last executing test programs: 3.103940414s ago: executing program 2 (id=2663): socket$netlink(0x10, 0x3, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000040), 0x20, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r0, 0xc00864bf, &(0x7f0000000000)) r1 = syz_open_dev$dri(&(0x7f0000000040), 0x200, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='proc\x00', 0x0, 0x0) iopl(0x3) r2 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) iopl(0xf) fchmodat(r2, &(0x7f0000000700)='./bus\x00', 0x0) ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r1, 0xc00864bf, &(0x7f0000000140)) fcntl$getownex(0xffffffffffffffff, 0x10, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wg2\x00', 0x0}) sendmsg$nl_route_sched_retired(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000940)=@newqdisc={0x138, 0x24, 0x100, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r3, {0x7}, {0xd, 0x10}, {0xa, 0xb}}, [@q_dsmark={{0xb}, {0x20, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x3e0c}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x3f}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x2}]}}, @q_dsmark={{0xb}, {0x4}}, @q_dsmark={{0xb}, {0xc, 0x2, [@TCA_DSMARK_INDICES={0x6}]}}, @q_dsmark={{0xb}, {0x4}}, @q_dsmark={{0xb}, {0x6a, 0x2, [@TCA_DSMARK_INDICES={0x6, 0x1, 0x1}, @TCA_DSMARK_INDICES={0x6}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x7}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x101}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x3}]}}, @q_dsmark={{0xb}, {0x30, 0x2, [@TCA_DSMARK_INDICES={0x6, 0x1, 0x34}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0xfffe}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x8}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x6}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x4}]}}, @q_dsmark={{0xb}, {0x30, 0x2, [@TCA_DSMARK_INDICES={0x6, 0x1, 0x2d}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x8}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0xffc0}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x5}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x25}]}}]}, 0x138}, 0x1, 0x0, 0x0, 0x20000040}, 0x20004051) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r5, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000580)={0x0, 0x1, 0x0, &(0x7f0000000100)=""/47, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, 0x0, &(0x7f0000000500)=""/69, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f00000016c0)) syz_pidfd_open(0x0, 0x0) ioctl$VHOST_SET_LOG_BASE(r5, 0x4008af00, &(0x7f00000000c0)) r6 = eventfd(0x0) ioctl$VHOST_SET_LOG_FD(r5, 0x4004af07, &(0x7f0000000180)=r6) ioctl$VHOST_VSOCK_SET_RUNNING(r5, 0x4004af61, &(0x7f0000000040)=0x1) 2.805791735s ago: executing program 2 (id=2667): syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00') prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='tlb_flush\x00'}, 0x10) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x1, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x100000, 0x2}, 0x48) r2 = signalfd(0xffffffffffffffff, &(0x7f00007aeff8), 0x8) mkdir(&(0x7f00000000c0)='./control\x00', 0x0) close(r2) r3 = inotify_init1(0x0) r4 = epoll_create(0x6) mount$9p_fd(0x0, &(0x7f0000000040)='./control\x00', &(0x7f0000000100), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB]) r5 = inotify_add_watch(r3, &(0x7f0000000180)='./control\x00', 0xa7000be0) close(r2) r6 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$sock_timeval(r6, 0x1, 0x42, 0x0, &(0x7f0000000040)) open(&(0x7f0000000080)='./control\x00', 0x0, 0x0) write$FUSE_IOCTL(0xffffffffffffffff, 0x0, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000150000009500"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r7, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0857f9f582f0300000000000000", 0x0, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x7}, 0x48) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0xd, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b5af8ff000000cfbfa200000000000007020000f86b5558c7b1ca2e75cdd04f65995dffffffb703000018000000b704000000000000860000001e00000085000000a000000095bd05672b5921cf5e0cad87e486b4f05019d59e95e541e881f246c0bb1b37834cc3dccd09d318291b362e90debfa5054252b790372feb43ab1e2735941b5a", @ANYBLOB="3af3168ccd6e0d92e462d651dbcacc73f4886b3d3c99d5415b342bf75c6fcdd0a03b70af8f3b15a26020331f757a472ebb507a18525ded04bffcf5b3da57c98de49bf2d285d6ba4eb95cdcf378db7e811debc04c17f81d0a2da0526fa97ba39a7173240053193148c53741c159383f762e9e7042246e9e3e3bee2b45ebb7ccf2dc8dfbaf2f49649a7d7fd8b7b7cb8d8b808f4b71538f819666b8e212f42ee4f102b0dabc0463fcb04fbe770e34a226730637c7498820f8b9c82bab1e81f9d8cbaceca81c755b4d8a2e9ac3293102327bbd8f8825480002a3894c241376530a606ead8bf0", @ANYRESDEC=r7, @ANYRES64=r5], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000580)={r9, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000002c0)="12cdde26e7c496e99a9cf8625ec9", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) socket$nl_route(0x10, 0x3, 0x0) r10 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs2/binder-control\x00', 0x2, 0x0) ioctl$BINDER_CTL_ADD(r10, 0xc1086201, &(0x7f0000000180)={'binder0\x00'}) r11 = socket(0x10, 0x2, 0x0) getsockname$packet(r11, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) 2.661299757s ago: executing program 3 (id=2669): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_DEL(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) 2.636729248s ago: executing program 3 (id=2671): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_GET(r1, 0x0, 0x14) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x44, 0x16, 0xa, 0x203, 0x0, 0x0, {}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x18, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x4}]}]}], {0x14}}, 0x6c}}, 0x240000f0) syz_emit_ethernet(0x22, &(0x7f0000000400)=ANY=[@ANYBLOB="aaaaaaaa9936127190ebc2008594b919aaaaffffffffffff88644500003c000000570006907800000000ac1e000100000000006bcd0000000000000000000000000000000000000000000000000000000000000000000cd267c71fd3b520f671530a8730b9e47c09efc5144b3748ef71d40d744186558815f91371cce3625cf5c2d9fe333ba296ff37026abf0046a707c3dd74c283e1052b13ff6fcf646367bf2aded99e55e9c5747c0bbf5ba580058f47e82f465808315f66e2d3d20a90343453f9a3c2bf229ddbce9b6e1de187b18abf756c0c0f65db4721d3b036b97e"], 0x0) r2 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_ERR_FILTER(r2, 0x65, 0x7, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f00000000c0)={'vcan0\x00'}) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r3}, 0x10) r4 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r4, &(0x7f0000000140)='^', 0x34000, 0x0, &(0x7f0000004ff0)={0x2, 0x0, @rand_addr=0xfffffffffffffffe}, 0x10) listen(r4, 0xda90) accept4(r1, 0x0, 0x0, 0x80000) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r5 = getpid() process_vm_readv(r5, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) ioctl$INCFS_IOC_CREATE_FILE(0xffffffffffffffff, 0xc058671e, &(0x7f0000001980)={{'\x00', 0x3}, {0x7}, 0x0, 0x0, 0x0, &(0x7f0000001900)='./file1/file4/file7\x00', 0x0, &(0x7f00000018c0)="9bc7d6d416541c380d4d2dbb9bb1c39df1114ecadc9792e3a688c89c776312cf4a553478124e80c86d0f365157b4493465de3c3e52343930d9e23b", 0x3b, 0x0, &(0x7f0000002c00)=ANY=[], 0x10f2}) mkdirat(0xffffffffffffff9c, 0x0, 0x0) ioperm(0x0, 0x0, 0x10000) syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00') prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) socket$kcm(0x29, 0x2, 0x0) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x6) socket$nl_xfrm(0x10, 0x3, 0x6) openat$dsp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000040)='net/rt_cache\x00') pread64(r6, &(0x7f0000000200)=""/158, 0xc4, 0x80) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') 2.520819888s ago: executing program 0 (id=2673): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000040000b70400000000000085000000c300000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x15, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffea3, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10) r2 = socket(0x10, 0x3, 0x0) r3 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f0000000140)={0x0}, 0x20) sendto$inet6(r2, &(0x7f0000000300)="7800000018002507b9409b02ffff48000203be04020406050a08040c5c000900580004020a0000000d0085a168d0bf46d32345653600648d270016000a09000049935ade4a460c89b6ec0cff3959547f509058ba86c902007a00004a320004070b0015000a0000000000e000e218d1dd3b6ed538640f3250", 0x78, 0x0, 0x0, 0x0) 2.519818984s ago: executing program 0 (id=2674): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000580)={'wlan0\x00'}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)={0x54, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME={0x38, 0x33, @disassoc={{{}, {}, @device_b}, 0x0, @val={0x8c, 0x18, {0x0, '\x00', @long="8c58ea25b8b4fa85433c7c90bed82811"}}}}]}, 0x54}}, 0x0) sendmsg$NL80211_CMD_PROBE_MESH_LINK(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000080)={0x20, r1, 0x1, 0x0, 0x0, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x20}}, 0x0) r5 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2) ioctl$VIDIOC_DQBUF(r5, 0xc04c5611, &(0x7f0000000180)=@overlay={0x0, 0x5, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "e73b7cdb"}}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r6 = socket(0xa, 0x1, 0x0) close(r6) r7 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000020c0)=[@in6={0xa, 0x4e21, 0x0, @mcast1, 0x34}]}, &(0x7f0000002100)=0xc) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r6, 0x84, 0x4, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @local}}}, &(0x7f0000003c00)=0x90) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000b, 0x4031, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r8 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r8, &(0x7f0000000580)=[{&(0x7f0000000640)=""/102396, 0x18ffc}], 0x1, 0x0, 0x0) syz_open_dev$radio(0x0, 0xffffffffffffffff, 0x2) r9 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r9, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @remote, 0x0, 0x1, 'none\x00'}, 0x2c) r10 = openat$vimc1(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$VIDIOC_EXPBUF(r10, 0xc0405610, &(0x7f0000000180)={0xa}) setsockopt$IP_VS_SO_SET_ADD(r9, 0x0, 0x482, &(0x7f0000000000)={0x11, @multicast1, 0x0, 0x1000002, 'lblcr\x00'}, 0x2c) setsockopt$IP_VS_SO_SET_FLUSH(r9, 0x0, 0x485, 0x0, 0x0) syz_usb_ep_read(0xffffffffffffffff, 0x0, 0x73, &(0x7f0000000000)=""/115) 2.472441502s ago: executing program 2 (id=2676): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1802000070b20b5b0e550bd3d771cb9a8400000002000000dc7c9aa93dbed7c01954f782e193179358cfe827505a72c41b54b07fa061ac51d5db6f"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10) r3 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) sync() r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) eventfd2(0x0, 0x0) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000140)={'nr0\x00', 0x6132}) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, 0x0) ioctl$TUNDETACHFILTER(r5, 0x401054d6, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.sectors\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r7, 0x0) futex(&(0x7f0000000000), 0x8c, 0x1, 0x0, 0x0, 0x0) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r4, 0xc018aec0, &(0x7f0000000140)={0x2}) mount$overlay(0x0, 0x0, &(0x7f0000000380), 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48) bpf$MAP_DELETE_ELEM(0x2, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x2, 0x0}, 0x8) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, r8, r7, 0x0, 0x0, 0x0, 0x0}, 0x90) process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}], 0x1, &(0x7f0000008640)=[{0x0}], 0x1, 0x0) 2.240820655s ago: executing program 2 (id=2678): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) (async) r2 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x88e40) ioctl$CEC_DQEVENT(r2, 0xc0506107, 0x0) (async) ioctl$CEC_DQEVENT(r2, 0xc0506107, 0x0) (async) capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) r3 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$CAPI_MANUFACTURER_CMD(r3, 0xc0104320, 0x0) (async) sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="050000000000000000002100000008000300", @ANYRESHEX], 0x1c}}, 0x0) (async) syz_80211_inject_frame(0x0, 0x0, 0x3a) r4 = socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) (async) socket$inet6(0xa, 0x4, 0xffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) (async) r5 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r5, 0x4000000000000, 0x40, &(0x7f0000000040)=@raw={'raw\x00', 0x4001, 0x3, 0x240, 0x0, 0x720d, 0x148, 0x0, 0x148, 0x1a8, 0x240, 0x240, 0x1a8, 0x240, 0x7fffffe, 0x0, {[{{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0xffffffffffffffff}, {0xffffffffffffffff, [0x6, 0xb2cc575b459b5b33, 0x4, 0x2, 0x1]}}}}, {{@uncond, 0x0, 0x98, 0xd8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@inet=@TCPOPTSTRIP={0x40}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0xff9c) r6 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r6, &(0x7f0000003580)={0x2, 0x0, @dev}, 0x10) (async) r7 = userfaultfd(0x80001) ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f0000000040)) (async) ioctl$UFFDIO_COPY(r7, 0xc028aa05, &(0x7f0000000340)={&(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x3000, 0x7}) (async) socket$inet(0x2, 0x4000000000000001, 0x0) (async) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200047fd, &(0x7f0000000440)={0x2, 0x0, @private=0xa010102}, 0x10) bind$inet(r6, &(0x7f0000000040)={0x2, 0x4e21, @empty}, 0x10) (async) connect$inet(r6, &(0x7f0000000140)={0x2, 0x4e21, @empty}, 0x10) (async) getsockopt$inet_pktinfo(r5, 0x0, 0x8, &(0x7f00000004c0)={0x0, @remote, @private}, &(0x7f0000000500)=0xc) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r8, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000016c0)=ANY=[@ANYBLOB="440000001002370400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b00010067656e657665000014000280060005004e2300000500090000000000"], 0x44}, 0x1, 0x0, 0x0, 0x40004}, 0x0) 2.191194722s ago: executing program 2 (id=2679): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_DEL(r0, &(0x7f0000000380)={0x0, 0xe, &(0x7f0000000140)={&(0x7f0000000240)={0x40, 0xa, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_ADT={0x10, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBPRIO={0x8}}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_LINENO={0x8}]}, 0x40}}, 0x0) 2.19089208s ago: executing program 2 (id=2680): syz_usb_connect(0x0, 0x36, &(0x7f00000002c0)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0) r0 = socket$netlink(0x10, 0x3, 0x4) writev(r0, &(0x7f0000000080)=[{&(0x7f0000000340)="480000001400190d09034beafd0d36020a841a000000230f00000000a2bc5603ca00000f7f89004e00200000000101ff00c00e03000200000000000000000300005839c900910000", 0x48}], 0x1) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/mdstat\x00', 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x60, 0x2, 0x6, 0x1, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xe, 0x3, 'bitmap:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0x80ffffaf}}, @IPSET_ATTR_MARKMASK={0x8, 0xb, 0x1, 0x0, 0x10}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x60}}, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00') r3 = socket(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), r3) sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)={0x14, 0x4, 0x1, 0x401, 0x0, 0x0, {0x7, 0x0, 0x4}, ["", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40800}, 0x80) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000000040)={'wlan1\x00', 0x400}) r7 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000300)={'rose0\x00', 0x0}) r9 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r9, &(0x7f00000000c0)={0x0, 0x22, &(0x7f00000001c0)={&(0x7f0000000a00)=ANY=[@ANYBLOB="2000000011000100"/20, @ANYRES32=r8], 0x20}}, 0x0) lseek(r1, 0x59, 0x0) r10 = socket$inet6_mptcp(0xa, 0x1, 0x106) close_range(r10, 0xffffffffffffffff, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000140)={&(0x7f00000004c0)={0x218, 0x34, 0x2, 0x70bd2c, 0x25dfdbfc, {0x81}, [@nested={0x155, 0x66, 0x0, 0x1, [@typed={0x8, 0x91, 0x0, 0x0, @ipv4=@remote}, @generic="329e371f883b9f627410bf5fbcf34373c1cd837a13389fe8a84f4722c98fa29c929f5b", @generic="8b7119a271d681abef423a17a3e2623f870db1ac4d1ac92201b40cff8122991eee50e314a54954ae261d4c38c1a15662c705501f9d00511f7a57cf910ca9940a057950555950da4d87a8e2e5dda03caa70c1", @typed={0x8, 0x23, 0x0, 0x0, @fd=r1}, @typed={0x8, 0x7, 0x0, 0x0, @u32=0x3a695b31}, @typed={0x8, 0x6b, 0x0, 0x0, @fd=r10}, @generic="4667fdd0bfe5cf2355fcb394dafb1d40b7d5982f3d63ef3014435e22ac591dc4f08520debf153c598ddbaaeb5ce2faf7fd1e908c65ca4a00d06c90afba832aba7955e07fa04386d5b66e9573e229943623ecfbe4c232ced0b0f3621174514b67d1e34041ccfb1a9ea0ac908f3f42243a83809c211ed7965a0532c0ffa8e423d66557e445c7c73b2d8233262d3b312bfb11cd85d9498ab77197b868cd09449c7edda3a6c0ede18e817278d45f", @typed={0xf, 0x12e, 0x0, 0x0, @str='/dev/iommu\x00'}]}, @generic="f39d29d9347a56050349cd71b24457608139a3ad1edd", @generic="9c1ac800c9ba0beabe68edc4f4e45a347ae595c9f8b36e0e140c1153ada9908be8a2e06fb255c61fb9cf8ffa5bccd0339d7b961768ce9a36efdfba7a52483691ad83cf1f81d9e05dd4b1eaf8df4fa7e317d5a64cafcdd24558a1907c08fa044f73ac49b3dc65a27cbe02c650d766548a266de61920fa48908c813e969b1a2ea4c25023c3044699a971ca2be86967ab189ba478cb"]}, 0x218}, 0x1, 0x0, 0x0, 0x40}, 0x0) ioctl$EVIOCSCLOCKID(0xffffffffffffffff, 0x400445a0, &(0x7f0000000080)=0xb309) 2.07922202s ago: executing program 1 (id=2681): socketpair(0x1e, 0x5, 0x0, &(0x7f0000000000)={0x0, 0x0}) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.net/syz1\x00', 0x200002, 0x0) r2 = openat$cgroup_ro(r1, &(0x7f0000000200)='blkio.bfq.io_service_time\x00', 0x26e1, 0x0) mkdirat(r2, &(0x7f0000000380)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) open(&(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1e5242, 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)) mknod(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) mount(&(0x7f00000012c0)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000001300)='./file0\x00', &(0x7f0000001340)='ocfs2\x00', 0x0, &(0x7f0000001380)='/dev/autofs\x00') setrlimit(0x1, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0) pwritev2(r3, &(0x7f0000000500)=[{&(0x7f0000000340)}], 0x1, 0x1ffffff, 0x1, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000002000000000000000000001e95"], &(0x7f0000000040)='GPL\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x2000000, 0xe, 0x2a, &(0x7f0000000000)="fef351f64d23421a5b4e415288ca", 0x0, 0xfffefffe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) pwrite64(0xffffffffffffffff, &(0x7f0000000340)='C', 0xfe04, 0x100000002) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) chdir(&(0x7f0000000280)='./file0\x00') r6 = open(&(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0) getdents(r6, 0x0, 0x0) getdents(r6, 0x0, 0x0) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001340)=ANY=[@ANYBLOB="5c0000000206010100000000000000000000000005000100070000000900020073797a30000064900c00078008000640000000200500050002000000050004000000000016000300686173683a6e65742c706f72742c6e65740000009e1846e264489ecf471b7674333e3eda5965e4d7dbc7b69673df722956c51c009d6d5d8d20ff9326fbaac5fca7a7a0ab68f2848c2c368c8bc1b6d6ba6e46371cbf34a51c5f9efc43e1e5597e5282367dcaebe92ea93b6240e7953902774b815df85d887b099e364813"], 0x5c}}, 0x0) fallocate(0xffffffffffffffff, 0x3, 0xfffffffb, 0xffeffeff000) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) rename(&(0x7f0000000600)='./file0\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') close(r2) write$cgroup_type(r2, &(0x7f0000000080), 