T6850] ? fs_reclaim_acquire+0xae/0x160 [ 88.995619][ T6850] should_failslab+0xc2/0x120 [ 88.996871][ T6850] __kmalloc_cache_node_noprof+0x6e/0x350 [ 88.998320][ T6850] ? __get_vm_area_node+0xe1/0x2d0 [ 88.999983][ T6850] __get_vm_area_node+0xe1/0x2d0 [ 89.001711][ T6850] __vmalloc_node_range_noprof+0x26a/0x15a0 [ 89.003620][ T6850] ? bpf_prog_alloc_no_stats+0x54/0x5d0 [ 89.005523][ T6850] ? bpf_prog_alloc_no_stats+0x54/0x5d0 [ 89.007375][ T6850] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 89.009523][ T6850] ? __pfx___lock_acquire+0x10/0x10 [ 89.011200][ T6850] ? bpf_prog_alloc_no_stats+0x54/0x5d0 [ 89.012690][ T6850] __vmalloc_noprof+0x6d/0x90 [ 89.013906][ T6850] ? bpf_prog_alloc_no_stats+0x54/0x5d0 [ 89.015303][ T6850] bpf_prog_alloc_no_stats+0x54/0x5d0 [ 89.016729][ T6850] ? security_capable+0x7e/0x260 [ 89.018055][ T6850] bpf_prog_alloc+0x3b/0x230 [ 89.019276][ T6850] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 89.020820][ T6850] bpf_prog_load+0x1b3f/0x2660 [ 89.022069][ T6850] ? __pfx_bpf_prog_load+0x10/0x10 [ 89.023387][ T6850] ? avc_has_perm_noaudit+0x143/0x3a0 [ 89.024817][ T6850] ? selinux_bpf+0xde/0x130 [ 89.026026][ T6850] __sys_bpf+0x402b/0x49a0 [ 89.027206][ T6850] ? ksys_write+0x21e/0x260 [ 89.028448][ T6850] ? reacquire_held_locks+0x3f0/0x4c0 [ 89.029858][ T6850] ? __pfx___sys_bpf+0x10/0x10 [ 89.031114][ T6850] ? vfs_write+0x14d/0x1140 [ 89.032307][ T6850] ? __mutex_unlock_slowpath+0x164/0x650 [ 89.033772][ T6850] ? fput+0x30/0x390 [ 89.034813][ T6850] ? ksys_write+0x1ad/0x260 [ 89.036029][ T6850] ? __pfx_ksys_write+0x10/0x10 [ 89.037336][ T6850] __x64_sys_bpf+0x78/0xc0 [ 89.038510][ T6850] ? lockdep_hardirqs_on+0x7c/0x110 [ 89.039896][ T6850] do_syscall_64+0xcd/0x250 [ 89.041118][ T6850] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 89.042672][ T6850] RIP: 0033:0x7f981c77dff9 [ 89.043863][ T6850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 89.048896][ T6850] RSP: 002b:00007f981c1ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 89.051549][ T6850] RAX: ffffffffffffffda RBX: 00007f981c936058 RCX: 00007f981c77dff9 [ 89.054092][ T6850] RDX: 0000000000000048 RSI: 00000000200054c0 RDI: 0000000000000005 [ 89.056807][ T6850] RBP: 00007f981c1ff090 R08: 0000000000000000 R09: 0000000000000000 [ 89.059028][ T6850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 89.061126][ T6850] R13: 0000000000000001 R14: 00007f981c936058 R15: 00007fff797cdb68 [ 89.063211][ T6850] [ 89.065259][ T6850] syz.2.445: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 89.069923][ T6850] CPU: 2 UID: 0 PID: 6850 Comm: syz.2.445 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 89.072667][ T6850] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 89.075450][ T6850] Call Trace: [ 89.076343][ T6850] [ 89.077128][ T6850] dump_stack_lvl+0x16c/0x1f0 [ 89.078385][ T6850] warn_alloc+0x24d/0x3a0 [ 89.079526][ T6850] ? __pfx_warn_alloc+0x10/0x10 [ 89.080836][ T6850] ? rcu_is_watching+0x12/0xc0 [ 89.082150][ T6850] ? trace_kmalloc+0x2d/0xe0 [ 89.083791][ T6850] ? __kasan_kmalloc+0x8a/0xb0 [ 89.085469][ T6850] ? __get_vm_area_node+0x1bc/0x2d0 [ 89.087221][ T6850] __vmalloc_node_range_noprof+0xd27/0x15a0 [ 89.088802][ T6850] ? bpf_prog_alloc_no_stats+0x54/0x5d0 [ 89.090258][ T6850] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 89.091912][ T6850] ? __pfx___lock_acquire+0x10/0x10 [ 89.093309][ T6850] ? bpf_prog_alloc_no_stats+0x54/0x5d0 [ 89.094765][ T6850] __vmalloc_noprof+0x6d/0x90 [ 89.096023][ T6850] ? bpf_prog_alloc_no_stats+0x54/0x5d0 [ 89.097473][ T6850] bpf_prog_alloc_no_stats+0x54/0x5d0 [ 89.098882][ T6850] ? security_capable+0x7e/0x260 [ 89.100493][ T6850] bpf_prog_alloc+0x3b/0x230 [ 89.102122][ T6850] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 89.104206][ T6850] bpf_prog_load+0x1b3f/0x2660 [ 89.105508][ T6850] ? __pfx_bpf_prog_load+0x10/0x10 [ 89.106857][ T6850] ? avc_has_perm_noaudit+0x143/0x3a0 [ 89.108333][ T6850] ? selinux_bpf+0xde/0x130 [ 89.109541][ T6850] __sys_bpf+0x402b/0x49a0 [ 89.110723][ T6850] ? ksys_write+0x21e/0x260 [ 89.111947][ T6850] ? reacquire_held_locks+0x3f0/0x4c0 [ 89.113369][ T6850] ? __pfx___sys_bpf+0x10/0x10 [ 89.114640][ T6850] ? vfs_write+0x14d/0x1140 [ 89.115847][ T6850] ? __mutex_unlock_slowpath+0x164/0x650 [ 89.117332][ T6850] ? fput+0x30/0x390 [ 89.118362][ T6850] ? ksys_write+0x1ad/0x260 [ 89.119556][ T6850] ? __pfx_ksys_write+0x10/0x10 [ 89.120860][ T6850] __x64_sys_bpf+0x78/0xc0 [ 89.122039][ T6850] ? lockdep_hardirqs_on+0x7c/0x110 [ 89.123411][ T6850] do_syscall_64+0xcd/0x250 [ 89.124626][ T6850] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 89.126179][ T6850] RIP: 0033:0x7f981c77dff9 [ 89.127456][ T6850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 89.132530][ T6850] RSP: 002b:00007f981c1ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 89.134705][ T6850] RAX: ffffffffffffffda RBX: 00007f981c936058 RCX: 00007f981c77dff9 [ 89.136799][ T6850] RDX: 0000000000000048 RSI: 00000000200054c0 RDI: 0000000000000005 [ 89.138872][ T6850] RBP: 00007f981c1ff090 R08: 0000000000000000 R09: 0000000000000000 [ 89.140964][ T6850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 89.143037][ T6850] R13: 0000000000000001 R14: 00007f981c936058 R15: 00007fff797cdb68 [ 89.145123][ T6850] [ 89.146746][ T6850] Mem-Info: [ 89.162491][ T6850] active_anon:12804 inactive_anon:0 isolated_anon:0 [ 89.162491][ T6850] active_file:1878 inactive_file:3121 isolated_file:0 [ 89.162491][ T6850] unevictable:1768 dirty:227 writeback:0 [ 89.162491][ T6850] slab_reclaimable:6275 slab_unreclaimable:66987 [ 89.162491][ T6850] mapped:19286 shmem:2311 pagetables:773 [ 89.162491][ T6850] sec_pagetables:313 bounce:0 [ 89.162491][ T6850] kernel_misc_reclaimable:0 [ 89.162491][ T6850] free:534482 free_pcp:9573 free_cma:0 [ 89.197727][ T6850] Node 0 active_anon:54440kB inactive_anon:0kB active_file:7512kB inactive_file:12468kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:80244kB dirty:908kB writeback:0kB shmem:8808kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:2048kB writeback_tmp:0kB kernel_stack:11248kB pagetables:3092kB sec_pagetables:1252kB all_unreclaimable? no [ 89.207042][ T6850] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:16kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 89.215070][ T6850] Node 0 DMA free:15360kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 89.222777][ T6850] lowmem_reserve[]: 0 1214 0 0 0 [ 89.224725][ T6850] Node 0 DMA32 free:533544kB boost:0kB min:27636kB low:34544kB high:41452kB reserved_highatomic:0KB active_anon:57168kB inactive_anon:0kB active_file:7512kB inactive_file:12468kB unevictable:3536kB writepending:908kB present:2080628kB managed:1272188kB mlocked:0kB bounce:0kB free_pcp:11092kB local_pcp:728kB free_cma:0kB [ 89.233861][ T6850] lowmem_reserve[]: 0 0 0 0 0 [ 89.236037][ T6850] Node 1 Normal free:1586952kB boost:0kB min:39600kB low:49500kB high:59400kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:16kB unevictable:3536kB writepending:0kB present:2097152kB managed:1781924kB mlocked:0kB bounce:0kB free_pcp:27296kB local_pcp:11676kB free_cma:0kB [ 89.244475][ T6850] lowmem_reserve[]: 0 0 0 0 0 [ 89.246233][ T6850] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 89.251385][ T6850] Node 0 DMA32: 868*4kB (UE) 667*8kB (UE) 403*16kB (UME) 347*32kB (UME) 220*64kB (UME) 192*128kB (UME) 96*256kB (UME) 77*512kB (UME) 43*1024kB (UME) 12*2048kB (UME) 80*4096kB (M) = 525304kB [ 89.258286][ T6850] Node 1 Normal: 38*4kB (UM) 24*8kB (UME) 31*16kB (UME) 38*32kB (UME) 24*64kB (UME) 34*128kB (UM) 46*256kB (U) 45*512kB (UM) 20*1024kB (UE) 12*2048kB (UME) 366*4096kB (M) = 1586952kB [ 89.271190][ T6850] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 89.274581][ T6850] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 89.278775][ T6850] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 89.282652][ T6850] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 89.286526][ T6850] 10162 total pagecache pages [ 89.288498][ T6850] 0 pages in swap cache [ 89.290402][ T6850] Free swap = 124188kB [ 89.291862][ T6850] Total swap = 124996kB [ 89.293814][ T6850] 1048443 pages RAM [ 89.295892][ T6850] 0 pages HighMem/MovableOnly [ 89.299041][ T6850] 281075 pages reserved [ 89.300365][ T6850] 0 pages cma reserved [ 89.497651][ T39] kauditd_printk_skb: 125 callbacks suppressed [ 89.497671][ T39] audit: type=1400 audit(1727760102.576:1041): avc: denied { append } for pid=6854 comm="syz.1.448" name="001" dev="devtmpfs" ino=748 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 89.686020][ T6861] netfs: Couldn't get user pages (rc=-14) [ 89.702233][ T6861] xt_CHECKSUM: unsupported CHECKSUM operation f4 [ 90.281973][ T6885] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=17432 sclass=netlink_route_socket pid=6885 comm=syz.3.457 [ 90.427781][ T5383] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 90.579293][ T5383] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 90.582353][ T5383] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 90.584924][ T5383] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 90.587189][ T5383] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 90.591284][ T5383] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 90.593815][ T5383] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 90.595892][ T5383] usb 6-1: Product: syz [ 90.597200][ T5383] usb 6-1: Manufacturer: syz [ 90.605376][ T5383] cdc_wdm 6-1:1.0: skipping garbage [ 90.607160][ T5383] cdc_wdm 6-1:1.0: skipping garbage [ 90.612415][ T5383] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 90.615144][ T5383] cdc_wdm 6-1:1.0: Unknown control protocol [ 90.808721][ T5383] usb 6-1: USB disconnect, device number 9 [ 90.980463][ T39] audit: type=1400 audit(1727760104.076:1042): avc: denied { setopt } for pid=6890 comm="syz.0.459" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 91.026284][ T6895] __nla_validate_parse: 2 callbacks suppressed [ 91.026302][ T6895] netlink: 8 bytes leftover after parsing attributes in process `syz.0.460'. [ 91.032829][ T6895] netlink: 9 bytes leftover after parsing attributes in process `syz.0.460'. [ 91.037425][ T6895] 0猉功D: entered promiscuous mode [ 91.040005][ T6895] 0猉功D: left allmulticast mode [ 91.045666][ T6895] netlink: 5 bytes leftover after parsing attributes in process `syz.0.460'. [ 91.048371][ T6895] 1猉功D: renamed from 30猉功D [ 91.051509][ T6895] 1猉功D: left promiscuous mode [ 91.052963][ T6895] 1猉功D: entered allmulticast mode [ 91.055737][ T6895] net_ratelimit: 5 callbacks suppressed [ 91.055745][ T6895] A link change request failed with some changes committed already. Interface 31猉功D may have been left with an inconsistent configuration, please check. [ 91.126960][ T6899] input: syz0 as /devices/virtual/input/input11 [ 91.153391][ T39] audit: type=1400 audit(1727760104.246:1043): avc: denied { ioctl } for pid=6898 comm="syz.0.462" path="net:[4026533245]" dev="nsfs" ino=4026533245 ioctlcmd=0xb701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 91.389622][ T6914] netlink: 20 bytes leftover after parsing attributes in process `syz.0.466'. [ 91.705875][ T6919] tipc: Started in network mode [ 