last executing test programs: 7.032122969s ago: executing program 0 (id=3737): socket$inet(0x2, 0x0, 0x0) r0 = getpid() prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000ac0)}, 0x90) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805fdffffff00ff000000004b64ffec0200f8007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000600)='btrfs_flush_space\x00', r1}, 0x10) write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000100)={0x18}, 0x18) getpid() process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0) r3 = eventfd(0x0) ioctl$VHOST_SET_VRING_BASE(r2, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f}) ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3) ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f00000002c0)={0x1, r3}) open(&(0x7f0000000580)='./file0\x00', 0x200040, 0x101) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xf}, 0x90) 6.131114165s ago: executing program 2 (id=3739): bind$inet(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_STOP_P2P_DEVICE(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = gettid() futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x0, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x3, 0x4, 0x2}, 0x48) socketpair$nbd(0x1, 0x1, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'}) socket$nl_route(0x10, 0x3, 0x0) syz_io_uring_setup(0x0, 0x0, 0x0, 0x0) r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) sendmsg$802154_dgram(r3, &(0x7f00000000c0)={&(0x7f0000000000)={0x24, @short={0x2, 0xffff, 0xffff}}, 0x14, &(0x7f0000000080)={0x0}}, 0x0) setsockopt$WPAN_WANTLQI(r3, 0x0, 0x3, &(0x7f0000001780)=0x1, 0x4) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000001880), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) syz_open_dev$video(&(0x7f0000000000), 0x3, 0x0) socket$inet6(0xa, 0x0, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r4}, 0x10) 6.030459706s ago: executing program 0 (id=3743): r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) r1 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8) mkdir(&(0x7f0000000280)='./control\x00', 0x0) close(r1) r2 = inotify_init1(0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./control\x00', &(0x7f0000000100), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) r3 = syz_io_uring_setup(0x690a, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f0000000200), &(0x7f0000000140)=0x0) syz_io_uring_setup(0x6d6f, &(0x7f0000000540)={0x0, 0xffffffff}, &(0x7f0000000040)=0x0, &(0x7f0000000180)) syz_io_uring_submit(r5, r4, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r3, 0x184c, 0x0, 0x0, 0x0, 0x0) write$P9_RSTATu(r0, 0x0, 0x21d) r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x149a82, 0x88) sendfile(r6, r6, 0x0, 0x9afe) write$P9_RLOCK(r6, &(0x7f0000000000)={0x8, 0x35, 0x1}, 0x8) 5.655200288s ago: executing program 0 (id=3744): r0 = getpid() prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000600)='btrfs_flush_space\x00', r1}, 0x10) getpid() r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0) r3 = eventfd(0x0) ioctl$VHOST_SET_VRING_BASE(r2, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f}) ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3) ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, 0x0) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680)) ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f00000002c0)={0x1, r3}) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1) 5.064393213s ago: executing program 1 (id=3746): r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0xa5, 0x2) ioctl$vim2m_VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000140)={0x1, @sdr={0x59230c5f, 0x5}}) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x18}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000300)=0x14) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bond0\x00'}) socket$nl_route(0x10, 0x3, 0x0) r3 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat$loop(r3, &(0x7f0000001600)='./file1\x00', 0x0, 0x0) getpeername(0xffffffffffffffff, 0x0, &(0x7f00000002c0)) r4 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r5 = socket(0x1e, 0x5, 0x0) listen(r5, 0x0) mkdir(&(0x7f0000000140)='./control\x00', 0x0) mount$afs(0x0, &(0x7f00000000c0)='./control\x00', &(0x7f0000000100), 0x0, &(0x7f0000000080)={[{@dyn}, {@flock_openafs}]}) getsockopt$IP6T_SO_GET_INFO(r2, 0x29, 0x40, &(0x7f0000000340)={'mangle\x00', 0x0, [0x6, 0x9, 0x6, 0x2a3b, 0x80000001]}, &(0x7f0000000180)=0x54) r6 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00') read$FUSE(r6, 0x0, 0x0) accept4$inet6(r5, 0x0, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r8 = openat$cgroup_subtree(r7, &(0x7f0000000080), 0x2, 0x0) write$cgroup_subtree(r8, &(0x7f00000008c0)=ANY=[@ANYBLOB='+cpu'], 0x5) 4.293614111s ago: executing program 0 (id=3748): syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) write$P9_RSTATu(r1, &(0x7f00000004c0)=ANY=[@ANYBLOB="930200007d00000005f0000000000000000000000000000000000000000000000000000000000000000000000000006465767b6376666f7892ffffff8102000000000031ffcebc920000003800704a86cec602007dfa"], 0x232) socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r2, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) setsockopt$SO_TIMESTAMP(r2, 0x1, 0x0, 0x0, 0x0) sendmmsg$sock(r2, &(0x7f0000004100)=[{{0x0, 0x0, 0x0, 0x2a0}}], 0xffffff80, 0x0) 3.268577818s ago: executing program 2 (id=3750): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x90) socket$inet6_tcp(0xa, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) r1 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$SOCK_DIAG_BY_FAMILY(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)={0x14, 0x14, 0x1, 0x0, 0x0, {0x11}}, 0x14}}, 0x0) sched_setscheduler(0x0, 0x0, 0x0) open(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket$inet_udp(0x2, 0x2, 0x0) r6 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r6, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0207a20802"], 0x10}}, 0x0) bind$inet(r5, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r5, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10) setsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f0000000080)={{{@in=@multicast2, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee00}, {}, {}, 0x0, 0x0, 0x1}, {{@in, 0x0, 0x32}, 0x0, @in6=@loopback, 0x0, 0x0, 0x0, 0xb7, 0x1fb, 0xffffffff}}, 0xe8) sendmmsg(r5, &(0x7f0000000180), 0x400000000000077, 0x0) 3.250992873s ago: executing program 1 (id=3758): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='net/ip6_flowlabel\x00') ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000140)) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}]}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x2004cb], 0x0, 0x200}) syz_open_dev$tty1(0xc, 0x4, 0x1) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2.620267594s ago: executing program 3 (id=3752): r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0xa5, 0x2) ioctl$vim2m_VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000140)={0x1, @sdr={0x59230c5f, 0x5}}) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x18}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000300)=0x14) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bond0\x00'}) socket$nl_route(0x10, 0x3, 0x0) open(0x0, 0x0, 0x0) mknodat$loop(0xffffffffffffffff, &(0x7f0000001600)='./file1\x00', 0x0, 0x0) getpeername(0xffffffffffffffff, 0x0, &(0x7f00000002c0)) r3 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r4 = socket(0x1e, 0x5, 0x0) listen(r4, 0x0) mkdir(&(0x7f0000000140)='./control\x00', 0x0) mount$afs(0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000080)={[{@dyn}]}) getsockopt$IP6T_SO_GET_INFO(r2, 0x29, 0x40, &(0x7f0000000340)={'mangle\x00', 0x0, [0x6, 0x9, 0x6, 0x2a3b, 0x80000001]}, &(0x7f0000000180)=0x54) r5 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00') read$FUSE(r5, &(0x7f0000003480)={0x2020}, 0x2020) accept4$inet6(r4, 0x0, 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r7 = openat$cgroup_subtree(r6, &(0x7f0000000080), 0x2, 0x0) write$cgroup_subtree(r7, &(0x7f00000008c0)=ANY=[@ANYBLOB='+cpu'], 0x5) 2.358360181s ago: executing program 1 (id=3753): r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) r1 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8) mkdir(&(0x7f0000000280)='./control\x00', 0x0) close(r1) r2 = inotify_init1(0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./control\x00', &(0x7f0000000100), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) r3 = syz_io_uring_setup(0x690a, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f0000000200), &(0x7f0000000140)=0x0) syz_io_uring_setup(0x6d6f, &(0x7f0000000540)={0x0, 0xffffffff}, &(0x7f0000000040)=0x0, &(0x7f0000000180)) syz_io_uring_submit(r5, r4, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r3, 0x184c, 0x0, 0x0, 0x0, 0x0) write$P9_RSTATu(r0, 0x0, 0x21d) r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x149a82, 0x88) sendfile(r6, r6, 0x0, 0x9afe) write$P9_RLOCK(r6, &(0x7f0000000000)={0x8, 0x35, 0x1}, 0x8) 2.184739177s ago: executing program 2 (id=3754): openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) r0 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8) mkdir(&(0x7f0000000280)='./control\x00', 0x0) close(r0) r1 = inotify_init1(0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./control\x00', &(0x7f0000000100), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) r2 = syz_io_uring_setup(0x690a, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f0000000200), &(0x7f0000000140)=0x0) syz_io_uring_setup(0x6d6f, &(0x7f0000000540)={0x0, 0xffffffff}, &(0x7f0000000040)=0x0, &(0x7f0000000180)) syz_io_uring_submit(r4, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r2, 0x184c, 0x0, 0x0, 0x0, 0x0) write$P9_RSTATu(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="1d0200007d00000005df000000000000000000000000000000000000000000000000000000000000000000000000000000001f00046e6f6465767b6576626f6825ffffff8102000000000000ff03ff9200000034007002007dfa673effeb09b5351f5bde054000000000187b82d9b500002b595fcb14034354b9fd9ef196a51cd5157adc8106b494e11000cfc200100000000000e308d860ccf6004900f8f669fb716dcf315ecaf385409ac65b9408678c2c3b9e1d52c36cde7ba4451b3407dbdab2884baf050000000000000047ec21cabff20f9c1c577b7468be36f4fd3a4cc280e8d489da29016f6465762f6eb17b2300f9daa5ee23266ecf85fea65e42d979a3fde5f475c4f03b1172d97badc7095afd76fe4f0441f7f7741eac030000ecff0000dba0c2f7f09ff53c7e4d1ad66e2d070198019f30118447aa9a74f51685f506ae894806878267d5a1298d792c4a37f2e1cbbd2482929a0d8972b5cf732ea5b0d7238593aed3b42ee7cac07de09d1d68a60333a882467d2b31aacdf9188549b1125d6c4c9b18c2fb56c57d7dc626e4390796a1eb48274669ab13f8b11d146059f310e2634d593fec65d529f382066664c0fb4e4c90570a70049f399f061f75b7797ce1fe11ea919609d51a41dd3de304bd7c7ed0a456f0ae12516105c9ce887df5a6e0b6a77d596cf88ba6e5c6397c7d5021d7989528fd1739e1c2d87fc200"/529, @ANYRES32, @ANYRES32=0x0, @ANYRES32=0x0], 0x21d) r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x149a82, 0x88) sendfile(r5, r5, 0x0, 0x9afe) write$P9_RLOCK(r5, &(0x7f0000000000)={0x8, 0x35, 0x1}, 0x8) 1.714792523s ago: executing program 3 (id=3755): pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet_udp(0x2, 0x2, 0x0) close(r1) socket$xdp(0x2c, 0x3, 0x0) writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000000)="04", 0x1}], 0x1) syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/keys\x00', 0x0, 0x0) add_key$user(&(0x7f0000000100), &(0x7f00000001c0)={'syz', 0x3}, &(0x7f0000000200)="ed", 0x1, 0xffffffffffffffff) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f0000000400)=ANY=[], &(0x7f0000000100)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, 0x2, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffffffffffff52}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='tlb_flush\x00', r3}, 0x10) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4) prctl$PR_SCHED_CORE(0x3e, 0x0, r4, 0x2, 0x0) r5 = getpid() process_vm_readv(r5, &(0x7f0000008400)=[{&(0x7f00000004c0)=""/65, 0x41}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000000480)=[{&(0x7f0000008480)=""/95, 0x5f}, {&(0x7f00000002c0)=""/56, 0x38}], 0x2, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{0xffffffffffffffff, 0xffffffffffffffff}, 0x0, 0x0}, 0x20) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={0xffffffffffffffff, 0x0, 0x0}, 0x20) r7 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_opts(r7, 0x0, 0xc, &(0x7f00000000c0)='d', 0x1) setsockopt$inet_opts(r7, 0x0, 0xd, &(0x7f0000000280)="b8", 0x1) getsockopt$inet_opts(r7, 0x0, 0x9, &(0x7f0000000200)=""/8, &(0x7f0000000080)=0x8) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r9 = openat$cgroup_int(r8, &(0x7f00000000c0)='cpuset.memory_spread_slab\x00', 0x2, 0x0) write$cgroup_int(r9, &(0x7f00000003c0)=0x1000, 