0x11ffffce1) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000001c0)={0xffffffffffffffff, &(0x7f00000036c0)="affa71c4988cd7636ecb6e16c1a03c87cb040b7b909c83dbbbbdc3b2d0675a3093b4ac0dab7f46e14395db58d0ab7fbcfcaf48d17568f54e2cdec470672f7053290a986384dedd6f6afda43830f361f2ec81539fb48c490c05988674c8dc91f81cb966328b9e8baf53f639fc373151d005de16fefcbb5f5fba736663b4f56b27b1c34a72490e3297513788db1dc7873c04eccb0f53cc3f8df8f7290a665e809a6542efdde5981f0165a3ae52e51ecae8a6761d5e8b83128c80ac83f133adcc46837341d67fb7e19686745e537967065b39e33f000d9d38b5d6d2ef4e477b2d39666903de586aa6fe22bfdcc3fe2a61dbcf77c4b7ba22c8a0ecc3781f2dc2fe4785d001946596a1a6ce10bdedfdfdb51adcd7474f4ff6816d8eff2fabac1859e42e9394558aa70400c1c10f6a5a2da8ce2e8fb0ac87c7337436a7a5622705b7b085fe40d970524171825f7d2848151eafba8913054323223a18654e180b50215438f856cc436bab6c44953586bb05a7750a56da9fd5d3861bafed4a7837786712d44df7b04a43dfc03c2af0efa4091f360d9ad3d8055d7f70b3cab083b792388dfdc2b852a585e8389826c16db04de8fb9077821643b80fdd087c370fdfb186250e80b988d1c62c7c83ea2b0549d4c1bdbfe7b83bbd2f0cac41eaa96fbb9c325001d5b0eec8003ba925bbed8accc4d8e246b2595249c0c4571973d7a1427d4b885ae7edeed886a5e9cb664519fb9064c7c4e1f6eeac881bfa0c874423db9574e2248ecb32881fde661b9511330a07e787a72099ed0d213a804a29d27bf37755833405039f330879bca11e4c61c09398c15ade888168b16a192311ff43e6fde0ceaa2c4dac911a869006867c10b848d7ec584473e768c6476629084806ee15353a2ab664851e1bb5cab18a451a24b63563c11c1e6d193f910b9f009b581f155c4840a5fe57b7e3cde96d5802e1771884240e50616ddeef92edd11e9a8a49414605b5f6a90eb5ce6862d342786e4131818c03257eb5443126e6f0ea4ee0fbb4fc72810a5a024aefc75de4cac6c73643d8373dcce403bb078d34a04fc554e94d5e3d25358f3feb69c229fbc7c5bdbf0c65f1ff78457972eb1325964e5779c6c8d7e83b06b776a68d1fa26f6bdabe8ae2f1aec6648ed9d0c1d4b5390be458ae38414df1abfff157b31f5d3f27ecd1a5545225faf9bcbdc2fca8657f193e7a24beda1e915c72ee170957382ae0fffd419c17bca6f17b9da21288158f36312829122d0580ed9afe8f6cc609283972a23496e464c9da63ec4d5290eb7156ec6d20dc67ba6201f68fc05ab0136a1d29e36d3ec417d154aa417bd91ee54fbc710e31986cbd1c651da4d9895bd68206a5558ff0b7505c90967ee23be9174f1ebbb0e7a84355d9fbd5c8f923f26211e1d9f2ea1aeb090d54e25f5fc95f7a28944d7d596fd0d5f9f51e8a89a340265a62bc75a2d149efb5a84bd2f7fa46cba632d7a56e46327471b801163f9e67960fc254a04d878596cff34174a5b33a608d19da965abd32f284765257d90c6afa712795b01c861a87ff4afd49b21c0b38d016c82f4ef0dcad0ce8e7954467e674cbc533390b89869fff874b1f76330464bf6e04da93b67f3b4a712403bc8179a3aaa1693b301099d42619daa71fc9ed1132fbb46519891a1969cd7a96f4c60f3109beb8ac00b89dc298eb835e412a74d4256a6010e04e0d6f431f013c5c026a256bcccc29560885c501904d856b20f085deca0d936bc52be106c016b59a97069aa29539df671c0c0572f869ee088a2f9163ac39f90847632cae0cac99432cb3cdd32a76c595dd94df265b63fc7a1c901244f5ed05b7e8d7ffe65eb600a05f5c1a0d1ea118d6efd23599f06e4548668558805ea3505549fa07a029f58b646c111e2a53e011da33f570bf697a0e5f67400b49367b7efe7bc440bc8f8ae9b27546070096d4883bb4e2db2652615980578d7cc3223efa02e271c1a5b6fdf1ac95d573cf9a2c8ebd846445a0d94bf5c49137b3ae8ef91873715d8b7f260b325b3f262d381fcc59b96caf1412258a3d939d2b8e4b4739dc6bdbd62f1e0bd99b6799629eb52568a2acf70ab361bebca34fe417fa5b9cf4f53c830e05b29b8edcf2322919bf506d412a5029f5bc69ac63072b8278f08e0259bbcfd76e0768872949b99e99af8d8fa737cd5e3480594d2773621203894439a75e019ab14443003c86d5f21318ea4b7df66e38338f7cdd983c8a77ac39c8ce88c11a45ac316fb967693ac996395a518d6b4052085b83895555c4e739b378d03980aa09ef66ddf304b1a08d9b6e05ac1e50486b79e8086281e3f940ec39d73b42cf6d2853942769a1f7e8ee9c3e17c38c81877941b5e72ba3a4e6f6638caa31874cf077e8bbf33024012e8ba8da443f169e8ef85dd57d70be4e6678f744014e1a49961abbfdf9bbcea57911f7547e814566f17ad6b7692a4fce6cfd220cb900fb582b33552586c27925c888c29bc4d82405d558351f8d43ada6e0435c1473b687cb446993c23600a029165c8c37a83b03125991705a8bc7c854bd8dc404109d70f6443ca2548195a92add877dcf566e8fb0e3c69c4191c96b5d775bd1de267eb74221503ff3a53178304224194272a735a5cd1fb8a49a5ec1f198cc2c42735359d4ce6c0114071dcd820892ba64293e651715892f4ac9da6d2042b2d2905b0b6306274751d89f0903e140144d0adaf01132a1a3c244026db1087d406efae16819d57c8e196bab72900fb50520b66dbb0bbb416036523601908b4139d4df56c23e9262ceb5ed5f662333946e788d188a8ace2b72410d5f533b2632f6d41a92788327d8b3208db55bd7e5a4e0cdbc3948bd80bc70d32e707b860a5c7c365095dd4b966360d85b2abf9eedcc0d7c7be0cd70f37a597bb94d74933e54a5a7d47085a7dee989b07b33262f62b65b42e96cb24a6701f79d611125e58e42d7e219c44caa13bee97937cf6dbb9e87901a224b67a8076c170ca8a00939a3b2bb15a845cc63047c3c26212cc4a77b90327bb9d21b8b263303ed5b612f902f940b1bfe9dd09c67b1c6ce734b0661431256cbbcdcd801d23f5ad7cdb537468d58ed4d16d863b12c774ed531fe69d7ebd11379c94b6fd3592884ea9df400c854f7efb89987a63cb6c431c614453ab33019dda7da8b751386fddcb7be4fe14a1c7480a750c85b59f8f77f066977014b2314ce34ecdd1efa0ba1196908b95800bedb076d77eec094adf7a52cc75f947cb59505577b90ac7bda8ec13656cbe90e0565c4527ecafb17060e365675741c190d504bf92656b5eb9859bf401aa683f59b5fd968fce9670a759b561c23238a4aad160473a7f2e8527f6bf308067b7d139ce2e3a48ed8d232ec7000d943a9413250003ff2bde448debd96ec97b1e8f518650855368b574211d063d6576ff10b5a6db611db726c2c817f2e4d07603db764d89fe434f13a941b22227e4e7dff2e6789b1722fbfbe0e087f4b30f2708fc05b6fb8fd56ec1ca544a1c62a98f2bac283d0e6b153e1d7ecbd5140f47c90eeb35af6e2eb6e03e6ef7b3ace4eb456c752c38a30c28b8241da8dfb9cb9c408d72809c86383c91654f6f4779abb84147a4968b5c3fcbeda33f97bd60d2df763c8f020beef6ae4ad3dce3edea944ae96bdef1ca273dd516a0854ca43785044b5c8af424b0324658c9fd9ddc34c7a4cf5767e68997b2d96a144a7e8c7e66f858d9faa95a72a4d5508843d7fb5e0444f33c6196ae0a95e5e855b48c6ad45ecb926b73d7f87f6a71363438b27c7464768cad81757cfc14b3ea33ea1aa12c701376994d6999c45992b9fbe16403f68a885d7cef855eb69ba068058e39b88392f27ee8638d21a44c71a748b221385bc72511f34373beba233b72807a8cc77a4b485fa214af117dc02aff0b274546f170e68c79750f76d4caea84adce7c2bb95a51c6a8e0edf1c777dd863e5f206054a72ebc272ae14dadcdd4c158628501cfb84587915439e5fa47c9545806fb04008d4413d9d7c203a9b9645702350553cbb6002fe78070b90231b2e1ac5624cc1c27fb9bbb713d3571a381143aa9ae57fddb582054e763c44a1e8a58462d954df6c1336e5211b5f2bac81c8e5b500180d77169a1b1cd41fcfa5fbdc2881724fd5e39c612e43d14acfd3efce69192f24808687620f4ecdb2b7a82947280b48174669e4255bf3df83afa0b8401d881096ac3371af0155e29437ce0d48de528bcf0c881373d02fb989d2593684febc69dfa97253243a144d9c4440d9bf0f6b19782f4dfb2376057cb8a828b7751b1d34f383bd1f6ea57efb289751819fe3def70ae539e3221b98f697918ea73d9672ee7252353ce27a82cd1eccd832ca69bbcac917469476123b98138510f75d6d323ec1f034846430f1f87203250a9a2b5f9e8b238b6fb7ca503b923c53ae9d6ff4535ee97b878890e3c0db37dae44f663a9e117f3a61c9fd4fb62c00405fc2d87eddb0620c6476ffd542da4e95902f06b4f4dfc15226ad570a397792adf666e57d4bb5c825275129de851c4ef4397b6e43f6f270fbd37cd88db7672ee43fca8ccff30ffdb5ee71c4068986aefdf5c1c55b07c676f082a4751ac0c23e962d93a326193815f8413a2b0dae407f7a6d9ac88ae43126f1db1efc516b1c5d8f7f7cfeb0152b40308564b84c9f18fd41545633315d735c2b42f73d9dd4e691515701f8c67a7f441461d1a9546a10dc58a91bc9b885732ec4865c17b2bdb9c000905ad11187416dcbcb8e985d2daff088bfe810e186add8fe9c4bfb80e865beb1cd557612225a20c9a8d946d830570aba2b128361fb58a85b6649fa3ff89bb71427fad58e8bbb0d0492dbdf40ed16d07cd6a443482e1eb8374ea1147bf67c76e5db01525709309a215424255f15ca9baedb102c47ca0d7847dee3083db1dc3786057c26082975d0257dd9cb4fcafb081789c32d6523d27c10ecd493e065b4332fc5db76c673153e8d8a9dc04a3a90683a7256141576ee1cb15a707dfc587e146f48d7b3f7ae64b7ae53ea6cca0422c586d7a78746c75b942556e15897d04fb9b68272df44c709a7cdda444d1f320bb59f993653839686085787310162de3d6a13dda8d833982fe581e9c170644e02fa99c09fc5eb89b68f69ef42941416d5d8a8fddb0544d50a6af86d41caf7a97fb73f51b0346e1d079404ecc3723c70c1e6b1f7c28571d44d8de53de1ccc75dc473eadf90b59f57a301a17aa51778547226c8da43d681091e523c9b7e930cedfaa280800661f1e22dbc0ad91f7560f1521d4a4b4a057fa6b388ffcf6fc7c919e9b71bd66cb7c519a8b031ef7a28817bca3b68d962420b1586dfe187ebaad6bbb44ac45ecb8f6aa63467643ae2a7f9c2cd3e5ea157d360cb3e134403834e0319a6724deab61aaae91e5f8b2b2c7823313307045163777a56c51083961ae7e11e7e4caf7748cde60b3efa2972505e0de271a1e2323d5c6dbcab7f4a92b23eafa35db7d8ada532bc64bf20c19fe612dc80ac917916be50db16cae715cea78e342d13172dff310d63b83235adefaadf9edd3ad00e414976aeed611bf5d59618dd4d4c1a8fcdc17b0ae50212144154938a801ec50345b0a23ce1c56fcd301303442845fae6b1eb255d2fe11def8797ff7b72acac6fd5f619834b03f764e31ff8a5b8fc0c485dcfac00d74e0fef48c9aebf64d1fede15abfa438127ac420dcfbb16984b47110c1daa7029cebd2d839b66a053319a25c5b022999a4056bc895f41bdc35e7b196fcd9f9d6d4385f2270c", &(0x7f0000000040)=""/211, 0x4}, 0x20) recvmsg(r0, &(0x7f0000004740)={0x0, 0x0, &(0x7f0000003680)=[{&(0x7f0000002240)=""/26, 0xff0e}], 0x1, 0xfffffffffffffffe, 0x5d}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0xd, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="b4000000f200000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90) 1.682771975s ago: executing program 3 (id=2682): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, 0x0, 0x0) 1.682382686s ago: executing program 3 (id=2683): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, 0x0, 0x0) (fail_nth: 1) 1.594227502s ago: executing program 3 (id=2684): socket$inet6_sctp(0xa, 0x1, 0x84) openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000340), 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800002, 0x2, 0x66031, 0xffffffffffffffff, 0x0) dup(r0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000}, 0x0, &(0x7f0000000080)={0x3ff, 0x6, 0x0, 0x9, 0x1, 0x0, 0x0, 0x2000003}, 0x0, 0x0) write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c) 1.432502912s ago: executing program 0 (id=2685): r0 = io_uring_setup(0x33cc, &(0x7f0000000a80)={0x0, 0x0, 0x40}) io_uring_register$IORING_REGISTER_RESTRICTIONS(r0, 0xb, &(0x7f00000000c0)=[@ioring_restriction_register_op, @ioring_restriction_sqe_op], 0x1000000000000141) 1.431794636s ago: executing program 0 (id=2686): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x400000}, 0x48) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)) renameat2(r1, &(0x7f00000000c0)='./cgroup\x00', r1, &(0x7f0000000100)='./cgroup\x00', 0x1) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000002c80)=ANY=[@ANYBLOB="00000000000000000700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f48a000006000000040000000000000001000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000081ffffff080000008100000000000000020000000000000004000000000000000700000000000000000000000000000000000000000000002000"/640]) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18}, './file0\x00'}) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000001c0)={'erspan0\x00', 0x0}) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000200)={@loopback, @private}, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000400)={r0, 0x58, &(0x7f0000000380)}, 0x10) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000580)={@empty}, &(0x7f00000005c0)=0x14) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000680)={r0, 0x58, &(0x7f0000000600)}, 0x10) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) io_setup(0x800, &(0x7f0000000040)=0x0) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10) io_getevents(r5, 0x6, 0x6, &(0x7f0000000140)=[{}, {}, {}, {}, {}, {}], 0x0) io_destroy(r5) r7 = memfd_create(&(0x7f0000000080)='#}\x04\xe4\xfc\x1e\xff~\xb1\xe0\xa5\x9d\xc8\xca3\'\x12xY!\xa4\x9c\x97\xf1\xfc\xb0\xe8~\x91\xd5\x04i}\x03\x00@\x0e\xe6\x995b\x00\x00\x00\x00\x00\x00\x00\x8e\x96\xb7=\xb9OmILO\x8d\x00\x00\x00\x00\x00\xfe\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) setsockopt$inet_mtu(r4, 0x0, 0xa, &(0x7f0000000000)=0x4, 0x4) ftruncate(r7, 0x40001) connect$inet(r4, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10) sendfile(r4, r7, 0x0, 0xffe4) 1.171108788s ago: executing program 1 (id=2687): r0 = io_uring_setup(0x33cc, &(0x7f0000000a80)={0x0, 0x0, 0x40}) io_uring_register$IORING_REGISTER_RESTRICTIONS(r0, 0xb, &(0x7f00000000c0)=[@ioring_restriction_register_op, @ioring_restriction_sqe_op], 0x1000000000000141) (fail_nth: 1) 1.105173598s ago: executing program 1 (id=2688): r0 = syz_io_uring_setup(0x3e0, &(0x7f0000000040)={0x0, 0x680e, 0x10, 0x0, 0x42}, &(0x7f0000000180), &(0x7f0000000200)) r1 = io_uring_setup(0x80033d0, &(0x7f0000000100)={0x0, 0x0, 0x40, 0x0, 0xfffffffd, 0x0, r0}) open(0x0, 0x0, 0x0) mlock2(&(0x7f0000006000/0x1000)=nil, 0x1000, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) r2 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) bind$bt_hci(r2, &(0x7f0000000000)={0x27}, 0x62) listen(r2, 0x0) ppoll(&(0x7f00000002c0)=[{r2}], 0x1, &(0x7f0000000300)={0x0, 0x3938700}, 0x0, 0x0) bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) pipe2(&(0x7f0000000000)={0x0, 0x0}, 0x0) pipe2(&(0x7f0000000000)={0x0, 0x0}, 0x0) tee(r4, r3, 0xff, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_RESTRICTIONS(r1, 0xb, &(0x7f00000000c0)=[@ioring_restriction_register_op, @ioring_restriction_sqe_op], 0x1000000000000141) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_route(0x10, 0x3, 0x0) socket(0x10, 0x3, 0x0) socket$packet(0x11, 0x2, 0x300) 950.627755ms ago: executing program 0 (id=2689): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000580)={'wlan0\x00'}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)={0x54, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME={0x38, 0x33, @disassoc={{{}, {}, @device_b}, 0x0, @val={0x8c, 0x18, {0x0, '\x00', @long="8c58ea25b8b4fa85433c7c90bed82811"}}}}]}, 0x54}}, 0x0) sendmsg$NL80211_CMD_PROBE_MESH_LINK(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000080)={0x20, r1, 0x0, 0x0, 0x0, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x20}, 0x1, 0x0, 0x0, 0x4800}, 0x0) r5 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2) ioctl$VIDIOC_DQBUF(r5, 0xc04c5611, &(0x7f0000000180)=@overlay={0x0, 0x5, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "e73b7cdb"}}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r6 = socket(0xa, 0x1, 0x0) close(r6) r7 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000020c0)=[@in6={0xa, 0x4e21, 0x0, @mcast1, 0x34}]}, &(0x7f0000002100)=0xc) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r6, 0x84, 0x4, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @local}}}, &(0x7f0000003c00)=0x90) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000b, 0x4031, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r8 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r8, &(0x7f0000000580)=[{&(0x7f0000000640)=""/102396, 0x18ffc}], 0x1, 0x0, 0x0) syz_open_dev$radio(0x0, 0xffffffffffffffff, 0x2) r9 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r9, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @remote, 0x0, 0x1, 'none\x00'}, 0x2c) r10 = openat$vimc1(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$VIDIOC_EXPBUF(r10, 0xc0405610, &(0x7f0000000180)={0xa}) setsockopt$IP_VS_SO_SET_ADD(r9, 0x0, 0x482, &(0x7f0000000000)={0x11, @multicast1, 0x0, 0x1000002, 'lblcr\x00'}, 0x2c) setsockopt$IP_VS_SO_SET_FLUSH(r9, 0x0, 0x485, 0x0, 0x0) syz_usb_ep_read(0xffffffffffffffff, 0x0, 0x73, &(0x7f0000000000)=""/115) 890.349858ms ago: executing program 1 (id=2690): syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00') prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='tlb_flush\x00'}, 0x10) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x1, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x100000, 0x2}, 0x48) r2 = signalfd(0xffffffffffffffff, &(0x7f00007aeff8), 0x8) mkdir(&(0x7f00000000c0)='./control\x00', 0x0) close(r2) r3 = inotify_init1(0x0) r4 = epoll_create(0x6) mount$9p_fd(0x0, &(0x7f0000000040)='./control\x00', &(0x7f0000000100), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB]) r5 = inotify_add_watch(r3, &(0x7f0000000180)='./control\x00', 0xa7000be0) close(r2) r6 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$sock_timeval(r6, 0x1, 0x42, 0x0, &(0x7f0000000040)) open(&(0x7f0000000080)='./control\x00', 0x0, 0x0) write$FUSE_IOCTL(0xffffffffffffffff, 0x0, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000150000009500"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r7, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0857f9f582f0300000000000000", 0x0, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x7}, 0x48) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0xd, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b5af8ff000000cfbfa200000000000007020000f86b5558c7b1ca2e75cdd04f65995dffffffb703000018000000b704000000000000860000001e00000085000000a000000095bd05672b5921cf5e0cad87e486b4f05019d59e95e541e881f246c0bb1b37834cc3dccd09d318291b362e90debfa5054252b790372feb43ab1e2735941b5a", @ANYBLOB="3af3168ccd6e0d92e462d651dbcacc73f4886b3d3c99d5415b342bf75c6fcdd0a03b70af8f3b15a26020331f757a472ebb507a18525ded04bffcf5b3da57c98de49bf2d285d6ba4eb95cdcf378db7e811debc04c17f81d0a2da0526fa97ba39a7173240053193148c53741c159383f762e9e7042246e9e3e3bee2b45ebb7ccf2dc8dfbaf2f49649a7d7fd8b7b7cb8d8b808f4b71538f819666b8e212f42ee4f102b0dabc0463fcb04fbe770e34a226730637c7498820f8b9c82bab1e81f9d8cbaceca81c755b4d8a2e9ac3293102327bbd8f8825480002a3894c241376530a606ead8bf0", @ANYRESDEC=r7, @ANYRES64=r5], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000580)={r9, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000002c0)="12cdde26e7c496e99a9cf8625ec9", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) socket$nl_route(0x10, 0x3, 0x0) r10 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs2/binder-control\x00', 0x2, 0x0) ioctl$BINDER_CTL_ADD(r10, 0xc1086201, &(0x7f0000000180)={'binder0\x00'}) socket(0x10, 0x2, 0x3) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) 680.896952ms ago: executing program 3 (id=2691): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_GET(r1, 0x0, 0x14) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x44, 0x16, 0xa, 0x203, 0x0, 0x0, {}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x18, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x4}]}]}], {0x14}}, 0x6c}}, 0x240000f0) syz_emit_ethernet(0x22, &(0x7f0000000400)=ANY=[@ANYBLOB="aaaaaaaa9936127190ebc2008594b919aaaaffffffffffff88644500003c000000570006907800000000ac1e000100000000006bcd0000000000000000000000000000000000000000000000000000000000000000000cd267c71fd3b520f671530a8730b9e47c09efc5144b3748ef71d40d744186558815f91371cce3625cf5c2d9fe333ba296ff37026abf0046a707c3dd74c283e1052b13ff6fcf646367bf2aded99e55e9c5747c0bbf5ba580058f47e82f465808315f66e2d3d20a90343453f9a3c2bf229ddbce9b6e1de187b18abf756c0c0f65db4721d3b036b97e"], 0x0) r2 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_ERR_FILTER(r2, 0x65, 0x7, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f00000000c0)={'vcan0\x00'}) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r3}, 0x10) r4 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r4, &(0x7f0000000140)='^', 0x34000, 0x0, &(0x7f0000004ff0)={0x2, 0x0, @rand_addr=0xfffffffffffffffe}, 0x10) listen(r4, 0xda90) accept4(r1, 0x0, 0x0, 0x80000) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r5 = getpid() process_vm_readv(r5, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) ioctl$INCFS_IOC_CREATE_FILE(0xffffffffffffffff, 0xc058671e, &(0x7f0000001980)={{'\x00', 0x3}, {0x7}, 0x0, 0x0, 0x0, &(0x7f0000001900)='./file1/file4/file7\x00', 0x0, &(0x7f00000018c0)="9bc7d6d416541c380d4d2dbb9bb1c39df1114ecadc9792e3a688c89c776312cf4a553478124e80c86d0f365157b4493465de3c3e52343930d9e23b", 0x3b, 0x0, &(0x7f0000002c00)=ANY=[], 0x10f2}) mkdirat(0xffffffffffffff9c, 0x0, 0x0) ioperm(0x0, 0x0, 0x10000) syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00') prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) socket$kcm(0x29, 0x2, 0x0) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x6) socket$nl_xfrm(0x10, 0x3, 0x6) openat$dsp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000040)='net/rt_cache\x00') pread64(r6, &(0x7f0000000200)=""/158, 0xc4, 0x80) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') 348.29043ms ago: executing program 1 (id=2692): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="d8000000140081044e81f782db44b9040a1d080211000000040000a118000200ff11000100000e1208000f0100810401a80016ea1f000840032e5f54c92011148ed08734843cb12b00000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c0100000000000000cb090000001fb791643a5e835913b06218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f52eb4edbb57a5025ccca9e00360d8bcc00400040fad95667e0060000000000000080bb", 0xbd}], 0x1, 0x0, 0x0, 0x7400}, 0x0) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000140)={0x16, 0x110, 0xfa00, {r1, 0x0, 0x30, 0x30, 0x0, @in6={0x1b, 0x0, 0x0, @empty}, @ib}}, 0x118) 305.402009ms ago: executing program 1 (id=2693): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000580)={'wlan0\x00'}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)={0x54, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME={0x38, 0x33, @disassoc={{{}, {}, @device_b}, 0x0, @val={0x8c, 0x18, {0x0, '\x00', @long="8c58ea25b8b4fa85433c7c90bed82811"}}}}]}, 0x54}}, 0x0) sendmsg$NL80211_CMD_PROBE_MESH_LINK(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000080)={0x20, r1, 0x1, 0x0, 0x0, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x20}}, 0x0) r5 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2) ioctl$VIDIOC_DQBUF(r5, 0xc04c5611, &(0x7f0000000180)=@overlay={0x0, 0x5, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "e73b7cdb"}}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r6 = socket(0xa, 0x1, 0x0) close(r6) r7 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000020c0)=[@in6={0xa, 0x4e21, 0x0, @mcast1, 0x34}]}, &(0x7f0000002100)=0xc) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r6, 0x84, 0x4, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @local}}}, &(0x7f0000003c00)=0x90) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000b, 0x4031, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r8 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r8, &(0x7f0000000580)=[{&(0x7f0000000640)=""/102396, 0x18ffc}], 0x1, 0x0, 0x0) syz_open_dev$radio(0x0, 0xffffffffffffffff, 0x2) r9 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r9, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @remote, 0x0, 0x1, 'none\x00'}, 0x2c) r10 = openat$vimc1(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$VIDIOC_EXPBUF(r10, 0xc0405610, &(0x7f0000000180)={0xa}) setsockopt$IP_VS_SO_SET_ADD(r9, 0x0, 0x482, &(0x7f0000000000)={0x11, @multicast1, 0x0, 0x1000002, 'lblcr\x00'}, 0x2c) setsockopt$IP_VS_SO_SET_FLUSH(r9, 0x0, 0x485, 0x0, 0x0) syz_usb_ep_read(0xffffffffffffffff, 0x0, 0x73, &(0x7f0000000000)=""/115) 0s ago: executing program 0 (id=2694): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000580)={'wlan0\x00'}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)={0x54, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME={0x38, 0x33, @disassoc={{{}, {}, @device_b}, 0x0, @val={0x8c, 0x18, {0x0, '\x00', @long="8c58ea25b8b4fa85433c7c90bed82811"}}}}]}, 0x54}}, 0x0) sendmsg$NL80211_CMD_PROBE_MESH_LINK(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000080)={0x20, r1, 0x1, 0x0, 0x0, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x20}}, 0x0) r5 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2) ioctl$VIDIOC_DQBUF(r5, 0xc04c5611, &(0x7f0000000180)=@overlay={0x0, 0x5, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "e73b7cdb"}}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r6 = socket(0xa, 0x1, 0x0) close(r6) r7 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000020c0)=[@in6={0xa, 0x4e21, 0x0, @mcast1, 0x34}]}, &(0x7f0000002100)=0xc) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r6, 0x84, 0x4, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @local}}}, &(0x7f0000003c00)=0x90) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000b, 0x4031, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r8 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r8, &(0x7f0000000580)=[{&(0x7f0000000640)=""/102396, 0x18ffc}], 0x1, 0x0, 0x0) syz_open_dev$radio(0x0, 0xffffffffffffffff, 0x2) r9 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r9, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @remote, 0x0, 0x1, 'none\x00'}, 0x2c) r10 = openat$vimc1(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$VIDIOC_EXPBUF(r10, 0xc0405610, &(0x7f0000000180)={0xa}) setsockopt$IP_VS_SO_SET_ADD(r9, 0x0, 0x482, &(0x7f0000000000)={0x11, @multicast1, 0x0, 0x1000002, 'lblcr\x00'}, 0x2c) setsockopt$IP_VS_SO_SET_FLUSH(r9, 0x0, 0x485, 0x0, 0x0) syz_usb_ep_read(0xffffffffffffffff, 0x0, 0x73, &(0x7f0000000000)=""/115) kernel console output (not intermixed with test programs): 0374] netlink: 'syz.1.1864': attribute type 10 has an invalid length. [ 254.401317][ T5234] kernel read not supported for file inotify (pid: 5234 comm: kworker/2:4) [ 254.507097][ T825] usb 6-1: new high-speed USB device number 23 using dummy_hcd [ 254.697114][ T825] usb 6-1: Using ep0 maxpacket: 8 [ 254.712528][ T825] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 254.715622][ T825] usb 6-1: config 0 has no interface number 0 [ 254.718103][ T825] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 254.722833][ T825] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 254.726378][ T825] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 254.729802][ T825] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 254.735448][ T825] usb 6-1: config 0 descriptor?? [ 254.762299][ T825] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 255.430526][T10405] 9pnet_fd: Insufficient options for proto=fd [ 255.437311][T10405] netlink: 'syz.3.1873': attribute type 10 has an invalid length. [ 255.467264][ T825] usb 6-1: USB disconnect, device number 23 [ 255.471253][ T825] iowarrior 6-1:0.1: I/O-Warror #0 now disconnected [ 255.769770][ T1356] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.772006][ T1356] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.814220][T10415] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1876'. [ 256.283180][T10423] 9pnet_fd: Insufficient options for proto=fd [ 256.293639][T10423] netlink: 'syz.2.1880': attribute type 10 has an invalid length. [ 256.298559][T10423] bond0: (slave bond_slave_0): Releasing backup interface [ 256.301566][T10423] bond_slave_0: left