91.709962][ T6919] tipc: Node identity ac1414aa, cluster identity 4711 [ 91.716151][ T6919] tipc: New replicast peer: 100.1.1.1 [ 91.719643][ T6919] tipc: Enabled bearer , priority 10 [ 91.850563][ T6921] netlink: zone id is out of range [ 91.852938][ T6921] netlink: zone id is out of range [ 91.857146][ T6921] netlink: zone id is out of range [ 91.875933][ T6921] netlink: zone id is out of range [ 91.888970][ T6921] netlink: set zone limit has 4 unknown bytes [ 92.174228][ T6930] netlink: 8 bytes leftover after parsing attributes in process `syz.0.471'. [ 92.177547][ T6930] netlink: 9 bytes leftover after parsing attributes in process `syz.0.471'. [ 92.183121][ T6930] 1猉功D: entered promiscuous mode [ 92.184735][ T6930] 1猉功D: left allmulticast mode [ 92.192862][ T6930] netlink: 5 bytes leftover after parsing attributes in process `syz.0.471'. [ 92.195452][ T6930] 0猉功D: renamed from 31猉功D [ 92.201199][ T6930] 0猉功D: left promiscuous mode [ 92.202633][ T6930] 0猉功D: entered allmulticast mode [ 92.205957][ T6930] A link change request failed with some changes committed already. Interface 30猉功D may have been left with an inconsistent configuration, please check. [ 92.263157][ T6932] input: syz0 as /devices/virtual/input/input12 [ 92.349704][ T6939] overlayfs: failed to decode file handle (len=6, type=248, flags=0, err=-22) [ 92.587734][ T830] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 92.739431][ T830] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 92.742418][ T830] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 92.745362][ T830] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 92.748996][ T830] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 92.751409][ T830] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 92.760884][ T830] usb 7-1: config 0 descriptor?? [ 92.763768][ T6939] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 92.771036][ T39] audit: type=1400 audit(1727760105.866:1044): avc: denied { setopt } for pid=6945 comm="syz.1.478" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 92.776248][ T39] audit: type=1400 audit(1727760105.866:1045): avc: denied { write } for pid=6945 comm="syz.1.478" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 92.855445][ T30] tipc: Node number set to 2886997162 [ 93.001988][ T6952] netfs: Couldn't get user pages (rc=-14) [ 93.004842][ T6952] xt_CHECKSUM: unsupported CHECKSUM operation f4 [ 93.124523][ T6956] Bluetooth: MGMT ver 1.23 [ 93.127865][ T6956] netlink: 'syz.0.481': attribute type 29 has an invalid length. [ 93.130107][ T6956] netlink: 8 bytes leftover after parsing attributes in process `syz.0.481'. [ 93.132680][ T6956] netlink: 'syz.0.481': attribute type 29 has an invalid length. [ 93.134679][ T6956] netlink: 8 bytes leftover after parsing attributes in process `syz.0.481'. [ 93.148213][ T39] audit: type=1400 audit(1727760106.246:1046): avc: denied { setopt } for pid=6957 comm="syz.3.482" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 93.190658][ T39] audit: type=1400 audit(1727760106.286:1047): avc: denied { mount } for pid=6961 comm="syz.0.484" name="/" dev="autofs" ino=18734 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1 [ 93.213439][ T39] audit: type=1400 audit(1727760106.306:1048): avc: denied { unmount } for pid=5348 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1 [ 93.377316][ T6973] netfs: Couldn't get user pages (rc=-14) [ 93.380220][ T6973] xt_CHECKSUM: unsupported CHECKSUM operation f4 [ 93.491536][ T6977] netlink: 8 bytes leftover after parsing attributes in process `syz.3.489'. [ 93.496126][ T6977] 0猉功D: entered promiscuous mode [ 93.498297][ T6977] 0猉功D: left allmulticast mode [ 93.503777][ T6977] 1猉功D: renamed from 30猉功D [ 93.506969][ T6977] 1猉功D: left promiscuous mode [ 93.507074][ T830] usbhid 7-1:0.0: can't add hid device: -71 [ 93.509237][ T6977] 1猉功D: entered allmulticast mode [ 93.510634][ T830] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 93.513537][ T6977] A link change request failed with some changes committed already. Interface 31猉功D may have been left with an inconsistent configuration, please check. [ 93.515166][ T830] usb 7-1: USB disconnect, device number 6 [ 93.895144][ T39] audit: type=1400 audit(1727760106.986:1049): avc: denied { bind } for pid=6991 comm="syz.1.495" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 93.908206][ T39] audit: type=1400 audit(1727760106.996:1050): avc: denied { listen } for pid=6991 comm="syz.1.495" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 94.287432][ T7002] netfs: Couldn't get user pages (rc=-14) [ 94.464079][ T7004] 0猉功D: entered promiscuous mode [ 94.465583][ T7004] 0猉功D: left allmulticast mode [ 94.470264][ T7004] 1猉功D: renamed from 30猉功D [ 94.474694][ T7004] 1猉功D: left promiscuous mode [ 94.476511][ T7004] 1猉功D: entered allmulticast mode [ 94.480224][ T7004] A link change request failed with some changes committed already. Interface 31猉功D may have been left with an inconsistent configuration, please check. [ 94.963271][ T7014] netlink: zone id is out of range [ 95.324149][ T7028] netfs: Couldn't get user pages (rc=-14) [ 95.798892][ T7039] IPVS: set_ctl: invalid protocol: 92 172.20.20.187:20001 [ 96.064953][ T39] kauditd_printk_skb: 1 callbacks suppressed [ 96.064969][ T39] audit: type=1400 audit(1727760109.156:1052): avc: denied { read } for pid=7052 comm="syz.1.516" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 96.076451][ T39] audit: type=1400 audit(1727760109.166:1053): avc: denied { read } for pid=7049 comm="syz.0.515" name="loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 96.085040][ T39] audit: type=1400 audit(1727760109.166:1054): avc: denied { open } for pid=7049 comm="syz.0.515" path="/dev/loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 96.094076][ T39] audit: type=1400 audit(1727760109.166:1055): avc: denied { ioctl } for pid=7049 comm="syz.0.515" path="/dev/loop-control" dev="devtmpfs" ino=657 ioctlcmd=0x4c81 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 96.132437][ T7057] netfs: Couldn't get user pages (rc=-14) [ 96.171855][ T39] audit: type=1400 audit(1727760109.266:1056): avc: denied { accept } for pid=7052 comm="syz.1.516" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 96.232174][ T39] audit: type=1400 audit(1727760109.326:1057): avc: denied { write } for pid=7059 comm="syz.0.518" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 97.009449][ T7085] netfs: Couldn't get user pages (rc=-14) [ 97.029595][ T7086] __nla_validate_parse: 5 callbacks suppressed [ 97.029607][ T7086] netlink: 20 bytes leftover after parsing attributes in process `syz.2.526'. [ 97.130451][ T39] audit: type=1400 audit(1727760110.226:1058): avc: denied { append } for pid=7087 comm="syz.1.528" name="random" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1 [ 97.267705][ T5383] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 97.437808][ T5383] usb 7-1: Using ep0 maxpacket: 8 [ 97.441354][ T5383] usb 7-1: New USB device found, idVendor=0421, idProduct=0335, bcdDevice=5f.0e [ 97.444546][ T5383] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 97.460350][ T5383] usb 7-1: config 0 descriptor?? [ 97.463229][ T5383] rndis_host 7-1:0.0: skipping garbage [ 97.464924][ T5383] rndis_host 7-1:0.0: probe with driver rndis_host failed with error -22 [ 97.467835][ T5383] cdc_acm 7-1:0.0: skipping garbage [ 97.469684][ T5383] cdc_acm 7-1:0.0: Control and data interfaces are not separated! [ 97.472581][ T5383] cdc_acm 7-1:0.0: This needs exactly 3 endpoints [ 97.474844][ T5383] cdc_acm 7-1:0.0: probe with driver cdc_acm failed with error -22 [ 97.508107][ T7100] trusted_key: syz.0.532 sent an empty control message without MSG_MORE. [ 98.958256][ T7110] FAULT_INJECTION: forcing a failure. [ 98.958256][ T7110] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 98.962608][ T7110] CPU: 2 UID: 0 PID: 7110 Comm: syz.0.535 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 98.966199][ T7110] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 98.969829][ T7110] Call Trace: [ 98.970969][ T7110] [ 98.971996][ T7110] dump_stack_lvl+0x16c/0x1f0 [ 98.973627][ T7110] should_fail_ex+0x497/0x5b0 [ 98.975246][ T7110] _copy_to_user+0x30/0xc0 [ 98.976677][ T7110] simple_read_from_buffer+0xd0/0x160 [ 98.978091][ T7110] proc_fail_nth_read+0x198/0x270 [ 98.979421][ T7110] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 98.980930][ T7110] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 98.982388][ T7110] vfs_read+0x1ce/0xbd0 [ 98.983501][ T7110] ? __fget_files+0x23a/0x3f0 [ 98.984883][ T7110] ? fdget_pos+0x24c/0x360 [ 98.986409][ T7110] ? __pfx_lock_release+0x10/0x10 [ 98.988121][ T7110] ? trace_lock_acquire+0x14a/0x1d0 [ 98.989531][ T7110] ? __pfx_vfs_read+0x10/0x10 [ 98.990785][ T7110] ? __pfx___mutex_lock+0x10/0x10 [ 98.992139][ T7110] ? __fget_files+0x244/0x3f0 [ 98.993404][ T7110] ksys_read+0x12f/0x260 [ 98.994506][ T7110] ? __pfx_ksys_read+0x10/0x10 [ 98.995746][ T7110] do_syscall_64+0xcd/0x250 [ 98.996965][ T7110] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 98.998533][ T7110] RIP: 0033:0x7f8b34d7ca3c [ 98.999708][ T7110] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 99.004608][ T7110] RSP: 002b:00007f8b35b6a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 99.006799][ T7110] RAX: ffffffffffffffda RBX: 00007f8b34f35f80 RCX: 00007f8b34d7ca3c [ 99.008826][ T7110] RDX: 000000000000000f RSI: 00007f8b35b6a0a0 RDI: 0000000000000008 [ 99.010835][ T7110] RBP: 00007f8b35b6a090 R08: 0000000000000000 R09: 0000000000000000 [ 99.012805][ T7110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 99.014920][ T7110] R13: 0000000000000000 R14: 00007f8b34f35f80 R15: 00007ffd5c11b048 [ 99.017659][ T7110] [ 100.119175][ T5403] usb 7-1: USB disconnect, device number 7 [ 100.147945][ T7132] netlink: 32 bytes leftover after parsing attributes in process `syz.2.541'. [ 100.169826][ T39] audit: type=1400 audit(1727760113.256:1059): avc: denied { append } for pid=7131 comm="syz.2.541" name="card2" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 100.480127][ T39] audit: type=1326 audit(1727760113.576:1060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7138 comm="syz.2.543" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f981c77dff9 code=0x7ffc0000 [ 100.486042][ T39] audit: type=1326 audit(1727760113.576:1061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7138 comm="syz.2.543" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f981c77dff9 code=0x7ffc0000 [ 100.827728][ T25] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 100.957801][ T25] usb 5-1: device descriptor read/64, error -71 [ 101.209737][ T25] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 101.337776][ T25] usb 5-1: device descriptor read/64, error -71 [ 101.448369][ T25] usb usb5-port1: attempt power cycle [ 101.788947][ T25] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 101.808431][ T25] usb 5-1: device descriptor read/8, error -71 [ 101.935131][ T1071] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1 [ 101.936893][ T1071] ata1: failed to read log page 10h (errno=-5) [ 101.938959][ T1071] ata1.00: exception Emask 0x1 SAct 0x100000 