0x12) mkdirat$cgroup(r8, &(0x7f0000000980)='syz0\x00', 0x1ff) r10 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={r6, &(0x7f0000000140)="a91ae3b20a23e15322a8cbd660d697ad1ca84a4642b29d86d92ecc6a6d635bafabe9d9b97756396a53e00cacb946661149d75f6b95a1b6fb35c9cc2bbbc665d37b1109c0b6a185f0ad852ca40ae2bd05951082fca3961c89a2afc9530a51b344bb296f2e06dff84d727f020e67f489c66877f2ef65d472c0b2e4d63c7528a2df972382258e19c50950806cc1f1b941f9e416256fe9dce4547759907020239ff5c4066baa9980e1ab940eeba7b483ee1219ca2e385eab7109fb42829fec9a689df46567d113b69d7eb413b27e96bcd469563e959763b01f3d3574f10b", &(0x7f0000000240)=@udp6=r10, 0x4}, 0x20) 1.706834437s ago: executing program 1 (id=3764): r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0xa5, 0x2) ioctl$vim2m_VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000140)={0x1, @sdr={0x59230c5f, 0x5}}) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x18}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000300)=0x14) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bond0\x00'}) socket$nl_route(0x10, 0x3, 0x0) open(0x0, 0x0, 0x0) mknodat$loop(0xffffffffffffffff, &(0x7f0000001600)='./file1\x00', 0x0, 0x0) getpeername(0xffffffffffffffff, 0x0, &(0x7f00000002c0)) r3 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r4 = socket(0x1e, 0x5, 0x0) listen(r4, 0x0) mkdir(&(0x7f0000000140)='./control\x00', 0x0) mount$afs(0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000080)={[{@dyn}]}) getsockopt$IP6T_SO_GET_INFO(r2, 0x29, 0x40, &(0x7f0000000340)={'mangle\x00', 0x0, [0x6, 0x9, 0x6, 0x2a3b, 0x80000001]}, &(0x7f0000000180)=0x54) r5 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00') read$FUSE(r5, &(0x7f0000003480)={0x2020}, 0x2020) accept4$inet6(r4, 0x0, 0x0, 0x0) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r7 = openat$cgroup_subtree(r6, &(0x7f0000000080), 0x2, 0x0) write$cgroup_subtree(r7, &(0x7f00000008c0)=ANY=[@ANYBLOB='+cpu'], 0x5) 1.693359518s ago: executing program 2 (id=3756): r0 = socket$alg(0x26, 0x5, 0x0) r1 = socket$tipc(0x1e, 0x2, 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000000c0)) recvmmsg(r1, &(0x7f00000001c0), 0x0, 0x102, 0x0) socket$alg(0x26, 0x5, 0x0) bind$alg(0xffffffffffffffff, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES16=r2], 0xb) socket(0x10, 0x3, 0x0) r3 = socket$packet(0x11, 0x0, 0x300) r4 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r4, &(0x7f0000000dc0)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) socket$inet6_mptcp(0xa, 0x1, 0x106) syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="040e0501460c1f00c7f641737da8c5df97e629d54f8eef8f4b4c287248623393943b5ba71f4c252077dee7cda5f16bc9ccce6307303924e47e62deed5d1bb5921eea00000c30f73971da9388b9ec29139dedf9d61d113d31eeef342c9d00000000", @ANYRES64=r3, @ANYRES32=0x0], 0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x2b, &(0x7f0000000040)=0x200000000005) syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="0422c455e6afed798709b018c9e80100"], 0x4) preadv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x5) socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000080)={'wlan1\x00'}) r5 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$UI_SET_LEDBIT(r5, 0x40045569, 0x0) ioctl$UI_SET_EVBIT(r5, 0x40045564, 0x11) ioctl$UI_SET_LEDBIT(r5, 0x40045569, 0x7) ioctl$UI_DEV_SETUP(r5, 0x405c5503, &(0x7f0000000100)={{}, 'syz0\x00'}) ioctl$UI_DEV_CREATE(r5, 0x5501) ioctl$UI_DEV_DESTROY(r5, 0x5502) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec9424", 0x6) 1.391542379s ago: executing program 3 (id=3757): r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0xa5, 0x2) ioctl$vim2m_VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000140)={0x1, @sdr={0x59230c5f, 0x5}}) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x18}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000300)=0x14) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bond0\x00'}) socket$nl_route(0x10, 0x3, 0x0) r3 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat$loop(r3, &(0x7f0000001600)='./file1\x00', 0x0, 0x0) getpeername(0xffffffffffffffff, 0x0, &(0x7f00000002c0)) r4 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r5 = socket(0x1e, 0x5, 0x0) listen(r5, 0x0) mkdir(&(0x7f0000000140)='./control\x00', 0x0) mount$afs(0x0, &(0x7f00000000c0)='./control\x00', &(0x7f0000000100), 0x0, &(0x7f0000000080)={[{@dyn}, {@flock_openafs}]}) getsockopt$IP6T_SO_GET_INFO(r2, 0x29, 0x40, &(0x7f0000000340)={'mangle\x00', 0x0, [0x6, 0x9, 0x6, 0x2a3b, 0x80000001]}, &(0x7f0000000180)=0x54) r6 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00') read$FUSE(r6, 0x0, 0x0) accept4$inet6(r5, 0x0, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r8 = openat$cgroup_subtree(r7, &(0x7f0000000080), 0x2, 0x0) write$cgroup_subtree(r8, &(0x7f00000008c0)=ANY=[@ANYBLOB='+cpu'], 0x5) 1.335230439s ago: executing program 2 (id=3759): socket$inet(0x2, 0x0, 0x0) r0 = getpid() prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000ac0)}, 0x90) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805fdffffff00ff000000004b64ffec0200f8007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000600)='btrfs_flush_space\x00', r1}, 0x10) write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000100)={0x18}, 0x18) getpid() process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0) r3 = eventfd(0x0) ioctl$VHOST_SET_VRING_BASE(r2, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f}) ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3) ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f00000002c0)={0x1, r3}) open(&(0x7f0000000580)='./file0\x00', 0x200040, 0x101) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xf}, 0x90) 636.213662ms ago: executing program 1 (id=3760): getpid() syz_pidfd_open(0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c00010062726964"], 0x3c}}, 0x0) ioctl$FIOCLEX(0xffffffffffffffff, 0x5451) sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, 0x0}, 0x0) write(0xffffffffffffffff, 0x0, 0x0) sendto$packet(r0, &(0x7f0000000380)="44c394f305916c4516999da20800", 0xe, 0x0, &(0x7f0000000440)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @dev}, 0x14) 635.847556ms ago: executing program 0 (id=3761): r0 = socket$alg(0x26, 0x5, 0x0) r1 = socket$tipc(0x1e, 0x2, 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f00000000c0)) recvmmsg(r1, &(0x7f00000001c0), 0x0, 0x102, 0x0) socket$alg(0x26, 0x5, 0x0) bind$alg(0xffffffffffffffff, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES16=r2], 0xb) socket(0x10, 0x3, 0x0) r3 = socket$packet(0x11, 0x2, 0x300) r4 = socket$inet6(0xa, 0x0, 0x0) bind$inet6(r4, &(0x7f0000000dc0)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) socket$inet6_mptcp(0xa, 0x1, 0x106) syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="040e0501460c1f00c7f641737da8c5df97e629d54f8eef8f4b4c287248623393943b5ba71f4c252077dee7cda5f16bc9ccce6307303924e47e62deed5d1bb5921eea00000c30f73971da9388b9ec29139dedf9d61d113d31eeef342c9d00000000", @ANYRES64=r3, @ANYRES32=0x0], 0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x2b, &(0x7f0000000040)=0x200000000005) syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="0422c455e6afed798709b018c9e80100"], 0x4) preadv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x5) socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000080)={'wlan1\x00'}) r5 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$UI_SET_LEDBIT(r5, 0x40045569, 0x0) ioctl$UI_SET_EVBIT(r5, 0x40045564, 0x11) ioctl$UI_SET_LEDBIT(r5, 0x40045569, 0x7) ioctl$UI_DEV_SETUP(r5, 0x405c5503, &(0x7f0000000100)={{}, 'syz0\x00'}) ioctl$UI_DEV_CREATE(r5, 0x5501) ioctl$UI_DEV_DESTROY(r5, 0x5502) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec9424", 0x6) 524.914741ms ago: executing program 3 (id=3762): socket$nl_netfilter(0x10, 0x3, 0xc) socket(0x2, 0x80805, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000003e0095"], &(0x7f0000000000)='syzkaller\x00'}, 0xc3) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='contention_begin\x00', r0}, 0x10) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000380), 0x200) ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r1, 0x80045301, &(0x7f00000003c0)) 483.447159ms ago: executing program 2 (id=3763): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='net/ip6_flowlabel\x00') ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000140)) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}]}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x2004cb], 0x0, 0x200}) syz_open_dev$tty1(0xc, 0x4, 0x1) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 359.96949ms ago: executing program 3 (id=3765): r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) r1 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8) mkdir(&(0x7f0000000280)='./control\x00', 0x0) close(r1) r2 = inotify_init1(0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./control\x00', &(0x7f0000000100), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) r3 = syz_io_uring_setup(0x690a, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f0000000200), &(0x7f0000000140)=0x0) syz_io_uring_setup(0x6d6f, &(0x7f0000000540)={0x0, 0xffffffff}, &(0x7f0000000040)=0x0, &(0x7f0000000180)) syz_io_uring_submit(r5, r4, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r3, 0x184c, 0x0, 0x0, 0x0, 0x0) write$P9_RSTATu(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="1d0200007d00000005df000000000000000000000000000000000000000000000000000000000000000000000000000000001f00046e6f6465767b6576626f6825ffffff8102000000000000ff03ff9200000034007002007dfa673effeb09b5351f5bde054000000000187b82d9b500002b595fcb14034354b9fd9ef196a51cd5157adc8106b494e11000cfc200100000000000e308d860ccf6004900f8f669fb716dcf315ecaf385409ac65b9408678c2c3b9e1d52c36cde7ba4451b3407dbdab2884baf050000000000000047ec21cabff20f9c1c577b7468be36f4fd3a4cc280e8d489da29016f6465762f6eb17b2300f9daa5ee23266ecf85fea65e42d979a3fde5f475c4f03b1172d97badc7095afd76fe4f0441f7f7741eac030000ecff0000dba0c2f7f09ff53c7e4d1ad66e2d070198019f30118447aa9a74f51685f506ae894806878267d5a1298d792c4a37f2e1cbbd2482929a0d8972b5cf732ea5b0d7238593aed3b42ee7cac07de09d1d68a60333a882467d2b31aacdf9188549b1125d6c4c9b18c2fb56c57d7dc626e4390796a1eb48274669ab13f8b11d146059f310e2634d593fec65d529f382066664c0fb4e4c90570a70049f399f061f75b7797ce1fe11ea919609d51a41dd3de304bd7c7ed0a456f0ae12516105c9ce887df5a6e0b6a77d596cf88ba6e5c6397c7d5021d7989528fd1739e1c2d87fc200"/529, @ANYRES32, @ANYRES32=0x0], 0x21d) r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x149a82, 0x88) sendfile(r6, r6, 0x0, 0x9afe) write$P9_RLOCK(r6, &(0x7f0000000000)={0x8, 0x35, 0x1}, 0x8) 311.357345ms ago: executing program 1 (id=3766): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x3, &(0x7f0000000040)=[{0x35}, {0x20}, {0x6}]}) socket$packet(0x11, 0x3, 0x300) fsetxattr$security_capability(0xffffffffffffffff, &(0x7f00000001c0), 0x0, 0xfffffffffffffeb8, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) socket$nl_generic(0x10, 0x3, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) futex(0x0, 0xa, 0x1, 0x0, 0x0, 0x0) socket$alg(0x26, 0x5, 0x0) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000580)={0x0, 0x1, 0x0, &(0x7f0000000100)=""/47, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, 0x0, &(0x7f0000000500)=""/69, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000016c0)) ioctl$VHOST_SET_LOG_BASE(r0, 0x4008af00, &(0x7f0000000140)) r1 = eventfd(0x0) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000180)=r1) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1) ioctl$VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, &(0x7f0000000380)={0x3, r1}) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0xffffffffffffffff, 0x2, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) socket$key(0xf, 0x3, 0x2) socket$inet_udp(0x2, 0x2, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) r3 = openat$6lowpan_control(0xffffff9c, &(0x7f0000000000), 0x2, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000300)=ANY=[@ANYRESHEX], 0x0, 0x1, 0x0, 0x0, 0x40f00, 0x2c}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r4}, 0x10) write$6lowpan_control(r3, &(0x7f0000000080)='connect aa:aa:aa:aa:aa:11 0', 0x1b) syz_io_uring_setup(0x10d, &(0x7f0000000440), &(0x7f0000000380), &(0x7f0000000280)) 38.938556ms ago: executing program 3 (id=3767): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='net/ip6_flowlabel\x00') ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000140)) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}]}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x2004cb], 0x0, 0x200}) syz_open_dev$tty1(0xc, 0x4, 0x1) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 0s ago: executing program 0 (id=3768): syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) (async) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) ioctl$FS_IOC_GETFSLABEL(r0, 0x400452c8, 0x0) r1 = syz_open_dev$usbfs(&(0x7f0000000c40), 0x310decfa, 0x1) ioctl$USBDEVFS_CONTROL(r1, 0x80045519, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async) ioctl$USBDEVFS_CONTROL(r1, 0x80045519, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000000300)=""/102400, 0x19000) prctl$PR_SCHED_CORE(0x3e, 0x4, 0x0, 0x2, 0x0) ioctl$F2FS_IOC_RESIZE_FS(0xffffffffffffffff, 0x4008f510, &(0x7f0000000200)=0x579c) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/address_bits', 0x4a8200, 0x0) (async) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/address_bits', 0x4a8200, 0x0) socket$phonet_pipe(0x23, 0x5, 0x2) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) (async) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffc49) connect$netlink(0xffffffffffffffff, 0x0, 0x0) (async) connect$netlink(0xffffffffffffffff, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000dc0)=ANY=[@ANYBLOB="b4000000020000006600000000000000730135000000000095000000000000004bb5eea0a6ec9fcd4b0a008a8443f22702000000e63bde9e4a0587536a966992ae7011d6e6c03175717e9912e0dd1a59541f7cbb1548ee5bd627f5b0b8ec77bd6d5f7b543f9aafaabe53339b12fbbe7decc4aa61b8aad0359083bdd61543fbeee8d560bb4b5925fae801f4c91e31674b124a1b38000000bc4da4a9b3d5cc9e0000f6a7a729009973ff07000000000000ac79e5d84abbec7d96629490727375b853f6308a980fba61fbe0131f3c7a026d8f000008000000000000000b20d7ac2df89d7989bf53bec908213d396edf24e9fc3cc004a1097fddc65c1b1b328277ff85ed56b9261eb7bcee28ec2d3616689ab3f31f849eebce6f21e6302003c0467844e000000000db0700bd694a09b253a1c6c7c138b3ec6ee9b83edcc55d3403acd5c50e27401aa306a7ab7069790da79b7ab4512fa4b64a00009bab066bf7a4ab148d44c7e2e4d219cdd7ebeb51511d9df85a648b1b85f93cb6cd21f93d5ea3da2b31657c065d052d9b9ee00320def97ebac25b929b3c15e33be6e7d54e622b427ee8d181f5f18d772fb5c58a93b5afed6ce430a50f398d2ec77b1d7a6620ba1f5fbb48703ab220f442697edc165b449db2e3c221fbf270a6db414516949b97c200000096a1cbe81a38a23f03bd741a3e60c2e294f828e06f1b2cb70328f151f949e369efed52a28b87aae9d7d2800c8efe7f93c05adc9086d3f143a7b87d06838c6525cafdc01820a8912a131ff1f6acb9439f2d95a746291641b38333ce1c33edc9da00c8a2b42e8adfeff69fce7a35f79748e3e5b235269310988a05bf7c4e4cef3d1aa550c83d6328eb000000044a6458c31431d58973c93f5e9452258a7098bc3d014afe638a45526e054d6b3ba5ca8f357df67c41acc28edacb31d38994544c3511ea1e8a448e66039425cfb03efb5d5eb81a306746adb8809ef9691863c00085e2dc401325327e54cbfceb400c2663466cd4a79c94b62c9882626499a8a29c564464f2a7aee6a929f831c93d23005787d272b5eaf0c6e11a7f0f1f39f68df44f6bf2ebe448cbe850efd24bf7b96ad33abbd3a8b5814b5e7f85d1a47ee604ccef20bda53c9ce06910568fc200eee12fc6ef2734a6e9af5132f0c507e277fd97f9b48c840697289d38e454467f4d2f94b2f76d06edd083dafefd76deb251b5818de9c27d0df6e7b8862fe42f6c453f551f35b6d76395a1d205f276ae628fbdb8081905a1d7c2805532d3387b88f2997e8ce41c5dca83659cfb7f3a1c7b2bec8a7575dc4241dde6c680ee9a27b197739f4ad86f3bad3e42d4954bef864586ad02c27858d63efc495bcfb6e30f30fedf536d63769a196fc3b472195d0a1a13ecf803136d751cefb0edb5794cab8681214b39f86d88f3aebea4d465ef05f975b09f264d6c8d8e3bb6ea7d21c6602bcc8f76f2546cccc074f55c22aa8b502968040000000000000047c8a50036dd268a1aeff951f5090492b5e941feb1d3785aafe1655876e5a36c40fb5afcfd1eb28952662782097836a4d1aa3de0c06bb7dc27cf1a546b6aa6ce9932f3c6a013bc3791da4d8a33680ba8f1334d75a43e991ebd4582d786ec05cdd3152d52ab15fc7595cbd339f730d2ec8e37e6c500c4c30280a6af986f62a22d9c5c275e7798c165545abfcd304243274db15924a136a0896d56576ed5de90b1bda90f4024b9a0b3b33f688db8e38f784ae3942aba874f95d10c47e2405ceb0438cc272133fac718a6553710e4ca97df646b21d03652c54eade2e99344e11a2671cf274d397650fba8fcfb7e51a926e37b3980a1732111175dd99b9d979042b3ea411a7b4f9081ae9b82974d5eb6fd4e4bcd95e4f897dfba4e44777e6d02a896b650a66d9139696b9c6c36a33eb3adc092bf4586bfab34002f802bbfe6a7679cec20cc25e01f129bbe92a65961fac7bffa3d8feda2ac927743d2bce57ee39b671948576337535180aa754e035421cf1709bc1b5e46c35515fb1fcda637a6405e9b216d2ca09795c5d2f27665da5b17bcf0f387e6dd58202a3a1148e46e55ac7ea027eb3022eee4a000ca543ab566921e5db4f741a71dc202c851d99851bc7a62ea705f942855a9fa30b912045f78ab1e3fdeada84bc8ac36cc1223901e56f6ecbabbc3263098c9c47a1f505a8299b5715a455e834ddddc430f387cafa07bf915522f6a70c031929a42e34eea5169b796320e892d27924045bcf56135684ca96ada82749371d5766c0d0cae8772f140eef001ca39dc28743f77b8724487a9b37ca66d20aef8a5236393fce29b0531cbd3265c209761ed41a2e473fbd84ca9b67e3ceb58a4b774ee127628faba8702c0a73f8311d269429aaadf74c439404fc9f864e69807dfe2bae2bd4c498a10d4e17dceb1f7539bfeb392e22e7b93d0ecf66cd253a4062bbc8a4307f0e4360651dc7f89247a89ab73dd7c11be13707482c369f02d7b6f242599f95dbfcb55bea158665231f8fe04ed2a8c407fed1a8702e2486386f2ae6347231128be789186ff5651208c8b781f85d3fb51bd28b939a8bc88a471c36fa17fd04c3fbdbd3f7bf144b1466014a77c582aa0380e612cd101d557dd1e5b7bae3da3ea2659f66a3641eaa3b008b978e0a5f69671f52401892dba8a63c8f7eb280880dbdcee5d8e8aae9de9d28cbe0de2f4642c4fe69db3b7432b2eb7ca282fbfe030ad6c33a73feef1cd517cedc2c0059e5636ae0fb3969ce7f64c6f6cffcc40ac1331f6b50d4f95c490edd75e8cdba278a602c8a200000000000000000000000091b39ecd9b22cc68dde3760f3bd7377b35f4d41a46959070cddc4a9c340455f97ff0ea8c6adbff47a39269b2e90dffa1ec22d41f9da01ec44847a88334e106ff455f9ca2a0b2900591ceac1f0e823eaa7ed5b359eed1a39a6f75e7556ab52ac0c2c46b28f3791edf8f25cc2e6cab30841d3fac1e1644f35ed7899a903df3901f89e13cee8589df43652fbe05a789881dcae97ffdc52363bc61c334480afac09e04f9e5ce0bcd12c997545053b64bb2ba920a1071d2ca692c72965bdc0022f7f147943001a55ed8c7b3181fbfabd2069ac7bd4f9b459463edb8a05d1fde9a000000000085b6f76cf1667ca9c4c09bc185348df7972ed45ef93479986d28a6e72ea9becd8d83434c009f089f07da335da3711b0e2b6e813f79aafdbd5858463ae47a5495dc0a7e6548774ad6f9dc3356481c4472a6455324731fe1635fd7d35bba6c7475cad7702815070f8b38c0ca2222daba"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x1, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x21e, 0x10, &(0x7f00000002c0), 0x83419149c3b785d0}, 0x48) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f00000000c0)=@req3, 0x1c) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, 0xffffffffffffffff, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x7, 0x2141}, 0x48) bpf$MAP_UPDATE_ELEM(0x4, &(0x7f0000001140)={r4, &(0x7f0000000040), &(0x7f0000000140)}, 0x20) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={@cgroup, r3, 0x1}, 0x14) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0) (async) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0) syz_open_dev$media(0x0, 0x0, 0x0) (async) syz_open_dev$media(0x0, 0x0, 0x0) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e20, 0x0, @loopback}], 0x1c) (async) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e20, 0x0, @loopback}], 0x1c) listen(r5, 0xfffffffc) (async) listen(r5, 0xfffffffc) socket$inet6_sctp(0xa, 0x1, 0x84) kernel console output (not intermixed with test programs): has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 627.331365][T16096] FAULT_INJECTION: forcing a failure. [ 627.331365][T16096] name failslab, interval 1, probability 0, space 0, times 0 [ 627.343853][T16096] CPU: 3 UID: 0 PID: 16096 Comm: syz.3.2889 Not tainted 6.11.0-rc1-syzkaller-00283-gd3426a6ed9d8 #0 [ 627.351955][T16096] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 627.356379][T16096] Call Trace: [ 627.357786][T16096] [ 627.359454][T16096] dump_stack_lvl+0x16c/0x1f0 [ 627.361536][T16096] should_fail_ex+0x497/0x5b0 [ 627.363626][T16096] ? fs_reclaim_acquire+0xae/0x160 [ 627.365630][T16096] should_failslab+0xc2/0x120 [ 627.367387][T16096] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 627.369428][T16096] ? getname_kernel+0x52/0x370 [ 627.371242][T16096] getname_kernel+0x52/0x370 [ 627.372716][ T7751] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 627.373485][T16096] kern_path+0x1d/0x50 [ 627.373548][T16096] lookup_bdev+0xd9/0x280 [ 627.377593][ T7751] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 627.379286][T16096] ? __pfx_lookup_bdev+0x10/0x10 [ 627.386787][T16096] ? resume_store+0x1ba/0x460 [ 627.389146][T16096] ? __asan_memcpy+0x3c/0x60 [ 627.390076][ T7751] usb 7-1: config 0 descriptor?? [ 627.391212][T16096] resume_store+0x1d8/0x460 [ 627.395669][T16096] ? __pfx_resume_store+0x10/0x10 [ 627.397928][T16096] ? __pfx_lock_acquire+0x10/0x10 [ 627.400252][T16096] ? __pfx___mutex_lock+0x10/0x10 [ 627.402524][T16096] ? __pfx__copy_from_iter+0x10/0x10 [ 627.405210][T16096] ? __pfx_resume_store+0x10/0x10 [ 627.407911][T16096] kobj_attr_store+0x55/0x80 [ 627.410470][T16096] ? __pfx_kobj_attr_store+0x10/0x10 [ 627.412857][T16096] sysfs_kf_write+0x117/0x170 [ 627.415238][T16096] kernfs_fop_write_iter+0x343/0x500 [ 627.419351][T16096] ? __pfx_sysfs_kf_write+0x10/0x10 [ 627.421644][T16096] iter_file_splice_write+0x906/0x10b0 [ 627.424069][T16096] ? __pfx_iter_file_splice_write+0x10/0x10 [ 627.427072][T16096] ? __pfx_lock_acquire+0x10/0x10 [ 627.429533][T16096] ? __pfx_iter_file_splice_write+0x10/0x10 [ 627.432265][T16096] direct_splice_actor+0x19b/0x6d0 [ 627.434655][T16096] splice_direct_to_actor+0x346/0xa40 [ 627.437740][T16096] ? __pfx_direct_splice_actor+0x10/0x10 [ 627.440369][T16096] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 627.443424][T16096] ? __pfx___might_resched+0x10/0x10 [ 627.445975][T16096] ? __pfx_lock_release+0x10/0x10 [ 627.448372][T16096] do_splice_direct+0x17e/0x250 [ 627.450693][T16096] ? __pfx_do_splice_direct+0x10/0x10 [ 627.453166][T16096] ? avc_policy_seqno+0x9/0x20 [ 627.455627][T16096] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 627.458318][T16096] do_sendfile+0xb1e/0xe50 [ 627.460318][T16096] ? __pfx_do_sendfile+0x10/0x10 [ 627.462498][T16096] __x64_sys_sendfile64+0x1da/0x220 [ 627.464858][T16096] ? ksys_write+0x1ab/0x260 [ 627.466996][T16096] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 627.469505][T16096] do_syscall_64+0xcd/0x250 [ 627.471625][T16096] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 627.477392][T16096] RIP: 0033:0x7f71877779f9 [ 627.479383][T16096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 627.488169][T16096] RSP: 002b:00007f7188577048 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 627.491564][T16096] RAX: ffffffffffffffda RBX: 00007f7187905f80 RCX: 00007f71877779f9 [ 627.494553][T16096] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 627.497986][T16096] RBP: 00007f71885770a0 R08: 0000000000000000 R09: 0000000000000000 [ 627.501614][T16096] R10: 0000000000009afe R11: 0000000000000246 R12: 0000000000000001 [ 627.505396][T16096] R13: 000000000000000b R14: 00007f7187905f80 R15: 00007ffebb7d9aa8 [ 627.508694][T16096] [ 627.773100][T16100] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2890'. [ 627.795945][ T7751] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 627.818299][ T7751] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 627.827309][ T7751] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 627.837169][ T7751] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 627.840084][ T7751] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 627.845014][ T7751] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 627.850267][ T7751] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 627.853067][ T7751] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 627.856180][ T7751] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 627.859398][ T7751] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 627.862529][ T7751] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 627.865169][ T7751] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 627.867681][ T7751] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 627.875808][ T7751] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 627.880518][ T7751] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 627.883996][ T7751] plantronics 0003:047F:FFFF.0011: No inputs registered, leaving [ 627.897261][ T7751] plantronics 0003:047F:FFFF.0011: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 627.898322][T16104] FAULT_INJECTION: forcing a failure. [ 627.898322][T16104] name failslab, interval 1, probability 0, space 0, times 0 [ 627.916864][T16104] CPU: 3 UID: 0 PID: 16104 Comm: syz.0.2892 Not tainted 6.11.0-rc1-syzkaller-00283-gd3426a6ed9d8 #0 [ 627.921148][T16104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 627.925443][T16104] Call Trace: [ 627.926934][T16104] [ 627.928243][T16104] dump_stack_lvl+0x16c/0x1f0 [ 627.930312][T16104] should_fail_ex+0x497/0x5b0 [ 627.932364][T16104] ? fs_reclaim_acquire+0xae/0x160 [ 627.934581][T16104] should_failslab+0xc2/0x120 [ 627.936733][T16104] kmem_cache_alloc_node_noprof+0x71/0x310 [ 627.937616][ T39] audit: type=1400 audit(1722742130.486:586): avc: denied { map } for pid=16101 comm="syz.3.2891" path="/dev/tty1" dev="devtmpfs" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1 [ 627.939247][T16104] ? __alloc_skb+0x2b1/0x380 [ 627.948985][T16104] __alloc_skb+0x2b1/0x380 [ 627.949014][T16104] ? __pfx___alloc_skb+0x10/0x10 [ 627.949039][T16104] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 627.949061][T16104] netlink_alloc_large_skb+0x69/0x130 [ 627.949083][T16104] netlink_sendmsg+0x689/0xd70 [ 627.949103][T16104] ? __pfx_netlink_sendmsg+0x10/0x10 [ 627.949122][T16104] ? __import_iovec+0x1fd/0x6e0 [ 627.949150][T16104] ____sys_sendmsg+0xab5/0xc90 [ 627.949171][T16104] ? copy_msghdr_from_user+0x10b/0x160 [ 627.949198][T16104] ? __pfx_____sys_sendmsg+0x10/0x10 [ 627.949217][T16104] ? find_held_lock+0x2d/0x110 [ 627.949242][T16104] ? __pfx___lock_acquire+0x10/0x10 [ 627.949262][T16104] ___sys_sendmsg+0x135/0x1e0 [ 627.949286][T16104] ? __pfx____sys_sendmsg+0x10/0x10 [ 627.949312][T16104] ? ksys_write+0x21c/0x260 [ 627.949331][T16104] ? __fget_light+0x173/0x210 [ 627.949357][T16104] __sys_sendmsg+0x117/0x1f0 [ 627.949383][T16104] ? __pfx___sys_sendmsg+0x10/0x10 [ 627.949412][T16104] do_syscall_64+0xcd/0x250 [ 627.949434][T16104] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 627.949458][T16104] RIP: 0033:0x7f44b5b779f9 [ 627.949474][T16104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 627.949491][T16104] RSP: 002b:00007f44b68c4048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 627.949510][T16104] RAX: ffffffffffffffda RBX: 00007f44b5d05f80 RCX: 00007f44b5b779f9 [ 627.949523][T16104] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004 [ 627.949534][T16104] RBP: 00007f44b68c40a0 R08: 0000000000000000 R09: 0000000000000000 [ 627.949546][T16104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 627.949558][T16104] R13: 000000000000000b R14: 00007f44b5d05f80 R15: 00007fffdb6e8508 [ 627.949578][T16104] [ 628.075550][T16108] 9pnet_fd: Insufficient options for proto=fd [ 629.174076][ T5353] Bluetooth: hci4: Malformed HCI Event: 0x22 [ 629.231587][T16132] input: syz0 as /devices/virtual/input/input135 [ 629.524603][ T5380] usb 7-1: USB disconnect, device number 30 [ 629.586581][T16141] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2902'. [ 629.688531][T11221] usb 5-1: new high-speed USB device number 30 using dummy_hcd [ 629.784127][ T5353] Bluetooth: hci0: command 0x0406 tx timeout [ 629.831721][T11221] usb 5-1: device descriptor read/64, error -71 [ 629.890339][ T58] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 630.080215][ T58] usb 6-1: Using ep0 maxpacket: 32 [ 630.084641][ T58] usb 6-1: config index 0 descriptor too short (expected 29220, got 36) [ 630.098131][T11221] usb 5-1: new high-speed USB device number 31 using dummy_hcd [ 630.098594][ T58] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 630.105364][ T58] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 630.109861][ T58] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 630.114042][ T58] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 630.126405][ T58] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 630.136024][ T58] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 630.140145][ T58] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 630.155629][ T39] audit: type=1400 audit(1722742132.817:587): avc: denied { map } for pid=16151 comm="syz.2.2906" path="socket:[68912]" dev="sockfs" ino=68912 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 630.166384][ T58] usb 6-1: config 0 descriptor?? [ 630.250667][T11221] usb 5-1: device descriptor read/64, error -71 [ 630.364945][T11221] usb usb5-port1: attempt power cycle [ 630.382511][ T58] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 20 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 630.395897][ T58] usb 6-1: USB disconnect, device number 20 [ 630.401331][ T58] usblp0: removed [ 630.606778][T16138] IPVS: length: 171 != 8 [ 630.751978][ T39] audit: type=1400 audit(1722742133.446:588): avc: denied { create } for pid=16156 comm="syz.3.2908" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 630.755243][T11221] usb 5-1: new high-speed USB device number 32 using dummy_hcd [ 630.764786][ T39] audit: type=1400 audit(1722742133.446:589): avc: denied { write } for pid=16156 comm="syz.3.2908" path="socket:[68462]" dev="sockfs" ino=68462 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 630.773323][ T39] audit: type=1400 audit(1722742133.446:590): avc: denied { nlmsg_read } for pid=16156 comm="syz.3.2908" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 630.784740][T11221] usb 5-1: device descriptor read/8, error -71 [ 631.041247][T11221] usb 5-1: new high-speed USB device number 33 using dummy_hcd [ 631.080016][T11221] usb 5-1: device descriptor read/8, error -71 [ 631.193869][T11221] usb usb5-port1: unable to enumerate USB device [ 631.527151][T16171] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2911'. [ 632.342766][T16185] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2916'. [ 632.460059][T16188] 9pnet_fd: Insufficient options for proto=fd [ 632.668848][ T5354] Bluetooth: hci4: Malformed HCI Event: 0x22 [ 632.674269][ T5354] Bluetooth: hci5: unexpected event for opcode 0x0c46 [ 632.679045][ T5354] Bluetooth: hci5: Malformed HCI Event: 0x22 [ 632.710559][T16197] input: syz0 as /devices/virtual/input/input137 [ 632.711912][T16195] input: syz0 as /devices/virtual/input/input136 [ 633.241555][ T58] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 633.385432][ T58] usb 6-1: device descriptor read/64, error -71 [ 633.651133][ T58] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 633.814070][ T58] usb 6-1: device descriptor read/64, error -71 [ 633.931398][ T58] usb usb6-port1: attempt power cycle [ 634.327174][ T58] usb 6-1: new high-speed USB device number 23 using dummy_hcd [ 634.366578][ T58] usb 6-1: device descriptor read/8, error -71 [ 634.651248][ T58] usb 6-1: new high-speed USB device number 24 using dummy_hcd [ 634.689733][ T58] usb 6-1: device descriptor read/8, error -71 [ 634.721290][T16223] 9pnet_fd: Insufficient options for proto=fd [ 634.804172][ T58] usb usb6-port1: unable to enumerate USB device [ 634.854218][ T5354] Bluetooth: hci0: unexpected event for opcode 0x0c46 [ 634.862042][ T5354] Bluetooth: hci0: Malformed HCI Event: 0x22 [ 634.869147][T16229] input: syz0 as /devices/virtual/input/input138 [ 635.121582][T16241] create_pit_timer: 6 callbacks suppressed [ 635.121596][T16241] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 635.223381][T16238] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2931'. [ 635.231650][T16238] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 635.263320][T16241] kvm: pic: non byte read [ 635.290001][T16241] kvm: pic: level sensitive irq not supported [ 635.290163][ T39] audit: type=1326 audit(1722742138.192:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16233 comm="syz.0.2931" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f44b5b779f9 code=0x0 [ 635.290529][T16241] kvm: pic: non byte read [ 635.339740][T16241] kvm: pic: level sensitive irq not supported [ 635.344714][T16241] kvm: pic: non byte read [ 635.981499][ T39] audit: type=1400 audit(1722742138.937:592): avc: denied { listen } for pid=16260 comm="syz.0.2937" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 635.994728][ T39] audit: type=1400 audit(1722742138.947:593): avc: denied { connect } for pid=16260 comm="syz.0.2937" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 636.150637][T16267] 9pnet_fd: Insufficient options for proto=fd [ 636.912032][ T5354] Bluetooth: hci5: unexpected cc 0x0403 length: 65 > 1 [ 636.916309][ T5354] Bluetooth: hci5: unexpected event for opcode 0x0403 [ 637.099669][ T5380] usb 7-1: new high-speed USB device number 31 using dummy_hcd [ 637.242139][ T5380] usb 7-1: device descriptor read/64, error -71 [ 637.499203][ T5380] usb 7-1: new high-speed USB device number 32 using dummy_hcd [ 637.642422][ T5380] usb 7-1: device descriptor read/64, error -71 [ 637.757517][ T5380] usb usb7-port1: attempt power cycle [ 638.166273][ T5380] usb 7-1: new high-speed USB device number 33 using dummy_hcd [ 638.196342][ T5380] usb 7-1: device descriptor read/8, error -71 [ 638.452063][ T5380] usb 7-1: new high-speed USB device number 34 using dummy_hcd [ 638.483122][ T5380] usb 7-1: device descriptor read/8, error -71 [ 638.597408][ T5380] usb usb7-port1: unable to enumerate USB device [ 639.384717][T16304] FAULT_INJECTION: forcing a failure. [ 639.384717][T16304] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 639.392771][T16304] CPU: 1 UID: 0 PID: 16304 Comm: syz.0.2948 Not tainted 6.11.0-rc1-syzkaller-00283-gd3426a6ed9d8 #0 [ 639.397371][T16304] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 639.401991][T16304] Call Trace: [ 639.403542][T16304] [ 639.404898][T16304] dump_stack_lvl+0x16c/0x1f0 [ 639.407020][T16304] should_fail_ex+0x497/0x5b0 [ 639.409102][T16304] strncpy_from_user+0x38/0x320 [ 639.411181][T16304] getname_flags.part.0+0x8f/0x550 [ 639.413390][T16304] getname+0x8d/0xe0 [ 639.415075][T16304] __x64_sys_execve+0x72/0xb0 [ 639.417120][T16304] do_syscall_64+0xcd/0x250 [ 639.419102][T16304] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 639.421711][T16304] RIP: 0033:0x7f44b5b779f9 [ 639.423679][T16304] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 639.431564][T16304] RSP: 002b:00007f44b68a3048 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 639.434800][T16304] RAX: ffffffffffffffda RBX: 00007f44b5d06058 RCX: 00007f44b5b779f9 [ 639.437844][T16304] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000020000280 [ 639.440966][T16304] RBP: 00007f44b68a30a0 R08: 0000000000000000 R09: 0000000000000000 [ 639.444267][T16304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 639.447606][T16304] R13: 000000000000006e R14: 00007f44b5d06058 R15: 00007fffdb6e8508 [ 639.450789][T16304] [ 640.278217][T16309] 9pnet_fd: Insufficient options for proto=fd [ 640.615643][ T5354] Bluetooth: hci4: Malformed HCI Event: 0x22 [ 640.643658][T16321] input: syz0 as /devices/virtual/input/input139 [ 640.686989][T16323] overlayfs: missing 'lowerdir' [ 640.757503][ T5354] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0 [ 640.761524][ T5354] Bluetooth: hci5: Injecting HCI hardware error event [ 640.766999][ T5354] Bluetooth: hci5: hardware error 0x00 [ 640.870565][T16332] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 641.268049][ T39] audit: type=1326 audit(1722742144.480:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16333 comm="syz.2.2958" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f02bdd779f9 code=0x0 [ 641.811970][T16346] overlayfs: missing 'lowerdir' [ 642.342708][T16354] 9pnet_fd: Insufficient options for proto=fd [ 642.739069][ T5354] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 642.926770][ T5354] Bluetooth: hci0: unexpected event for opcode 0x0c46 [ 642.934351][ T5354] Bluetooth: hci0: Malformed HCI Event: 0x22 [ 642.968626][T16364] input: syz0 as /devices/virtual/input/input140 [ 643.237828][T16347] netlink: 'syz.0.2961': attribute type 4 has an invalid length. [ 643.577447][ T58] usb 7-1: new high-speed USB device number 35 using dummy_hcd [ 643.751306][ T58] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 643.755323][ T58] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 643.759330][ T58] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 643.767771][ T58] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 643.771765][ T58] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 643.799619][ T58] usb 7-1: config 0 descriptor?? [ 643.993244][T16388] 9pnet_fd: Insufficient options for proto=fd [ 644.217759][ T58] plantronics 0003:047F:FFFF.0012: item fetching failed at offset 11/15 [ 644.222177][ T58] plantronics 0003:047F:FFFF.0012: parse failed [ 644.225296][ T58] plantronics 0003:047F:FFFF.0012: probe with driver plantronics failed with error -22 [ 644.443928][ T58] usb 7-1: USB disconnect, device number 35 [ 644.567294][ T5383] usb 6-1: new high-speed USB device number 25 using dummy_hcd [ 644.740325][ T5383] usb 6-1: Using ep0 maxpacket: 8 [ 644.744772][ T5383] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 644.753902][ T5383] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 644.762197][ T5383] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 644.766870][ T5383] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 644.773640][ T5383] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 644.785739][ T5383] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 644.792073][ T5383] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 644.978783][ T5354] Bluetooth: hci0: unexpected event for opcode 0x0c46 [ 644.983705][ T5354] Bluetooth: hci0: Malformed HCI Event: 0x22 [ 645.000136][T16407] input: syz0 as /devices/virtual/input/input141 [ 645.054580][ T5383] usb 6-1: usb_control_msg returned -32 [ 645.058523][ T5383] usbtmc 6-1:16.0: can't read capabilities [ 645.296960][ T39] audit: type=1400 audit(1722742148.711:595): avc: denied { read } for pid=16417 comm="syz.3.2982" name="nullb0" dev="devtmpfs" ino=693 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 645.323864][T16423] 9pnet_fd: Insufficient options for proto=fd [ 645.511405][T16430] fuse: Invalid rootmode [ 645.617293][T16432] can0: slcan on ttyS3. [ 645.797053][T16432] can0 (unregistered): slcan off ttyS3. [ 646.786905][ T5383] usb 5-1: new high-speed USB device number 34 using dummy_hcd [ 646.990675][ T5383] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 646.995723][ T5383] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 647.011310][ T5383] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 647.024785][ T5383] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 647.031622][ T5383] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 647.044051][ T5383] usb 5-1: config 0 descriptor?? [ 647.358380][ T5354] Bluetooth: hci0: unexpected event for opcode 0x0c46 [ 647.380370][ T5354] Bluetooth: hci0: Malformed HCI Event: 0x22 [ 647.437758][T16458] input: syz0 as /devices/virtual/input/input142 [ 647.526489][ T5383] plantronics 0003:047F:FFFF.0013: item fetching failed at offset 11/15 [ 647.543644][ T5383] plantronics 0003:047F:FFFF.0013: parse failed [ 647.550589][ T5383] plantronics 0003:047F:FFFF.0013: probe with driver plantronics failed with error -22 [ 647.710633][T16465] 9pnet_fd: Insufficient options for proto=fd [ 647.739011][ T10] usb 5-1: USB disconnect, device number 34 [ 648.010612][ T39] audit: type=1326 audit(1722742151.566:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16472 comm="syz.2.2995" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f02bdd779f9 code=0x0 [ 649.690906][T16492] FAULT_INJECTION: forcing a failure. [ 649.690906][T16492] name failslab, interval 1, probability 0, space 0, times 0 [ 649.697056][T16492] CPU: 0 UID: 0 PID: 16492 Comm: syz.0.3000 Not tainted 6.11.0-rc1-syzkaller-00283-gd3426a6ed9d8 #0 [ 649.702001][T16492] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 649.707056][T16492] Call Trace: [ 649.708582][T16492] [ 649.709922][T16492] dump_stack_lvl+0x16c/0x1f0 [ 649.712052][T16492] should_fail_ex+0x497/0x5b0 [ 649.714216][T16492] ? fs_reclaim_acquire+0xae/0x160 [ 649.716537][T16492] should_failslab+0xc2/0x120 [ 649.718696][T16492] __kmalloc_cache_noprof+0x6b/0x300 [ 649.721071][T16492] ? ovl_init_fs_context+0x11f/0x5d0 [ 649.723457][T16492] ? kasan_save_track+0x14/0x30 [ 649.725674][T16492] ovl_init_fs_context+0x11f/0x5d0 [ 649.728046][T16492] ? __pfx_ovl_init_fs_context+0x10/0x10 [ 649.730619][T16492] alloc_fs_context+0x54a/0x9c0 [ 649.732864][T16492] path_mount+0xb08/0x1f20 [ 649.734877][T16492] ? __pfx_path_mount+0x10/0x10 [ 649.737073][T16492] ? putname+0x12e/0x170 [ 649.738985][T16492] ? putname+0x12e/0x170 [ 649.740888][T16492] __x64_sys_mount+0x294/0x320 [ 649.743024][T16492] ? __pfx___x64_sys_mount+0x10/0x10 [ 649.745427][T16492] do_syscall_64+0xcd/0x250 [ 649.747482][T16492] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 649.750138][T16492] RIP: 0033:0x7f44b5b779f9 [ 649.752316][T16492] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 649.760772][T16492] RSP: 002b:00007f44b68c4048 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 649.764149][T16492] RAX: ffffffffffffffda RBX: 00007f44b5d05f80 RCX: 00007f44b5b779f9 [ 649.767264][T16492] RDX: 0000000020000080 RSI: 00000000200000c0 RDI: 0000000000000000 [ 649.770564][T16492] RBP: 00007f44b68c40a0 R08: 0000000020000500 R09: 0000000000000000 [ 649.773716][T16492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 649.776761][T16492] R13: 000000000000000b R14: 00007f44b5d05f80 R15: 00007fffdb6e8508 [ 649.779802][T16492] [ 650.095466][T16494] input: syz0 as /devices/virtual/input/input143 [ 650.221272][T16426] usbtmc 6-1:16.0: usb_control_msg returned -110 [ 650.254214][T11221] usb 6-1: USB disconnect, device number 25 [ 650.323058][T16501] 9pnet_fd: Insufficient options for proto=fd [ 650.890689][T16516] e1000e 0000:00:02.0 eth1: NIC Link is Down [ 651.039437][T16531] FAULT_INJECTION: forcing a failure. [ 651.039437][T16531] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 651.050330][T16531] CPU: 3 UID: 0 PID: 16531 Comm: syz.1.3009 Not tainted 6.11.0-rc1-syzkaller-00283-gd3426a6ed9d8 #0 [ 651.054678][T16531] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 651.059293][T16531] Call Trace: [ 651.060882][T16531] [ 651.062196][T16531] dump_stack_lvl+0x16c/0x1f0 [ 651.064221][T16531] should_fail_ex+0x497/0x5b0 [ 651.066014][T16531] _copy_from_user+0x30/0xf0 [ 651.067991][T16531] kstrtouint_from_user+0xd7/0x1c0 [ 651.070155][T16531] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 651.072713][T16531] ? __pfx_lock_acquire+0x10/0x10 [ 651.074940][T16531] proc_fail_nth_write+0x84/0x270 [ 651.077205][T16531] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 651.079663][T16531] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 651.082165][T16531] vfs_write+0x29a/0x1140 [ 651.084098][T16531] ? __fdget_pos+0xeb/0x180 [ 651.086131][T16531] ? __pfx_vfs_write+0x10/0x10 [ 651.088317][T16531] ? __pfx___mutex_lock+0x10/0x10 [ 651.090553][T16531] ? __fget_files+0x256/0x400 [ 651.092460][T16531] ksys_write+0x12f/0x260 [ 651.093936][T16531] ? __pfx_ksys_write+0x10/0x10 [ 651.095565][T16531] do_syscall_64+0xcd/0x250 [ 651.097289][T16531] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 651.099852][T16531] RIP: 0033:0x7f4dd09764df [ 651.101780][T16531] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8d 02 00 48 [ 651.109834][T16531] RSP: 002b:00007f4dd16b3040 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 651.113338][T16531] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4dd09764df [ 651.116279][T16531] RDX: 0000000000000001 RSI: 00007f4dd16b30b0 RDI: 0000000000000003 [ 651.119233][T16531] RBP: 00007f4dd16b30a0 R08: 0000000000000000 R09: 0000000000000000 [ 651.122524][T16531] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 651.125879][T16531] R13: 000000000000000b R14: 00007f4dd0b05f80 R15: 00007ffec99c1658 [ 651.129239][T16531] [ 651.348993][ T5354] Bluetooth: hci0: unexpected event for opcode 0x0c46 [ 651.358044][ T5354] Bluetooth: hci0: Malformed HCI Event: 0x22 [ 651.381194][T16540] nvme_fabrics: unknown parameter or missing value '÷¡<:"FXIPUü‰D‹ Ý{Äù¾*“¬1&Fn`Òè΢÷~ëëÁ®Ìú<“øþh’mÜgéWÌ' in ctrl creation request [ 651.386500][T16539] input: syz0 as /devices/virtual/input/input144 [ 651.544330][T16546] nvme_fabrics: unknown parameter or missing value '0xffffffffffffffff' in ctrl creation request [ 651.645161][ T10] usb 5-1: new high-speed USB device number 35 using dummy_hcd [ 651.837377][T16554] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 651.854240][ T10] usb 5-1: Using ep0 maxpacket: 8 [ 651.858558][ T10] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 651.861873][ T10] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 651.867150][ T10] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 651.876827][ T10] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 651.886861][ T10] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 651.904192][ T10] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 651.911895][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 652.092476][ T7751] usb 6-1: new high-speed USB device number 26 using dummy_hcd [ 652.140440][ T10] usb 5-1: usb_control_msg returned -32 [ 652.142966][ T10] usbtmc 5-1:16.0: can't read capabilities [ 652.292574][ T7751] usb 6-1: Using ep0 maxpacket: 8 [ 652.304657][ T7751] usb 6-1: no configurations [ 652.306916][ T7751] usb 6-1: can't read configurations, error -22 [ 652.484145][ T7751] usb 6-1: new high-speed USB device number 27 using dummy_hcd [ 652.509288][T16583] FAULT_INJECTION: forcing a failure. [ 652.509288][T16583] name failslab, interval 1, probability 0, space 0, times 0 [ 652.519728][T16583] CPU: 2 UID: 0 PID: 16583 Comm: syz.3.3019 Not tainted 6.11.0-rc1-syzkaller-00283-gd3426a6ed9d8 #0 [ 652.524952][T16583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 652.530638][T16583] Call Trace: [ 652.532316][T16583] [ 652.533904][T16583] dump_stack_lvl+0x16c/0x1f0 [ 652.536516][T16583] should_fail_ex+0x497/0x5b0 [ 652.539074][T16583] ? fs_reclaim_acquire+0xae/0x160 [ 652.541262][T16583] should_failslab+0xc2/0x120 [ 652.543352][T16583] __kmalloc_noprof+0xcb/0x400 [ 652.545389][T16583] ? __pfx_lock_acquire+0x10/0x10 [ 652.547983][T16583] tomoyo_realpath_from_path+0xb9/0x720 [ 652.550400][T16583] ? tomoyo_profile+0x47/0x60 [ 652.552664][T16583] tomoyo_path_number_perm+0x245/0x590 [ 652.555272][T16583] ? tomoyo_path_number_perm+0x232/0x590 [ 652.557851][T16583] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 652.560464][T16583] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 652.563068][T16583] ? __fget_files+0x256/0x400 [ 652.565239][T16583] security_file_ioctl+0x75/0xc0 [ 652.567525][T16583] __x64_sys_ioctl+0xbb/0x220 [ 652.569777][T16583] do_syscall_64+0xcd/0x250 [ 652.571579][T16583] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 652.574277][T16583] RIP: 0033:0x7f71877779f9 [ 652.576274][T16583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 652.584529][T16583] RSP: 002b:00007f7188577048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 652.588126][T16583] RAX: ffffffffffffffda RBX: 00007f7187905f80 RCX: 00007f71877779f9 [ 652.591423][T16583] RDX: 0000000020000080 RSI: 00000000000089f1 RDI: 0000000000000004 [ 652.594459][T16583] RBP: 00007f71885770a0 R08: 0000000000000000 R09: 0000000000000000 [ 652.597681][T16583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 652.601385][T16583] R13: 000000000000000b R14: 00007f7187905f80 R15: 00007ffebb7d9aa8 [ 652.604871][T16583] [ 652.630229][T16583] ERROR: Out of memory at tomoyo_realpath_from_path. [ 652.855365][ T7751] usb 6-1: Using ep0 maxpacket: 8 [ 653.162058][ T7751] usb 6-1: no configurations [ 653.185209][ T7751] usb 6-1: can't read configurations, error -22 [ 653.198856][T16584] debugfs: Directory 'ptm1' with parent 'caif_serial' already present! [ 653.432845][ T7751] usb usb6-port1: attempt power cycle [ 653.826533][ T7751] usb 6-1: new high-speed USB device number 28 using dummy_hcd [ 653.856761][ T7751] usb 6-1: Using ep0 maxpacket: 8 [ 653.863563][ T7751] usb 6-1: no configurations [ 653.869790][ T7751] usb 6-1: can't read configurations, error -22 [ 653.997761][T16597] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3022'. [ 654.017107][ T7751] usb 6-1: new high-speed USB device number 29 using dummy_hcd [ 654.055975][ T7751] usb 6-1: Using ep0 maxpacket: 8 [ 654.063980][ T7751] usb 6-1: no configurations [ 654.066193][ T7751] usb 6-1: can't read configurations, error -22 [ 654.069239][ T7751] usb usb6-port1: unable to enumerate USB device [ 654.894023][ T5354] Bluetooth: hci4: Malformed HCI Event: 0x22 [ 654.920711][T16609] input: syz0 as /devices/virtual/input/input145 [ 656.142558][ T5354] Bluetooth: hci4: Malformed HCI Event: 0x22 [ 656.153054][T16624] input: syz0 as /devices/virtual/input/input146 [ 657.297661][T16581] usbtmc 5-1:16.0: usb_control_msg returned -110 [ 657.330549][T11221] usb 5-1: USB disconnect, device number 35 [ 657.530897][T16638] netlink: 68 bytes leftover after parsing attributes in process `syz.0.3034'. [ 657.779650][ T5380] usb 6-1: new high-speed USB device number 30 using dummy_hcd [ 657.951128][ T5380] usb 6-1: Using ep0 maxpacket: 8 [ 657.962094][ T5380] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 657.965998][ T5380] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 657.969781][ T5380] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 657.979653][ T5380] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 657.983302][ T5380] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 657.999218][ T5380] usb 6-1: config 0 descriptor?? [ 658.408773][ T39] audit: type=1400 audit(1722742162.473:597): avc: denied { nlmsg_write } for pid=16642 comm="syz.2.3036" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 658.495851][ T5354] Bluetooth: hci0: unexpected event for opcode 0x0c46 [ 658.506676][ T5354] Bluetooth: hci0: Malformed HCI Event: 0x22 [ 658.537733][T16650] input: syz0 as /devices/virtual/input/input147 [ 658.637166][T14097] udevd[14097]: setting mode of /dev/input/event4 to 020660 failed: No such file or directory [ 658.642211][T14097] udevd[14097]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory [ 658.778255][ T39] audit: type=1400 audit(1722742162.862:598): avc: denied { append } for pid=16658 