promiscuous mode [ 256.354979][ T39] audit: type=1400 audit(1720583010.777:521): avc: denied { ioctl } for pid=10426 comm="syz.1.1881" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=32754 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 256.457236][ T39] audit: type=1400 audit(1720583010.877:522): avc: denied { create } for pid=10430 comm="syz.1.1883" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 256.460036][T10431] IPVS: set_ctl: invalid protocol: 43 172.20.20.16:20002 [ 256.464534][ T39] audit: type=1400 audit(1720583010.887:523): avc: denied { setopt } for pid=10430 comm="syz.1.1883" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 256.476023][ T39] audit: type=1400 audit(1720583010.897:524): avc: denied { ioctl } for pid=10430 comm="syz.1.1883" path="socket:[32951]" dev="sockfs" ino=32951 ioctlcmd=0x9360 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 256.848495][ T825] kernel read not supported for file inotify (pid: 825 comm: kworker/3:3) [ 257.141774][T10456] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1892'. [ 257.202802][ T39] audit: type=1400 audit(1720583011.627:525): avc: denied { create } for pid=10459 comm="syz.3.1894" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1 [ 257.214021][ T39] audit: type=1400 audit(1720583011.627:526): avc: denied { create } for pid=10459 comm="syz.3.1894" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 257.223299][ T39] audit: type=1400 audit(1720583011.627:527): avc: denied { ioctl } for pid=10459 comm="syz.3.1894" path="socket:[33897]" dev="sockfs" ino=33897 ioctlcmd=0x890c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 257.445558][ T30] kernel read not supported for file inotify (pid: 30 comm: kworker/1:0) [ 258.128311][ T39] audit: type=1400 audit(1720583012.547:528): avc: denied { getopt } for pid=10488 comm="syz.1.1902" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 258.137152][ T39] audit: type=1400 audit(1720583012.557:529): avc: denied { create } for pid=10488 comm="syz.1.1902" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 258.144913][ T62] kernel read not supported for file inotify (pid: 62 comm: kworker/1:1) [ 258.837100][ T825] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 259.019049][ T825] usb 5-1: Using ep0 maxpacket: 8 [ 259.027333][ T825] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 259.032385][ T825] usb 5-1: config 0 has no interface number 0 [ 259.035302][ T825] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 259.041490][ T825] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 259.045871][ T825] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 259.050177][ T825] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 259.056110][ T825] usb 5-1: config 0 descriptor?? [ 259.062015][ T825] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 259.730209][ T8] kernel read not supported for file inotify (pid: 8 comm: kworker/0:0) [ 259.765653][ T825] usb 5-1: USB disconnect, device number 18 [ 259.771865][ T825] iowarrior 5-1:0.1: I/O-Warror #0 now disconnected [ 259.924250][ T30] kernel read not supported for file inotify (pid: 30 comm: kworker/1:0) [ 260.816312][T10568] netlink: 277 bytes leftover after parsing attributes in process `syz.2.1930'. [ 260.818343][ T62] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 260.827332][ T56] kernel read not supported for file inotify (pid: 56 comm: kworker/2:1) [ 260.997102][ T62] usb 5-1: Using ep0 maxpacket: 8 [ 261.057113][ T30] kernel read not supported for file inotify (pid: 30 comm: kworker/1:0) [ 261.066481][ T62] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 261.070242][ T62] usb 5-1: config 0 has no interface number 0 [ 261.072579][ T62] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 261.076312][ T62] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 261.080287][ T62] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 261.083942][ T62] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 261.089094][ T62] usb 5-1: config 0 descriptor?? [ 261.094150][ T62] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 261.302323][ T5234] kernel read not supported for file inotify (pid: 5234 comm: kworker/2:4) [ 261.688190][ T35] kernel read not supported for file inotify (pid: 35 comm: kworker/3:0) [ 261.807768][ T8] usb 5-1: USB disconnect, device number 19 [ 261.812716][ T8] iowarrior 5-1:0.1: I/O-Warror #0 now disconnected [ 261.939181][T10601] netlink: 277 bytes leftover after parsing attributes in process `syz.2.1940'. [ 262.067537][ T5234] kernel read not supported for file inotify (pid: 5234 comm: kworker/2:4) [ 262.591187][ T5236] kernel read not supported for file inotify (pid: 5236 comm: kworker/1:3) [ 262.919486][T10630] netlink: 'syz.3.1949': attribute type 10 has an invalid length. [ 263.320104][ T35] kernel read not supported for file inotify (pid: 35 comm: kworker/3:0) [ 263.546353][ T10] kernel read not supported for file inotify (pid: 10 comm: kworker/0:1) [ 263.736343][T10664] netlink: 'syz.0.1958': attribute type 10 has an invalid length. [ 264.793312][T10687] netlink: 'syz.3.1967': attribute type 10 has an invalid length. [ 264.935635][ T10] warn_unsupported: 1 callbacks suppressed [ 264.935645][ T10] kernel read not supported for file inotify (pid: 10 comm: kworker/0:1) [ 265.124201][T10695] usb usb8: usbfs: process 10695 (syz.0.1969) did not claim interface 0 before use [ 265.360398][T10708] fuse: root generation should be zero [ 265.576051][T10715] netlink: 'syz.2.1976': attribute type 10 has an invalid length. [ 266.422829][ T62] kernel read not supported for file inotify (pid: 62 comm: kworker/1:1) [ 266.612146][ T35] kernel read not supported for file inotify (pid: 35 comm: kworker/3:0) [ 266.784586][ T39] audit: type=1400 audit(1720583021.207:530): avc: denied { write } for pid=10743 comm="syz.2.1986" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 266.795318][ T39] audit: type=1400 audit(1720583021.217:531): avc: denied { ioctl } for pid=10743 comm="syz.2.1986" path="socket:[33395]" dev="sockfs" ino=33395 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 266.813841][T10742] netlink: 'syz.1.1985': attribute type 10 has an invalid length. [ 267.982376][ T5234] kernel read not supported for file inotify (pid: 5234 comm: kworker/2:4) [ 268.204616][T10776] netlink: 'syz.0.1995': attribute type 10 has an invalid length. [ 268.405652][ T62] kernel read not supported for file inotify (pid: 62 comm: kworker/1:1) [ 269.578418][T10800] netlink: 'syz.0.2004': attribute type 10 has an invalid length. [ 269.897117][ T5234] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 270.009728][ T56] kernel read not supported for file inotify (pid: 56 comm: kworker/2:1) [ 270.059309][ T62] kernel read not supported for file inotify (pid: 62 comm: kworker/1:1) [ 270.100675][ T5234] usb 5-1: config 0 has no interfaces? [ 270.103200][ T5234] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 270.112960][ T5234] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 270.122228][ T5234] usb 5-1: config 0 descriptor?? [ 270.247583][ T8] usb 7-1: new high-speed USB device number 22 using dummy_hcd [ 270.327850][ T825] usb 5-1: USB disconnect, device number 20 [ 270.439430][ T8] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7 [ 270.444641][ T8] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid wMaxPacketSize 0 [ 270.449963][ T8] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 270.455045][ T8] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 270.460074][ T8] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 270.471555][ T8] usb 7-1: config 0 descriptor?? [ 271.264085][ T8] usbhid 7-1:0.0: can't add hid device: -71 [ 271.267081][ T8] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 271.273414][ T8] usb 7-1: USB disconnect, device number 22 [ 272.141455][ T825] kernel read not supported for file inotify (pid: 825 comm: kworker/3:3) [ 272.624182][ T5234] kernel read not supported for file inotify (pid: 5234 comm: kworker/2:4) [ 272.947138][ T5234] usb 6-1: new high-speed USB device number 24 using dummy_hcd [ 273.137110][ T5234] usb 6-1: Using ep0 maxpacket: 8 [ 273.140530][ T5234] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 273.143847][ T5234] usb 6-1: config 0 has no interface number 0 [ 273.146068][ T5234] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 273.150071][ T5234] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 273.153446][ T5234] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 273.162426][ T5234] usb 6-1: config 0 descriptor?? [ 273.170719][ T5234] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 273.703679][T10870] netlink: 'syz.2.2026': attribute type 10 has an invalid length. [ 273.767125][ T825] usb 8-1: new high-speed USB device number 18 using dummy_hcd [ 273.853779][ T824] kernel read not supported for file inotify (pid: 824 comm: kworker/3:2) [ 273.881161][ T5234] usb 6-1: USB disconnect, device number 24 [ 273.888278][ T5234] iowarrior 6-1:0.1: I/O-Warror #0 now disconnected [ 273.954448][ T825] usb 8-1: config 0 has no interfaces? [ 273.956343][ T825] usb 8-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 273.963965][ T825] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 273.978912][ T825] usb 8-1: config 0 descriptor?? [ 274.205598][ T1813] usb 8-1: USB disconnect, device number 18 [ 274.207206][ T10] kernel read not supported for file inotify (pid: 10 comm: kworker/0:1) [ 275.087590][ T5236] usb 8-1: new high-speed USB device number 19 using dummy_hcd [ 275.267246][ T5236] usb 8-1: Using ep0 maxpacket: 8 [ 275.279345][ T5236] usb 8-1: config 0 has an invalid interface number: 1 but max is 0 [ 275.283007][ T5236] usb 8-1: config 0 has no interface number 0 [ 275.286424][ T5236] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 275.295251][ T5236] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 275.302953][ T5236] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 275.309626][ T5236] usb 8-1: config 0 descriptor?? [ 275.319363][ T5236] iowarrior 8-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 275.435055][ T825] kernel read not supported for file inotify (pid: 825 comm: kworker/3:3) [ 275.932582][T10921] netlink: 'syz.1.2042': attribute type 10 has an invalid length. [ 276.020594][T10925] netlink: 'syz.1.2044': attribute type 10 has an invalid length. [ 276.033262][ T1813] usb 8-1: USB disconnect, device number 19 [ 276.041184][ T1813] iowarrior 8-1:0.1: I/O-Warror #0 now disconnected [ 276.114514][ T39] audit: type=1400 audit(1720583030.537:532): avc: denied { write } for pid=10926 comm="syz.3.2046" name="nullb0" dev="devtmpfs" ino=691 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 276.123047][ T39] audit: type=1400 audit(1720583030.537:533): avc: denied { map } for pid=10926 comm="syz.3.2046" path="/dev/nullb0" dev="devtmpfs" ino=691 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 276.131440][ T39] audit: type=1400 audit(1720583030.537:534): avc: denied { execute } for pid=10926 comm="syz.3.2046" path="/dev/nullb0" dev="devtmpfs" ino=691 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 276.384152][ T39] audit: type=1400 audit(1720583030.807:535): avc: denied { watch_reads } for pid=10937 comm="syz.3.2048" path="/297" dev="tmpfs" ino=1649 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 277.225793][T10946] netlink: 'syz.1.2051': attribute type 10 has an invalid length. [ 277.282922][T10948] netlink: 'syz.1.2052': attribute type 10 has an invalid length. [ 277.667173][ T5236] usb 6-1: new high-speed USB device number 25 using dummy_hcd [ 277.852263][ T5236] usb 6-1: Using ep0 maxpacket: 8 [ 277.857988][ T5236] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 277.861810][ T5236] usb 6-1: config 0 has no interface number 0 [ 277.864846][ T5236] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 277.869996][ T5236] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 277.874239][ T5236] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 277.880884][ T5236] usb 6-1: config 0 descriptor?? [ 277.885421][ T5236] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 278.607278][ T1813] usb 6-1: USB disconnect, device number 25 [ 278.612940][ T1813] iowarrior 6-1:0.1: I/O-Warror #0 now disconnected [ 279.018830][T10976] netlink: 'syz.0.2062': attribute type 10 has an invalid length. [ 279.096940][T10980] netlink: 'syz.0.2064': attribute type 10 has an invalid length. [ 279.473392][ T1092] Bluetooth: hci5: Frame reassembly failed (-84) [ 280.237198][T11000] netlink: 'syz.1.2072': attribute type 10 has an invalid length. [ 280.822491][ T39] audit: type=1400 audit(1720583035.247:536): avc: denied { create } for pid=11008 comm="syz.1.2076" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 280.831216][ T39] audit: type=1400 audit(1720583035.247:537): avc: denied { setopt } for pid=11008 comm="syz.1.2076" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 281.527163][ T5193] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 281.527268][ T4633] Bluetooth: hci5: command 0x1003 tx timeout [ 281.713640][T11022] netlink: 'syz.3.2081': attribute type 10 has an invalid length. [ 281.883298][T11033] capability: warning: `syz.0.2086' uses 32-bit capabilities (legacy support in use) [ 282.203948][ T39] audit: type=1400 audit(1720583036.627:538): avc: denied { mount } for pid=11039 comm="syz.1.2089" name="/" dev="hugetlbfs" ino=36164 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1 [ 282.213078][T11040] hugetlbfs: Unknown parameter './file0' [ 282.221229][ T39] audit: type=1400 audit(1720583036.637:539): avc: denied { remount } for pid=11039 comm="syz.1.2089" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1 [ 282.233190][ T39] audit: type=1400 audit(1720583036.657:540): avc: denied { unmount } for pid=5196 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1 [ 282.275173][ T74] Bluetooth: hci5: Frame reassembly failed (-84) [ 282.278101][ T74] Bluetooth: hci5: Frame reassembly failed (-84) [ 282.458934][T11049] netlink: 'syz.3.2092': attribute type 10 has an invalid length. [ 283.558937][T11066] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 283.563559][ T39] audit: type=1400 audit(1720583037.987:541): avc: denied { remount } for pid=11065 comm="syz.3.2099" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 283.607124][ T1392] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 283.799051][ T1392] usb 5-1: config 0 has no interfaces? [ 283.801445][ T1392] usb 5-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c [ 283.804731][ T1392] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 283.808945][ T1392] usb 5-1: config 0 descriptor?? [ 284.198729][T11073] netlink: 'syz.3.2102': attribute type 10 has an invalid length. [ 284.328030][ T4633] Bluetooth: hci5: command 0x1003 tx timeout [ 284.328123][ T5193] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 284.391244][T11078] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2098'. [ 284.442759][T11081] netlink: 'syz.3.2105': attribute type 10 has an invalid length. [ 285.552650][ T63] Bluetooth: hci5: Frame reassembly failed (-84) [ 286.339099][ T5236] usb 5-1: USB disconnect, device number 21 [ 286.524031][ T39] audit: type=1400 audit(1720583040.947:542): avc: denied { mounton } for pid=11127 comm="syz.2.2124" path="/proc/361/task" dev="proc" ino=38031 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 287.056072][T11140] kvm: kvm [11139]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0x0 [ 287.151555][ T39] audit: type=1400 audit(1720583041.577:543): avc: denied { setopt } for pid=11142 comm="syz.0.2130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 287.197446][ T39] audit: type=1400 audit(1720583041.627:544): avc: denied { map } for pid=11144 comm="syz.0.2131" path="/dev/dri/card0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 287.608669][ T5193] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 287.611099][ T4633] Bluetooth: hci5: command 0x1003 tx timeout [ 288.215028][T11157] wg2: entered promiscuous mode [ 288.217599][T11157] wg2: entered allmulticast mode [ 288.228270][T11157] input: syz0 as /devices/virtual/input/input14 [ 288.243977][ T39] audit: type=1400 audit(1720583042.667:545): avc: denied { read } for pid=4673 comm="acpid" name="event4" dev="devtmpfs" ino=2539 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 288.253241][ T39] audit: type=1400 audit(1720583042.667:546): avc: denied { open } for pid=4673 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=2539 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 288.263250][ T39] audit: type=1400 audit(1720583042.667:547): avc: denied { ioctl } for pid=4673 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=2539 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 288.544855][T11164] netlink: 'syz.2.2139': attribute type 1 has an invalid length. [ 288.549145][T11164] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 288.552885][T11164] IPv6: NLM_F_CREATE should be set when creating new route [ 288.557463][T11164] netlink: 'syz.2.2139': attribute type 1 has an invalid length. [ 288.744617][ T39] audit: type=1400 audit(1720583043.157:548): avc: denied { read } for pid=11166 comm="syz.2.2140" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 288.768779][ T39] audit: type=1400 audit(1720583043.157:549): avc: denied { open } for pid=11166 comm="syz.2.2140" path="/dev/snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 289.201965][T11187] input: syz0 as /devices/virtual/input/input15 [ 290.680139][T11218] wg2: entered promiscuous mode [ 290.683285][T11218] wg2: entered allmulticast mode [ 290.692248][T11218] input: syz0 as /devices/virtual/input/input16 [ 290.765570][T11228] SELinux: Context "yz:/snd/pcmC#D#p is not valid (left unmapped). [ 290.772938][ T39] audit: type=1400 audit(1720583045.207:550): avc: denied { relabelto } for pid=11227 comm="syz.3.2162" name="file0" dev="tmpfs" ino=1815 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon=22797A3A2F736E642F70636D4323442370 [ 290.787190][ T39] audit: type=1400 audit(1720583045.207:551): avc: denied { associate } for pid=11227 comm="syz.3.2162" name="file0" dev="tmpfs" ino=1815 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon=22797A3A2F736E642F70636D4323442370 [ 290.824841][ T39] audit: type=1400 audit(1720583045.247:552): avc: denied { unlink } for pid=7664 comm="syz-executor" name="file0" dev="tmpfs" ino=1815 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon=22797A3A2F736E642F70636D4323442370 [ 292.506226][T11249] input: syz1 as /devices/virtual/input/input17 [ 292.513684][ T39] audit: type=1400 audit(1720583046.937:553): avc: denied { create } for pid=11248 comm="syz.2.2169" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 292.553225][T11251] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=17 sclass=netlink_tcpdiag_socket pid=11251 comm=syz.3.2170 [ 292.989391][T11259] input: syz0 as /devices/virtual/input/input18 [ 293.417041][ T39] audit: type=1400 audit(1720583047.837:554): avc: denied { append } for pid=11273 comm="syz.3.2177" name="sg0" dev="devtmpfs" ino=705 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 293.690220][ T1154] kernel read not supported for file inotify (pid: 1154 comm: kworker/0:2) [ 294.026385][ T5236] kernel read not supported for file inotify (pid: 5236 comm: kworker/1:3) [ 294.282702][T11301] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=17 sclass=netlink_tcpdiag_socket pid=11301 comm=syz.3.2185 [ 294.354285][ T39] audit: type=1400 audit(1720583048.777:555): avc: denied { create } for pid=11306 comm="syz.0.2186" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 294.525720][ T39] audit: type=1400 audit(1720583048.947:556): avc: denied { connect } for pid=11310 comm="syz.0.2187" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 294.931346][ T1813] kernel read not supported for file inotify (pid: 1813 comm: kworker/2:2) [ 295.126513][T11324] netlink: 'syz.0.2191': attribute type 10 has an invalid length. [ 295.151625][T11326] cgroup: none used incorrectly [ 295.163416][ T39] audit: type=1400 audit(1720583049.587:557): avc: denied { nlmsg_write } for pid=11325 comm="syz.3.2192" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1 [ 295.329201][ T35] kernel read not supported for file inotify (pid: 35 comm: kworker/3:0) [ 295.870826][ T1813] usb 6-1: new high-speed USB device number 26 using dummy_hcd [ 296.067954][ T1813] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 296.072973][ T1813] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 296.077223][ T1813] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 296.083798][ T1813] usb 6-1: config 0 descriptor?? [ 296.175189][ T5234] kernel read not supported for file inotify (pid: 5234 comm: kworker/2:4) [ 296.451461][T11353] netlink: 'syz.0.2201': attribute type 10 has an invalid length. [ 296.493023][ T1813] keytouch 0003:0926:3333.0007: fixing up Keytouch IEC report descriptor [ 296.500404][ T1813] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:0926:3333.0007/input/input19 [ 296.503281][T11355] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=17 sclass=netlink_tcpdiag_socket pid=11355 comm=syz.0.2202 [ 296.593012][ T1813] keytouch 0003:0926:3333.0007: input,hidraw1: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0 [ 296.692460][T11339] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 296.696359][T11339] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 296.782320][ T1813] usb 6-1: USB disconnect, device number 26 acpid: input device has been disconnected, fd 9 [ 297.163108][ T39] audit: type=1400 audit(1720583051.587:558): avc: denied { read } for pid=11362 comm="syz.2.2204" name="binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 297.173096][ T39] audit: type=1400 audit(1720583051.587:559): avc: denied { open } for pid=11362 comm="syz.2.2204" path="/dev/binderfs/binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 297.182875][ T39] audit: type=1400 audit(1720583051.587:560): avc: denied { ioctl } for pid=11362 comm="syz.2.2204" path="/dev/binderfs/binder0" dev="binder" ino=4 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 297.193046][ T39] audit: type=1400 audit(1720583051.607:561): avc: denied { set_context_mgr } for pid=11362 comm="syz.2.2204" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 297.205790][ T39] audit: type=1400 audit(1720583051.607:562): avc: denied { map } for pid=11362 comm="syz.2.2204" path="/dev/binderfs/binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 297.255690][ T35] kernel read not supported for file inotify (pid: 35 comm: kworker/3:0) [ 297.559207][T11376] tmpfs: Bad value for 'nr_inodes' [ 297.716573][ T39] audit: type=1400 audit(1720583052.137:563): avc: denied { ioctl } for