SErr 0x0 action 0x0 [ 101.941928][ T1071] ata1.00: irq_stat 0x40000000 [ 101.943277][ T1071] ata1.00: failed command: WRITE FPDMA QUEUED [ 101.944984][ T1071] ata1.00: cmd 61/18:a0:6a:07:10/00:00:00:00:00/40 tag 20 ncq dma 12288 out [ 101.944984][ T1071] res 50/00:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error) [ 101.954385][ T1071] ata1.00: status: { DRDY } [ 101.960066][ T1071] ata1.00: configured for UDMA/100 [ 101.962009][ T1071] ata1: EH complete [ 102.047730][ T25] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 102.070298][ T25] usb 5-1: device descriptor read/8, error -71 [ 102.102611][ T7166] netfs: Couldn't get user pages (rc=-14) [ 102.105301][ T7166] xt_CHECKSUM: unsupported CHECKSUM operation f4 [ 102.179766][ T25] usb usb5-port1: unable to enumerate USB device [ 102.319929][ T39] kauditd_printk_skb: 51 callbacks suppressed [ 102.319941][ T39] audit: type=1400 audit(1727760115.416:1113): avc: denied { read write } for pid=7168 comm="syz.2.552" name="uhid" dev="devtmpfs" ino=1110 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 102.324139][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.347695][ T39] audit: type=1400 audit(1727760115.416:1114): avc: denied { open } for pid=7168 comm="syz.2.552" path="/dev/uhid" dev="devtmpfs" ino=1110 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 102.356145][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.362142][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.364812][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.367392][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.370326][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.372926][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.375312][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.377726][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.380201][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.382760][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.385214][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.387795][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.392225][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.394637][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.397024][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.399865][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.402600][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.405228][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.407933][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.410788][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.413416][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.416016][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.422473][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.425140][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.429086][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.431578][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.433555][ T7173] mkiss: ax0: crc mode is auto. [ 102.494039][ T39] audit: type=1400 audit(1727760115.586:1115): avc: denied { search } for pid=5054 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 102.502296][ T39] audit: type=1400 audit(1727760115.596:1116): avc: denied { read } for pid=5054 comm="dhcpcd" name="n74" dev="tmpfs" ino=3707 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 102.512067][ T39] audit: type=1400 audit(1727760115.606:1117): avc: denied { open } for pid=5054 comm="dhcpcd" path="/run/udev/data/n74" dev="tmpfs" ino=3707 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 102.523075][ T39] audit: type=1400 audit(1727760115.616:1118): avc: denied { getattr } for pid=5054 comm="dhcpcd" path="/run/udev/data/n74" dev="tmpfs" ino=3707 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 102.585258][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.587233][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.591418][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.593902][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.595833][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 102.599712][ T25] hid-generic 0000:0000:0000.0005: hidraw1: HID v0.00 Device [syz0] on syz0 [ 103.793778][ T7187] batadv0: entered promiscuous mode [ 103.796018][ T7187] batadv_slave_0: entered promiscuous mode [ 103.802479][ T7187] batadv_slave_0: left promiscuous mode [ 103.804228][ T7187] batadv0: left promiscuous mode [ 103.886244][ T39] audit: type=1326 audit(1727760116.976:1119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7190 comm="syz.2.557" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f981c77dff9 code=0x7ffc0000 [ 103.907764][ T39] audit: type=1326 audit(1727760116.976:1120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7190 comm="syz.2.557" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f981c77dff9 code=0x7ffc0000 [ 103.915835][ T39] audit: type=1326 audit(1727760116.986:1121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7190 comm="syz.2.557" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f981c77dff9 code=0x7ffc0000 [ 103.935307][ T39] audit: type=1326 audit(1727760116.986:1122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7190 comm="syz.2.557" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f981c77dff9 code=0x7ffc0000 [ 104.256029][ T7203] netfs: Couldn't get user pages (rc=-14) [ 104.269738][ T7203] xt_CHECKSUM: unsupported CHECKSUM operation f4 [ 104.431943][ T7209] net_ratelimit: 4 callbacks suppressed [ 104.431955][ T7209] netlink: zone id is out of range [ 104.434860][ T7209] netlink: zone id is out of range [ 104.436376][ T7209] netlink: zone id is out of range [ 104.438874][ T7209] netlink: zone id is out of range [ 104.442464][ T7209] netlink: set zone limit has 4 unknown bytes [ 104.551148][ T7212] Bluetooth: MGMT ver 1.23 [ 104.938476][ T25] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 105.107729][ T25] usb 7-1: Using ep0 maxpacket: 8 [ 105.113431][ T25] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 105.121270][ T25] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 105.130891][ T25] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 105.134343][ T25] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 105.142342][ T25] usb 7-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 105.145791][ T25] usb 7-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 105.153375][ T25] usb 7-1: string descriptor 0 read error: -22 [ 105.155019][ T25] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 105.157341][ T25] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 105.175309][ T25] adutux 7-1:168.0: interrupt endpoints not found [ 105.580804][ T25] usb 7-1: USB disconnect, device number 8 [ 105.798140][ T7215] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 106.636653][ T7240] netlink: zone id is out of range [ 106.638712][ T7240] netlink: zone id is out of range [ 106.640403][ T7240] netlink: zone id is out of range [ 106.643736][ T7240] netlink: zone id is out of range [ 106.646921][ T7240] netlink: set zone limit has 4 unknown bytes [ 106.699013][ T5347] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 106.702168][ T5347] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 106.705315][ T5347] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 106.709744][ T5347] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 106.712487][ T5347] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 106.714989][ T5347] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 106.722833][ T5355] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 106.726565][ T5355] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 106.729542][ T5355] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 106.734974][ T5355] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 106.737469][ T5355] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 106.740122][ T5355] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 106.853292][ T7243] chnl_net:caif_netlink_parms(): no params data found [ 106.921888][ T7243] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.923873][ T7243] bridge0: port 1(bridge_slave_0) entered disabled state [ 106.925726][ T7243] bridge_slave_0: entered allmulticast mode [ 106.928282][ T7243] bridge_slave_0: entered promiscuous mode [ 106.931601][ T7243] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.933594][ T7243] bridge0: port 2(bridge_slave_1) entered disabled state [ 106.935404][ T7243] bridge_slave_1: entered allmulticast mode [ 106.937292][ T7243] bridge_slave_1: entered promiscuous mode [ 106.957099][ T7243] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 106.960665][ T7243] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 106.984894][ T7243] team0: Port device team_slave_0 added [ 106.989279][ T7243] team0: Port device team_slave_1 added [ 107.021980][ T7243] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 107.023859][ T7243] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 107.030670][ T7243] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 107.042325][ T7243] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 107.044328][ T7243] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 107.051357][ T7243] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 107.105959][ T7243] hsr_slave_0: entered promiscuous mode [ 107.109842][ T7243] hsr_slave_1: entered promiscuous mode [ 107.112127][ T7243] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 107.114129][ T7243] Cannot create hsr debugfs directory [ 107.233395][ T7243] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 107.330418][ T7243] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 107.393232][ T7243] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 107.471529][ T7243] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 107.562501][ T7243] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 107.567173][ T7243] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 107.582680][ T7243] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 107.587107][ T7243] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 107.600366][ T7243] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.602215][ T7243] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.604101][ T7243] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.605985][ T7243] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.637155][ T7243] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.650389][ T1104] bridge0: port 1(bridge_slave_0) entered disabled state [ 107.661339][ T1104] bridge0: port 2(bridge_slave_1) entered disabled state [ 107.741059][ T7243] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.746983][ T84] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.748858][ T84] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.779950][ T1104] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.782323][ T1104] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.971899][ T7243] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 107.988298][ T7243] veth0_vlan: entered promiscuous mode [ 107.992250][ T7243] veth1_vlan: entered promiscuous mode [ 108.016577][ T7243] veth0_macvtap: entered promiscuous mode [ 108.019829][ T7243] veth1_macvtap: entered promiscuous mode [ 108.025494][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 108.029919][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 108.032400][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 108.035113][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 108.038221][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 108.041909][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 108.046293][ T7243] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.054497][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 108.057519][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 108.060155][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 108.062970][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 108.065473][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 108.067813][ T5429] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 108.068207][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 108.073340][ T7243] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.077470][ T7243] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.080228][ T7243] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.082511][ T7243] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.084740][ T7243] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.113457][ T1173] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.116079][ T1173] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.127107][ T1173] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.133730][ T1173] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.137308][ T39] kauditd_printk_skb: 107 callbacks suppressed [ 108.137321][ T39] audit: type=1400 audit(1727760121.226:1230): avc: denied { mounton } for pid=7243 comm="syz-executor" path="/syzkaller.Az5HYB/syz-tmp" dev="sda1" ino=1942 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 108.147975][ T39] audit: type=1400 audit(1727760121.236:1231): avc: denied { mounton } for pid=7243 comm="syz-executor" path="/syzkaller.Az5HYB/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 108.156772][ T39] audit: type=1400 audit(1727760121.236:1232): avc: denied { mounton } for pid=7243 comm="syz-executor" path="/syzkaller.Az5HYB/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=21658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 108.166246][ T39] audit: type=1400 audit(1727760121.246:1233): avc: denied { mounton } for pid=7243 comm="syz-executor" path="/dev/binderfs" dev="devtmpfs" ino=2384 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 108.174188][ T39] audit: type=1400 audit(1727760121.246:1234): avc: denied { mounton } for pid=7243 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 108.197390][ T7279] netfs: Couldn't get user pages (rc=-14) [ 108.201733][ T7279] xt_CHECKSUM: unsupported CHECKSUM operation f4 [ 108.227719][ T5429] usb 7-1: Using ep0 maxpacket: 16 [ 108.235000][ T5429] usb 7-1: config 3 has an invalid interface number: 4 but max is 3 [ 108.237768][ T5429] usb 7-1: config 3 has an invalid interface number: 41 but max is 3 [ 108.239919][ T5429] usb 7-1: config 3 has an invalid interface number: 40 but max is 3 [ 108.242072][ T5429] usb 7-1: config 3 has no interface number 0 [ 108.244861][ T5429] usb 7-1: config 3 has no interface number 2 [ 108.247227][ T5429] usb 7-1: config 3 has no interface number 3 [ 108.249986][ T5429] usb 7-1: config 3 interface 4 altsetting 216 endpoint 0x9 has invalid maxpacket 512, setting to 64 [ 108.253525][ T5429] usb 7-1: config 3 interface 4 altsetting 216 has a duplicate endpoint with address 0x9, skipping [ 108.256433][ T5429] usb 7-1: config 3 interface 41 altsetting 2 has a duplicate endpoint with address 0x3, skipping [ 108.260480][ T5429] usb 7-1: config 3 interface 41 altsetting 2 has an endpoint descriptor with address 0x12, changing to 0x2 [ 108.265172][ T5429] usb 7-1: config 3 interface 41 altsetting 2 bulk endpoint 0xF has invalid maxpacket 16 [ 108.269445][ T5429] usb 7-1: config 3 interface 41 altsetting 2 has a duplicate endpoint with address 0x6, skipping [ 108.277283][ T5429] usb 7-1: config 3 interface 1 altsetting 3 endpoint 0x8 has invalid maxpacket 1023, setting to 64 [ 108.281530][ T5429] usb 7-1: config 3 interface 1 altsetting 3 endpoint 0xA has invalid maxpacket 1023, setting to 64 [ 108.284441][ T5429] usb 7-1: config 3 interface 1 altsetting 3 endpoint 0x7 has invalid wMaxPacketSize 0 [ 108.287712][ T5429] usb 7-1: config 3 interface 1 altsetting 3 has a duplicate endpoint with address 0x86, skipping [ 108.294154][ T5429] usb 7-1: config 3 interface 1 altsetting 3 endpoint 0xE has invalid maxpacket 1023, setting to 64 [ 108.299516][ T5429] usb 7-1: config 3 interface 1 altsetting 3 has a duplicate endpoint with address 0x4, skipping [ 108.302192][ T5429] usb 7-1: config 3 interface 1 altsetting 3 has a duplicate endpoint with address 0x1, skipping [ 108.304870][ T5429] usb 7-1: config 3 interface 4 has no altsetting 0 [ 108.313194][ T5429] usb 7-1: config 3 interface 41 has no altsetting 0 [ 108.314859][ T5429] usb 7-1: config 3 interface 40 has no altsetting 0 [ 108.317707][ T5429] usb 7-1: config 3 interface 1 has no altsetting 0 [ 108.320952][ T5429] usb 7-1: New USB device found, idVendor=19d2, idProduct=0265, bcdDevice=83.1d [ 108.336104][ T5429] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 108.346204][ T5429] usb 7-1: Product: 涌 [ 108.349288][ T5429] usb 7-1: Manufacturer: 惆 [ 108.350731][ T5429] usb 7-1: SerialNumber: 褟 [ 108.611435][ T39] audit: type=1326 audit(1727760121.696:1235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7287 comm="syz.0.584" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b34d7dff9 code=0x7ffc0000 [ 108.618107][ T39] audit: type=1326 audit(1727760121.696:1236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7287 comm="syz.0.584" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b34d7dff9 code=0x7ffc0000 [ 108.626525][ T39] audit: type=1326 audit(1727760121.696:1237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7287 comm="syz.0.584" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8b34d7dff9 code=0x7ffc0000 [ 108.635620][ T39] audit: type=1326 audit(1727760121.696:1238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7287 comm="syz.0.584" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b34d7dff9 code=0x7ffc0000 [ 108.644345][ T39] audit: type=1326 audit(1727760121.696:1239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7287 comm="syz.0.584" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8b34d7dff9 code=0x7ffc0000 [ 108.811932][ T7292] netlink: 52 bytes leftover after parsing attributes in process `syz.1.585'. [ 108.827847][ T5347] Bluetooth: hci4: command tx timeout [ 108.890624][ T7295] netlink: 40 bytes leftover after parsing attributes in process `syz.2.580'. [ 109.260350][ T7300] netlink: 8 bytes leftover after parsing attributes in process `syz.3.588'. [ 109.263062][ T7300] netlink: 9 bytes leftover after parsing attributes in process `syz.3.588'. [ 109.266420][ T7300] gretap0: entered promiscuous mode [ 109.281168][ T7300] netlink: 5 bytes leftover after parsing attributes in process `syz.3.588'. [ 109.283543][ T7300] 0猉功D: renamed from gretap0 [ 109.285922][ T7300] 0猉功D: left promiscuous mode [ 109.287262][ T7300] 0猉功D: entered allmulticast mode [ 109.317663][ T5403] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 109.335883][ T7302] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=21551 sclass=netlink_route_socket pid=7302 comm=syz.3.589 [ 109.468088][ T5403] usb 6-1: Using ep0 maxpacket: 8 [ 109.470904][ T5403] usb 6-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 109.474191][ T5403] usb 6-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 109.479448][ T5403] usb 6-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 109.482256][ T5403] usb 6-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 109.486658][ T5403] usb 6-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 109.490206][ T5403] usb 6-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 109.500583][ T5403] usb 6-1: string descriptor 0 read error: -22 [ 109.502313][ T5403] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 109.504729][ T5403] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 109.511281][ T5403] adutux 6-1:168.0: interrupt endpoints not found [ 109.741420][ T35] usb 6-1: USB disconnect, device number 10 [ 109.958019][ T7298] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 110.883388][ T5429] usb 7-1: USB disconnect, device number 9 [ 111.231206][ T217] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.342176][ T217] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.389569][ T5347] Bluetooth: hci4: command tx timeout [ 111.405382][ T5355] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 111.411159][ T5355] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 111.417067][ T5355] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 111.431029][ T5355] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 111.434253][ T5355] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 111.435621][ T217] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.438597][ T5355] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 111.597519][ T217] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.603637][ T7337] chnl_net:caif_netlink_parms(): no params data found [ 111.713069][ T7337] bridge0: port 1(bridge_slave_0) entered blocking state [ 111.714932][ T7337] bridge0: port 1(bridge_slave_0) entered disabled state [ 111.718276][ T7337] bridge_slave_0: entered allmulticast mode [ 111.720711][ T7337] bridge_slave_0: entered promiscuous mode [ 111.723242][ T7337] bridge0: port 2(bridge_slave_1) entered blocking state [ 111.725161][ T7337] bridge0: port 2(bridge_slave_1) entered disabled state [ 111.730872][ T7337] bridge_slave_1: entered allmulticast mode [ 111.733681][ T7337] bridge_slave_1: entered promiscuous mode [ 111.805715][ T7337] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 111.809740][ T7337] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 111.842304][ T7337] team0: Port device team_slave_0 added [ 111.854790][ T7337] team0: Port device team_slave_1 added [ 111.886031][ T217] bridge_slave_1: left allmulticast mode [ 111.887858][ T217] bridge_slave_1: left promiscuous mode [ 111.890847][ T217] bridge0: port 2(bridge_slave_1) entered disabled state [ 111.895444][ T217] bridge_slave_0: left allmulticast mode [ 111.896860][ T217] bridge_slave_0: left promiscuous mode [ 111.898687][ T217] bridge0: port 1(bridge_slave_0) entered disabled state [ 112.165881][ T217] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 112.171035][ T217] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 112.174848][ T217] bond0 (unregistering): Released all slaves [ 112.181510][ T7337] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 112.183297][ T7337] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 112.196036][ T7337] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 112.200182][ T7337] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 