comm="syz.2.3040" name="nullb0" dev="devtmpfs" ino=693 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 659.437139][ T5399] usb 5-1: new high-speed USB device number 36 using dummy_hcd [ 659.608585][ T5399] usb 5-1: Using ep0 maxpacket: 8 [ 659.620583][ T5399] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 659.625437][ T5399] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 659.636790][ T5399] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 659.641256][ T5399] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 659.645487][ T5399] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 659.651685][ T5399] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 659.655597][ T5399] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 659.868052][ T5399] usb 5-1: usb_control_msg returned -32 [ 659.869664][T16672] netlink: 68 bytes leftover after parsing attributes in process `syz.2.3045'. [ 659.871690][ T5399] usbtmc 5-1:16.0: can't read capabilities [ 660.399745][ T5399] usb 6-1: USB disconnect, device number 30 [ 660.785098][ T5354] Bluetooth: hci0: ACL packet for unknown connection handle 201 [ 660.794711][ T39] audit: type=1326 audit(1722742164.982:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16678 comm="syz.2.3047" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f02bdd779f9 code=0x0 [ 661.053965][ T39] audit: type=1400 audit(1722742165.255:600): avc: denied { setopt } for pid=16684 comm="syz.3.3050" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 664.991495][T16673] usbtmc 5-1:16.0: usb_control_msg returned -110 [ 665.045173][ T58] usb 5-1: USB disconnect, device number 36 [ 665.126753][T16709] netlink: 68 bytes leftover after parsing attributes in process `syz.0.3056'. [ 666.824521][ T1382] ieee802154 phy0 wpan0: encryption failed: -22 [ 666.827360][ T1382] ieee802154 phy1 wpan1: encryption failed: -22 [ 667.128644][T16729] input: syz0 as /devices/virtual/input/input148 [ 667.180464][ T5354] Bluetooth: hci0: unexpected event for opcode 0x0c46 [ 667.197049][ T5354] Bluetooth: hci0: Malformed HCI Event: 0x22 [ 667.219544][T16731] input: syz0 as /devices/virtual/input/input149 [ 669.454218][T16759] 9pnet: Could not find request transport: fd0x0000000000000004 [ 670.460638][ T39] audit: type=1400 audit(1722742175.134:601): avc: denied { watch } for pid=16779 comm="syz.2.3076" path="/420/net_prio.prioidx" dev="tmpfs" ino=2270 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 670.473485][ T39] audit: type=1400 audit(1722742175.134:602): avc: denied { watch_sb } for pid=16779 comm="syz.2.3076" path="/420/net_prio.prioidx" dev="tmpfs" ino=2270 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 670.859216][T16793] binder: BINDER_SET_CONTEXT_MGR already set [ 670.862533][T16793] binder: 16790:16793 ioctl 4018620d 20000100 returned -16 [ 670.888576][T16794] netlink: 72 bytes leftover after parsing attributes in process `syz.2.3081'. [ 670.947022][ T39] audit: type=1400 audit(1722742175.638:603): avc: denied { connect } for pid=16790 comm="syz.3.3082" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 671.001219][ T39] audit: type=1400 audit(1722742175.690:604): avc: denied { read } for pid=16790 comm="syz.3.3082" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 671.039288][ T832] usb 5-1: new high-speed USB device number 37 using dummy_hcd [ 671.056464][ T39] audit: type=1400 audit(1722742175.753:605): avc: denied { write } for pid=16790 comm="syz.3.3082" path="socket:[73034]" dev="sockfs" ino=73034 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 671.116341][ T39] audit: type=1400 audit(1722742175.816:606): avc: denied { setattr } for pid=16790 comm="syz.3.3082" name="binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 671.134298][T15330] usb 6-1: new high-speed USB device number 31 using dummy_hcd [ 671.249672][ T832] usb 5-1: Using ep0 maxpacket: 8 [ 671.254066][ T832] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 671.261618][ T832] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 671.266359][ T832] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 671.271189][ T832] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 671.275536][ T832] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 671.282005][ T832] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 671.286024][ T832] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 671.324933][T15330] usb 6-1: Using ep0 maxpacket: 8 [ 671.335049][T15330] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 671.342220][T15330] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 671.354237][T15330] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 671.359055][T15330] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 671.366758][T15330] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 671.374800][T15330] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 671.379703][T15330] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 671.503924][ T832] usb 5-1: usb_control_msg returned -32 [ 671.508595][ T832] usbtmc 5-1:16.0: can't read capabilities [ 671.638562][T15330] usb 6-1: usb_control_msg returned -32 [ 671.642548][T15330] usbtmc 6-1:16.0: can't read capabilities [ 671.756543][T16809] xt_CT: You must specify a L4 protocol and not use inversions on it [ 671.822268][T16810] xt_CT: You must specify a L4 protocol and not use inversions on it [ 672.179634][T16813] usbtmc 5-1:16.0: usb_control_msg returned -32 [ 673.297928][T16825] FAULT_INJECTION: forcing a failure. [ 673.297928][T16825] name failslab, interval 1, probability 0, space 0, times 0 [ 673.303416][T16825] CPU: 2 UID: 0 PID: 16825 Comm: syz.3.3087 Not tainted 6.11.0-rc1-syzkaller-00283-gd3426a6ed9d8 #0 [ 673.308147][T16825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 673.312822][T16825] Call Trace: [ 673.314355][T16825] [ 673.315675][T16825] dump_stack_lvl+0x16c/0x1f0 [ 673.317843][T16825] should_fail_ex+0x497/0x5b0 [ 673.320124][T16825] ? fs_reclaim_acquire+0xae/0x160 [ 673.322334][T16825] should_failslab+0xc2/0x120 [ 673.324367][T16825] __kmalloc_noprof+0xcb/0x400 [ 673.326439][T16825] ? __pfx_lock_acquire+0x10/0x10 [ 673.328617][T16825] tomoyo_realpath_from_path+0xb9/0x720 [ 673.330992][T16825] ? tomoyo_profile+0x47/0x60 [ 673.333090][T16825] tomoyo_path_number_perm+0x245/0x590 [ 673.335433][T16825] ? tomoyo_path_number_perm+0x232/0x590 [ 673.337735][T16825] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 673.340947][T16825] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 673.343661][T16825] ? __fget_files+0x256/0x400 [ 673.345767][T16825] security_file_ioctl+0x75/0xc0 [ 673.348412][T16825] __x64_sys_ioctl+0xbb/0x220 [ 673.350544][T16825] do_syscall_64+0xcd/0x250 [ 673.352638][T16825] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 673.355411][T16825] RIP: 0033:0x7f71877779f9 [ 673.357422][T16825] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 673.366124][T16825] RSP: 002b:00007f7188577048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 673.369702][T16825] RAX: ffffffffffffffda RBX: 00007f7187905f80 RCX: 00007f71877779f9 [ 673.373088][T16825] RDX: 0000000020000040 RSI: 000000004020565a RDI: 0000000000000003 [ 673.376527][T16825] RBP: 00007f71885770a0 R08: 0000000000000000 R09: 0000000000000000 [ 673.380070][T16825] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 673.383165][T16825] R13: 000000000000000b R14: 00007f7187905f80 R15: 00007ffebb7d9aa8 [ 673.386311][T16825] [ 673.396420][T16825] ERROR: Out of memory at tomoyo_realpath_from_path. [ 673.529217][T16836] IPVS: Error connecting to the multicast addr [ 673.917680][ T5399] usb 7-1: new high-speed USB device number 36 using dummy_hcd [ 673.921373][T16841] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=64873 sclass=netlink_xfrm_socket pid=16841 comm=syz.3.3092 [ 674.098377][ T5399] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 674.104262][ T5399] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 674.113939][ T5399] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 674.122211][ T5399] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 674.128550][ T5399] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 674.132480][ T5399] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 674.141517][ T5399] usb 7-1: config 0 descriptor?? [ 674.540894][ T5399] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0 [ 674.544194][ T5399] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0 [ 674.567560][ T5399] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0 [ 674.570763][ T5399] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0 [ 674.575319][ T5399] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0 [ 674.579771][ T5399] plantronics 0003:047F:FFFF.0014: No inputs registered, leaving [ 674.594570][ T5399] plantronics 0003:047F:FFFF.0014: hiddev2,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 674.977127][T16834] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 674.981942][T16834] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 675.101821][ T58] usb 7-1: USB disconnect, device number 36 [ 677.100642][T16861] 9pnet_fd: Insufficient options for proto=fd [ 677.110768][T16814] usbtmc 5-1:16.0: usb_control_msg returned -110 [ 677.146799][ T6484] usb 5-1: USB disconnect, device number 37 [ 677.198480][ T5401] usb 6-1: USB disconnect, device number 31 [ 677.974850][T16878] input: syz0 as /devices/virtual/input/input151 [ 680.505382][T16922] devpts: called with bogus options [ 680.507866][ T39] audit: type=1400 audit(1722742185.674:607): avc: denied { mounton } for pid=16921 comm="syz.1.3113" path="/syzcgroup/cpu/syz1/cpuset.cpus" dev="cgroup" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=file permissive=1 [ 681.244834][T16937] 9pnet: Could not find request transport: fd0x0000000000000004 [ 682.537077][ T58] usb 5-1: new high-speed USB device number 38 using dummy_hcd [ 682.737329][ T58] usb 5-1: Using ep0 maxpacket: 8 [ 682.760044][ T58] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 682.763596][ T58] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 682.769009][ T58] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 682.773243][ T58] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 682.778536][ T58] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 682.784863][ T58] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 682.788808][ T58] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 683.000119][ T58] usb 5-1: usb_control_msg returned -32 [ 683.002190][ T58] usbtmc 5-1:16.0: can't read capabilities [ 683.684127][T16977] usbtmc 5-1:16.0: usb_control_msg returned -32 [ 683.877162][ T5380] usb 5-1: USB disconnect, device number 38 [ 684.958905][T17001] 9pnet: Could not find request transport: fd0x0000000000000004 [ 685.167154][T17006] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=64873 sclass=netlink_xfrm_socket pid=17006 comm=syz.2.3133 [ 685.772232][T17011] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3134'. [ 686.061761][T17015] IPVS: Error connecting to the multicast addr [ 686.432757][ T58] usb 7-1: new high-speed USB device number 37 using dummy_hcd [ 686.613314][ T58] usb 7-1: Using ep0 maxpacket: 8 [ 686.619867][ T58] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 686.632012][ T58] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 686.633936][T17028] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3140'. [ 686.638587][ T58] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 686.654313][ T58] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 686.665916][ T58] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 686.673541][ T58] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 686.688983][ T58] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 686.909463][ T58] usb 7-1: usb_control_msg returned -32 [ 686.918647][ T58] usbtmc 7-1:16.0: can't read capabilities [ 687.598592][T17047] usbtmc 7-1:16.0: usb_control_msg returned -32 [ 687.794830][T11221] usb 7-1: USB disconnect, device number 37 [ 688.128296][T17049] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3145'. [ 689.729864][T17075] netlink: 68 bytes leftover after parsing attributes in process `syz.2.3153'. [ 690.259281][T17080] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3155'. [ 690.380136][T17085] 9pnet_fd: Insufficient options for proto=fd [ 690.585489][ T58] usb 6-1: new high-speed USB device number 32 using dummy_hcd [ 690.736792][T17099] kAFS: No cell specified [ 690.772394][ T58] usb 6-1: Using ep0 maxpacket: 8 [ 690.776653][ T58] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 690.780108][ T58] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 690.784059][ T58] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 690.795395][ T58] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 690.805005][ T58] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 690.810179][ T58] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 690.813634][ T58] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 691.032070][ T58] usb 6-1: usb_control_msg returned -32 [ 691.043240][ T58] usbtmc 6-1:16.0: can't read capabilities [ 691.676926][T17113] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3164'. [ 691.724269][T17115] usbtmc 6-1:16.0: usb_control_msg returned -32 [ 691.916228][ T5383] usb 6-1: USB disconnect, device number 32 [ 692.119363][ T5380] usb 7-1: new high-speed USB device number 38 using dummy_hcd [ 692.281448][ T5380] usb 7-1: device descriptor read/64, error -71 [ 692.557596][ T5380] usb 7-1: new high-speed USB device number 39 using dummy_hcd [ 692.729363][ T5380] usb 7-1: device descriptor read/64, error -71 [ 692.844041][ T5380] usb usb7-port1: attempt power cycle [ 692.947610][T17136] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 693.243585][ T5380] usb 7-1: new high-speed USB device number 40 using dummy_hcd [ 693.272835][ T5380] usb 7-1: device descriptor read/8, error -71 [ 693.548375][ T5380] usb 7-1: new high-speed USB device number 41 using dummy_hcd [ 693.586912][ T5380] usb 7-1: device descriptor read/8, error -71 [ 693.632913][T17139] input: syz0 as /devices/virtual/input/input152 [ 693.710741][ T5380] usb usb7-port1: unable to enumerate USB device [ 693.727148][T17143] kAFS: No cell specified [ 693.886991][T17149] input: syz0 as /devices/virtual/input/input153 [ 694.081388][T17153] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3173'. [ 694.592142][T17156] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3174'. [ 694.739538][T17158] input: syz0 as /devices/virtual/input/input154 [ 694.757782][T17162] netlink: 148 bytes leftover after parsing attributes in process `syz.1.3178'. [ 694.857858][T17166] fuse: Bad value for 'fd' [ 696.033421][T17182] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3183'. [ 696.472489][ T5383] usb 5-1: new high-speed USB device number 39 using dummy_hcd [ 696.644217][ T5383] usb 5-1: Using ep0 maxpacket: 8 [ 696.653253][ T5383] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 696.656830][ T5383] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 696.661141][ T5383] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 696.664703][ T5383] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 696.866643][ T5383] usb 5-1: USB disconnect, device number 39 [ 697.011215][T12454] usb 7-1: new high-speed USB device number 42 using dummy_hcd [ 697.159742][T12454] usb 7-1: device descriptor read/64, error -71 [ 697.431897][T12454] usb 7-1: new high-speed USB device number 43 using dummy_hcd [ 697.596888][T12454] usb 7-1: device descriptor read/64, error -71 [ 697.601527][T17203] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3190'. [ 697.711322][T12454] usb usb7-port1: attempt power cycle [ 698.063521][ T5353] Bluetooth: hci2: command 0x0406 tx timeout [ 698.124710][T12454] usb 7-1: new high-speed USB device number 44 using dummy_hcd [ 698.167114][T12454] usb 7-1: device descriptor read/8, error -71 [ 698.267176][T17209] fuse: Unknown parameter '0x0000000000000006' [ 698.300608][T14457] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0 [ 698.309401][T14457] hid-generic 0000:0000:0000.0015: hidraw1: HID v0.00 Device [syz0] on syz0 [ 698.423821][T12454] usb 7-1: new high-speed USB device number 45 using dummy_hcd [ 698.464089][T12454] usb 7-1: device descriptor read/8, error -71 [ 698.610984][T12454] usb usb7-port1: unable to enumerate USB device [ 698.616774][T17214] input: syz0 as /devices/virtual/input/input155 [ 698.951399][T17218] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3195'. [ 699.079678][T17222] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 700.933922][ T39] audit: type=1326 audit(1722742207.121:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17253 comm="syz.0.3203" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f44b5b779f9 code=0x0 [ 702.058801][T17261] netlink: 'syz.2.3204': attribute type 4 has an invalid length. [ 703.505525][T17288] input: syz0 as /devices/virtual/input/input156 [ 705.347772][ T5354] Bluetooth: hci0: unexpected event for opcode 0x0c46 [ 705.370071][ T5354] Bluetooth: hci0: Malformed HCI Event: 0x22 [ 705.405473][T17313] input: syz0 as /devices/virtual/input/input157 [ 706.760775][T17319] netlink: 'syz.1.3220': attribute type 4 has an invalid length. [ 707.104736][ T5354] Bluetooth: hci0: ISO packet for unknown connection handle 0 [ 707.137076][ T5354] Bluetooth: hci0: unexpected event for opcode 0x0c46 [ 707.140396][ T5354] Bluetooth: hci0: Malformed HCI Event: 0x22 [ 707.210625][T17350] input: syz0 as /devices/virtual/input/input158 [ 707.745206][T17360] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3231'. [ 708.584027][ T832] usb 5-1: new high-speed USB device number 40 using dummy_hcd [ 708.619065][T17371] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=64873 sclass=netlink_xfrm_socket pid=17371 comm=syz.2.3234 [ 708.792950][ T832] usb 5-1: device descriptor read/64, error -71 [ 709.160947][ T832] usb 5-1: new high-speed USB device number 41 using dummy_hcd [ 709.197236][ T5354] Bluetooth: hci0: ISO packet for unknown connection handle 0 [ 709.221723][ T5354] Bluetooth: hci0: unexpected event for opcode 0x0c46 [ 709.225824][ T5354] Bluetooth: hci0: Malformed HCI Event: 0x22 [ 709.284754][T17376] input: syz0 as /devices/virtual/input/input159 [ 709.313180][ T832] usb 5-1: device descriptor read/64, error -71 [ 709.428298][ T832] usb usb5-port1: attempt power cycle [ 709.828143][ T832] usb 5-1: new high-speed USB device number 42 using dummy_hcd [ 709.868161][ T832] usb 5-1: device descriptor read/8, error -71 [ 710.141742][ T832] usb 5-1: new high-speed USB device number 43 using dummy_hcd [ 710.396952][ T832] usb 5-1: device descriptor read/8, error -71 [ 710.523163][ T832] usb usb5-port1: unable to enumerate USB device [ 711.201641][T17390] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3239'. [ 711.240053][T17400] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3240'. [ 711.492414][T17395] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 711.894039][T17415] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=64873 sclass=netlink_xfrm_socket pid=17415 comm=syz.1.3244 [ 712.613140][T17422] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3253'. [ 712.683305][T17418] input: syz0 as /devices/virtual/input/input160 [ 712.718133][ T5354] Bluetooth: hci0: unexpected event for opcode 0x0c46 [ 712.721225][ T5354] Bluetooth: hci0: Malformed HCI Event: 0x22 [ 712.721658][T17428] input: syz0 as /devices/virtual/input/input161 [ 712.925938][T17426] input: syz0 as /devices/virtual/input/input162 [ 713.118507][T17434] input: syz0 as /devices/virtual/input/input163 [ 713.736148][T17448] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 713.913519][T17438] kvm: pic: non byte read [ 714.395904][T17461] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3257'. [ 714.595461][ T5354] Bluetooth: hci4: Malformed HCI Event: 0x22 [ 714.623083][T17470] input: syz0 as /devices/virtual/input/input164 [ 714.901842][ T5354] Bluetooth: hci4: ISO packet for unknown connection handle 0 [ 714.923865][ T5354] Bluetooth: hci4: Malformed HCI Event: 0x22 [ 714.949627][T17476] input: syz0 as /devices/virtual/input/input165 [ 715.373715][T17486] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3264'. [ 715.706850][T17489] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 715.834408][T17498] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=64873 sclass=netlink_xfrm_socket pid=17498 comm=syz.1.3266 [ 716.279263][T17489] kvm: pic: non byte read [ 716.500199][T17508] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3268'. [ 716.667912][T17508] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 717.324522][T12454] usb 5-1: new high-speed USB device number 44 using dummy_hcd [ 717.505380][T12454] usb 5-1: Using ep0 maxpacket: 8 [ 717.511457][T12454] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 717.515308][T12454] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 717.519558][T12454] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 717.543645][T12454] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 717.548058][T12454] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 717.554905][T12454] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 717.559012][T12454] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 717.789463][T12454] usb 5-1: usb_control_msg returned -32 [ 717.794383][T12454] usbtmc 5-1:16.0: can't read capabilities [ 717.989852][T17538] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=64873 sclass=netlink_xfrm_socket pid=17538 comm=syz.3.3275 [ 718.687100][T17550] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 718.688710][T17552] usbtmc 5-1:16.0: usb_clear_halt returned -32 [ 718.749284][T17542] kvm: pic: non byte read [ 718.770984][T17542] kvm: pic: level sensitive irq not supported [ 718.773836][T17542] kvm: pic: non byte read [ 718.878259][T15330] usb 5-1: USB disconnect, device number 44 [ 720.486516][ T10] usb 6-1: new high-speed USB device number 33 using dummy_hcd [ 720.670495][ T10] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 720.675082][ T10] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 720.685369][ T10] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 720.699656][ T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 720.740329][ T10] usb 6-1: config 0 descriptor?? [ 721.384638][T17578] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 721.408208][T17583] input: syz0 as /devices/virtual/input/input166 [ 721.442978][T17578] kvm: pic: non byte read [ 721.451610][T17578] kvm: pic: level sensitive irq not supported [ 721.463395][T17578] kvm: pic: non byte read [ 721.679374][T17588] input: syz0 as /devices/virtual/input/input167 [ 721.860557][ T5354] Bluetooth: hci0: SCO packet for unknown connection handle 0 [ 721.965530][ T5354] Bluetooth: hci0: ACL packet for unknown connection handle 200 [ 722.077238][ T5380] usb 5-1: new high-speed USB device number 45 using dummy_hcd [ 722.258150][ T5380] usb 5-1: Using ep0 maxpacket: 8 [ 722.263380][ T5380] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 722.278117][ T5380] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 722.282416][ T5380] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 722.286348][ T5380] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 722.296778][ T5380] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 722.306071][ T5380] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 722.313378][ T5380] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 722.478002][T17598] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 722.532535][ T5380] usb 5-1: usb_control_msg returned -32 [ 722.536559][ T5380] usbtmc 5-1:16.0: can't read capabilities [ 723.203475][ T5380] usb 6-1: USB disconnect, device number 33 [ 723.223842][T17610] usbtmc 5-1:16.0: CHECK_CLEAR_STATUS returned 3 [ 723.423019][T15330] usb 5-1: USB disconnect, device number 45 [ 724.321016][T17620] input: syz0 as /devices/virtual/input/input168 [ 724.367879][T17622] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 724.415124][T17622] kvm: pic: non byte read [ 724.602919][T17633] netlink: 72 bytes leftover after parsing attributes in process `syz.0.3297'. [ 724.691546][T17629] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3298'. [ 725.277996][ T5380] usb 7-1: new high-speed USB device number 46 using dummy_hcd [ 725.352778][ T1382] ieee802154 phy0 wpan0: encryption failed: -22 [ 725.369927][ T1382] ieee802154 phy1 wpan1: encryption failed: -22 [ 725.452106][ T5380] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 725.456632][ T5380] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 725.468496][ T5380] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 725.473175][ T5380] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 725.484872][ T5380] usb 7-1: config 0 descriptor?? [ 725.490461][ T5380] usbhid 7-1:0.0: couldn't find an input interrupt endpoint [ 725.721764][ T832] usb 5-1: new high-speed USB device number 46 using dummy_hcd [ 725.888006][ T832] usb 5-1: Using ep0 maxpacket: 8 [ 725.892487][ T832] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 725.895887][ T832] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 725.906748][ T832] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 725.910597][ T832] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 725.914796][ T832] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 