pid=11378 comm="syz.3.2208" path="socket:[35400]" dev="sockfs" ino=35400 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 297.946561][ T8] kernel read not supported for file inotify (pid: 8 comm: kworker/0:0) [ 298.270692][T11393] netlink: 'syz.1.2213': attribute type 10 has an invalid length. [ 298.321999][T11396] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=17 sclass=netlink_tcpdiag_socket pid=11396 comm=syz.1.2214 [ 299.071380][ T39] kauditd_printk_skb: 1 callbacks suppressed [ 299.071397][ T39] audit: type=1400 audit(1720583053.497:565): avc: denied { setattr } for pid=11406 comm="syz.0.2217" name="NETLINK" dev="sockfs" ino=36575 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 300.148568][ T39] audit: type=1400 audit(1720583054.567:566): avc: denied { write } for pid=11424 comm="syz.1.2224" name="file0" dev="tmpfs" ino=3044 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 300.156513][T11432] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2227'. [ 300.162965][ T39] audit: type=1400 audit(1720583054.567:567): avc: denied { open } for pid=11424 comm="syz.1.2224" path="/553/file0" dev="tmpfs" ino=3044 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 300.176055][ T39] audit: type=1400 audit(1720583054.567:568): avc: denied { ioctl } for pid=11424 comm="syz.1.2224" path="/553/file0" dev="tmpfs" ino=3044 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 300.392919][ T39] audit: type=1400 audit(1720583054.817:569): avc: denied { map } for pid=11437 comm="syz.2.2230" path="socket:[36593]" dev="sockfs" ino=36593 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1 [ 300.860905][T11443] netlink: 'syz.0.2231': attribute type 10 has an invalid length. [ 301.354797][ T39] audit: type=1326 audit(1720583055.777:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11454 comm="syz.2.2236" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f064d175bd9 code=0x0 [ 301.886591][T11468] netlink: 'syz.1.2240': attribute type 10 has an invalid length. [ 301.926346][ T39] audit: type=1400 audit(1720583056.347:571): avc: denied { create } for pid=11469 comm="syz.3.2241" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 301.936731][ T39] audit: type=1400 audit(1720583056.357:572): avc: denied { getopt } for pid=11469 comm="syz.3.2241" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 301.990242][ T39] audit: type=1400 audit(1720583056.417:573): avc: denied { write } for pid=11475 comm="syz.1.2244" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 302.003607][T11476] Error parsing options; rc = [-22] [ 302.482765][T11487] netlink: 'syz.2.2247': attribute type 142 has an invalid length. [ 302.488848][ T39] audit: type=1400 audit(1720583056.917:574): avc: denied { write } for pid=11484 comm="syz.2.2247" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 302.541698][T11487] xt_CT: You must specify a L4 protocol and not use inversions on it [ 302.760450][ T10] kernel read not supported for file inotify (pid: 10 comm: kworker/0:1) [ 302.875877][T11501] netlink: 'syz.1.2251': attribute type 10 has an invalid length. [ 302.992786][T11509] FAULT_INJECTION: forcing a failure. [ 302.992786][T11509] name failslab, interval 1, probability 0, space 0, times 1 [ 302.997466][T11509] CPU: 2 PID: 11509 Comm: syz.3.2255 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0 [ 303.000861][T11509] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 303.004484][T11509] Call Trace: [ 303.005626][T11509] [ 303.006638][T11509] dump_stack_lvl+0x16c/0x1f0 [ 303.008322][T11509] should_fail_ex+0x497/0x5b0 [ 303.009906][T11509] should_failslab+0x9/0x20 [ 303.011481][T11509] __kmalloc_node_noprof+0xd5/0x440 [ 303.013237][T11509] ? kvmalloc_node_noprof+0x9d/0x1a0 [ 303.015019][T11509] ? ns_capable_noaudit+0xda/0x110 [ 303.016866][T11509] kvmalloc_node_noprof+0x9d/0x1a0 [ 303.018612][T11509] proc_sys_call_handler+0x3a2/0x6f0 [ 303.020555][T11509] ? __pfx_proc_sys_call_handler+0x10/0x10 [ 303.023045][T11509] vfs_write+0x6b6/0x1140 [ 303.024888][T11509] ? __pfx_proc_sys_write+0x10/0x10 [ 303.026787][T11509] ? __pfx_vfs_write+0x10/0x10 [ 303.028866][T11509] ? __pfx___mutex_lock+0x10/0x10 [ 303.031016][T11509] ? __fget_files+0x256/0x400 [ 303.032695][T11509] ksys_write+0x12f/0x260 [ 303.034560][T11509] ? __pfx_ksys_write+0x10/0x10 [ 303.036673][T11509] do_syscall_64+0xcd/0x250 [ 303.038488][T11509] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 303.040828][T11509] RIP: 0033:0x7fbaefb75bd9 [ 303.042754][T11509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 303.050584][T11509] RSP: 002b:00007fbaf08cc048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 303.053793][T11509] RAX: ffffffffffffffda RBX: 00007fbaefd03f60 RCX: 00007fbaefb75bd9 [ 303.057111][T11509] RDX: 0000000000000012 RSI: 0000000020000040 RDI: 0000000000000003 [ 303.060185][T11509] RBP: 00007fbaf08cc0a0 R08: 0000000000000000 R09: 0000000000000000 [ 303.063566][T11509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 303.066576][T11509] R13: 000000000000000b R14: 00007fbaefd03f60 R15: 00007ffed3799a58 [ 303.069964][T11509] [ 303.326648][T11522] netlink: 'syz.2.2260': attribute type 10 has an invalid length. [ 303.434630][T11526] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 303.746276][ T10] kernel read not supported for file inotify (pid: 10 comm: kworker/0:1) [ 303.936640][T11547] netlink: 'syz.0.2269': attribute type 10 has an invalid length. [ 304.363724][T11566] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 304.628452][ T1813] kernel read not supported for file inotify (pid: 1813 comm: kworker/2:2) [ 304.837692][T11577] netlink: 'syz.2.2278': attribute type 10 has an invalid length. [ 305.377163][ T8] usb 6-1: new high-speed USB device number 27 using dummy_hcd [ 305.526536][ T39] kauditd_printk_skb: 4 callbacks suppressed [ 305.526546][ T39] audit: type=1400 audit(1720583059.947:579): avc: denied { read } for pid=11594 comm="syz.3.2286" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1 [ 305.538211][ T39] audit: type=1400 audit(1720583059.947:580): avc: denied { open } for pid=11594 comm="syz.3.2286" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1 [ 305.567649][ T8] usb 6-1: Using ep0 maxpacket: 8 [ 305.572231][ T8] usb 6-1: config 0 has an invalid interface number: 52 but max is 0 [ 305.574990][T11599] netlink: 'syz.3.2288': attribute type 10 has an invalid length. [ 305.575938][ T8] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 305.583999][ T8] usb 6-1: config 0 has no interface number 0 [ 305.586646][ T8] usb 6-1: config 0 interface 52 altsetting 1 endpoint 0xFF has an invalid bInterval 0, changing to 7 [ 305.592763][ T8] usb 6-1: config 0 interface 52 altsetting 1 endpoint 0xFF has invalid maxpacket 59391, setting to 1024 [ 305.597764][ T8] usb 6-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 305.602781][ T8] usb 6-1: config 0 interface 52 has no altsetting 0 [ 305.605903][ T8] usb 6-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00 [ 305.610061][ T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 305.615434][ T8] usb 6-1: config 0 descriptor?? [ 305.780869][T11606] FAULT_INJECTION: forcing a failure. [ 305.780869][T11606] name failslab, interval 1, probability 0, space 0, times 0 [ 305.786348][T11606] CPU: 2 PID: 11606 Comm: syz.3.2291 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0 [ 305.790759][T11606] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 305.796328][T11606] Call Trace: [ 305.797888][T11606] [ 305.799327][T11606] dump_stack_lvl+0x16c/0x1f0 [ 305.801396][T11606] should_fail_ex+0x497/0x5b0 [ 305.803523][T11606] should_failslab+0x9/0x20 [ 305.805631][T11606] kmalloc_trace_noprof+0x6b/0x300 [ 305.807383][T11606] ? resv_map_alloc+0x7e/0x400 [ 305.809018][T11606] ? kasan_save_track+0x14/0x30 [ 305.810704][T11606] resv_map_alloc+0x7e/0x400 [ 305.812649][T11606] hugetlbfs_get_inode+0x2c0/0x540 [ 305.814411][T11606] hugetlb_file_setup+0x15b/0x620 [ 305.816436][T11606] ksys_mmap_pgoff+0x189/0x5d0 [ 305.818078][T11606] __x64_sys_mmap+0x125/0x190 [ 305.819869][T11606] do_syscall_64+0xcd/0x250 [ 305.821881][T11606] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 305.824093][T11606] RIP: 0033:0x7fbaefb75bd9 [ 305.825610][T11606] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 305.827064][ T8] input: USB Synaptics Device 06cb:0007 (Stick) as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.52/input/input20 [ 305.832224][T11606] RSP: 002b:00007fbaf08cc048 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 305.832241][T11606] RAX: ffffffffffffffda RBX: 00007fbaefd03f60 RCX: 00007fbaefb75bd9 [ 305.832249][T11606] RDX: 0000000000000000 RSI: 0000000000c00000 RDI: 0000000020400000 [ 305.832255][T11606] RBP: 00007fbaf08cc0a0 R08: ffffffffffffffff R09: 0000000000000000 [ 305.832262][T11606] R10: 0000000000050032 R11: 0000000000000246 R12: 0000000000000001 [ 305.832269][T11606] R13: 000000000000000b R14: 00007fbaefd03f60 R15: 00007ffed3799a58 [ 305.832282][T11606] [ 305.837106][ T35] usb 7-1: new high-speed USB device number 23 using dummy_hcd [ 306.027936][ T39] audit: type=1400 audit(1720583060.457:581): avc: denied { write } for pid=11587 comm="syz.1.2283" name="mice" dev="devtmpfs" ino=860 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1 [ 306.035840][ T39] audit: type=1400 audit(1720583060.457:582): avc: denied { open } for pid=11587 comm="syz.1.2283" path="/dev/input/mice" dev="devtmpfs" ino=860 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1 [ 306.049595][ T35] usb 7-1: Using ep0 maxpacket: 8 [ 306.052839][ T35] usb 7-1: config 179 has an invalid interface number: 65 but max is 0 [ 306.055791][ T35] usb 7-1: config 179 has no interface number 0 [ 306.058103][ T35] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 306.062135][ T35] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 306.066622][ T35] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 306.070809][ T35] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 306.075025][ T35] usb 7-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 306.079782][ T35] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 306.083002][ T35] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 306.088157][T11597] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 306.102134][ C3] hrtimer: interrupt took 214948 ns [ 306.106612][ T8] usb 6-1: USB disconnect, device number 27 [ 306.315547][ T35] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:179.65/input/input21 [ 306.510834][ C3] xpad 7-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 306.513692][ C3] xpad 7-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 306.517706][ T35] usb 7-1: USB disconnect, device number 23 [ 306.520830][ T35] xpad 7-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 306.806179][T11630] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 307.441369][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.443981][ T39] audit: type=1400 audit(1720583061.867:583): avc: denied { ioctl } for pid=11644 comm="syz.2.2303" path="/dev/uhid" dev="devtmpfs" ino=1111 ioctlcmd=0x7439 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 307.444621][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.456904][ T39] audit: type=1400 audit(1720583061.887:584): avc: denied { bind } for pid=11644 comm="syz.2.2303" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 307.457086][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.465464][ T39] audit: type=1400 audit(1720583061.887:585): avc: denied { getopt } for pid=11644 comm="syz.2.2303" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 307.468727][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.480535][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.483389][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.485974][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.488673][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.491296][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.493833][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.496398][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.499137][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.501847][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.504424][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.507037][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.510011][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.513273][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.516504][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.519145][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.521800][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.524402][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.526938][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.529731][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.533034][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.536285][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.539024][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.542343][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.545446][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.548640][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.551610][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.554286][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.559233][ T8] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 307.573255][ T8] hid-generic 0000:0000:0000.0008: hidraw1: HID v0.00 Device [syz0] on syz0 [ 307.657818][T11651] netlink: 'syz.1.2305': attribute type 2 has an invalid length. [ 307.662868][T11651] netlink: 'syz.1.2305': attribute type 1 has an invalid length. [ 307.667652][T11651] netlink: 'syz.1.2305': attribute type 1 has an invalid length. [ 308.142963][ T39] audit: type=1326 audit(1720583062.567:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11661 comm="syz.3.2309" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbaefb75bd9 code=0x0 [ 308.541257][ T825] kernel read not supported for file inotify (pid: 825 comm: kworker/3:3) [ 308.703581][T11677] FAULT_INJECTION: forcing a failure. [ 308.703581][T11677] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 308.709999][T11677] CPU: 3 PID: 11677 Comm: syz.0.2313 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0 [ 308.714452][T11677] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 308.719344][T11677] Call Trace: [ 308.720711][T11677] [ 308.721749][T11677] dump_stack_lvl+0x16c/0x1f0 [ 308.723348][T11677] should_fail_ex+0x497/0x5b0 [ 308.724970][T11677] _copy_to_user+0x30/0xc0 [ 308.726488][T11677] simple_read_from_buffer+0xd0/0x160 [ 308.728375][T11677] proc_fail_nth_read+0x1b0/0x290 [ 308.730077][T11677] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 308.732013][T11677] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 308.733877][T11677] vfs_read+0x1d4/0xbd0 [ 308.735294][T11677] ? __fdget_pos+0xeb/0x180 [ 308.736861][T11677] ? __pfx_vfs_read+0x10/0x10 [ 308.738579][T11677] ? __pfx___mutex_lock+0x10/0x10 [ 308.740506][T11677] ? __fget_files+0x256/0x400 [ 308.742134][T11677] ksys_read+0x12f/0x260 [ 308.743584][T11677] ? __pfx_ksys_read+0x10/0x10 [ 308.745219][T11677] do_syscall_64+0xcd/0x250 [ 308.746772][T11677] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 308.748850][T11677] RIP: 0033:0x7f1bc4b746bc [ 308.750354][T11677] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48 [ 308.756852][T11677] RSP: 002b:00007f1bc5a24040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 308.760074][T11677] RAX: ffffffffffffffda RBX: 00007f1bc4d03f60 RCX: 00007f1bc4b746bc [ 308.762781][T11677] RDX: 000000000000000f RSI: 00007f1bc5a240b0 RDI: 0000000000000006 [ 308.765443][T11677] RBP: 00007f1bc5a240a0 R08: 0000000000000000 R09: 0000000000000000 [ 308.768216][T11677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 308.770895][T11677] R13: 000000000000000b R14: 00007f1bc4d03f60 R15: 00007ffd9ed49318 [ 308.773629][T11677] [ 309.266347][T11695] SELinux: syz.3.2317 (11695) set checkreqprot to 1. This is no longer supported. [ 309.266357][ T39] audit: type=1400 audit(1720583063.687:587): avc: denied { setcheckreqprot } for pid=11687 comm="syz.3.2317" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 309.680580][T11702] FAULT_INJECTION: forcing a failure. [ 309.680580][T11702] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 309.685081][T11702] CPU: 1 PID: 11702 Comm: syz.0.2321 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0 [ 309.688854][T11702] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 309.692473][T11702] Call Trace: [ 309.693618][T11702] [ 309.694627][T11702] dump_stack_lvl+0x16c/0x1f0 [ 309.696235][T11702] should_fail_ex+0x497/0x5b0 [ 309.697946][T11702] _copy_to_user+0x30/0xc0 [ 309.699492][T11702] simple_read_from_buffer+0xd0/0x160 [ 309.701307][T11702] proc_fail_nth_read+0x1b0/0x290 [ 309.702999][T11702] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 309.704879][T11702] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 309.706940][T11702] vfs_read+0x1d4/0xbd0 [ 309.708435][T11702] ? __fdget_pos+0xeb/0x180 [ 309.709977][T11702] ? __pfx_vfs_read+0x10/0x10 [ 309.712085][T11702] ? __pfx___mutex_lock+0x10/0x10 [ 309.714114][T11702] ? __fget_files+0x256/0x400 [ 309.715707][T11702] ksys_read+0x12f/0x260 [ 309.717177][T11702] ? __pfx_ksys_read+0x10/0x10 [ 309.718817][T11702] do_syscall_64+0xcd/0x250 [ 309.720352][T11702] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 309.722324][T11702] RIP: 0033:0x7f1bc4b746bc [ 309.723815][T11702] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48 [ 309.730233][T11702] RSP: 002b:00007f1bc5a24040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 309.734226][T11702] RAX: ffffffffffffffda RBX: 00007f1bc4d03f60 RCX: 00007f1bc4b746bc [ 309.736887][T11702] RDX: 000000000000000f RSI: 00007f1bc5a240b0 RDI: 0000000000000004 [ 309.739561][T11702] RBP: 00007f1bc5a240a0 R08: 0000000000000000 R09: 0000000000000000 [ 309.742228][T11702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 309.744867][T11702] R13: 000000000000000b R14: 00007f1bc4d03f60 R15: 00007ffd9ed49318 [ 309.747463][T11702] [ 309.863010][ C2] IPv4: Oversized IP packet from 172.20.20.10 [ 310.108004][T11718] loop7: detected capacity change from 0 to 16384 [ 310.171194][ T39] audit: type=1400 audit(1720583064.597:588): avc: denied { ioctl } for pid=11724 comm="syz.3.2329" path="/dev/rtc0" dev="devtmpfs" ino=865 ioctlcmd=0x7013 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 310.236154][ T69] I/O error, dev loop7, sector 1152 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 310.241294][ T69] Buffer I/O error on dev loop7, logical block 144, lost async page write [ 310.295295][T11735] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2332'. [ 310.296042][T11718] I/O error, dev loop7, sector 8192 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 0 [ 310.296935][ T8325] I/O error, dev loop7, sector 1160 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 310.297125][ T8325] Buffer I/O error on dev loop7, logical block 145, lost async page write [ 310.301080][ T8325] I/O error, dev loop7, sector 1168 op 0x1:(WRITE) flags 0x0 phys_seg 1 prio class 0 [ 310.317059][ T8325] Buffer I/O error on dev loop7, logical block 146, lost async page write [ 310.474450][T11740] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2334'. [ 310.486600][T11740] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2334'. [ 310.506490][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 310.604749][T11750] SELinux: syz.3.2333 (11750) set checkreqprot to 1. This is no longer supported. [ 311.128072][ T39] audit: type=1400 audit(1720583065.557:589): avc: denied { listen } for pid=11764 comm="syz.2.2341" lport=132 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 311.151074][ T39] audit: type=1400 audit(1720583065.577:590): avc: denied { setopt } for pid=11764 comm="syz.2.2341" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 311.162103][ T39] audit: type=1400 audit(1720583065.577:591): avc: denied { ioctl } for pid=11764 comm="syz.2.2341" path="socket:[38807]" dev="sockfs" ino=38807 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 311.192229][T11765] veth0_vlan: left promiscuous mode [ 311.196254][T11765] veth0_vlan: entered promiscuous mode [ 311.233883][ T39] audit: type=1400 audit(1720583065.657:592): avc: denied { create } for pid=11766 comm="syz.2.2342" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 311.274518][T11767] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2342'. [ 311.421639][T11773] FAULT_INJECTION: forcing a failure. [ 311.421639][T11773] name failslab, interval 1, probability 0, space 0, times 0 [ 311.423801][ T39] audit: type=1400 audit(1720583065.847:593): avc: denied { mounton } for pid=11770 comm="syz.2.2344" path="/proc/541/cgroup" dev="proc" ino=38823 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1 [ 311.429235][T11773] CPU: 3 PID: 11773 Comm: syz.3.2345 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0 [ 311.437403][ T39] audit: type=1400 audit(1720583065.867:594): avc: denied { mounton } for pid=11770 comm="syz.2.2344" path="/proc/541/cgroup" dev="nsfs" ino=4026533794 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 311.441439][T11773] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 311.441458][T11773] Call Trace: [ 311.441468][T11773] [ 311.458853][T11773] dump_stack_lvl+0x16c/0x1f0 [ 311.460985][T11773] should_fail_ex+0x497/0x5b0 [ 311.463081][T11773] should_failslab+0x9/0x20 [ 311.465135][T11773] __kmalloc_noprof+0xcf/0x410 [ 311.467267][T11773] ? d_absolute_path+0x137/0x1b0 [ 311.469496][T11773] tomoyo_encode2+0x100/0x3e0 [ 311.471610][T11773] tomoyo_encode+0x29/0x50 [ 311.473350][T11773] tomoyo_realpath_from_path+0x19d/0x720 [ 311.475263][T11773] tomoyo_path_number_perm+0x245/0x590 [ 311.477705][T11773] ? tomoyo_path_number_perm+0x232/0x590 [ 311.480179][T11773] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 311.482834][T11773] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 311.485576][T11773] ? __fget_files+0x256/0x400 [ 311.487675][T11773] security_file_ioctl+0x75/0xc0 [ 311.489855][T11773] __x64_sys_ioctl+0xbb/0x220 [ 311.491815][T11773] do_syscall_64+0xcd/0x250 [ 311.493834][T11773] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 311.496452][T11773] RIP: 0033:0x7fbaefb75bd9 [ 311.498612][T11773] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 311.507054][T11773] RSP: 002b:00007fbaf08cc048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 311.510742][T11773] RAX: ffffffffffffffda RBX: 00007fbaefd03f60 RCX: 00007fbaefb75bd9 [ 311.514179][T11773] RDX: 0000000020000140 RSI: 00000000c0189436 RDI: 0000000000000003 [ 311.517673][T11773] RBP: 00007fbaf08cc0a0 R08: 0000000000000000 R09: 0000000000000000 [ 311.521103][T11773] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 311.524521][T11773] R13: 000000000000000b R14: 00007fbaefd03f60 R15: 00007ffed3799a58 [ 311.527978][T11773] [ 311.537149][T11773] ERROR: Out of memory at tomoyo_realpath_from_path. [ 311.598054][T11779] input: syz0 as /devices/virtual/input/input22 [ 311.604866][ T39] audit: type=1400 audit(1720583066.027:595): avc: denied { read } for pid=11778 comm="syz.3.2347" name="mice" dev="devtmpfs" ino=860 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1 [ 311.746517][ T8] kernel read not supported for file inotify (pid: 8 comm: kworker/0:0) [ 312.086881][ T56] kernel read not supported for file inotify (pid: 56 comm: kworker/2:1) [ 312.336382][T11798] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2352'. [ 312.372567][T11801] SELinux: syz.0.2351 (11801) set checkreqprot to 1. This is no longer supported. [ 312.382930][ T39] audit: type=1400 audit(1720583066.807:596): avc: denied { create } for pid=11800 comm="syz.2.2353" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 312.398264][ T39] audit: type=1400 audit(1720583066.817:597): avc: denied { write } for pid=11800 comm="syz.2.2353" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 312.405593][ T39] audit: type=1400 audit(1720583066.817:598): avc: denied { read } for pid=11800 comm="syz.2.2353" dev="sockfs" ino=38878 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 312.421837][T11798] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2352'. [ 312.434790][ C2] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 312.458040][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 313.288137][T11824] raw_sendmsg: syz.0.2361 forgot to set AF_INET. Fix it! [ 313.330537][T11820] veth0_vlan: left promiscuous mode [ 313.334940][T11820] veth0_vlan: entered promiscuous mode [ 313.372432][T11828] sp0: Synchronizing with TNC [ 313.537156][ T1813] usb 6-1: new high-speed USB device number 28 using dummy_hcd [ 313.727841][ T1813] usb 6-1: Using ep0 maxpacket: 8 [ 313.739460][ T1813] usb 6-1: config 0 has no interfaces? [ 313.744070][ T1813] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 313.748718][ T1813] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 313.756661][ T1813] usb 6-1: config 0 descriptor?? [ 313.973179][ T5236] usb 6-1: USB disconnect, device number 28 [ 314.363709][ T8] kernel read not supported for file inotify (pid: 8 comm: kworker/0:0) [ 314.524714][T11876] FAULT_INJECTION: forcing a failure. [ 314.524714][T11876] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 314.531047][T11876] CPU: 3 PID: 11876 Comm: syz.0.2382 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0 [ 314.535482][T11876] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 314.540485][T11876] Call Trace: [ 314.541968][T11876] [ 314.543273][T11876] dump_stack_lvl+0x16c/0x1f0 [ 314.545353][T11876] should_fail_ex+0x497/0x5b0 [ 314.547433][T11876] core_sys_select+0x4cf/0xb80 [ 314.549554][T11876] ? __pfx_core_sys_select+0x10/0x10 [ 314.551871][T11876] ? ktime_get_ts64+0x106/0x2a0 [ 314.554045][T11876] ? set_user_sigmask+0x217/0x2a0 [ 314.556189][T11876] ? __pfx_set_user_sigmask+0x10/0x10 [ 314.558058][T11876] do_pselect.constprop.0+0x1a0/0x1f0 [ 314.559952][T11876] ? __pfx_do_pselect.constprop.0+0x10/0x10 [ 314.561986][T11876] ? fput+0x32/0x390 [ 314.563349][T11876] ? ksys_write+0x1ab/0x260 [ 314.565177][T11876] __x64_sys_pselect6+0x150/0x1d0 [ 314.567378][T11876] do_syscall_64+0xcd/0x250 [ 314.569379][T11876] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 314.571779][T11876] RIP: 0033:0x7f1bc4b75bd9 [ 314.573728][T11876] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 314.581944][T11876] RSP: 002b:00007f1bc5a03048 EFLAGS: 00000246 ORIG_RAX: 000000000000010e [ 314.585554][T11876] RAX: ffffffffffffffda RBX: 00007f1bc4d04038 RCX: 00007f1bc4b75bd9 [ 314.588981][T11876] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000040 [ 314.592382][T11876] RBP: 00007f1bc5a030a0 R08: 0000000020000300 R09: 0000000000000000 [ 314.595832][T11876] R10: 00000000200002c0 R11: 0000000000000246 R12: 0000000000000001 [ 314.599350][T11876] R13: 000000000000006e R14: 00007f1bc4d04038 R15: 00007ffd9ed49318 [ 314.602898][T11876] [ 314.664439][T11890] input: syz0 as /devices/virtual/input/input23 [ 315.452117][T11915] SELinux: syz.2.2393 (11915) set checkreqprot to 1. This is no longer supported. [ 315.863715][T11923] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2399'. [ 316.073053][T11931] mkiss: ax0: crc mode is auto. [ 316.386652][T11943] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2408'. [ 317.219528][ T1356] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.227119][ T1356] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.363598][T11978] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.2419'. [ 317.369572][T11978] openvswitch: netlink: Duplicate key (type 0). [ 317.732166][ T1813] kernel read not supported for file inotify (pid: 1813 comm: kworker/2:2) [ 317.925755][T12003] netlink: 'syz.1.2427': attribute type 1 has an invalid length. [ 317.928981][T12003] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2427'. [ 318.050103][T12010] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 318.107074][T12015] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2432'. [ 318.598230][ T1813] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 318.789008][ T1813] usb 5-1: Using ep0 maxpacket: 8 [ 318.793203][ T1813] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 318.795976][ T1813] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 318.807972][ T1813] usb 5-1: config 0 has no interface number 0 [ 318.817655][ T1813] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 318.821295][ T1813] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 318.830103][ T1813] usb 5-1: config 0 descriptor?? [ 318.835901][ T1813] iowarrior 5-1:0.1: no interrupt-in endpoint found [ 318.842705][ T35] kernel read not supported for file inotify (pid: 35 comm: kworker/3:0) [ 319.038785][ T8] usb 5-1: USB disconnect, device number 22 [ 319.169006][ T35] kernel read not supported for file inotify (pid: 35 comm: kworker/3:0) [ 319.328074][T12048] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 319.341858][T12050] FAULT_INJECTION: forcing a failure. [ 319.341858][T12050] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 319.347553][T12050] CPU: 0 PID: 12050 Comm: syz.3.2444 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0 [ 319.351996][T12050] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 319.356340][T12050] Call Trace: [ 319.357853][T12050] [ 319.359169][T12050] dump_stack_lvl+0x16c/0x1f0 [ 319.361306][T12050] should_fail_ex+0x497/0x5b0 [ 319.363439][T12050] _copy_from_user+0x30/0xf0 [ 319.365558][T12050] copy_msghdr_from_user+0x99/0x160 [ 319.367939][T12050] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 319.370603][T12050] ? find_held_lock+0x2d/0x110 [ 319.372812][T12050] ? __pfx___lock_acquire+0x10/0x10 [ 319.375186][T12050] ___sys_sendmsg+0xff/0x1e0 [ 319.377840][T12050] ? __pfx____sys_sendmsg+0x10/0x10 [ 319.380391][T12050] ? ksys_write+0x21c/0x260 [ 319.382806][T12050] ? __fget_light+0x173/0x210 [ 319.385430][T12050] __sys_sendmsg+0x117/0x1f0 [ 319.387769][T12050] ? __pfx___sys_sendmsg+0x10/0x10 [ 319.390389][T12050] do_syscall_64+0xcd/0x250 [ 319.392673][T12050] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 319.395328][T12050] RIP: 0033:0x7fbaefb75bd9 [ 319.397274][T12050] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 319.404962][T12050] RSP: 002b:00007fbaf08cc048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 319.407937][T12050] RAX: ffffffffffffffda RBX: 00007fbaefd03f60 RCX: 00007fbaefb75bd9 [ 319.410808][T12050] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003 [ 319.413517][T12050] RBP: 00007fbaf08cc0a0 R08: 0000000000000000 R09: 0000000000000000 [ 319.416214][T12050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 319.418901][T12050] R13: 000000000000000b R14: 00007fbaefd03f60 R15: 00007ffed3799a58 [ 319.421601][T12050] [ 319.442948][ T39] kauditd_printk_skb: 13 callbacks suppressed [ 319.442958][ T39] audit: type=1400 audit(1720583073.867:612): avc: denied { read } for pid=12051 comm="syz.1.2445" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 319.466452][T12056] IPVS: set_ctl: invalid protocol: 94 127.0.0.1:20001 [ 319.478193][ T39] audit: type=1326 audit(1720583073.907:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12059 comm="syz.1.2448" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1139975bd9 code=0x0 [ 319.738887][ T8] kernel read not supported for file inotify (pid: 8 comm: kworker/0:0) [ 319.953928][ T39] audit: type=1400 audit(1720583074.377:614): avc: denied { read } for pid=12078 comm="syz.0.2454" name="ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 319.963112][ T39] audit: type=1400 audit(1720583074.377:615): avc: denied { open } for pid=12078 comm="syz.0.2454" path="/dev/ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 320.249998][T12088] FAULT_INJECTION: forcing a failure. [ 320.249998][T12088] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 320.255969][T12088] CPU: 1 PID: 12088 Comm: syz.0.2456 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0 [ 320.260592][T12088] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 320.265434][T12088] Call Trace: [ 320.266998][T12088] [ 320.268363][T12088] dump_stack_lvl+0x16c/0x1f0 [ 320.270508][T12088] should_fail_ex+0x497/0x5b0 [ 320.272646][T12088] _copy_from_user+0x30/0xf0 [ 320.274742][T12088] mptcp_get_subflow_data+0x82/0x230 [ 320.277136][T12088] mptcp_getsockopt_subflow_addrs+0xb2/0x350 [ 320.279935][T12088] ? __pfx___lock_acquire+0x10/0x10 [ 320.282290][T12088] ? __pfx_mptcp_getsockopt_subflow_addrs+0x10/0x10 [ 320.285270][T12088] ? release_sock+0x21/0x220 [ 320.287347][T12088] ? reacquire_held_locks+0x20b/0x4c0 [ 320.289805][T12088] ? release_sock+0x21/0x220 [ 320.292058][T12088] ? find_held_lock+0x59/0x110 [ 320.294203][T12088] ? find_held_lock+0x2d/0x110 [ 320.296379][T12088] ? mptcp_getsockopt+0x16b/0xba0 [ 320.298652][T12088] ? __pfx_lock_release+0x10/0x10 [ 320.300915][T12088] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 320.303330][T12088] ? mptcp_getsockopt+0x16b/0xba0 [ 320.305182][T12088] ? __local_bh_enable_ip+0xa4/0x120 [ 320.306943][T12088] mptcp_getsockopt+0x5af/0xba0 [ 320.309078][T12088] ? __pfx_mptcp_getsockopt+0x10/0x10 [ 320.310944][T12088] ? find_held_lock+0x2d/0x110 [ 320.312601][T12088] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 320.314619][T12088] do_sock_getsockopt+0x2e5/0x760 [ 320.316490][T12088] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 320.318427][T12088] ? __fget_files+0x256/0x400 [ 320.320076][T12088] ? __fget_light+0x173/0x210 [ 320.321699][T12088] __sys_getsockopt+0x1a1/0x270 [ 320.323390][T12088] ? __pfx___sys_getsockopt+0x10/0x10 [ 320.325234][T12088] ? fput+0x32/0x390 [ 320.326599][T12088] ? ksys_write+0x1ab/0x260 [ 320.328255][T12088] ? __pfx_ksys_write+0x10/0x10 [ 320.329919][T12088] __x64_sys_getsockopt+0xbd/0x160 [ 320.331668][T12088] ? do_syscall_64+0x91/0x250 [ 320.333289][T12088] ? lockdep_hardirqs_on+0x7c/0x110 [ 320.335068][T12088] do_syscall_64+0xcd/0x250 [ 320.336626][T12088] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 320.338660][T12088] RIP: 0033:0x7f1bc4b75bd9 [ 320.340249][T12088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 320.346752][T12088] RSP: 002b:00007f1bc5a24048 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 320.349606][T12088] RAX: ffffffffffffffda RBX: 00007f1bc4d03f60 RCX: 00007f1bc4b75bd9 [ 320.352555][T12088] RDX: 0000000000000003 RSI: 000000000000011c RDI: 0000000000000003 [ 320.355679][T12088] RBP: 00007f1bc5a240a0 R08: 0000000020000100 R09: 0000000000000000 [ 320.358293][T12088] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001 [ 320.360913][T12088] R13: 000000000000000b R14: 00007f1bc4d03f60 R15: 00007ffd9ed49318 [ 320.363554][T12088] [ 320.677426][ T8] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 320.887262][ T8] usb 5-1: Using ep0 maxpacket: 8 [ 320.890920][ T8] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 320.893769][ T8] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 320.898961][ T8] usb 5-1: config 0 has no interface number 0 [ 320.901732][ T8] usb 5-1: config 0 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 320.908465][ T8] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 320.912213][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 320.916084][ T8] usb 5-1: config 0 descriptor?? [ 320.919164][ T8] iowarrior 5-1:0.1: no interrupt-in endpoint found [ 321.121938][ T1813] usb 5-1: USB disconnect, device number 23 [ 321.144645][ T8] kernel read not supported for file inotify (pid: 8 comm: kworker/0:0) [ 321.328742][T12121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 321.332717][T12121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 321.336127][T12121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 321.340890][T12121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 321.344488][T12121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 321.348951][T12121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 321.352286][T12121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 321.356025][T12121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 321.362339][T12121] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12121 comm=syz.1.2470 [ 321.368904][T12121] netlink: 'syz.1.2470': attribute type 5 has an invalid length. [ 321.371903][T12121] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2470'. [ 321.966193][ T62] kernel read not supported for file inotify (pid: 62 comm: kworker/1:1) [ 322.508897][T12159] hfs: invalid gid -1 [ 322.510575][T12159] hfs: unable to parse mount options [ 322.517153][ T56] usb 6-1: new high-speed USB device number 29 using dummy_hcd [ 322.699205][ T56] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 322.702701][ T56] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 322.706257][ T56] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 322.709842][ T56] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 322.716254][ T56] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 322.720002][ T56] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 322.722885][ T56] usb 6-1: Product: syz [ 322.724348][ T56] usb 6-1: Manufacturer: syz [ 322.728616][ T56] cdc_wdm 6-1:1.0: skipping garbage [ 322.730431][ T56] cdc_wdm 6-1:1.0: skipping garbage [ 322.734579][ T56] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 322.736613][ T56] cdc_wdm 6-1:1.0: Unknown control protocol [ 322.797155][ T1813] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 322.797173][ T62] usb 7-1: new high-speed USB device number 24 using dummy_hcd [ 322.934198][ T5236] usb 6-1: USB disconnect, device number 29 [ 322.990039][ T62] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 322.993918][ T62] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 322.997145][ T1813] usb 5-1: Using ep0 maxpacket: 8 [ 323.000956][ T62] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 323.002348][ T1813] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 323.004949][ T62] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 323.008403][ T1813] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 323.016716][ T62] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 323.017441][ T1813] usb 5-1: config 0 has no interface number 0 [ 323.017475][ T1813] usb 5-1: config 0 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 323.021427][ T62] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 323.023814][ T1813] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 323.028377][ T62] usb 7-1: Product: syz [ 323.028388][ T62] usb 7-1: Manufacturer: syz [ 323.031692][ T1813] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 323.037669][ T62] cdc_wdm 7-1:1.0: skipping garbage [ 323.041370][ T1813] usb 5-1: config 0 descriptor?? [ 323.042481][ T62] cdc_wdm 7-1:1.0: skipping garbage [ 323.046709][ T1813] iowarrior 5-1:0.1: no interrupt-in endpoint found [ 323.049336][ T62] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device [ 323.054507][ T62] cdc_wdm 7-1:1.0: Unknown control protocol [ 323.246625][ T5236] usb 7-1: USB disconnect, device number 24 [ 323.251720][ T825] usb 5-1: USB disconnect, device number 24 [ 323.465032][T12173] syzkaller0: entered promiscuous mode [ 323.465056][ T1813] kernel read not supported for file inotify (pid: 1813 comm: kworker/2:2) [ 323.467057][T12173] syzkaller0: entered allmulticast mode [ 325.147329][ T8] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 325.332545][ T8] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 325.337986][ T8] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 325.342608][ T8] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 325.364706][ T8] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 325.374030][ T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 325.380470][ T8] usb 5-1: Product: syz [ 325.382527][ T8] usb 5-1: Manufacturer: syz [ 325.384765][ T8] usb 5-1: SerialNumber: syz [ 325.398337][ T8] usb 5-1: selecting invalid altsetting 1 [ 325.882198][ T1154] kernel read not supported for file inotify (pid: 1154 comm: kworker/0:2) [ 326.043128][ T39] audit: type=1400 audit(1720583080.467:616): avc: denied { mount } for pid=12211 comm="syz.1.2501" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1 [ 326.058090][ T39] audit: type=1400 audit(1720583080.467:617): avc: denied { remount } for pid=12211 comm="syz.1.2501" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1 [ 326.076643][ T39] audit: type=1400 audit(1720583080.497:618): avc: denied { unmount } for pid=5196 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1 [ 326.348027][ T8] cdc_ncm 5-1:1.0: failed GET_NTB_PARAMETERS [ 326.350954][ T8] cdc_ncm 5-1:1.0: bind() failure [ 326.362038][ T8] usb 5-1: USB disconnect, device number 25 [ 326.647228][ T62] usb 6-1: new high-speed USB device number 30 using dummy_hcd [ 326.847126][ T62] usb 6-1: Using ep0 maxpacket: 8 [ 326.851971][ T62] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 326.854775][ T62] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 326.859933][ T62] usb 6-1: config 0 has no interface number 0 [ 326.862150][ T62] usb 6-1: config 0 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 326.866561][ T62] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 326.869861][ T62] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 326.877853][ T62] usb 6-1: config 0 descriptor?? [ 326.885100][ T62] iowarrior 6-1:0.1: no interrupt-in endpoint found [ 327.086546][ T62] usb 6-1: USB disconnect, device number 30 [ 327.144950][T12233] netem: change failed [ 327.156448][T12233] 9pnet_fd: Insufficient options for proto=fd [ 327.201864][ T39] audit: type=1400 audit(1720583081.627:619): avc: denied { audit_write } for pid=12234 comm="syz.3.2510" capability=29 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 327.488134][T12246] FAULT_INJECTION: forcing a failure. [ 327.488134][T12246] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 327.492786][T12246] CPU: 1 PID: 12246 Comm: syz.3.2512 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0 [ 327.496287][T12246] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 327.500585][T12246] Call Trace: [ 327.501896][T12246] [ 327.503064][T12246] dump_stack_lvl+0x16c/0x1f0 [ 327.504906][T12246] should_fail_ex+0x497/0x5b0 [ 327.506768][T12246] _copy_from_user+0x30/0xf0 [ 327.508594][T12246] sk_setsockopt+0x1655/0x3d00 [ 327.510485][T12246] ? __pfx_sk_setsockopt+0x10/0x10 [ 327.512490][T12246] ? avc_has_perm+0x11b/0x1c0 [ 327.514299][T12246] ? __pfx_avc_has_perm+0x10/0x10 [ 327.516227][T12246] ? sock_has_perm+0x25a/0x2f0 [ 327.517914][T12246] udp_lib_setsockopt+0x721/0xfe0 [ 327.519642][T12246] ? __pfx_udp_push_pending_frames+0x10/0x10 [ 327.521576][T12246] ? __pfx_udp_lib_setsockopt+0x10/0x10 [ 327.523355][T12246] ? find_held_lock+0x2d/0x110 [ 327.525009][T12246] udp_setsockopt+0xbc/0xd0 [ 327.526572][T12246] ? __pfx_udp_push_pending_frames+0x10/0x10 [ 327.528617][T12246] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 327.530666][T12246] do_sock_setsockopt+0x222/0x480 [ 327.532417][T12246] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 327.534321][T12246] ? __fget_light+0x173/0x210 [ 327.535968][T12246] __sys_setsockopt+0x1a4/0x270 [ 327.537647][T12246] ? __pfx___sys_setsockopt+0x10/0x10 [ 327.539479][T12246] ? fput+0x32/0x390 [ 327.540853][T12246] ? ksys_write+0x1ab/0x260 [ 327.542427][T12246] ? __pfx_ksys_write+0x10/0x10 [ 327.544139][T12246] __x64_sys_setsockopt+0xbd/0x160 [ 327.545890][T12246] ? do_syscall_64+0x91/0x250 [ 327.547649][T12246] ? lockdep_hardirqs_on+0x7c/0x110 [ 327.549494][T12246] do_syscall_64+0xcd/0x250 [ 327.551231][T12246] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 327.553295][T12246] RIP: 0033:0x7fbaefb75bd9 [ 327.554840][T12246] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 327.561448][T12246] RSP: 002b:00007fbaf088a048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 327.564252][T12246] RAX: ffffffffffffffda RBX: 00007fbaefd04110 RCX: 00007fbaefb75bd9 [ 327.567056][T12246] RDX: 0000000000000019 RSI: 0000000000000001 RDI: 000000000000000b [ 327.569794][T12246] RBP: 00007fbaf088a0a0 R08: 0000000000000010 R09: 0000000000000000 [ 327.572539][T12246] R10: 0000000020000440 R11: 0000000000000246 R12: 0000000000000001 [ 327.575267][T12246] R13: 000000000000006e R14: 00007fbaefd04110 R15: 00007ffed3799a58 [ 327.578007][T12246] [ 328.227269][ T35] usb 6-1: new high-speed USB device number 31 using dummy_hcd [ 328.407208][ T35] usb 6-1: Using ep0 maxpacket: 16 [ 328.413330][ T35] usb 6-1: config 1 interface 0 has no altsetting 0 [ 328.419986][ T35] usb 6-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.40 [ 328.424270][ T35] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 328.429090][ T35] usb 6-1: Product: ࡠ [ 328.431178][ T35] usb 6-1: Manufacturer: ᠁ [ 328.433511][ T35] usb 6-1: SerialNumber: syz [ 328.648663][T12264] EXT4-fs warning (device sda1): ext4_group_extend:1869: need to use ext2online to resize further [ 328.669538][ T35] usbhid 6-1:1.0: can't add hid device: -71 [ 328.672172][ T35] usbhid 6-1:1.0: probe with driver usbhid failed with error -71 [ 328.675912][ T35] usb 6-1: USB disconnect, device number 31 [ 328.962954][T12284] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2528'. [ 329.041808][T12286] block nbd2: NBD_DISCONNECT [ 329.046056][T12286] block nbd2: Disconnected due to user request. [ 329.049236][ T5236] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 329.051178][T12286] block nbd2: shutting down sockets [ 329.062656][T12282] Bluetooth: MGMT ver 1.22 [ 329.094261][T12290] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2530'. [ 329.134044][T12294] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2531'. [ 329.158500][T12294] kvm: emulating exchange as write [ 329.247214][ T5236] usb 5-1: Using ep0 maxpacket: 8 [ 329.251564][ T5236] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 329.255080][ T5236] usb 5-1: config 0 has no interface number 0 [ 329.257919][ T5236] usb 5-1: config 0 interface 1 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 329.264034][ T5236] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 329.267693][ T5236] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 329.272366][ T5236] usb 5-1: config 0 descriptor?? [ 329.275934][ T5236] iowarrior 5-1:0.1: no interrupt-in endpoint found [ 329.454932][T12310] fuse: Bad value for 'fd' [ 329.458305][ T39] audit: type=1400 audit(1720583083.877:620): avc: denied { sqpoll } for pid=12309 comm="syz.3.2535" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 329.466516][ T39] audit: type=1400 audit(1720583083.887:621): avc: denied { write } for pid=12309 comm="syz.3.2535" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 329.482996][ T5236] usb 5-1: USB disconnect, device number 26 [ 329.654010][T12318] FAULT_INJECTION: forcing a failure. [ 329.654010][T12318] name failslab, interval 1, probability 0, space 0, times 0 [ 329.658083][T12318] CPU: 0 PID: 12318 Comm: syz.3.2538 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0 [ 329.661204][T12318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 329.664504][T12318] Call Trace: [ 329.665581][T12318] [ 329.666509][T12318] dump_stack_lvl+0x16c/0x1f0 [ 329.668015][T12318] should_fail_ex+0x497/0x5b0 [ 329.669519][T12318] should_failslab+0x9/0x20 [ 329.670954][T12318] kmem_cache_alloc_node_noprof+0x71/0x310 [ 329.672775][T12318] ? copy_process+0x4b7/0x8f10 [ 329.674280][T12318] copy_process+0x4b7/0x8f10 [ 329.675706][T12318] ? __pfx___lock_acquire+0x10/0x10 [ 329.677369][T12318] ? __pfx_copy_process+0x10/0x10 [ 329.679083][T12318] ? get_pid_task+0xfc/0x250 [ 329.680530][T12318] ? __pfx_lock_release+0x10/0x10 [ 329.682178][T12318] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 329.684078][T12318] ? find_held_lock+0x2d/0x110 [ 329.685680][T12318] ? find_held_lock+0x2d/0x110 [ 329.687463][T12318] kernel_clone+0xfd/0x980 [ 329.689138][T12318] ? __pfx_kernel_clone+0x10/0x10 [ 329.690954][T12318] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 329.693103][T12318] __do_sys_clone+0xba/0x100 [ 329.694522][T12318] ? __pfx___do_sys_clone+0x10/0x10 [ 329.696112][T12318] do_syscall_64+0xcd/0x250 [ 329.697502][T12318] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 329.699385][T12318] RIP: 0033:0x7fbaefb75bd9 [ 329.700845][T12318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 329.706557][T12318] RSP: 002b:00007fbaf08cbff8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 329.709096][T12318] RAX: ffffffffffffffda RBX: 00007fbaefd03f60 RCX: 00007fbaefb75bd9 [ 329.711372][T12318] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 329.713789][T12318] RBP: 00007fbaf08cc0a0 R08: 0000000000000000 R09: 0000000000000000 [ 329.716187][T12318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 329.718751][T12318] R13: 000000000000000b R14: 00007fbaefd03f60 R15: 00007ffed3799a58 [ 329.721163][T12318] [ 329.757529][ T39] audit: type=1400 audit(1720583084.187:622): avc: denied { setopt } for pid=12320 comm="syz.3.2539" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 329.778437][ T39] audit: type=1326 audit(1720583084.207:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12320 comm="syz.3.2539" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbaefb75bd9 code=0x0 [ 330.027193][ T39] audit: type=1400 audit(1720583084.447:624): avc: denied { write } for pid=12323 comm="syz.0.2540" name="card1" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 330.327098][ T39] audit: type=1400 audit(1720583084.747:625): avc: denied { cmd } for pid=12341 comm="syz.0.2546" path="socket:[43380]" dev="sockfs" ino=43380 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 330.339178][T12337] FAULT_INJECTION: forcing a failure. [ 330.339178][T12337] name failslab, interval 1, probability 0, space 0, times 0 [ 330.344249][T12337] CPU: 2 PID: 12337 Comm: syz.2.2544 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0 [ 330.347593][T12337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 330.350902][T12337] Call Trace: [ 330.352042][T12337] [ 330.352940][T12337] dump_stack_lvl+0x16c/0x1f0 [ 330.354431][T12337] should_fail_ex+0x497/0x5b0 [ 330.355952][T12337] should_failslab+0x9/0x20 [ 330.357372][T12337] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 330.358990][T12337] ? fuse_request_alloc+0x22/0x1a0 [ 330.360557][T12337] fuse_request_alloc+0x22/0x1a0 [ 330.362064][T12337] fuse_get_req+0x44d/0x9a0 [ 330.363460][T12337] ? __pfx_fuse_get_req+0x10/0x10 [ 330.364997][T12337] ? __pfx_lock_release+0x10/0x10 [ 330.366518][T12337] ? __module_address+0x55/0x3c0 [ 330.368084][T12337] ? hlock_class+0x4e/0x130 [ 330.369472][T12337] ? mark_lock+0xb5/0xc60 [ 330.370776][T12337] ? hlock_class+0x4e/0x130 [ 330.372172][T12337] fuse_simple_request+0xb0/0xd20 [ 330.373692][T12337] fuse_statfs+0x253/0x480 [ 330.375493][T12337] ? __pfx_fuse_statfs+0x10/0x10 [ 330.377402][T12337] statfs_by_dentry+0x12b/0x210 [ 330.379231][T12337] vfs_statfs+0x3a/0xa0 [ 330.380805][T12337] check_free_space+0x12e/0x440 [ 330.382637][T12337] ? lock_acquire+0x1b1/0x560 [ 330.384410][T12337] ? __pfx_check_free_space+0x10/0x10 [ 330.386421][T12337] ? rcu_is_watching+0x12/0xc0 [ 330.388368][T12337] ? trace_contention_end+0xea/0x140 [ 330.390361][T12337] do_acct_process+0x1ac/0x1530 [ 330.391867][T12337] ? __pfx_do_acct_process+0x10/0x10 [ 330.393824][T12337] ? __pfx___mutex_lock+0x10/0x10 [ 330.395354][T12337] ? do_raw_spin_lock+0x12d/0x2c0 [ 330.396887][T12337] acct_pin_kill+0x2d/0x100 [ 330.398323][T12337] pin_kill+0x194/0x7c0 [ 330.399572][T12337] ? __pfx_pin_kill+0x10/0x10 [ 330.401029][T12337] ? __pfx_autoremove_wake_function+0x10/0x10 [ 330.402858][T12337] ? security_capable+0x98/0xd0 [ 330.404687][T12337] __x64_sys_acct+0x15b/0x220 [ 330.406122][T12337] ? lockdep_hardirqs_on+0x7c/0x110 [ 330.407853][T12337] do_syscall_64+0xcd/0x250 [ 330.409220][T12337] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 330.411405][T12337] RIP: 0033:0x7f064d175bd9 [ 330.413081][T12337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 330.420215][T12337] RSP: 002b:00007f064df5c048 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3 [ 330.423309][T12337] RAX: ffffffffffffffda RBX: 00007f064d303f60 RCX: 00007f064d175bd9 [ 330.426234][T12337] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 330.429167][T12337] RBP: 00007f064df5c0a0 R08: 0000000000000000 R09: 0000000000000000 [ 330.432113][T12337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 330.435068][T12337] R13: 000000000000000b R14: 00007f064d303f60 R15: 00007ffe47b3b6d8 [ 330.438052][T12337] [ 330.439332][ C2] vkms_vblank_simulate: vblank timer overrun [ 330.463141][T12348] netlink: 'syz.1.2547': attribute type 10 has an invalid length. [ 330.476271][T12348] batman_adv: batadv0: Adding interface: team0 [ 330.478495][T12348] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 330.486843][T12348] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 330.500050][T12348] netlink: 'syz.1.2547': attribute type 10 has an invalid length. [ 330.502816][T12348] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2547'. [ 330.505805][T12348] team0: entered promiscuous mode [ 330.508086][T12348] team_slave_1: entered promiscuous mode [ 330.511488][T12348] 8021q: adding VLAN 0 to HW filter on device team0 [ 330.514333][T12348] batman_adv: batadv0: Interface activated: team0 [ 330.516569][T12348] batman_adv: batadv0: Interface deactivated: team0 [ 330.518805][T12348] batman_adv: batadv0: Removing interface: team0 [ 330.521608][T12348] bridge0: port 3(team0) entered blocking state [ 330.523903][T12348] bridge0: port 3(team0) entered disabled state [ 330.526111][T12348] team0: entered allmulticast mode [ 330.527917][T12348] team_slave_1: entered allmulticast mode [ 330.531263][T12348] bridge0: port 3(team0) entered blocking state [ 330.533648][T12348] bridge0: port 3(team0) entered forwarding state [ 330.580243][T12355] netlink: 'syz.1.2551': attribute type 10 has an invalid length. [ 330.587050][T12355] bridge0: port 3(team0) entered disabled state [ 330.591301][T12355] team0: left allmulticast mode [ 330.592876][T12355] team_slave_1: left allmulticast mode [ 330.594680][T12355] team0: left promiscuous mode [ 330.596224][T12355] team_slave_1: left promiscuous mode [ 330.598665][T12355] bridge0: port 3(team0) entered disabled state [ 330.604410][T12355] batman_adv: batadv0: Adding interface: team0 [ 330.606528][T12355] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 330.621767][T12355] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 330.630970][T12355] netlink: 'syz.1.2551': attribute type 10 has an invalid length. [ 330.634714][T12355] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2551'. [ 330.641934][T12355] team0: entered promiscuous mode [ 330.644533][T12355] team_slave_1: entered promiscuous mode [ 330.647070][ T62] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 330.655259][T12355] 8021q: adding VLAN 0 to HW filter on device team0 [ 330.659681][T12355] batman_adv: batadv0: Interface activated: team0 [ 330.662477][T12355] batman_adv: batadv0: Interface deactivated: team0 [ 330.665212][T12355] batman_adv: batadv0: Removing interface: team0 [ 330.669054][T12355] bridge0: port 3(team0) entered blocking state [ 330.671681][T12355] bridge0: port 3(team0) entered disabled state [ 330.674151][T12355] team0: entered allmulticast mode [ 330.676362][T12355] team_slave_1: entered allmulticast mode [ 330.680975][T12355] bridge0: port 3(team0) entered blocking state [ 330.683788][T12355] bridge0: port 3(team0) entered forwarding state [ 330.729104][T12360] binder: 12358:12360 ioctl 4018620d 0 returned -22 [ 330.827292][ T62] usb 5-1: Using ep0 maxpacket: 8 [ 330.831875][ T62] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 330.836694][ T62] usb 5-1: config 0 has no interface number 0 [ 330.840602][ T62] usb 5-1: config 0 interface 1 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 330.845544][ T62] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 330.850072][ T62] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 330.855753][ T62] usb 5-1: config 0 descriptor?? [ 330.864333][ T62] iowarrior 5-1:0.1: no interrupt-in endpoint found [ 330.993909][T12366] binder: 12365:12366 ioctl 4018620d 0 returned -22 [ 330.997988][T12366] FAULT_INJECTION: forcing a failure. [ 330.997988][T12366] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 331.002499][T12366] CPU: 2 PID: 12366 Comm: syz.1.2556 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0 [ 331.005949][T12366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 331.009553][T12366] Call Trace: [ 331.010726][T12366] [ 331.011946][T12366] dump_stack_lvl+0x16c/0x1f0 [ 331.013544][T12366] should_fail_ex+0x497/0x5b0 [ 331.015144][T12366] _copy_from_user+0x30/0xf0 [ 331.016749][T12366] copy_msghdr_from_user+0x99/0x160 [ 331.018561][T12366] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 331.020547][T12366] ? find_held_lock+0x2d/0x110 [ 331.022192][T12366] ? __pfx___lock_acquire+0x10/0x10 [ 331.024009][T12366] ___sys_sendmsg+0xff/0x1e0 [ 331.025736][T12366] ? __pfx____sys_sendmsg+0x10/0x10 [ 331.028027][T12366] ? ksys_write+0x21c/0x260 [ 331.029654][T12366] ? __fget_light+0x173/0x210 [ 331.031278][T12366] __sys_sendmsg+0x117/0x1f0 [ 331.032849][T12366] ? __pfx___sys_sendmsg+0x10/0x10 [ 331.034593][T12366] do_syscall_64+0xcd/0x250 [ 331.036161][T12366] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 331.038181][T12366] RIP: 0033:0x7f1139975bd9 [ 331.039696][T12366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 331.046165][T12366] RSP: 002b:00007f11393ff048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 331.048941][T12366] RAX: ffffffffffffffda RBX: 00007f1139b03f60 RCX: 00007f1139975bd9 [ 331.051825][T12366] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000008 [ 331.054874][T12366] RBP: 00007f11393ff0a0 R08: 0000000000000000 R09: 0000000000000000 [ 331.057565][T12366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 331.060178][T12366] R13: 000000000000000b R14: 00007f1139b03f60 R15: 00007ffc47fd2d98 [ 331.062871][T12366] [ 331.063974][ C2] vkms_vblank_simulate: vblank timer overrun [ 331.069156][ T1813] usb 5-1: USB disconnect, device number 27 [ 331.097347][T12368] binder: 12367:12368 ioctl 4018620d 0 returned -22 [ 331.102645][ T39] kauditd_printk_skb: 2 callbacks suppressed [ 331.102656][ T39] audit: type=1400 audit(1720583085.527:628): avc: denied { ioctl } for pid=12367 comm="syz.1.2557" path="/dev/nullb0" dev="devtmpfs" ino=691 ioctlcmd=0x125f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 331.185887][ T39] audit: type=1400 audit(1720583085.607:629): avc: denied { getopt } for pid=12369 comm="syz.1.2558" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 331.367795][T12377] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2560'. [ 331.433012][T12380] netlink: 'syz.2.2561': attribute type 10 has an invalid length. [ 331.452926][T12380] batman_adv: batadv0: Adding interface: team0 [ 331.455689][T12380] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 331.466429][T12380] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 331.494536][T12380] netlink: 'syz.2.2561': attribute type 10 has an invalid length. [ 331.498496][T12380] netlink: 2 bytes leftover after parsing attributes in process `syz.2.2561'. [ 331.502853][T12380] team0: entered promiscuous mode [ 331.505298][T12380] team_slave_0: entered promiscuous mode [ 331.509548][T12380] team_slave_1: entered promiscuous mode [ 331.516188][T12380] 8021q: adding VLAN 0 to HW filter on device team0 [ 331.519800][T12380] batman_adv: batadv0: Interface activated: team0 [ 331.522732][T12380] batman_adv: batadv0: Interface deactivated: team0 [ 331.525495][T12380] batman_adv: batadv0: Removing interface: team0 [ 331.529979][T12380] bridge0: port 3(team0) entered blocking state [ 331.533189][T12380] bridge0: port 3(team0) entered disabled state [ 331.536019][T12380] team0: entered allmulticast mode [ 331.538986][T12380] team_slave_0: entered allmulticast mode [ 331.541240][T12380] team_slave_1: entered allmulticast mode [ 331.549097][T12380] bridge0: port 3(team0) entered blocking state [ 331.551808][T12380] bridge0: port 3(team0) entered forwarding state [ 331.555932][T12382] netlink: 'syz.3.2562': attribute type 1 has an invalid length. [ 331.576305][T12382] bond1: entered promiscuous mode [ 331.599618][T12382] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2562'. [ 331.628069][ T39] audit: type=1400 audit(1720583086.047:630): avc: denied { setattr } for pid=12389 comm="syz.0.2564" name="XDP" dev="sockfs" ino=44204 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 332.544207][T12408] FAULT_INJECTION: forcing a failure. [ 332.544207][T12408] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 332.549589][T12408] CPU: 2 PID: 12408 Comm: syz.3.2570 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0 [ 332.553833][T12408] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 332.557512][T12408] Call Trace: [ 332.558645][T12408] [ 332.559708][T12408] dump_stack_lvl+0x16c/0x1f0 [ 332.561777][T12408] should_fail_ex+0x497/0x5b0 [ 332.563390][T12408] _copy_from_user+0x30/0xf0 [ 332.565027][T12408] copy_msghdr_from_user+0x99/0x160 [ 332.566786][T12408] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 332.568803][T12408] ? find_held_lock+0x2d/0x110 [ 332.570630][T12408] ? __pfx___lock_acquire+0x10/0x10 [ 332.572471][T12408] ___sys_sendmsg+0xff/0x1e0 [ 332.574080][T12408] ? __pfx____sys_sendmsg+0x10/0x10 [ 332.576152][T12408] ? ksys_write+0x21c/0x260 [ 332.577992][T12408] ? __fget_light+0x173/0x210 [ 332.579682][T12408] __sys_sendmsg+0x117/0x1f0 [ 332.581314][T12408] ? __pfx___sys_sendmsg+0x10/0x10 [ 332.583177][T12408] do_syscall_64+0xcd/0x250 [ 332.584768][T12408] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 332.586861][T12408] RIP: 0033:0x7fbaefb75bd9 [ 332.588482][T12408] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 332.595034][T12408] RSP: 002b:00007fbaf08cc048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 332.597907][T12408] RAX: ffffffffffffffda RBX: 00007fbaefd03f60 RCX: 00007fbaefb75bd9 [ 332.600654][T12408] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 332.603345][T12408] RBP: 00007fbaf08cc0a0 R08: 0000000000000000 R09: 0000000000000000 [ 332.606096][T12408] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 332.608913][T12408] R13: 000000000000000b R14: 00007fbaefd03f60 R15: 00007ffed3799a58 [ 332.611613][T12408] [ 332.612766][ C2] vkms_vblank_simulate: vblank timer overrun [ 332.824731][T12413] netlink: 'syz.2.2572': attribute type 10 has an invalid length. [ 332.831220][T12413] bridge0: port 3(team0) entered disabled state [ 332.835052][T12413] team0: left allmulticast mode [ 332.836831][T12413] team_slave_0: left allmulticast mode [ 332.838892][T12413] team_slave_1: left allmulticast mode [ 332.840818][T12413] team0: left promiscuous mode [ 332.845073][T12413] team_slave_0: left promiscuous mode [ 332.845235][T12413] team_slave_1: left promiscuous mode [ 332.845475][T12413] bridge0: port 3(team0) entered disabled state [ 332.853215][T12413] batman_adv: batadv0: Adding interface: team0 [ 332.859576][T12413] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 332.870157][T12413] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 332.910372][T12413] netlink: 'syz.2.2572': attribute type 10 has an invalid length. [ 332.914184][T12413] netlink: 2 bytes leftover after parsing attributes in process `syz.2.2572'. [ 332.918615][T12413] team0: entered promiscuous mode [ 332.921452][T12413] team_slave_0: entered promiscuous mode [ 332.924698][T12413] team_slave_1: entered promiscuous mode [ 332.929001][T12413] 8021q: adding VLAN 0 to HW filter on device team0 [ 332.932073][T12413] batman_adv: batadv0: Interface activated: team0 [ 332.935339][T12413] batman_adv: batadv0: Interface deactivated: team0 [ 332.938543][T12413] batman_adv: batadv0: Removing interface: team0 [ 332.943552][T12413] bridge0: port 3(team0) entered blocking state [ 332.947081][T12413] bridge0: port 3(team0) entered disabled state [ 332.950066][T12413] team0: entered allmulticast mode [ 332.952415][T12413] team_slave_0: entered allmulticast mode [ 332.955075][T12413] team_slave_1: entered allmulticast mode [ 332.960890][T12413] bridge0: port 3(team0) entered blocking state [ 332.963732][T12413] bridge0: port 3(team0) entered forwarding state [ 332.975986][T12421] netlink: 'syz.1.2576': attribute type 10 has an invalid length. [ 332.984746][T12421] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2576'. [ 332.989080][T12421] openvswitch: netlink: Key type 29 is not supported [ 333.593394][T12443] FAULT_INJECTION: forcing a failure. [ 333.593394][T12443] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 333.599648][T12443] CPU: 2 PID: 12443 Comm: syz.3.2584 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0 [ 333.604245][T12443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 333.608573][T12443] Call Trace: [ 333.610057][T12443] [ 333.611350][T12443] dump_stack_lvl+0x16c/0x1f0 [ 333.613325][T12443] should_fail_ex+0x497/0x5b0 [ 333.614933][T12443] _copy_from_user+0x30/0xf0 [ 333.616564][T12443] copy_msghdr_from_user+0x99/0x160 [ 333.618359][T12443] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 333.620310][T12443] ? find_held_lock+0x2d/0x110 [ 333.621928][T12443] ? __pfx___lock_acquire+0x10/0x10 [ 333.623678][T12443] ___sys_sendmsg+0xff/0x1e0 [ 333.625250][T12443] ? __pfx____sys_sendmsg+0x10/0x10 [ 333.626991][T12443] ? ksys_write+0x21c/0x260 [ 333.628533][T12443] ? __fget_light+0x173/0x210 [ 333.630119][T12443] __sys_sendmsg+0x117/0x1f0 [ 333.631689][T12443] ? __pfx___sys_sendmsg+0x10/0x10 [ 333.633449][T12443] do_syscall_64+0xcd/0x250 [ 333.635003][T12443] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 333.637017][T12443] RIP: 0033:0x7fbaefb75bd9 [ 333.638523][T12443] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 333.644882][T12443] RSP: 002b:00007fbaf08cc048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 333.647677][T12443] RAX: ffffffffffffffda RBX: 00007fbaefd03f60 RCX: 00007fbaefb75bd9 [ 333.650349][T12443] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 333.653032][T12443] RBP: 00007fbaf08cc0a0 R08: 0000000000000000 R09: 0000000000000000 [ 333.655677][T12443] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 333.658336][T12443] R13: 000000000000000b R14: 00007fbaefd03f60 R15: 00007ffed3799a58 [ 333.660993][T12443] [ 333.662403][ C2] vkms_vblank_simulate: vblank timer overrun [ 333.807301][ T1813] kernel read not supported for file inotify (pid: 1813 comm: kworker/2:2) [ 334.050095][T12453] batman_adv: batadv0: Adding interface: team0 [ 334.053112][T12453] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 334.064286][T12453] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 334.089803][T12453] netlink: 2 bytes leftover after parsing attributes in process `syz.0.2587'. [ 334.094404][T12453] team0: entered promiscuous mode [ 334.096889][T12453] team_slave_0: entered promiscuous mode [ 334.105552][T12453] team_slave_1: entered promiscuous mode [ 334.114368][T12453] 8021q: adding VLAN 0 to HW filter on device team0 [ 334.118325][T12453] batman_adv: batadv0: Interface activated: team0 [ 334.121227][T12453] batman_adv: batadv0: Interface deactivated: team0 [ 334.124150][T12453] batman_adv: batadv0: Removing interface: team0 [ 334.130367][T12453] bridge0: port 3(team0) entered blocking state [ 334.133395][T12453] bridge0: port 3(team0) entered disabled state [ 334.136502][T12453] team0: entered allmulticast mode [ 334.139241][T12453] team_slave_0: entered allmulticast mode [ 334.141898][T12453] team_slave_1: entered allmulticast mode [ 334.147471][T12453] bridge0: port 3(team0) entered blocking state [ 334.150012][T12453] bridge0: port 3(team0) entered forwarding state [ 334.734776][T12467] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2591'. [ 334.738486][T12467] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 334.759948][T12467] binder: 12466:12467 unknown command 17 [ 334.762396][T12467] binder: 12466:12467 ioctl c0306201 200003c0 returned -22 [ 335.506850][ T35] kernel read not supported for file inotify (pid: 35 comm: kworker/3:0) [ 335.809913][ T5236] kernel read not supported for file inotify (pid: 