112.201966][ T7337] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 112.212164][ T7337] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 112.365199][ T7337] hsr_slave_0: entered promiscuous mode [ 112.377787][ T7337] hsr_slave_1: entered promiscuous mode [ 112.392558][ T7337] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 112.394539][ T7337] Cannot create hsr debugfs directory [ 112.644477][ T217] hsr_slave_0: left promiscuous mode [ 112.647489][ T217] hsr_slave_1: left promiscuous mode [ 112.651595][ T217] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 112.653829][ T217] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 112.660213][ T217] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 112.662209][ T217] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 112.688657][ T217] veth1_macvtap: left promiscuous mode [ 112.695265][ T217] veth0_macvtap: left promiscuous mode [ 112.697365][ T217] veth1_vlan: left promiscuous mode [ 112.699544][ T217] veth0_vlan: left promiscuous mode [ 112.768533][ T217] pimreg (unregistering): left allmulticast mode [ 113.457839][ T5347] Bluetooth: hci3: command tx timeout [ 113.468004][ T5347] Bluetooth: hci4: command tx timeout [ 113.519543][ T217] team0 (unregistering): Port device team_slave_1 removed [ 113.641023][ T217] team0 (unregistering): Port device team_slave_0 removed [ 114.578352][ T2789] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 114.596393][ T7337] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 114.605283][ T7337] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 114.616492][ T7337] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 114.622311][ T7337] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 114.668294][ T7337] 8021q: adding VLAN 0 to HW filter on device bond0 [ 114.676068][ T7337] 8021q: adding VLAN 0 to HW filter on device team0 [ 114.682976][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 114.685308][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 114.699524][ T1173] bridge0: port 2(bridge_slave_1) entered blocking state [ 114.701434][ T1173] bridge0: port 2(bridge_slave_1) entered forwarding state [ 114.727892][ T5403] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 114.750002][ T2789] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 114.752657][ T2789] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 114.755780][ T2789] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 114.760299][ T2789] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 7 [ 114.777227][ T2789] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 114.781997][ T2789] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 114.786148][ T2789] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 114.790254][ T2789] usb 6-1: Product: syz [ 114.791585][ T2789] usb 6-1: Manufacturer: syz [ 114.817804][ T2789] cdc_wdm 6-1:1.0: skipping garbage [ 114.819672][ T2789] cdc_wdm 6-1:1.0: skipping garbage [ 114.821641][ T2789] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22 [ 114.843166][ T7337] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 114.867374][ T7337] veth0_vlan: entered promiscuous mode [ 114.872088][ T7337] veth1_vlan: entered promiscuous mode [ 114.878016][ T5403] usb 8-1: Using ep0 maxpacket: 8 [ 114.880769][ T5403] usb 8-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 114.883995][ T7337] veth0_macvtap: entered promiscuous mode [ 114.889845][ T5403] usb 8-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 114.890539][ T7337] veth1_macvtap: entered promiscuous mode [ 114.895567][ T5403] usb 8-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 114.898958][ T5403] usb 8-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 114.904830][ T5403] usb 8-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 114.906658][ T7337] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 114.907500][ T5403] usb 8-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 114.909942][ T5403] usb 8-1: string descriptor 0 read error: -22 [ 114.910702][ T7337] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.913535][ T5403] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 114.915123][ T7337] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 114.923052][ T7337] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.925598][ T7337] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 114.928451][ T7337] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.931173][ T5403] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 114.933567][ T7337] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 114.936629][ T5403] adutux 8-1:168.0: interrupt endpoints not found [ 114.940509][ T7337] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 114.943132][ T7337] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.945601][ T7337] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 114.948724][ T7337] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.951345][ T7337] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 114.954025][ T7337] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.958141][ T7337] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 114.966162][ T7337] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.968953][ T7337] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.971240][ T7337] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.973465][ T7337] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.996146][ T1101] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.005683][ T1101] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.019462][ T2789] usb 6-1: USB disconnect, device number 11 [ 115.025814][ T217] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.029076][ T217] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.148318][ T35] usb 8-1: USB disconnect, device number 6 [ 115.307732][ T1451] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 115.355530][ T7398] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 115.469169][ T1451] usb 7-1: config 0 has an invalid interface number: 76 but max is 3 [ 115.471233][ T1451] usb 7-1: config 0 contains an unexpected descriptor of type 0x1, skipping [ 115.473389][ T1451] usb 7-1: config 0 has an invalid interface number: 12 but max is 3 [ 115.475275][ T1451] usb 7-1: config 0 has an invalid interface number: 63 but max is 3 [ 115.477192][ T1451] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 115.479664][ T1451] usb 7-1: config 0 has 3 interfaces, different from the descriptor's value: 4 [ 115.481807][ T1451] usb 7-1: config 0 has no interface number 0 [ 115.483255][ T1451] usb 7-1: config 0 has no interface number 1 [ 115.484772][ T1451] usb 7-1: config 0 has no interface number 2 [ 115.486261][ T1451] usb 7-1: config 0 interface 76 altsetting 8 endpoint 0xE has an invalid bInterval 116, changing to 10 [ 115.488933][ T1451] usb 7-1: config 0 interface 76 altsetting 8 endpoint 0x1 has an invalid bInterval 143, changing to 7 [ 115.491608][ T1451] usb 7-1: config 0 interface 76 altsetting 8 has an invalid descriptor for endpoint zero, skipping [ 115.494352][ T1451] usb 7-1: config 0 interface 76 altsetting 8 endpoint 0x2 has invalid maxpacket 1023, setting to 64 [ 115.497107][ T1451] usb 7-1: config 0 interface 76 altsetting 8 has 7 endpoint descriptors, different from the interface descriptor's value: 13 [ 115.497774][ T2789] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 115.500363][ T1451] usb 7-1: too many endpoints for config 0 interface 12 altsetting 58: 40, using maximum allowed: 30 [ 115.504979][ T1451] usb 7-1: config 0 interface 12 altsetting 58 has a duplicate endpoint with address 0x1, skipping [ 115.507669][ T1451] usb 7-1: config 0 interface 12 altsetting 58 endpoint 0x8 has an invalid bInterval 127, changing to 7 [ 115.510373][ T1451] usb 7-1: config 0 interface 12 altsetting 58 has a duplicate endpoint with address 0xC, skipping [ 115.513005][ T1451] usb 7-1: config 0 interface 12 altsetting 58 has 6 endpoint descriptors, different from the interface descriptor's value: 40 [ 115.516333][ T1451] usb 7-1: config 0 interface 63 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 6 [ 115.519556][ T1451] usb 7-1: config 0 interface 76 has no altsetting 0 [ 115.521211][ T1451] usb 7-1: config 0 interface 12 has no altsetting 0 [ 115.524707][ T1451] usb 7-1: Dual-Role OTG device on HNP port [ 115.526479][ T1451] usb 7-1: New USB device found, idVendor=17a8, idProduct=0013, bcdDevice=8e.a6 [ 115.529018][ T1451] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 115.531060][ T1451] usb 7-1: Product: syz [ 115.532222][ T1451] usb 7-1: Manufacturer: syz [ 115.533640][ T1451] usb 7-1: SerialNumber: syz [ 115.535768][ T1451] usb 7-1: config 0 descriptor?? [ 115.537849][ T5347] Bluetooth: hci3: command tx timeout [ 115.538871][ T1451] cp210x 7-1:0.76: cp210x converter detected [ 115.668994][ T2789] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 115.671403][ T2789] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 115.687693][ T2789] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 115.689996][ T2789] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 7 [ 115.692784][ T2789] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 115.696891][ T2789] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 115.707839][ T2789] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 115.710221][ T2789] usb 6-1: Product: syz [ 115.711611][ T2789] usb 6-1: Manufacturer: syz [ 115.739716][ T2789] cdc_wdm 6-1:1.0: skipping garbage [ 115.741378][ T2789] cdc_wdm 6-1:1.0: skipping garbage [ 115.743088][ T2789] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22 [ 115.745134][ T7423] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 115.749414][ T7423] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 115.755500][ T7423] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 115.758893][ T7423] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 115.784260][ T39] kauditd_printk_skb: 80 callbacks suppressed [ 115.784275][ T39] audit: type=1400 audit(1727760128.876:1320): avc: denied { listen } for pid=7422 comm="syz.2.602" lport=45594 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 115.797966][ T39] audit: type=1400 audit(1727760128.876:1321): avc: denied { accept } for pid=7422 comm="syz.2.602" lport=45594 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 115.803597][ T39] audit: type=1400 audit(1727760128.876:1322): avc: denied { write } for pid=7422 comm="syz.2.602" path="socket:[22094]" dev="sockfs" ino=22094 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 115.810189][ T39] audit: type=1400 audit(1727760128.876:1323): avc: denied { setopt } for pid=7422 comm="syz.2.602" lport=45594 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 115.810797][ T7423] netlink: 8 bytes leftover after parsing attributes in process `syz.2.602'. [ 115.899239][ T1451] cp210x 7-1:0.76: failed to get vendor val 0x370b size 1: -71 [ 115.902615][ T1451] cp210x 7-1:0.76: querying part number failed [ 115.907283][ T1451] usb 7-1: cp210x converter now attached to ttyUSB0 [ 115.913203][ T1451] cp210x 7-1:0.12: cp210x converter detected [ 115.915039][ T1451] cp210x 7-1:0.12: failed to get vendor val 0x370b size 1: -71 [ 115.916864][ T1451] cp210x 7-1:0.12: querying part number failed [ 115.919563][ T1451] usb 7-1: cp210x converter now attached to ttyUSB1 [ 115.923140][ T1451] cp210x 7-1:0.63: cp210x converter detected [ 115.925100][ T1451] cp210x 7-1:0.63: failed to get vendor val 0x370b size 1: -71 [ 115.927020][ T1451] cp210x 7-1:0.63: querying part number failed [ 115.930019][ T1451] usb 7-1: cp210x converter now attached to ttyUSB2 [ 115.932341][ T1451] usb 7-1: USB disconnect, device number 10 [ 115.936586][ T1451] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 115.938955][ T1451] cp210x 7-1:0.76: device disconnected [ 115.942600][ T1451] cp210x ttyUSB1: cp210x converter now disconnected from ttyUSB1 [ 115.944677][ T1451] cp210x 7-1:0.12: device disconnected [ 115.947263][ T1451] cp210x ttyUSB2: cp210x converter now disconnected from ttyUSB2 [ 115.950003][ T1451] cp210x 7-1:0.63: device disconnected [ 116.429741][ T39] audit: type=1326 audit(1727760129.526:1324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7435 comm="syz.2.619" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90697dff9 code=0x7ffc0000 [ 116.437526][ T39] audit: type=1326 audit(1727760129.526:1325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7435 comm="syz.2.619" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90697dff9 code=0x7ffc0000 [ 116.445317][ T39] audit: type=1326 audit(1727760129.526:1326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7435 comm="syz.2.619" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd90697dff9 code=0x7ffc0000 [ 116.451686][ T39] audit: type=1326 audit(1727760129.526:1327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7435 comm="syz.2.619" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90697dff9 code=0x7ffc0000 [ 116.457373][ T39] audit: type=1326 audit(1727760129.526:1328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7435 comm="syz.2.619" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90697dff9 code=0x7ffc0000 [ 116.463443][ T39] audit: type=1326 audit(1727760129.526:1329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7435 comm="syz.2.619" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd90697dff9 code=0x7ffc0000 [ 117.617971][ T5347] Bluetooth: hci3: command tx timeout [ 117.651673][ T5412] usb 6-1: USB disconnect, device number 12 [ 118.837832][ T55] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 118.997694][ T55] usb 5-1: Using ep0 maxpacket: 8 [ 119.000648][ T55] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 119.003194][ T55] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 119.005977][ T55] usb 5-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 119.010816][ T55] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 119.013542][ T55] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 119.016375][ T55] usb 5-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 119.021954][ T55] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 119.024529][ T55] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 119.027232][ T55] usb 5-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 119.033018][ T55] usb 5-1: string descriptor 0 read error: -22 [ 119.034708][ T55] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 119.036972][ T55] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 119.045303][ T55] adutux 5-1:168.0: interrupt endpoints not found [ 119.249231][ T1451] usb 5-1: USB disconnect, device number 8 [ 119.460306][ T7472] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 119.699430][ T5347] Bluetooth: hci3: command tx timeout [ 120.895692][ T39] kauditd_printk_skb: 146 callbacks suppressed [ 120.895705][ T39] audit: type=1326 audit(1727760133.986:1476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7511 comm="syz.1.644" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f057417dff9 code=0x7ffc0000 [ 120.904224][ T39] audit: type=1326 audit(1727760133.986:1477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7511 comm="syz.1.644" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f057417dff9 code=0x7ffc0000 [ 121.831411][ T39] audit: type=1400 audit(1727760134.926:1478): avc: denied { listen } for pid=7533 comm="syz.0.652" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 122.687059][ T39] audit: type=1326 audit(1727760135.776:1479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7550 comm="syz.0.657" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b34d7dff9 code=0x7ffc0000 [ 122.693472][ T39] audit: type=1326 audit(1727760135.776:1480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7550 comm="syz.0.657" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b34d7dff9 code=0x7ffc0000 [ 122.700676][ T39] audit: type=1326 audit(1727760135.796:1481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7550 comm="syz.0.657" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8b34d7dff9 code=0x7ffc0000 [ 122.712054][ T39] audit: type=1326 audit(1727760135.796:1482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7550 comm="syz.0.657" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b34d7dff9 code=0x7ffc0000 [ 122.723344][ T39] audit: type=1326 audit(1727760135.796:1483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7550 comm="syz.0.657" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b34d7dff9 code=0x7ffc0000 [ 122.731830][ T39] audit: type=1326 audit(1727760135.806:1484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7550 comm="syz.0.657" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8b34d7dff9 code=0x7ffc0000 [ 122.739002][ T39] audit: type=1326 audit(1727760135.806:1485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7550 comm="syz.0.657" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b34d7dff9 code=0x7ffc0000 [ 123.093183][ T5429] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 123.347687][ T5429] usb 6-1: Using ep0 maxpacket: 8 [ 123.352086][ T5429] usb 6-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 123.355131][ T5429] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 123.358065][ T5429] usb 6-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 123.362161][ T5429] usb 6-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 123.364848][ T5429] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 123.369799][ T5429] usb 6-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 123.373887][ T5429] usb 6-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 123.376529][ T5429] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 123.379560][ T5429] usb 6-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 123.385041][ T5429] usb 6-1: string descriptor 0 read error: -22 [ 123.386690][ T5429] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 123.389157][ T5429] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 123.393634][ T5429] adutux 6-1:168.0: interrupt endpoints not found [ 123.471786][ T7563] net_ratelimit: 5 callbacks suppressed [ 123.471798][ T7563] netlink: zone id is out of range [ 123.474601][ T7563] netlink: zone id is out of range [ 123.476664][ T7563] netlink: zone id is out of range [ 123.480143][ T7563] netlink: set zone limit has 4 unknown bytes [ 123.568899][ T7567] netlink: 8 bytes leftover after parsing attributes in process `syz.0.664'. [ 123.571729][ T7567] netlink: 9 bytes leftover after parsing attributes in process `syz.0.664'. [ 123.575955][ T7567] 1猉功D: entered promiscuous mode [ 123.577432][ T7567] 1猉功D: left allmulticast mode [ 123.581368][ T7567] netlink: 5 bytes leftover after parsing attributes in process `syz.0.664'. [ 123.584055][ T7567] 0猉功D: renamed from 31猉功D [ 123.587271][ T7567] 0猉功D: left promiscuous mode [ 123.589605][ T7567] 0猉功D: entered allmulticast mode [ 123.592057][ T7567] A link change request failed with some changes committed already. Interface 30猉功D may have been left with an inconsistent configuration, please check. [ 123.600587][ T830] usb 6-1: USB disconnect, device number 13 [ 123.647733][ T7569] netfs: Couldn't get user pages (rc=-14) [ 123.819241][ T7553] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 124.717786][ T7588] netlink: zone id is out of range [ 124.719739][ T7588] netlink: zone id is out of range [ 124.721690][ T7588] netlink: zone id is out of range [ 124.724894][ T7588] netlink: set zone limit has 4 unknown bytes [ 124.754876][ T7590] netlink: 8 bytes leftover after parsing attributes in process `syz.0.673'. [ 124.757702][ T7590] netlink: 9 bytes leftover after parsing attributes in process `syz.0.673'. [ 124.760621][ T7590] 0猉功D: entered promiscuous mode [ 124.762012][ T7590] 0猉功D: left allmulticast mode [ 124.765477][ T7590] netlink: 5 bytes leftover after parsing attributes in process `syz.0.673'. [ 124.768150][ T7590] 1猉功D: renamed from 30猉功D [ 124.771348][ T7590] 1猉功D: left promiscuous mode [ 124.772702][ T7590] 1猉功D: entered allmulticast mode [ 124.774536][ T7590] A link change request failed with some changes committed already. Interface 31猉功D may have been left with an inconsistent configuration, please check. [ 126.485788][ T7623] netlink: 8 bytes leftover after parsing attributes in process `syz.3.684'. [ 126.492079][ T7623] netlink: 9 bytes leftover after parsing attributes in process `syz.3.684'. [ 126.495694][ T7623] 0猉功D: entered promiscuous mode [ 126.497467][ T7623] 0猉功D: left allmulticast mode [ 126.504352][ T7623] netlink: 5 bytes leftover after parsing attributes in process `syz.3.684'. [ 126.507553][ T7623] 1猉功D: renamed from 30猉功D [ 126.510252][ T7623] 1猉功D: left promiscuous mode [ 126.511596][ T7623] 1猉功D: entered allmulticast mode [ 127.150761][ T7646] ieee802154 phy0 wpan0: encryption failed: -22 [ 128.016213][ T7661] netlink: 8 bytes leftover after parsing attributes in process `syz.0.697'. [ 128.046791][ T7661] 1猉功D: entered promiscuous mode [ 128.050264][ T7661] 1猉功D: left allmulticast mode [ 128.055139][ T7661] 0猉功D: renamed from 31猉功D [ 128.058173][ T7661] 0猉功D: left promiscuous mode [ 128.059502][ T7661] 0猉功D: entered allmulticast mode [ 129.211289][ T7690] netfs: Couldn't get user pages (rc=-14) [ 129.243069][ T7692] __nla_validate_parse: 2 callbacks suppressed [ 129.243133][ T7692] netlink: 8 bytes leftover after parsing attributes in process `syz.0.708'. [ 129.248323][ T7692] netlink: 9 bytes leftover after parsing attributes in process `syz.0.708'. [ 129.252165][ T7692] 0猉功D: entered promiscuous mode [ 129.253554][ T7692] 0猉功D: left allmulticast mode [ 129.259079][ T7692] netlink: 5 bytes leftover after parsing attributes in process `syz.0.708'. [ 129.261467][ T7692] 1猉功D: renamed from 30猉功D [ 129.263543][ T7692] 1猉功D: left promiscuous mode [ 129.264858][ T7692] 1猉功D: entered allmulticast mode [ 129.266744][ T7692] net_ratelimit: 7 callbacks suppressed [ 129.266752][ T7692] A link change request failed with some changes committed already. Interface 31猉功D may have been left with an inconsistent configuration, please check. [ 129.413312][ T7703] netlink: zone id is out of range [ 129.414565][ T7703] netlink: zone id is out of range [ 129.422768][ T7703] netlink: zone id is out of range [ 