5236 comm: kworker/1:3) [ 335.831626][T12492] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2600'. [ 335.835503][T12492] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 335.874517][T12492] binder: 12491:12492 unknown command 17 [ 335.876537][T12492] binder: 12491:12492 ioctl c0306201 200003c0 returned -22 [ 335.969901][ T39] audit: type=1400 audit(1720583090.397:631): avc: denied { bind } for pid=12499 comm="syz.3.2603" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 335.979590][T12500] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2603'. [ 335.983433][T12498] netlink: 288 bytes leftover after parsing attributes in process `syz.1.2604'. [ 335.998390][ T39] audit: type=1400 audit(1720583090.427:632): avc: denied { mount } for pid=12497 comm="syz.1.2604" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 336.008120][ T39] audit: type=1400 audit(1720583090.437:633): avc: denied { remount } for pid=12497 comm="syz.1.2604" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 336.049244][T12494] CUSE: DEVNAME unspecified [ 336.247093][ T62] kernel read not supported for file inotify (pid: 62 comm: kworker/1:1) [ 336.486143][ T39] audit: type=1400 audit(1720583090.907:634): avc: denied { name_bind } for pid=12518 comm="syz.3.2609" src=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=udp_socket permissive=1 [ 336.500865][T12526] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2610'. [ 336.504634][T12526] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 336.563753][T12526] binder: 12525:12526 unknown command 17 [ 336.566214][T12526] binder: 12525:12526 ioctl c0306201 200003c0 returned -22 [ 336.786102][ T39] audit: type=1400 audit(1720583091.207:635): avc: denied { watch } for pid=12533 comm="syz.1.2613" path="/648/file0" dev="tmpfs" ino=3560 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 337.562326][ T56] kernel read not supported for file inotify (pid: 56 comm: kworker/2:1) [ 337.613533][T12544] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2616'. [ 338.097121][ T8] usb 7-1: new high-speed USB device number 25 using dummy_hcd [ 338.122097][ T56] kernel read not supported for file inotify (pid: 56 comm: kworker/2:1) [ 338.278678][ T8] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 338.282260][ T8] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 338.286678][ T8] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 338.295127][ T8] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 338.299089][ T8] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 338.302324][ T8] usb 7-1: Product: syz [ 338.304221][ T8] usb 7-1: Manufacturer: syz [ 338.306305][ T8] usb 7-1: SerialNumber: syz [ 338.318706][ T8] usb 7-1: selecting invalid altsetting 1 [ 338.525348][ T8] cdc_ncm 7-1:1.0: failed GET_NTB_PARAMETERS [ 338.529167][ T8] cdc_ncm 7-1:1.0: bind() failure [ 338.534969][ T8] usb 7-1: USB disconnect, device number 25 [ 338.977122][ T56] usb 8-1: new high-speed USB device number 20 using dummy_hcd [ 339.157091][ T56] usb 8-1: Using ep0 maxpacket: 8 [ 339.161726][ T56] usb 8-1: config 0 has an invalid interface number: 1 but max is 0 [ 339.164889][ T56] usb 8-1: config 0 has no interface number 0 [ 339.167200][ T56] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 339.170476][ T56] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 339.173574][ T56] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 339.180540][ T56] usb 8-1: config 0 descriptor?? [ 339.183738][ T56] iowarrior 8-1:0.1: no interrupt-in endpoint found [ 339.368457][T12598] FAULT_INJECTION: forcing a failure. [ 339.368457][T12598] name failslab, interval 1, probability 0, space 0, times 0 [ 339.374319][T12598] CPU: 0 PID: 12598 Comm: syz.1.2635 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0 [ 339.377746][T12598] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 339.381676][T12598] Call Trace: [ 339.382830][T12598] [ 339.383866][T12598] dump_stack_lvl+0x16c/0x1f0 [ 339.385480][T12598] should_fail_ex+0x497/0x5b0 [ 339.387112][T12598] should_failslab+0x9/0x20 [ 339.388749][T12598] __kmalloc_noprof+0xcf/0x410 [ 339.390096][ T56] usb 8-1: USB disconnect, device number 20 [ 339.390391][T12598] sock_kmalloc+0x111/0x170 [ 339.394017][T12598] hash_alloc_result+0xd7/0x150 [ 339.395706][T12598] hash_recvmsg+0x198/0x8d0 [ 339.397309][T12598] ? security_socket_recvmsg+0x98/0xd0 [ 339.399147][T12598] sock_recvmsg+0x1f6/0x250 [ 339.400721][T12598] __sys_recvfrom+0x1ab/0x2e0 [ 339.402359][T12598] ? __pfx___sys_recvfrom+0x10/0x10 [ 339.404178][T12598] ? ksys_write+0x1ab/0x260 [ 339.405728][T12598] ? __pfx_ksys_write+0x10/0x10 [ 339.407393][T12598] __x64_sys_recvfrom+0xe0/0x1c0 [ 339.409101][T12598] ? do_syscall_64+0x91/0x250 [ 339.410704][T12598] ? lockdep_hardirqs_on+0x7c/0x110 [ 339.412473][T12598] do_syscall_64+0xcd/0x250 [ 339.414041][T12598] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.416228][T12598] RIP: 0033:0x7f1139975bd9 [ 339.418217][T12598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 339.425748][ T1813] kernel read not supported for file inotify (pid: 1813 comm: kworker/2:2) [ 339.426567][T12598] RSP: 002b:00007f11393ff048 EFLAGS: 00000246 ORIG_RAX: 000000000000002d [ 339.434253][T12598] RAX: ffffffffffffffda RBX: 00007f1139b03f60 RCX: 00007f1139975bd9 [ 339.437864][T12598] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 339.441215][T12598] RBP: 00007f11393ff0a0 R08: 0000000000000000 R09: 0000000000000000 [ 339.444618][T12598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 339.448067][T12598] R13: 000000000000000b R14: 00007f1139b03f60 R15: 00007ffc47fd2d98 [ 339.451716][T12598] [ 339.624245][ T39] audit: type=1400 audit(1720583094.047:636): avc: denied { ioctl } for pid=12600 comm="syz.1.2636" path="/dev/cachefiles" dev="devtmpfs" ino=4 ioctlcmd=0x4c04 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1 [ 339.651440][ T39] audit: type=1400 audit(1720583094.057:637): avc: denied { map } for pid=12600 comm="syz.1.2636" path="/dev/vsock" dev="devtmpfs" ino=1147 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 339.744017][ T39] audit: type=1400 audit(1720583094.167:638): avc: denied { connect } for pid=12610 comm="syz.1.2639" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 339.752240][ T39] audit: type=1400 audit(1720583094.167:639): avc: denied { shutdown } for pid=12610 comm="syz.1.2639" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 339.918010][T12619] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2641'. [ 339.921277][T12619] openvswitch: netlink: Tunnel attr 0 has unexpected len 13 expected 8 [ 340.393370][ T56] kernel read not supported for file inotify (pid: 56 comm: kworker/2:1) [ 340.665175][ T56] kernel read not supported for file inotify (pid: 56 comm: kworker/2:1) [ 340.886103][T12646] FAULT_INJECTION: forcing a failure. [ 340.886103][T12646] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 340.891399][T12646] CPU: 3 PID: 12646 Comm: syz.0.2651 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0 [ 340.895388][T12646] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 340.899890][T12646] Call Trace: [ 340.901246][T12646] [ 340.902432][T12646] dump_stack_lvl+0x16c/0x1f0 [ 340.904383][T12646] should_fail_ex+0x497/0x5b0 [ 340.906364][T12646] _copy_from_user+0x30/0xf0 [ 340.908522][T12646] copy_msghdr_from_user+0x99/0x160 [ 340.910736][T12646] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 340.913109][T12646] ? find_held_lock+0x2d/0x110 [ 340.915038][T12646] ___sys_recvmsg+0xdc/0x1a0 [ 340.916930][T12646] ? __pfx____sys_recvmsg+0x10/0x10 [ 340.919182][T12646] ? __fget_light+0x173/0x210 [ 340.919687][ T8] kernel read not supported for file inotify (pid: 8 comm: kworker/0:0) [ 340.921090][T12646] do_recvmmsg+0x2ba/0x750 [ 340.926536][T12646] ? __pfx_do_recvmmsg+0x10/0x10 [ 340.928547][T12646] ? vfs_write+0x14d/0x1140 [ 340.930367][T12646] ? __mutex_unlock_slowpath+0x164/0x650 [ 340.932612][T12646] __x64_sys_recvmmsg+0x239/0x290 [ 340.934598][T12646] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 340.936846][T12646] do_syscall_64+0xcd/0x250 [ 340.938834][T12646] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 340.941412][T12646] RIP: 0033:0x7f1bc4b75bd9 [ 340.943337][T12646] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 340.951533][T12646] RSP: 002b:00007f1bc5a24048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 340.955148][T12646] RAX: ffffffffffffffda RBX: 00007f1bc4d03f60 RCX: 00007f1bc4b75bd9 [ 340.958553][T12646] RDX: 0000000000000001 RSI: 0000000020001540 RDI: 0000000000000003 [ 340.961888][T12646] RBP: 00007f1bc5a240a0 R08: 0000000000000000 R09: 0000000000000000 [ 340.965142][T12646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 340.968526][T12646] R13: 000000000000000b R14: 00007f1bc4d03f60 R15: 00007ffd9ed49318 [ 340.971911][T12646] [ 341.030300][ T39] audit: type=1400 audit(1720583095.447:640): avc: denied { read } for pid=12650 comm="syz.2.2653" path="socket:[43848]" dev="sockfs" ino=43848 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 341.714732][ T56] kernel read not supported for file inotify (pid: 56 comm: kworker/2:1) [ 341.939331][ T39] audit: type=1326 audit(1720583096.367:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12679 comm="syz.0.2662" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bc4b75bd9 code=0x7ffc0000 [ 341.943492][T12680] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=13394 sclass=netlink_route_socket pid=12680 comm=syz.0.2662 [ 341.947689][ T39] audit: type=1326 audit(1720583096.367:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12679 comm="syz.0.2662" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bc4b75bd9 code=0x7ffc0000 [ 341.961724][ T39] audit: type=1326 audit(1720583096.367:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12679 comm="syz.0.2662" exe="/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f1bc4b75bd9 code=0x7ffc0000 [ 341.969874][ T39] audit: type=1326 audit(1720583096.367:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12679 comm="syz.0.2662" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bc4b75bd9 code=0x7ffc0000 [ 341.978442][ T39] audit: type=1326 audit(1720583096.367:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12679 comm="syz.0.2662" exe="/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f1bc4b75bd9 code=0x7ffc0000 [ 341.986900][ T39] audit: type=1326 audit(1720583096.367:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12679 comm="syz.0.2662" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bc4b75bd9 code=0x7ffc0000 [ 341.994789][ T39] audit: type=1326 audit(1720583096.367:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12679 comm="syz.0.2662" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bc4b75bd9 code=0x7ffc0000 [ 342.002843][ T39] audit: type=1326 audit(1720583096.367:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12679 comm="syz.0.2662" exe="/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f1bc4b75bd9 code=0x7ffc0000 [ 342.011334][ T39] audit: type=1326 audit(1720583096.367:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12679 comm="syz.0.2662" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bc4b75bd9 code=0x7ffc0000 [ 342.019454][ T39] audit: type=1326 audit(1720583096.367:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12679 comm="syz.0.2662" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1bc4b75bd9 code=0x7ffc0000 [ 342.390551][ T56] kernel read not supported for file inotify (pid: 56 comm: kworker/2:1) [ 342.590367][T12718] FAULT_INJECTION: forcing a failure. [ 342.590367][T12718] name failslab, interval 1, probability 0, space 0, times 0 [ 342.594654][T12718] CPU: 3 PID: 12718 Comm: syz.1.2675 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0 [ 342.599072][T12718] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 342.602842][T12718] Call Trace: [ 342.604003][T12718] [ 342.605012][T12718] dump_stack_lvl+0x16c/0x1f0 [ 342.606586][T12718] should_fail_ex+0x497/0x5b0 [ 342.608185][T12718] should_failslab+0x9/0x20 [ 342.609722][T12718] __kmalloc_noprof+0xcf/0x410 [ 342.611505][T12718] ? __pfx_lock_acquire+0x10/0x10 [ 342.613232][T12718] tomoyo_realpath_from_path+0xb9/0x720 [ 342.615071][T12718] ? tomoyo_profile+0x47/0x60 [ 342.616759][T12718] tomoyo_path_number_perm+0x245/0x590 [ 342.618732][T12718] ? tomoyo_path_number_perm+0x232/0x590 [ 342.620850][T12718] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 342.622988][T12718] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 342.625717][T12718] ? __fget_files+0x256/0x400 [ 342.627440][T12718] security_file_ioctl+0x75/0xc0 [ 342.629165][T12718] __x64_sys_ioctl+0xbb/0x220 [ 342.630794][T12718] do_syscall_64+0xcd/0x250 [ 342.632390][T12718] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 342.634379][T12718] RIP: 0033:0x7f1139975bd9 [ 342.635907][T12718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 342.642392][T12718] RSP: 002b:00007f11393ff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 342.645258][T12718] RAX: ffffffffffffffda RBX: 00007f1139b03f60 RCX: 00007f1139975bd9 [ 342.648056][T12718] RDX: 0000000020000080 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 342.650896][T12718] RBP: 00007f11393ff0a0 R08: 0000000000000000 R09: 0000000000000000 [ 342.654002][T12718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 342.656950][T12718] R13: 000000000000000b R14: 00007f1139b03f60 R15: 00007ffc47fd2d98 [ 342.660073][T12718] [ 342.662175][T12718] ERROR: Out of memory at tomoyo_realpath_from_path. [ 342.814243][T12729] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 343.003212][T12737] (syz.1.2681,12737,2):ocfs2_parse_options:1446 ERROR: Unrecognized mount option "/dev/autofs" or missing value [ 343.010120][T12737] (syz.1.2681,12737,2):ocfs2_fill_super:1178 ERROR: status = -22 [ 343.127357][ T825] usb 7-1: new high-speed USB device number 26 using dummy_hcd [ 343.309767][ T825] usb 7-1: Using ep0 maxpacket: 8 [ 343.318466][ T825] usb 7-1: config 179 has an invalid interface number: 65 but max is 0 [ 343.321879][ T825] usb 7-1: config 179 has no interface number 0 [ 343.324545][ T825] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 343.330219][ T825] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 343.334754][ T825] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 343.339443][ T825] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 343.344100][ T825] usb 7-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 343.349648][ T825] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 343.351938][T12744] FAULT_INJECTION: forcing a failure. [ 343.351938][T12744] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 343.353398][ T825] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 343.355885][T12735] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 343.359114][T12744] CPU: 1 PID: 12744 Comm: syz.3.2683 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0 [ 343.369691][T12744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 343.374230][T12744] Call Trace: [ 343.375668][T12744] [ 343.377321][T12744] dump_stack_lvl+0x16c/0x1f0 [ 343.378962][T12744] should_fail_ex+0x497/0x5b0 [ 343.380631][T12744] _copy_to_user+0x30/0xc0 [ 343.382197][T12744] simple_read_from_buffer+0xd0/0x160 [ 343.384201][T12744] proc_fail_nth_read+0x1b0/0x290 [ 343.386371][T12744] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 343.388747][T12744] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 343.391107][T12744] vfs_read+0x1d4/0xbd0 [ 343.392907][T12744] ? __fdget_pos+0xeb/0x180 [ 343.394854][T12744] ? __pfx_vfs_read+0x10/0x10 [ 343.396912][T12744] ? __pfx___mutex_lock+0x10/0x10 [ 343.399094][T12744] ? __fget_files+0x256/0x400 [ 343.401141][T12744] ksys_read+0x12f/0x260 [ 343.402957][T12744] ? __pfx_ksys_read+0x10/0x10 [ 343.405026][T12744] do_syscall_64+0xcd/0x250 [ 343.407063][T12744] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 343.409590][T12744] RIP: 0033:0x7fbaefb746bc [ 343.411485][T12744] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48 [ 343.419915][T12744] RSP: 002b:00007fbaf08cc040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 343.423428][T12744] RAX: ffffffffffffffda RBX: 00007fbaefd03f60 RCX: 00007fbaefb746bc [ 343.426853][T12744] RDX: 000000000000000f RSI: 00007fbaf08cc0b0 RDI: 0000000000000004 [ 343.430213][T12744] RBP: 00007fbaf08cc0a0 R08: 0000000000000000 R09: 0000000000000000 [ 343.433514][T12744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 343.436835][T12744] R13: 000000000000000b R14: 00007fbaefd03f60 R15: 00007ffed3799a58 [ 343.440141][T12744] [ 343.567621][ T7775] block device autoloading is deprecated and will be removed. [ 343.713669][ C0] IPv4: Oversized IP packet from 172.20.20.10 [ 343.857375][T12756] FAULT_INJECTION: forcing a failure. [ 343.857375][T12756] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 343.862908][T12756] CPU: 0 PID: 12756 Comm: syz.1.2687 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0 [ 343.867262][T12756] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 343.871872][T12756] Call Trace: [ 343.873339][T12756] [ 343.874624][T12756] dump_stack_lvl+0x16c/0x1f0 [ 343.876711][T12756] should_fail_ex+0x497/0x5b0 [ 343.878747][T12756] _copy_to_user+0x30/0xc0 [ 343.880668][T12756] simple_read_from_buffer+0xd0/0x160 [ 343.882964][T12756] proc_fail_nth_read+0x1b0/0x290 [ 343.885134][T12756] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 343.887503][T12756] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 343.890217][T12756] vfs_read+0x1d4/0xbd0 [ 343.892049][T12756] ? __fdget_pos+0xeb/0x180 [ 343.894025][T12756] ? __pfx_vfs_read+0x10/0x10 [ 343.895774][T12756] ? __pfx___mutex_lock+0x10/0x10 [ 343.897929][T12756] ? __fget_files+0x256/0x400 [ 343.899992][T12756] ksys_read+0x12f/0x260 [ 343.901829][T12756] ? __pfx_ksys_read+0x10/0x10 [ 343.903930][T12756] do_syscall_64+0xcd/0x250 [ 343.905896][T12756] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 343.908465][T12756] RIP: 0033:0x7f11399746bc [ 343.910385][T12756] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48 [ 343.918088][T12756] RSP: 002b:00007f11393ff040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 343.921660][T12756] RAX: ffffffffffffffda RBX: 00007f1139b03f60 RCX: 00007f11399746bc [ 343.925042][T12756] RDX: 000000000000000f RSI: 00007f11393ff0b0 RDI: 0000000000000004 [ 343.928426][T12756] RBP: 00007f11393ff0a0 R08: 0000000000000000 R09: 0000000000000000 [ 343.931801][T12756] R10: 1000000000000141 R11: 0000000000000246 R12: 0000000000000001 [ 343.935201][T12756] R13: 000000000000000b R14: 00007f1139b03f60 R15: 00007ffc47fd2d98 [ 343.938608][T12756] [ 343.994166][T12757] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=52 sclass=netlink_tcpdiag_socket pid=12757 comm=syz.2.2680 [ 344.262334][ T825] kernel read not supported for file inotify (pid: 825 comm: kworker/3:3) [ 345.080924][ C3] ------------[ cut here ]------------ [ 345.083896][ C3] WARNING: CPU: 3 PID: 12781 at kernel/kcov.c:871 kcov_remote_start+0x274/0x6e0 [ 345.087708][ C3] Modules linked in: [ 345.089535][ C3] CPU: 3 PID: 12781 Comm: syz.0.2694 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 345.095465][ C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 345.099928][ C3] RIP: 0010:kcov_remote_start+0x274/0x6e0 [ 345.102293][ C3] Code: c0 22 49 89 47 08 e9 87 00 00 00 f6 c4 01 0f 85 06 fe ff ff e9 dc fd ff ff 44 8b 95 1c 16 00 00 45 85 d2 0f 84 d5 fe ff ff 90 <0f> 0b 90 e9 b9 00 00 00 65 8b 05 55 e4 75 7e 49 c7 c0 d2 d4 3a 8d [ 345.109940][ C3] RSP: 0018:ffffc90000907d50 EFLAGS: 00010002 [ 345.112744][ C3] RAX: 0000000080010303 RBX: 000000000002d648 RCX: ffffffff816ae7ce [ 345.116271][ C3] RDX: 0000000000000002 RSI: ffffffff8b2cb200 RDI: ffffffff8b8ff640 [ 345.119169][ C3] RBP: ffff88801f14c880 R08: 0000000000000000 R09: fffffbfff284ca67 [ 345.122065][ C3] R10: 0000000000000001 R11: 0000000000000005 R12: ffff88806b32d648 [ 345.124948][ C3] R13: 0000000000000000 R14: 0100000000000007 R15: ffff88801f14c880 [ 345.128505][ C3] FS: 00007f1bc5a246c0(0000) GS:ffff88806b300000(0000) knlGS:0000000000000000 [ 345.132173][ C3] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 345.134520][ C3] CR2: 00007f1bc4b5b740 CR3: 000000003d63e000 CR4: 0000000000350ef0 [ 345.137696][ C3] DR0: 0000000000002800 DR1: 0000000000000000 DR2: 0000000000000000 [ 345.141003][ C3] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 345.144291][ C3] Call Trace: [ 345.145623][ C3] [ 345.146676][ C3] ? show_regs+0x8c/0xa0 [ 345.148426][ C3] ? __warn+0xe5/0x3c0 [ 345.149814][ C3] ? kcov_remote_start+0x274/0x6e0 [ 345.151617][ C3] ? report_bug+0x3c0/0x580 [ 345.153169][ C3] ? handle_bug+0x3d/0x70 [ 345.154640][ C3] ? exc_invalid_op+0x17/0x50 [ 345.156272][ C3] ? asm_exc_invalid_op+0x1a/0x20 [ 345.157994][ C3] ? hlock_class+0x4e/0x130 [ 345.159792][ C3] ? kcov_remote_start+0x274/0x6e0 [ 345.161914][ C3] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 345.164304][ C3] __usb_hcd_giveback_urb+0x35b/0x6e0 [ 345.166110][ C3] usb_hcd_giveback_urb+0x396/0x450 [ 345.167992][ C3] dummy_timer+0x17f6/0x3900 [ 345.169848][ C3] ? __pfx_dummy_timer+0x10/0x10 [ 345.171525][ C3] ? timerqueue_del+0x83/0x150 [ 345.173154][ C3] ? __pfx_dummy_timer+0x10/0x10 [ 345.174806][ C3] __hrtimer_run_queues+0x20c/0xcc0 [ 345.176571][ C3] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 345.178489][ C3] ? ktime_get_update_offsets_now+0x201/0x310 [ 345.180672][ C3] hrtimer_interrupt+0x31b/0x800 [ 345.182332][ C3] __sysvec_apic_timer_interrupt+0x10f/0x450 [ 345.184385][ C3] sysvec_apic_timer_interrupt+0x43/0xb0 [ 345.186277][ C3] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 345.188399][ C3] RIP: 0010:preempt_count_sub+0xcb/0x160 [ 345.190446][ C3] Code: 8b 15 fd dc 86 0e 85 d2 75 19 90 48 c7 c6 60 22 2c 8b 48 c7 c7 a0 22 2c 8b e8 e1 71 f2 ff 90 0f 0b 90 90 90 5b c3 cc cc cc cc <84> c0 75 8b 90 e8 0b 2a 22 03 85 c0 74 34 48 c7 c0 d4 69 e4 8f 48 [ 345.198485][ C3] RSP: 0018:ffffc900009082c0 EFLAGS: 00000297 [ 345.201039][ C3] RAX: 0000000080000303 RBX: 0000000000000001 RCX: 0000000000000000 [ 345.204349][ C3] RDX: 0000000000000303 RSI: ffffffff813ce8e5 RDI: 0000000000000001 [ 345.207643][ C3] RBP: ffffc90003ae7938 R08: 0000000000000006 R09: ffffc90003ae7928 [ 345.210917][ C3] R10: ffffc90003ae7938 R11: 0000000000000005 R12: ffffc90003ae0000 [ 345.214361][ C3] R13: ffffc90003ae8000 R14: ffffc90003ae7940 R15: ffffc90003ae7928 [ 345.217864][ C3] ? unwind_next_frame+0x11e5/0x23a0 [ 345.220221][ C3] unwind_next_frame+0x11ef/0x23a0 [ 345.222482][ C3] ? genl_rcv+0x28/0x40 [ 345.224356][ C3] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 345.227112][ C3] arch_stack_walk+0x100/0x170 [ 345.229257][ C3] ? netlink_unicast+0x542/0x820 [ 345.231400][ C3] ? kfree_skbmem+0x10e/0x200 [ 