129.429906][ T7703] netlink: set zone limit has 4 unknown bytes [ 129.881166][ T39] kauditd_printk_skb: 50 callbacks suppressed [ 129.881229][ T39] audit: type=1326 audit(1727760142.976:1536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7715 comm="syz.3.717" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5716b7dff9 code=0x7ffc0000 [ 129.891859][ T39] audit: type=1326 audit(1727760142.976:1537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7715 comm="syz.3.717" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5716b7dff9 code=0x7ffc0000 [ 129.900034][ T39] audit: type=1326 audit(1727760142.976:1538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7715 comm="syz.3.717" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5716b7dff9 code=0x7ffc0000 [ 129.907099][ T39] audit: type=1326 audit(1727760142.976:1539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7715 comm="syz.3.717" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5716b7dff9 code=0x7ffc0000 [ 129.915979][ T39] audit: type=1326 audit(1727760142.976:1540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7715 comm="syz.3.717" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5716b7dff9 code=0x7ffc0000 [ 129.923221][ T39] audit: type=1326 audit(1727760142.986:1541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7715 comm="syz.3.717" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5716b7dff9 code=0x7ffc0000 [ 129.929330][ T39] audit: type=1326 audit(1727760142.996:1542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7715 comm="syz.3.717" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5716b7dff9 code=0x7ffc0000 [ 129.935294][ T39] audit: type=1326 audit(1727760142.996:1543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7715 comm="syz.3.717" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5716b7dff9 code=0x7ffc0000 [ 129.943811][ T39] audit: type=1326 audit(1727760142.996:1544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7715 comm="syz.3.717" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5716b7dff9 code=0x7ffc0000 [ 129.951985][ T39] audit: type=1326 audit(1727760142.996:1545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7715 comm="syz.3.717" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5716b7dff9 code=0x7ffc0000 [ 130.224038][ T7718] netlink: 8 bytes leftover after parsing attributes in process `syz.1.718'. [ 130.226781][ T7718] netlink: 9 bytes leftover after parsing attributes in process `syz.1.718'. [ 130.230003][ T7718] 1猉功D: entered promiscuous mode [ 130.231383][ T7718] 1猉功D: left allmulticast mode [ 130.236439][ T7718] netlink: 5 bytes leftover after parsing attributes in process `syz.1.718'. [ 130.239232][ T7718] 0猉功D: renamed from 31猉功D [ 130.241509][ T7718] 0猉功D: left promiscuous mode [ 130.242866][ T7718] 0猉功D: entered allmulticast mode [ 130.244839][ T7718] A link change request failed with some changes committed already. Interface 30猉功D may have been left with an inconsistent configuration, please check. [ 130.540664][ T7727] netfs: Couldn't get user pages (rc=-14) [ 130.600323][ T7729] netlink: zone id is out of range [ 130.601750][ T7729] netlink: zone id is out of range [ 130.603728][ T7729] netlink: zone id is out of range [ 130.609584][ T7729] netlink: set zone limit has 4 unknown bytes [ 130.710343][ T7738] netlink: 8 bytes leftover after parsing attributes in process `syz.0.727'. [ 130.712996][ T7738] netlink: 9 bytes leftover after parsing attributes in process `syz.0.727'. [ 130.720220][ T7738] 1猉功D: entered promiscuous mode [ 130.727918][ T7738] 1猉功D: left allmulticast mode [ 130.731513][ T7738] netlink: 5 bytes leftover after parsing attributes in process `syz.0.727'. [ 130.738777][ T7738] 0猉功D: renamed from 31猉功D [ 130.741459][ T7738] 0猉功D: left promiscuous mode [ 130.747921][ T7738] 0猉功D: entered allmulticast mode [ 131.666874][ T7768] netlink: 8 bytes leftover after parsing attributes in process `syz.2.737'. [ 131.673105][ T7768] gretap0: entered promiscuous mode [ 131.682009][ T7768] 0猉功D: renamed from gretap0 [ 131.684709][ T7768] 0猉功D: left promiscuous mode [ 131.686254][ T7768] 0猉功D: entered allmulticast mode [ 131.907773][ T55] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 131.927875][ T7784] 9pnet_virtio: no channels available for device syz [ 132.071029][ T55] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 132.074074][ T55] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 132.077111][ T55] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 132.080910][ T55] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 132.083645][ T55] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 132.098444][ T55] usb 6-1: config 0 descriptor?? [ 132.102344][ T7766] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 132.287728][ T35] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 132.447155][ T35] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 132.452774][ T35] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 132.455870][ T35] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 132.459663][ T35] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 132.462217][ T35] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 132.478033][ T35] usb 5-1: config 0 descriptor?? [ 132.479956][ T7786] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 132.500165][ T1376] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.502494][ T1376] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.587960][ T7769] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x7fd906b25 pfn:0x34976 [ 132.591422][ T7769] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 132.593779][ T7769] raw: 00fff00000000000 ffffea0000d529c8 ffffea0001a99548 0000000000000000 [ 132.596565][ T7769] raw: 00000007fd906b25 0000000000000000 00000000ffffffff 0000000000000000 [ 132.599430][ T7769] page dumped because: VM_BUG_ON_FOLIO(((unsigned int) folio_ref_count(folio) + 127u <= 127u)) [ 132.602769][ T7769] page_owner tracks the page as freed [ 132.604750][ T7769] page last allocated via order 0, migratetype Movable, gfp_mask 0x140dca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_ZERO), pid 7776, tgid 7776 (syz.2.742), ts 131797994867, free_ts 131835001999 [ 132.610727][ T7769] post_alloc_hook+0x2d1/0x350 [ 132.612314][ T7769] get_page_from_freelist+0x101e/0x3070 [ 132.614140][ T7769] __alloc_pages_noprof+0x223/0x25c0 [ 132.615881][ T7769] alloc_pages_mpol_noprof+0x2c9/0x610 [ 132.618003][ T7769] folio_alloc_mpol_noprof+0x36/0xd0 [ 132.619782][ T7769] vma_alloc_folio_noprof+0xee/0x1b0 [ 132.621522][ T7769] do_wp_page+0x14d8/0x49d0 [ 132.623025][ T7769] __handle_mm_fault+0x1a93/0x2a10 [ 132.624906][ T7769] handle_mm_fault+0x3fa/0xaa0 [ 132.626502][ T7769] do_user_addr_fault+0x60d/0x13f0 [ 132.628720][ T7769] exc_page_fault+0x5c/0xc0 [ 132.630262][ T7769] asm_exc_page_fault+0x26/0x30 [ 132.631909][ T7769] page last free pid 7776 tgid 7776 stack trace: [ 132.634047][ T7769] free_unref_folios+0x956/0x1310 [ 132.635717][ T7769] folios_put_refs+0x551/0x750 [ 132.637308][ T7769] free_pages_and_swap_cache+0x36d/0x510 [ 132.639423][ T7769] __tlb_batch_free_encoded_pages+0xf9/0x290 [ 132.641449][ T7769] tlb_finish_mmu+0x168/0x7b0 [ 132.643004][ T7769] exit_mmap+0x3df/0xb30 [ 132.644440][ T7769] __mmput+0x12a/0x480 [ 132.645786][ T7769] mmput+0x62/0x70 [ 132.647030][ T7769] do_exit+0x9bf/0x2d70 [ 132.648485][ T7769] do_group_exit+0xd3/0x2a0 [ 132.649994][ T7769] __x64_sys_exit_group+0x3e/0x50 [ 132.651659][ T7769] x64_sys_call+0x14a9/0x16a0 [ 132.653231][ T7769] do_syscall_64+0xcd/0x250 [ 132.654734][ T7769] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 132.657189][ T7769] ------------[ cut here ]------------ [ 132.659065][ T7769] kernel BUG at include/linux/mm.h:1444! [ 132.661062][ T7769] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 132.663540][ T7769] CPU: 2 UID: 0 PID: 7769 Comm: syz.3.738 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 132.668288][ T7769] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 132.671769][ T7769] RIP: 0010:__iov_iter_get_pages_alloc+0x1d10/0x2230 [ 132.673938][ T7769] Code: d1 8b 48 89 df e8 40 6b 45 fd 90 0f 0b 49 89 c5 e9 99 f6 ff ff e8 90 aa ff fc 48 c7 c6 40 3b d1 8b 4c 89 e7 e8 21 6b 45 fd 90 <0f> 0b e8 79 aa ff fc 4c 8b 64 24 48 49 83 ec 01 e9 94 fd ff ff 4c [ 132.680316][ T7769] RSP: 0018:ffffc900044a6cc0 EFLAGS: 00010293 [ 132.682310][ T7769] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000 [ 132.684932][ T7769] RDX: ffff888028528000 RSI: ffffffff848dde6f RDI: ffff888028528444 [ 132.687542][ T7769] RBP: ffffea0000d25db4 R08: 0000000000000001 R09: fffffbfff2dc49bd [ 132.690135][ T7769] R10: ffffffff96e24def R11: ffffffff815fbe4e R12: ffffea0000d25d80 [ 132.692730][ T7769] R13: ffff888033d8b000 R14: 0000000000001000 R15: 0000000000001000 [ 132.695317][ T7769] FS: 0000000000000000(0000) GS:ffff88806a800000(0000) knlGS:0000000000000000 [ 132.698253][ T7769] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.700432][ T7769] CR2: 00007fd907819d58 CR3: 00000000304b4000 CR4: 0000000000352ef0 [ 132.703025][ T7769] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 132.705868][ T7769] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 132.708541][ T7769] Call Trace: [ 132.709055][ T55] usbhid 6-1:0.0: can't add hid device: -71 [ 132.709634][ T7769] [ 132.709642][ T7769] ? die+0x31/0x80 [ 132.709660][ T7769] ? do_trap+0x232/0x430 [ 132.711331][ T55] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 132.712242][ T7769] ? __iov_iter_get_pages_alloc+0x1d10/0x2230 [ 132.712268][ T7769] ? __iov_iter_get_pages_alloc+0x1d10/0x2230 [ 132.718253][ T55] usb 6-1: USB disconnect, device number 14 [ 132.719448][ T7769] ? do_error_trap+0xf4/0x230 [ 132.719478][ T7769] ? __iov_iter_get_pages_alloc+0x1d10/0x2230 [ 132.719496][ T7769] ? handle_invalid_op+0x34/0x40 [ 132.719531][ T7769] ? __iov_iter_get_pages_alloc+0x1d10/0x2230 [ 132.730221][ T7769] ? exc_invalid_op+0x2e/0x50 [ 132.731914][ T7769] ? asm_exc_invalid_op+0x1a/0x20 [ 132.733588][ T7769] ? select_task_rq_fair+0x36e/0x44e0 [ 132.735376][ T7769] ? __iov_iter_get_pages_alloc+0x1d0f/0x2230 [ 132.737578][ T7769] ? __iov_iter_get_pages_alloc+0x1d10/0x2230 [ 132.739629][ T7769] ? __pfx___iov_iter_get_pages_alloc+0x10/0x10 [ 132.741687][ T7769] ? radix_tree_node_alloc.constprop.0+0x1b8/0x350 [ 132.743856][ T7769] ? delete_node+0x207/0x8e0 [ 132.745407][ T7769] iov_iter_get_pages_alloc2+0x53/0xf0 [ 132.747164][ T7769] p9_get_mapped_pages.part.0.constprop.0+0x4ca/0x7d0 [ 132.749366][ T7769] ? __pfx_p9_get_mapped_pages.part.0.constprop.0+0x10/0x10 [ 132.751694][ T7769] ? __pfx_p9pdu_vwritef+0x10/0x10 [ 132.753350][ T7769] p9_virtio_zc_request+0x1be/0x1390 [ 132.755101][ T7769] ? p9pdu_writef+0xc4/0x100 [ 132.756649][ T7769] ? __pfx_p9_virtio_zc_request+0x10/0x10 [ 132.758463][ T7769] ? __pfx_p9_tag_alloc+0x10/0x10 [ 132.760074][ T7769] ? rcu_is_watching+0x12/0xc0 [ 132.761872][ T7769] ? trace_9p_protocol_dump+0x192/0x220 [ 132.763656][ T7769] ? rcu_is_watching+0x12/0xc0 [ 132.765222][ T7769] ? p9_client_prepare_req+0x111/0x4d0 [ 132.766942][ T7769] ? __pfx_p9_client_prepare_req+0x10/0x10 [ 132.768801][ T7769] ? hlock_class+0x4e/0x130 [ 132.770240][ T7769] ? __pfx_mark_lock+0x10/0x10 [ 132.771844][ T7769] p9_client_zc_rpc.constprop.0+0x29a/0x880 [ 132.773800][ T7769] ? __pfx_p9_client_zc_rpc.constprop.0+0x10/0x10 [ 132.775904][ T7769] ? hlock_class+0x4e/0x130 [ 132.777397][ T7769] ? mark_lock+0xb5/0xc60 [ 132.778831][ T7769] ? __pfx_mark_lock+0x10/0x10 [ 132.780435][ T7769] ? __pfx_p9_virtio_zc_request+0x10/0x10 [ 132.782312][ T7769] p9_client_write+0x447/0x680 [ 132.783927][ T7769] ? __pfx_p9_client_write+0x10/0x10 [ 132.785662][ T7769] ? mark_held_locks+0x9f/0xe0 [ 132.787239][ T7769] v9fs_issue_write+0xe2/0x180 [ 132.788836][ T7769] ? __pfx_v9fs_issue_write+0x10/0x10 [ 132.790608][ T7769] ? rcu_is_watching+0x12/0xc0 [ 132.792196][ T7769] ? trace_netfs_sreq+0x193/0x220 [ 132.793884][ T7769] netfs_do_issue_write+0x92/0x110 [ 132.795590][ T7769] netfs_advance_write+0x164/0xc80 [ 132.797290][ T7769] ? netfs_buffer_append_folio+0x276/0x360 [ 132.799205][ T7769] netfs_write_folio+0xc19/0x1930 [ 132.800871][ T7769] netfs_writepages+0x2ba/0xb90 [ 132.802477][ T7769] ? __pfx_netfs_writepages+0x10/0x10 [ 132.804260][ T7769] ? __pfx___lock_acquire+0x10/0x10 [ 132.805949][ T7769] ? __pfx_netfs_writepages+0x10/0x10 [ 132.807723][ T7769] do_writepages+0x1a3/0x7f0 [ 132.809448][ T7769] ? __pfx_do_writepages+0x10/0x10 [ 132.811132][ T7769] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 132.812994][ T7769] ? do_raw_spin_lock+0x12d/0x2c0 [ 132.814660][ T7769] ? do_raw_spin_unlock+0x172/0x230 [ 132.816347][ T7769] ? _raw_spin_unlock+0x28/0x50 [ 132.817960][ T7769] ? wbc_attach_and_unlock_inode+0x597/0x940 [ 132.819957][ T7769] filemap_fdatawrite_wbc+0x148/0x1c0 [ 132.821739][ T7769] ? mark_lock+0xb5/0xc60 [ 132.823198][ T7769] __filemap_fdatawrite_range+0xb3/0xf0 [ 132.825070][ T7769] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 132.827320][ T7769] ? __lock_acquire+0x163e/0x3ce0 [ 132.829178][ T7769] ? __pfx___lock_acquire+0x10/0x10 [ 132.830868][ T7769] v9fs_dir_release+0x429/0x590 [ 132.832431][ T7769] ? __pfx_v9fs_dir_release+0x10/0x10 [ 132.834162][ T7769] ? __pfx___might_resched+0x10/0x10 [ 132.835859][ T7769] ? task_work_run+0x126/0x250 [ 132.837406][ T7769] ? __pfx_v9fs_dir_release+0x10/0x10 [ 132.839143][ T7769] __fput+0x3f6/0xb60 [ 132.840495][ T7769] ? _raw_spin_unlock_irq+0x23/0x50 [ 132.842145][ T7769] task_work_run+0x14e/0x250 [ 132.843618][ T7769] ? __pfx_task_work_run+0x10/0x10 [ 132.845296][ T7769] ? do_raw_spin_unlock+0x172/0x230 [ 132.847016][ T7769] do_exit+0xadd/0x2d70 [ 132.848408][ T7769] ? proc_coredump_connector+0x2d2/0x4f0 [ 132.850293][ T7769] ? __pfx_do_exit+0x10/0x10 [ 132.851808][ T7769] ? dequeue_signal+0x1e0/0x720 [ 132.853360][ T7769] do_group_exit+0xd3/0x2a0 [ 132.854826][ T7769] get_signal+0x25fb/0x2770 [ 132.856349][ T7769] ? __pfx_get_signal+0x10/0x10 [ 132.857952][ T7769] ? do_send_specific+0x15d/0x370 [ 132.859602][ T7769] arch_do_signal_or_restart+0x90/0x7e0 [ 132.861332][ T7769] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 132.863326][ T7769] syscall_exit_to_user_mode+0x150/0x2a0 [ 132.865180][ T7769] do_syscall_64+0xda/0x250 [ 132.866676][ T7769] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 132.868566][ T7769] RIP: 0033:0x7f5716b3608b [ 132.870022][ T7769] Code: Unable to access opcode bytes at 0x7f5716b36061. [ 132.872312][ T7769] RSP: 002b:00007ffc4000e7b0 EFLAGS: 00000246 ORIG_RAX: 00000000000000ea [ 132.875043][ T7769] RAX: 0000000000000000 RBX: 0000000000000073 RCX: 00007f5716b3608b [ 132.877619][ T7769] RDX: 0000000000000006 RSI: 0000000000000073 RDI: 0000000000000073 [ 132.880201][ T7769] RBP: 0000000000000006 R08: 0000000000000000 R09: 0000555563ed0740 [ 132.882763][ T7769] R10: 0000000000000008 R11: 0000000000000246 R12: 00007f5716bdae48 [ 132.885337][ T7769] R13: 0000000000000088 R14: 00007f5716bdb9a8 R15: 0000000000000000 [ 132.887913][ T7769] [ 132.888935][ T7769] Modules linked in: [ 132.890753][ T7769] ---[ end trace 0000000000000000 ]--- [ 132.894578][ T7769] RIP: 0010:__iov_iter_get_pages_alloc+0x1d10/0x2230 [ 132.896356][ T7769] Code: d1 8b 48 89 df e8 40 6b 45 fd 90 0f 0b 49 89 c5 e9 99 f6 ff ff e8 90 aa ff fc 48 c7 c6 40 3b d1 8b 4c 89 e7 e8 21 6b 45 fd 90 <0f> 0b e8 79 aa ff fc 4c 8b 64 24 48 49 83 ec 01 e9 94 fd ff ff 4c [ 132.901171][ T7769] RSP: 0018:ffffc900044a6cc0 EFLAGS: 00010293 [ 132.902846][ T7769] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000 [ 132.904834][ T7769] RDX: ffff888028528000 RSI: ffffffff848dde6f RDI: ffff888028528444 [ 132.906833][ T7769] RBP: ffffea0000d25db4 R08: 0000000000000001 R09: fffffbfff2dc49bd [ 132.908921][ T7769] R10: ffffffff96e24def R11: ffffffff815fbe4e R12: ffffea0000d25d80 [ 132.910922][ T7769] R13: ffff888033d8b000 R14: 0000000000001000 R15: 0000000000001000 [ 132.912919][ T7769] FS: 0000000000000000(0000) GS:ffff88806a900000(0000) knlGS:0000000000000000 [ 132.915080][ T7769] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.916749][ T7769] CR2: 0000000000000000 CR3: 0000000030c00000 CR4: 0000000000352ef0 [ 132.919343][ T7769] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 132.921316][ T7769] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 132.923277][ T7769] Kernel panic - not syncing: Fatal exception [ 132.925280][ T7769] Kernel Offset: disabled [ 132.926331][ T7769] Rebooting in 86400 seconds.. VM DIAGNOSIS: 05:22:25 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=ffffc90003d47f58 RCX=fffff520007a8f67 RDX=ffff888022dba440 RSI=ffffffff817d4998 RDI=ffffc90003d47f58 RBP=ffffc90003d47f48 RSP=ffffc90003d47f20 R8 =fffff520007a8f8e R9 =0000000000000000 R10=ffffffff905f2b8f R11=0000000000000001 R12=00000000000000e6 R13=00000000000000e6 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff8b21c2e0 RFL=00000296 [--S-AP-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 000055556366e500 ffffffff 00c00000 GS =0000 ffff88806a600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020ab0000 CR3=000000004ff4c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd9069f1133 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd9069f1140 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd9069f113a ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd9069f114e ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd9069f11d4 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd9069f12b2 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd906b0b488 00007fd906b0b480 00007fd906b0b478 00007fd906b0b450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd90766d100 00007fd906b0b440 00007fd906b00004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd906b0b498 00007fd906b0b490 00007fd906b0b488 00007fd906b0b480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=00000000003a633c RBX=0000000000000001 RCX=ffffffff8b21cdd9 RDX=ffffed100d4e7026 RSI=ffffffff8bd19cc0 RDI=ffffffff81647efc RBP=ffffed1003c55910 RSP=ffffc90000187e08 R8 =0000000000000000 R9 =ffffed100d4e7025 R10=ffff88806a73812b R11=0000000000000001 R12=0000000000000001 R13=ffff88801e2ac880 R14=ffffffff905f2b88 R15=0000000000000000 RIP=ffffffff8b21e1bf RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020026000 CR3=000000001207a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=ac56471aac56471a ac56471aac56471a ac56471aac56471a ac56471aac56471a ac56471aac56471a ac56471aac56471a ac56471aac56471a ac56471aac56471a ZMM22=25250b2825250b28 25250b2825250b28 25250b2825250b28 25250b2825250b28 25250b2825250b28 25250b2825250b28 25250b2825250b28 25250b2825250b28 ZMM23=7605effe7605effe 7605effe7605effe 7605effe7605effe 7605effe7605effe 7605effe7605effe 7605effe7605effe 7605effe7605effe 7605effe7605effe ZMM24=4b7f9aa24b7f9aa2 4b7f9aa24b7f9aa2 4b7f9aa24b7f9aa2 4b7f9aa24b7f9aa2 4b7f9aa24b7f9aa2 4b7f9aa24b7f9aa2 4b7f9aa24b7f9aa2 4b7f9aa24b7f9aa2 ZMM25=318d7ee1318d7ee1 318d7ee1318d7ee1 318d7ee1318d7ee1 318d7ee1318d7ee1 318d7ee1318d7ee1 318d7ee1318d7ee1 318d7ee1318d7ee1 318d7ee1318d7ee1 ZMM26=41bfe2dc41bfe2dc 41bfe2dc41bfe2dc 41bfe2dc41bfe2dc 41bfe2dc41bfe2dc 41bfe2dc41bfe2dc 41bfe2dc41bfe2dc 41bfe2dc41bfe2dc 41bfe2dc41bfe2dc ZMM27=499a1b1d499a1b1d 499a1b1d499a1b1d 499a1b1d499a1b1d 499a1b1d499a1b1d 499a1b1d499a1b1d 499a1b1d499a1b1d 499a1b1d499a1b1d 499a1b1d499a1b1d ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=1706000017060000 1706000017060000 1706000017060000 1706000017060000 1706000017060000 1706000017060000 1706000017060000 1706000017060000 info registers vcpu 2 CPU#2 RAX=0000000000000055 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff850a6d05 RDI=ffffffff9aae1b80 RBP=ffffffff9aae1b40 RSP=ffffc900044a65e0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=552032203a555043 R12=0000000000000000 R13=0000000000000055 R14=ffffffff850a6ca0 R15=0000000000000000 RIP=ffffffff850a6d2f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fd907819d58 CR3=00000000304b4000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000080008 Opmask01=00000000ffffffff Opmask02=00000000fff80001 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc89c2e1d0 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c5f5f0045544156 4952505f4342494c ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000042494c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6362696c5f5f0045 5441564952505f43 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f6e3a6d5e007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f4b1f485e005600 0b56000041000b56 000040494a564b4a 460a5340410a000a ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=1ffff92000d41f01 RCX=ffffffff81fb0900 RDX=ffff888026ca2440 RSI=0000000000000000 RDI=0000000000000007 RBP=000000000004c6a9 RSP=ffffc90006a0f800 R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000008 R11=000000000000500e R12=ffff88807ffd6660 R13=0000000000000008 R14=0000000000000001 R15=ffffea000131aa40 RIP=ffffffff818d88f0 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a900000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007faef9e67d60 CR3=000000002eb36000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000002020004 Opmask01=00000000000000ff Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007faef930b6a3 00007faef930b6a3 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd06a02980 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555785a00d4 00005555785a00d0 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557859a4a8 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555785a56e4 00005555785a53d0 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557859d354 000055557859d350 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0800199003000800 1988030008001980 0303ffffffff0418 f00303ffffffff04 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100100002010aa0 010800020104a400 1000001000018c80 0406014ed4002377 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 61726469682f7665 642f01ffffffffff ffffffe508018c80 0301a01000188004 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 141000060101ee00 0800199003000800 1988030008001980 0303ffffffff0418 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 f00303ffffffff04 18e00300080018d8 0300080018d00300 080018c803000800 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000