345.233390][ C3] stack_trace_save+0x95/0xd0 [ 345.235545][ C3] ? __pfx_stack_trace_save+0x10/0x10 [ 345.237930][ C3] ? kasan_save_track+0x14/0x30 [ 345.240059][ C3] ? __pfx_mark_lock+0x10/0x10 [ 345.242126][ C3] ? skb_release_data+0x75c/0x980 [ 345.244583][ C3] kasan_save_stack+0x33/0x60 [ 345.246614][ C3] ? kasan_save_stack+0x33/0x60 [ 345.248718][ C3] ? kasan_save_track+0x14/0x30 [ 345.250734][ C3] ? kasan_save_free_info+0x3b/0x60 [ 345.252960][ C3] ? poison_slab_object+0xf7/0x160 [ 345.255156][ C3] ? __kasan_slab_free+0x32/0x50 [ 345.257343][ C3] ? kmem_cache_free+0x12f/0x3a0 [ 345.259470][ C3] ? kfree_skbmem+0x10e/0x200 [ 345.261511][ C3] ? kfree_skb_reason+0x138/0x210 [ 345.263675][ C3] ? ieee80211_rx_handlers_result+0x318/0x960 [ 345.266298][ C3] ? ieee80211_rx_handlers+0xeb1/0x9a50 [ 345.268647][ C3] ? ieee80211_prepare_and_rx_handle+0x2b6a/0x6ec0 [ 345.271408][ C3] ? ieee80211_rx_for_interface+0x10a/0x1f0 [ 345.273943][ C3] ? ieee80211_rx_list+0x10e2/0x2e90 [ 345.276211][ C3] ? ieee80211_rx_napi+0xdd/0x400 [ 345.278332][ C3] ? ieee80211_handle_queued_frames+0xd5/0x130 [ 345.280950][ C3] ? tasklet_action_common.constprop.0+0x24c/0x3e0 [ 345.283707][ C3] ? handle_softirqs+0x216/0x8f0 [ 345.285811][ C3] ? do_softirq+0xb2/0xf0 [ 345.287608][ C3] ? __local_bh_enable_ip+0x100/0x120 [ 345.289889][ C3] ? ieee80211_tx_skb_tid+0x176/0x4f0 [ 345.292194][ C3] ? ieee80211_mgmt_tx+0x14fc/0x2360 [ 345.294445][ C3] ? cfg80211_mlme_mgmt_tx+0x7d4/0x1660 [ 345.296842][ C3] ? nl80211_tx_mgmt+0x7f9/0xd40 [ 345.298968][ C3] ? genl_family_rcv_msg_doit+0x202/0x2f0 [ 345.301412][ C3] ? genl_rcv_msg+0x565/0x800 [ 345.303381][ C3] ? netlink_rcv_skb+0x16b/0x440 [ 345.305559][ C3] ? genl_rcv+0x28/0x40 [ 345.307365][ C3] kasan_save_track+0x14/0x30 [ 345.309396][ C3] kasan_save_free_info+0x3b/0x60 [ 345.311563][ C3] poison_slab_object+0xf7/0x160 [ 345.313713][ C3] __kasan_slab_free+0x32/0x50 [ 345.315790][ C3] kmem_cache_free+0x12f/0x3a0 [ 345.317872][ C3] ? skb_release_data+0x761/0x980 [ 345.320048][ C3] ? kfree_skbmem+0x10e/0x200 [ 345.321998][ C3] kfree_skbmem+0x10e/0x200 [ 345.323901][ C3] kfree_skb_reason+0x138/0x210 [ 345.326000][ C3] ieee80211_rx_handlers_result+0x318/0x960 [ 345.328801][ C3] ieee80211_rx_handlers+0xeb1/0x9a50 [ 345.331108][ C3] ? __pfx_mark_lock+0x10/0x10 [ 345.333173][ C3] ? __pfx_mark_lock+0x10/0x10 [ 345.335232][ C3] ? __pfx_ieee80211_rx_handlers+0x10/0x10 [ 345.337761][ C3] ? __pfx___lock_acquire+0x10/0x10 [ 345.340029][ C3] ? hlock_class+0x4e/0x130 [ 345.341967][ C3] ? __lock_acquire+0xc5d/0x3b30 [ 345.344113][ C3] ieee80211_prepare_and_rx_handle+0x2b6a/0x6ec0 [ 345.346838][ C3] ? __pfx_ieee80211_prepare_and_rx_handle+0x10/0x10 [ 345.349603][ C3] ? sta_info_get_bss+0x18b/0x3a0 [ 345.351567][ C3] ? __pfx_lock_release+0x10/0x10 [ 345.353725][ C3] ieee80211_rx_for_interface+0x10a/0x1f0 [ 345.356317][ C3] ieee80211_rx_list+0x10e2/0x2e90 [ 345.358494][ C3] ? __pfx_ieee80211_rx_list+0x10/0x10 [ 345.360795][ C3] ? lock_acquire+0x1b1/0x560 [ 345.362785][ C3] ? skb_dequeue+0x126/0x180 [ 345.364733][ C3] ieee80211_rx_napi+0xdd/0x400 [ 345.366779][ C3] ? __pfx_ieee80211_rx_napi+0x10/0x10 [ 345.369057][ C3] ? lockdep_hardirqs_on+0x7c/0x110 [ 345.371227][ C3] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 345.373817][ C3] ieee80211_handle_queued_frames+0xd5/0x130 [ 345.376343][ C3] tasklet_action_common.constprop.0+0x24c/0x3e0 [ 345.379006][ C3] handle_softirqs+0x216/0x8f0 [ 345.381081][ C3] ? __pfx_handle_softirqs+0x10/0x10 [ 345.383284][ C3] ? irqtime_account_irq+0x18d/0x2e0 [ 345.385512][ C3] ? __ieee80211_tx_skb_tid_band+0x2b5/0x700 [ 345.388051][ C3] do_softirq+0xb2/0xf0 [ 345.389813][ C3] [ 345.391055][ C3] [ 345.392176][ C3] __local_bh_enable_ip+0x100/0x120 [ 345.393930][ C3] ieee80211_tx_skb_tid+0x176/0x4f0 [ 345.395706][ C3] ieee80211_mgmt_tx+0x14fc/0x2360 [ 345.397491][ C3] cfg80211_mlme_mgmt_tx+0x7d4/0x1660 [ 345.399263][ C3] nl80211_tx_mgmt+0x7f9/0xd40 [ 345.400891][ C3] ? __pfx_nl80211_tx_mgmt+0x10/0x10 [ 345.402669][ C3] ? __pfx___mutex_lock+0x10/0x10 [ 345.404424][ C3] ? nl80211_pre_doit+0x1b0/0xb10 [ 345.406129][ C3] genl_family_rcv_msg_doit+0x202/0x2f0 [ 345.407983][ C3] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 345.410005][ C3] ? ns_capable+0xd7/0x110 [ 345.411509][ C3] genl_rcv_msg+0x565/0x800 [ 345.413058][ C3] ? __pfx_genl_rcv_msg+0x10/0x10 [ 345.414756][ C3] ? __pfx___lock_acquire+0x10/0x10 [ 345.416531][ C3] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 345.418280][ C3] ? __pfx_nl80211_tx_mgmt+0x10/0x10 [ 345.420019][ C3] ? __pfx_nl80211_post_doit+0x10/0x10 [ 345.421827][ C3] netlink_rcv_skb+0x16b/0x440 [ 345.423422][ C3] ? __pfx_genl_rcv_msg+0x10/0x10 [ 345.425124][ C3] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 345.426903][ C3] ? down_read+0xc9/0x330 [ 345.428379][ C3] ? __pfx_down_read+0x10/0x10 [ 345.429994][ C3] ? netlink_deliver_tap+0x1ae/0xd90 [ 345.431766][ C3] genl_rcv+0x28/0x40 [ 345.433117][ C3] netlink_unicast+0x542/0x820 [ 345.434733][ C3] ? __pfx_netlink_unicast+0x10/0x10 [ 345.436533][ C3] netlink_sendmsg+0x8b8/0xd70 [ 345.438166][ C3] ? __pfx_netlink_sendmsg+0x10/0x10 [ 345.439945][ C3] ? __import_iovec+0x1fd/0x6e0 [ 345.441581][ C3] ____sys_sendmsg+0xab5/0xc90 [ 345.443186][ C3] ? copy_msghdr_from_user+0x10b/0x160 [ 345.445450][ C3] ? __pfx_____sys_sendmsg+0x10/0x10 [ 345.447637][ C3] ? __pfx___futex_wait+0x10/0x10 [ 345.449762][ C3] ? __pfx___lock_acquire+0x10/0x10 [ 345.451629][ C3] ? try_to_wake_up+0x14b/0x13e0 [ 345.453294][ C3] ___sys_sendmsg+0x135/0x1e0 [ 345.454878][ C3] ? __pfx____sys_sendmsg+0x10/0x10 [ 345.456697][ C3] ? __fget_light+0x173/0x210 [ 345.458553][ C3] __sys_sendmsg+0x117/0x1f0 [ 345.460308][ C3] ? __pfx___sys_sendmsg+0x10/0x10 [ 345.462040][ C3] ? __x64_sys_futex+0x1e1/0x4c0 [ 345.463713][ C3] do_syscall_64+0xcd/0x250 [ 345.465229][ C3] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 345.467255][ C3] RIP: 0033:0x7f1bc4b75bd9 [ 345.468757][ C3] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 345.475171][ C3] RSP: 002b:00007f1bc5a24048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 345.478006][ C3] RAX: ffffffffffffffda RBX: 00007f1bc4d03f60 RCX: 00007f1bc4b75bd9 [ 345.480647][ C3] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004 [ 345.483508][ C3] RBP: 00007f1bc4be4e60 R08: 0000000000000000 R09: 0000000000000000 [ 345.486160][ C3] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 345.488799][ C3] R13: 000000000000000b R14: 00007f1bc4d03f60 R15: 00007ffd9ed49318 [ 345.491439][ C3] [ 345.492562][ C3] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 345.494996][ C3] CPU: 3 PID: 12781 Comm: syz.0.2694 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0 [ 345.498417][ C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 345.502013][ C3] Call Trace: [ 345.503129][ C3] [ 345.504204][ C3] dump_stack_lvl+0x3d/0x1f0 [ 345.505905][ C3] panic+0x6f5/0x7a0 [ 345.507236][ C3] ? __pfx_panic+0x10/0x10 [ 345.508758][ C3] ? show_trace_log_lvl+0x363/0x500 [ 345.510506][ C3] ? kcov_remote_start+0x274/0x6e0 [ 345.512268][ C3] check_panic_on_warn+0xab/0xb0 [ 345.513937][ C3] __warn+0xf1/0x3c0 [ 345.515239][ C3] ? kcov_remote_start+0x274/0x6e0 [ 345.517030][ C3] report_bug+0x3c0/0x580 [ 345.518504][ C3] handle_bug+0x3d/0x70 [ 345.519913][ C3] exc_invalid_op+0x17/0x50 [ 345.521439][ C3] asm_exc_invalid_op+0x1a/0x20 [ 345.523084][ C3] RIP: 0010:kcov_remote_start+0x274/0x6e0 [ 345.525020][ C3] Code: c0 22 49 89 47 08 e9 87 00 00 00 f6 c4 01 0f 85 06 fe ff ff e9 dc fd ff ff 44 8b 95 1c 16 00 00 45 85 d2 0f 84 d5 fe ff ff 90 <0f> 0b 90 e9 b9 00 00 00 65 8b 05 55 e4 75 7e 49 c7 c0 d2 d4 3a 8d [ 345.532787][ C3] RSP: 0018:ffffc90000907d50 EFLAGS: 00010002 [ 345.535263][ C3] RAX: 0000000080010303 RBX: 000000000002d648 RCX: ffffffff816ae7ce [ 345.538393][ C3] RDX: 0000000000000002 RSI: ffffffff8b2cb200 RDI: ffffffff8b8ff640 [ 345.541684][ C3] RBP: ffff88801f14c880 R08: 0000000000000000 R09: fffffbfff284ca67 [ 345.544655][ C3] R10: 0000000000000001 R11: 0000000000000005 R12: ffff88806b32d648 [ 345.547813][ C3] R13: 0000000000000000 R14: 0100000000000007 R15: ffff88801f14c880 [ 345.551107][ C3] ? hlock_class+0x4e/0x130 [ 345.553036][ C3] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 345.555483][ C3] __usb_hcd_giveback_urb+0x35b/0x6e0 [ 345.557775][ C3] usb_hcd_giveback_urb+0x396/0x450 [ 345.559990][ C3] dummy_timer+0x17f6/0x3900 [ 345.561907][ C3] ? __pfx_dummy_timer+0x10/0x10 [ 345.563880][ C3] ? timerqueue_del+0x83/0x150 [ 345.565502][ C3] ? __pfx_dummy_timer+0x10/0x10 [ 345.567368][ C3] __hrtimer_run_queues+0x20c/0xcc0 [ 345.569132][ C3] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 345.571025][ C3] ? ktime_get_update_offsets_now+0x201/0x310 [ 345.573084][ C3] hrtimer_interrupt+0x31b/0x800 [ 345.574755][ C3] __sysvec_apic_timer_interrupt+0x10f/0x450 [ 345.576814][ C3] sysvec_apic_timer_interrupt+0x43/0xb0 [ 345.578739][ C3] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 345.580774][ C3] RIP: 0010:preempt_count_sub+0xcb/0x160 [ 345.582658][ C3] Code: 8b 15 fd dc 86 0e 85 d2 75 19 90 48 c7 c6 60 22 2c 8b 48 c7 c7 a0 22 2c 8b e8 e1 71 f2 ff 90 0f 0b 90 90 90 5b c3 cc cc cc cc <84> c0 75 8b 90 e8 0b 2a 22 03 85 c0 74 34 48 c7 c0 d4 69 e4 8f 48 [ 345.589100][ C3] RSP: 0018:ffffc900009082c0 EFLAGS: 00000297 [ 345.591078][ C3] RAX: 0000000080000303 RBX: 0000000000000001 RCX: 0000000000000000 [ 345.593764][ C3] RDX: 0000000000000303 RSI: ffffffff813ce8e5 RDI: 0000000000000001 [ 345.596468][ C3] RBP: ffffc90003ae7938 R08: 0000000000000006 R09: ffffc90003ae7928 [ 345.599215][ C3] R10: ffffc90003ae7938 R11: 0000000000000005 R12: ffffc90003ae0000 [ 345.601892][ C3] R13: ffffc90003ae8000 R14: ffffc90003ae7940 R15: ffffc90003ae7928 [ 345.604551][ C3] ? unwind_next_frame+0x11e5/0x23a0 [ 345.606327][ C3] unwind_next_frame+0x11ef/0x23a0 [ 345.608101][ C3] ? genl_rcv+0x28/0x40 [ 345.609509][ C3] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 345.611806][ C3] arch_stack_walk+0x100/0x170 [ 345.613799][ C3] ? netlink_unicast+0x542/0x820 [ 345.615870][ C3] ? kfree_skbmem+0x10e/0x200 [ 345.617752][ C3] stack_trace_save+0x95/0xd0 [ 345.619321][ C3] ? __pfx_stack_trace_save+0x10/0x10 [ 345.621142][ C3] ? kasan_save_track+0x14/0x30 [ 345.622792][ C3] ? __pfx_mark_lock+0x10/0x10 [ 345.624422][ C3] ? skb_release_data+0x75c/0x980 [ 345.626113][ C3] kasan_save_stack+0x33/0x60 [ 345.627754][ C3] ? kasan_save_stack+0x33/0x60 [ 345.629472][ C3] ? kasan_save_track+0x14/0x30 [ 345.631159][ C3] ? kasan_save_free_info+0x3b/0x60 [ 345.632915][ C3] ? poison_slab_object+0xf7/0x160 [ 345.634631][ C3] ? __kasan_slab_free+0x32/0x50 [ 345.636315][ C3] ? kmem_cache_free+0x12f/0x3a0 [ 345.638028][ C3] ? kfree_skbmem+0x10e/0x200 [ 345.639611][ C3] ? kfree_skb_reason+0x138/0x210 [ 345.641465][ C3] ? ieee80211_rx_handlers_result+0x318/0x960 [ 345.643527][ C3] ? ieee80211_rx_handlers+0xeb1/0x9a50 [ 345.645415][ C3] ? ieee80211_prepare_and_rx_handle+0x2b6a/0x6ec0 [ 345.647873][ C3] ? ieee80211_rx_for_interface+0x10a/0x1f0 [ 345.650128][ C3] ? ieee80211_rx_list+0x10e2/0x2e90 [ 345.652159][ C3] ? ieee80211_rx_napi+0xdd/0x400 [ 345.653945][ C3] ? ieee80211_handle_queued_frames+0xd5/0x130 [ 345.656145][ C3] ? tasklet_action_common.constprop.0+0x24c/0x3e0 [ 345.658388][ C3] ? handle_softirqs+0x216/0x8f0 [ 345.660121][ C3] ? do_softirq+0xb2/0xf0 [ 345.661686][ C3] ? __local_bh_enable_ip+0x100/0x120 [ 345.663484][ C3] ? ieee80211_tx_skb_tid+0x176/0x4f0 [ 345.665309][ C3] ? ieee80211_mgmt_tx+0x14fc/0x2360 [ 345.667214][ C3] ? cfg80211_mlme_mgmt_tx+0x7d4/0x1660 [ 345.669311][ C3] ? nl80211_tx_mgmt+0x7f9/0xd40 [ 345.671088][ C3] ? genl_family_rcv_msg_doit+0x202/0x2f0 [ 345.673168][ C3] ? genl_rcv_msg+0x565/0x800 [ 345.675261][ C3] ? netlink_rcv_skb+0x16b/0x440 [ 345.677561][ C3] ? genl_rcv+0x28/0x40 [ 345.679270][ C3] kasan_save_track+0x14/0x30 [ 345.681321][ C3] kasan_save_free_info+0x3b/0x60 [ 345.683244][ C3] poison_slab_object+0xf7/0x160 [ 345.685309][ C3] __kasan_slab_free+0x32/0x50 [ 345.687346][ C3] kmem_cache_free+0x12f/0x3a0 [ 345.689113][ C3] ? skb_release_data+0x761/0x980 [ 345.690838][ C3] ? kfree_skbmem+0x10e/0x200 [ 345.692638][ C3] kfree_skbmem+0x10e/0x200 [ 345.694445][ C3] kfree_skb_reason+0x138/0x210 [ 345.696367][ C3] ieee80211_rx_handlers_result+0x318/0x960 [ 345.698463][ C3] ieee80211_rx_handlers+0xeb1/0x9a50 [ 345.700811][ C3] ? __pfx_mark_lock+0x10/0x10 [ 345.702792][ C3] ? __pfx_mark_lock+0x10/0x10 [ 345.704609][ C3] ? __pfx_ieee80211_rx_handlers+0x10/0x10 [ 345.706500][ C3] ? __pfx___lock_acquire+0x10/0x10 [ 345.708256][ C3] ? hlock_class+0x4e/0x130 [ 345.709750][ C3] ? __lock_acquire+0xc5d/0x3b30 [ 345.711744][ C3] ieee80211_prepare_and_rx_handle+0x2b6a/0x6ec0 [ 345.714323][ C3] ? __pfx_ieee80211_prepare_and_rx_handle+0x10/0x10 [ 345.717100][ C3] ? sta_info_get_bss+0x18b/0x3a0 [ 345.719132][ C3] ? __pfx_lock_release+0x10/0x10 [ 345.721056][ C3] ieee80211_rx_for_interface+0x10a/0x1f0 [ 345.722998][ C3] ieee80211_rx_list+0x10e2/0x2e90 [ 345.725155][ C3] ? __pfx_ieee80211_rx_list+0x10/0x10 [ 345.727352][ C3] ? lock_acquire+0x1b1/0x560 [ 345.729271][ C3] ? skb_dequeue+0x126/0x180 [ 345.731160][ C3] ieee80211_rx_napi+0xdd/0x400 [ 345.732791][ C3] ? __pfx_ieee80211_rx_napi+0x10/0x10 [ 345.734878][ C3] ? lockdep_hardirqs_on+0x7c/0x110 [ 345.737110][ C3] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 345.739375][ C3] ieee80211_handle_queued_frames+0xd5/0x130 [ 345.741553][ C3] tasklet_action_common.constprop.0+0x24c/0x3e0 [ 345.744178][ C3] handle_softirqs+0x216/0x8f0 [ 345.746066][ C3] ? __pfx_handle_softirqs+0x10/0x10 [ 345.747815][ C3] ? irqtime_account_irq+0x18d/0x2e0 [ 345.749970][ C3] ? __ieee80211_tx_skb_tid_band+0x2b5/0x700 [ 345.752391][ C3] do_softirq+0xb2/0xf0 [ 345.753718][ C3] [ 345.754656][ C3] [ 345.755901][ C3] __local_bh_enable_ip+0x100/0x120 [ 345.758133][ C3] ieee80211_tx_skb_tid+0x176/0x4f0 [ 345.760045][ C3] ieee80211_mgmt_tx+0x14fc/0x2360 [ 345.761981][ C3] cfg80211_mlme_mgmt_tx+0x7d4/0x1660 [ 345.764254][ C3] nl80211_tx_mgmt+0x7f9/0xd40 [ 345.766260][ C3] ? __pfx_nl80211_tx_mgmt+0x10/0x10 [ 345.768485][ C3] ? __pfx___mutex_lock+0x10/0x10 [ 345.770593][ C3] ? nl80211_pre_doit+0x1b0/0xb10 [ 345.772716][ C3] genl_family_rcv_msg_doit+0x202/0x2f0 [ 345.775050][ C3] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 345.777194][ C3] ? ns_capable+0xd7/0x110 [ 345.778905][ C3] genl_rcv_msg+0x565/0x800 [ 345.780775][ C3] ? __pfx_genl_rcv_msg+0x10/0x10 [ 345.782751][ C3] ? __pfx___lock_acquire+0x10/0x10 [ 345.784537][ C3] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 345.786699][ C3] ? __pfx_nl80211_tx_mgmt+0x10/0x10 [ 345.788858][ C3] ? __pfx_nl80211_post_doit+0x10/0x10 [ 345.790716][ C3] netlink_rcv_skb+0x16b/0x440 [ 345.792566][ C3] ? __pfx_genl_rcv_msg+0x10/0x10 [ 345.794709][ C3] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 345.796774][ C3] ? down_read+0xc9/0x330 [ 345.798233][ C3] ? __pfx_down_read+0x10/0x10 [ 345.800366][ C3] ? netlink_deliver_tap+0x1ae/0xd90 [ 345.802589][ C3] genl_rcv+0x28/0x40 [ 345.803978][ C3] netlink_unicast+0x542/0x820 [ 345.805820][ C3] ? __pfx_netlink_unicast+0x10/0x10 [ 345.808108][ C3] netlink_sendmsg+0x8b8/0xd70 [ 345.809908][ C3] ? __pfx_netlink_sendmsg+0x10/0x10 [ 345.811767][ C3] ? __import_iovec+0x1fd/0x6e0 [ 345.813874][ C3] ____sys_sendmsg+0xab5/0xc90 [ 345.815884][ C3] ? copy_msghdr_from_user+0x10b/0x160 [ 345.817724][ C3] ? __pfx_____sys_sendmsg+0x10/0x10 [ 345.819905][ C3] ? __pfx___futex_wait+0x10/0x10 [ 345.822027][ C3] ? __pfx___lock_acquire+0x10/0x10 [ 345.823810][ C3] ? try_to_wake_up+0x14b/0x13e0 [ 345.825793][ C3] ___sys_sendmsg+0x135/0x1e0 [ 345.827845][ C3] ? __pfx____sys_sendmsg+0x10/0x10 [ 345.829758][ C3] ? __fget_light+0x173/0x210 [ 345.831446][ C3] __sys_sendmsg+0x117/0x1f0 [ 345.833462][ C3] ? __pfx___sys_sendmsg+0x10/0x10 [ 345.835677][ C3] ? __x64_sys_futex+0x1e1/0x4c0 [ 345.837401][ C3] do_syscall_64+0xcd/0x250 [ 345.839121][ C3] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 345.841682][ C3] RIP: 0033:0x7f1bc4b75bd9 [ 345.843454][ C3] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 345.850853][ C3] RSP: 002b:00007f1bc5a24048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 345.854102][ C3] RAX: ffffffffffffffda RBX: 00007f1bc4d03f60 RCX: 00007f1bc4b75bd9 [ 345.857391][ C3] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000004 [ 345.860285][ C3] RBP: 00007f1bc4be4e60 R08: 0000000000000000 R09: 0000000000000000 [ 345.863593][ C3] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 345.866315][ C3] R13: 000000000000000b R14: 00007f1bc4d03f60 R15: 00007ffd9ed49318 [ 345.869691][ C3] [ 345.871636][ C3] Kernel Offset: disabled [ 345.873180][ C3] Rebooting in 86400 seconds.. VM DIAGNOSIS: 03:44:59 Registers: info registers vcpu 0 CPU#0 RAX=0000000000d4ad7d RBX=0000000000000000 RCX=ffffffff8ae76799 RDX=0000000000000000 RSI=ffffffff8b2caf00 RDI=ffffffff8b8ff640 RBP=fffffbfff1b12af8 RSP=ffffffff8d807e20 R8 =0000000000000001 R9 =ffffed100d606fdd R10=ffff88806b037eeb R11=ffffffff8b2f3980 R12=0000000000000000 R13=ffffffff8d8957c0 R14=ffffffff8fe43710 R15=0000000000000000 RIP=ffffffff8ae77b8f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806b000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000001b32afaff8 CR3=000000004d2fa000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffed3799d60 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbaefbe4325 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbaefbe4332 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbaefbe432c ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbaefbe4340 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbaefbe43c6 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbaefbe44a4 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000d0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 00000000000000d0 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=ffff88806b346560 RCX=ffffffff8181ac6b RDX=ffff888017e92440 RSI=ffffffff8181ac45 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc900000e7908 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000007 R12=ffffed100d668cad R13=0000000000000001 R14=ffff88806b346568 R15=ffff88806b13fd80 RIP=ffffffff8181ac45 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806b100000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f1bc4d04030 CR3=000000000d97a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000040001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 dd1eada339816057 44b271cd49030556 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f064d1e4325 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f064d1e4332 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f064d1e432c ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f064d1e4340 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f064d1e43c6 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f064d1e44a4 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 913648527abadfef 369ace6817967b9d 33d0cc5bfa8fcfb9 1fc655b26fe0a2e8 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f04fa087c90a158 45d2cdaf4ca6d517 e3a74fdff8ea0004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 a42e1a9b963e818c 9048fa2019e66d26 8a5466d750c602be 7ca265dcb349ac73 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 cb78a49b18ab6769 e82bca71a9994604 c32350c2a42e1a9b 963e818c9048fa20 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 19e66d268a5466d7 50c602be7ca265dc b349ac734f04fa08 7c90a15845d2cdaf ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4ca6d517e3a74fdf f8eab1d45de0d981 1fcf83ad91364852 7abadfef369ace68 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 17967b9d33d0cc5b fa8fcfb91fc655b2 6fe0a2e88b90a9ad 53110c140e6eb3f8 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=00000000008ed761 RBX=0000000000000002 RCX=ffffffff8ae76799 RDX=0000000000000000 RSI=ffffffff8b2caf00 RDI=ffffffff8b8ff640 RBP=ffffed1002fd9000 RSP=ffffc90000197e08 R8 =0000000000000001 R9 =ffffed100d646fdd R10=ffff88806b237eeb R11=0000000000000000 R12=0000000000000002 R13=ffff888017ec8000 R14=ffffffff8fe43710 R15=0000000000000000 RIP=ffffffff8ae77b8f RFL=00000242 [---Z---] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806b200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000001b32011ff8 CR3=000000003d63e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000040001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1128d8be907c3c43 85fab4b825ea588c ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 ffffffff8100a0cf ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1bc4be4325 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1bc4be4332 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1bc4be432c ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1bc4be4340 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1bc4be43c6 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1bc4be44a4 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1bc4cd4488 00007f1bc4cd4480 00007f1bc4cd4478 00007f1bc4cd4450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1bc583d100 00007f1bc4cd4440 00007f1b00040008 0000000f0010000c ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1bc4cd4498 00007f1bc4cd4490 00007f1bc4cd4488 00007f1bc4cd4480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000060 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000034 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84fd2ac5 RDI=ffffffff94dd71a0 RBP=ffffffff94dd7160 RSP=ffffc90000907740 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000009 R12=0000000000000000 R13=0000000000000034 R14=ffffffff84fd2a60 R15=0000000000000000 RIP=ffffffff84fd2aef RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f1bc5a246c0 ffffffff 00c00000 GS =0000 ffff88806b300000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f1bc4b5b740 CR3=000000003d63e000 CR4=00350ef0 DR0=0000000000002800 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000ffffff80 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1bc4be4325 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1bc4be4332 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1bc4be432c ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1bc4be4340 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1bc4be43c6 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1bc4be44a4 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1bc4cd4488 00007f1bc4cd4480 00007f1bc4cd4478 00007f1bc4cd4450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1bc583d100 00007f1bc4cd4440 00007f1bc4cd4458 00007f1bc4cd44a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1bc4cd4498 00007f1bc4cd4490 00007f1bc4cd4488 00007f1bc4cd4480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000060 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000