725.925806][ T832] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 725.929722][ T832] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 726.153588][ T832] usb 5-1: usb_control_msg returned -32 [ 726.156235][ T832] usbtmc 5-1:16.0: can't read capabilities [ 726.462370][T17655] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3304'. [ 726.571741][ T5354] Bluetooth: hci4: Malformed HCI Event: 0x22 [ 726.609333][T17663] input: syz0 as /devices/virtual/input/input169 [ 726.820555][T17668] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 726.855885][T17669] usbtmc 5-1:16.0: usb_clear_halt returned -32 [ 727.045734][ T5401] usb 5-1: USB disconnect, device number 46 [ 727.066789][T17671] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 727.864310][ T39] audit: type=1400 audit(1722742235.392:609): avc: denied { mount } for pid=17687 comm="syz.3.3313" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 727.939792][ T5383] usb 7-1: USB disconnect, device number 46 [ 728.606054][T17700] input: syz0 as /devices/virtual/input/input170 [ 729.067896][T17703] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3317'. [ 729.141448][T17705] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3318'. [ 729.156924][ T39] audit: type=1400 audit(1722742236.757:610): avc: denied { nlmsg_read } for pid=17716 comm="syz.1.3320" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 729.186079][ T39] audit: type=1400 audit(1722742236.778:611): avc: denied { cmd } for pid=17716 comm="syz.1.3320" path="socket:[76791]" dev="sockfs" ino=76791 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 729.279033][ T5380] usb 7-1: new high-speed USB device number 47 using dummy_hcd [ 729.459976][ T5380] usb 7-1: Using ep0 maxpacket: 8 [ 729.464703][ T5380] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 729.468277][ T5380] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 729.473147][ T5380] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 729.477260][ T5380] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 729.482724][ T5380] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 729.488251][ T5380] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 729.492386][ T5380] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 729.727122][ T5380] usb 7-1: usb_control_msg returned -32 [ 729.729678][ T5380] usbtmc 7-1:16.0: can't read capabilities [ 729.811612][T17731] input: syz0 as /devices/virtual/input/input171 [ 730.413925][T17737] usbtmc 7-1:16.0: usb_clear_halt returned -32 [ 730.609814][ T10] usb 7-1: USB disconnect, device number 47 [ 731.156743][T17745] ubi0: attaching mtd0 [ 731.158875][T17745] ubi0 error: ubi_attach_mtd_dev: bad VID header (7) or data offsets (71) [ 731.236624][T17748] ttynull ttynull: ldisc open failed (-12), clearing slot 0 [ 731.529211][T17755] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3332'. [ 732.488559][T17783] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3338'. [ 732.594872][T17785] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=64873 sclass=netlink_xfrm_socket pid=17785 comm=syz.0.3336 [ 733.427029][ T39] audit: type=1400 audit(1722742241.229:612): avc: denied { getopt } for pid=17789 comm="syz.0.3341" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 734.832598][T17803] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 735.322916][T17822] input: syz0 as /devices/virtual/input/input172 [ 735.675140][ C2] vkms_vblank_simulate: vblank timer overrun [ 735.849496][T17833] netlink: 68 bytes leftover after parsing attributes in process `syz.2.3352'. [ 736.011231][ T5354] Bluetooth: hci4: Malformed HCI Event: 0x22 [ 736.123459][T17835] input: syz0 as /devices/virtual/input/input173 [ 736.218473][ T39] audit: type=1400 audit(1722742244.167:613): avc: denied { create } for pid=17836 comm="syz.3.3355" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=appletalk_socket permissive=1 [ 736.395962][T17847] input: syz0 as /devices/virtual/input/input174 [ 736.699296][ T5401] usb 6-1: new high-speed USB device number 34 using dummy_hcd [ 736.870687][ T5401] usb 6-1: Using ep0 maxpacket: 8 [ 736.975816][ T5401] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 736.981619][ T5401] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 737.028411][ T5401] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 737.046538][ T5401] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 737.183315][ T5401] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 737.198043][ T5401] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 737.203531][ T5401] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 737.481165][ T5401] usb 6-1: usb_control_msg returned -32 [ 737.487800][ T5401] usbtmc 6-1:16.0: can't read capabilities [ 738.158501][T17867] usbtmc 6-1:16.0: CHECK_CLEAR_STATUS returned 0 [ 738.360099][ T10] usb 6-1: USB disconnect, device number 34 [ 739.700648][T17887] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=64873 sclass=netlink_xfrm_socket pid=17887 comm=syz.3.3364 [ 739.833099][ T5383] usb 7-1: new high-speed USB device number 48 using dummy_hcd [ 739.987426][ T5383] usb 7-1: device descriptor read/64, error -71 [ 740.252496][ T5383] usb 7-1: new high-speed USB device number 49 using dummy_hcd [ 740.292191][T17894] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3368'. [ 740.414124][ T5383] usb 7-1: device descriptor read/64, error -71 [ 740.538075][ T5383] usb usb7-port1: attempt power cycle [ 740.947851][ T5383] usb 7-1: new high-speed USB device number 50 using dummy_hcd [ 740.986642][ T5383] usb 7-1: device descriptor read/8, error -71 [ 741.243185][ T5383] usb 7-1: new high-speed USB device number 51 using dummy_hcd [ 741.272910][ T5383] usb 7-1: device descriptor read/8, error -71 [ 741.326318][T17903] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3371'. [ 741.386404][ T5383] usb usb7-port1: unable to enumerate USB device [ 741.633866][ T831] usb 5-1: new high-speed USB device number 47 using dummy_hcd [ 741.805596][ T831] usb 5-1: Using ep0 maxpacket: 8 [ 741.824629][ T831] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 741.828132][ T831] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 741.832542][ T831] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 741.852318][ T831] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 741.943376][ T5383] usb 6-1: new high-speed USB device number 35 using dummy_hcd [ 742.119211][ T5383] usb 6-1: Using ep0 maxpacket: 8 [ 742.127707][ T5383] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 742.131847][ T5383] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 742.142089][ T5383] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 742.146670][ T5383] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 742.153733][ T5383] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 742.164148][ T5383] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 742.169316][ T5383] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 742.398957][ T5383] usb 6-1: usb_control_msg returned -32 [ 742.401287][ T5383] usbtmc 6-1:16.0: can't read capabilities [ 742.452767][ T39] audit: type=1326 audit(1722742250.707:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17921 comm="syz.3.3376" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f71877779f9 code=0x0 [ 742.480256][T17925] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3377'. [ 742.882410][T17932] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=64873 sclass=netlink_xfrm_socket pid=17932 comm=syz.2.3378 [ 743.120939][T17934] usbtmc 6-1:16.0: usb_clear_halt returned -32 [ 743.317390][ T5383] usb 6-1: USB disconnect, device number 35 [ 744.314195][T12454] usb 5-1: USB disconnect, device number 47 [ 745.314111][ T39] audit: type=1400 audit(1722742253.710:615): avc: denied { read } for pid=17957 comm="syz.0.3385" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 745.378481][T17960] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3386'. [ 745.540811][T17966] input: syz0 as /devices/virtual/input/input175 [ 746.770175][ T39] audit: type=1400 audit(1722742255.232:616): avc: denied { setattr } for pid=17993 comm="syz.0.3400" name="zero" dev="devtmpfs" ino=6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1 [ 747.084817][ T39] audit: type=1400 audit(1722742255.578:617): avc: denied { read } for pid=18003 comm="syz.0.3404" name="loop-control" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 747.101431][ T39] audit: type=1400 audit(1722742255.578:618): avc: denied { open } for pid=18003 comm="syz.0.3404" path="/dev/loop-control" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 747.114513][ T39] audit: type=1400 audit(1722742255.610:619): avc: denied { setattr } for pid=18005 comm="syz.1.3403" name="renderD128" dev="devtmpfs" ino=636 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 747.158593][ T39] audit: type=1400 audit(1722742255.620:620): avc: denied { ioctl } for pid=18003 comm="syz.0.3404" path="/dev/loop-control" dev="devtmpfs" ino=659 ioctlcmd=0x5437 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 747.768852][T18031] netlink: 'syz.0.3413': attribute type 20 has an invalid length. [ 748.001124][T18036] netlink: 'syz.3.3416': attribute type 20 has an invalid length. [ 748.458068][ T39] audit: type=1400 audit(1722742257.006:621): avc: denied { setattr } for pid=18041 comm="syz.1.3418" name="NETLINK" dev="sockfs" ino=80461 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 748.635117][T18048] netlink: 55 bytes leftover after parsing attributes in process `syz.0.3419'. [ 749.164189][ T39] audit: type=1326 audit(1722742257.751:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18062 comm="syz.0.3426" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f44b5b779f9 code=0x0 [ 750.189360][ T39] audit: type=1400 audit(1722742258.833:623): avc: denied { bind } for pid=18094 comm="syz.2.3438" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 753.238947][T18198] fuse: Bad value for 'fd' [ 754.127159][T18212] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 754.131160][T18212] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 756.292750][ T39] audit: type=1400 audit(1722742265.236:624): avc: denied { append } for pid=18241 comm="syz.2.3486" name="001" dev="devtmpfs" ino=750 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 756.585179][T18244] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 757.087147][T18254] tipc: Failed to remove unknown binding: 66,1,1/0:3048649675/3048649677 [ 757.960910][T18278] serio: Serial port pts1 [ 758.184624][ T5401] usb 7-1: new high-speed USB device number 52 using dummy_hcd [ 758.372579][ T5401] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 758.376663][ T5401] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 758.380959][ T5401] usb 7-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 758.386389][ T5401] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 758.397122][ T5401] usb 7-1: config 0 descriptor?? [ 758.571263][ T39] audit: type=1400 audit(1722742267.630:625): avc: denied { write } for pid=18301 comm="syz.0.3512" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 759.088039][T18312] fuse: Unknown parameter 'permit_directio' [ 759.262738][ T5401] usb 7-1: string descriptor 0 read error: -71 [ 759.304797][ T5401] uclogic 0003:256C:006D.0016: failed retrieving string descriptor #200: -71 [ 759.308625][ T5401] uclogic 0003:256C:006D.0016: failed retrieving pen parameters: -71 [ 759.340183][ T5401] uclogic 0003:256C:006D.0016: failed probing pen v2 parameters: -71 [ 759.351607][ T5401] uclogic 0003:256C:006D.0016: failed probing parameters: -71 [ 759.355068][ T5401] uclogic 0003:256C:006D.0016: probe with driver uclogic failed with error -71 [ 759.360908][ T5401] usb 7-1: USB disconnect, device number 52 [ 761.256691][T12454] usb 7-1: new high-speed USB device number 53 using dummy_hcd [ 761.450505][T12454] usb 7-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 761.459189][T12454] usb 7-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0 [ 761.466047][T12454] usb 7-1: config 0 interface 0 has no altsetting 0 [ 761.469236][T12454] usb 7-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00 [ 761.473863][T12454] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 761.483457][T12454] usb 7-1: config 0 descriptor?? [ 761.627861][T14457] usb 6-1: new high-speed USB device number 36 using dummy_hcd [ 761.830219][T14457] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 761.835325][T14457] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0 [ 761.845299][T14457] usb 6-1: config 0 interface 0 has no altsetting 0 [ 761.849641][T14457] usb 6-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00 [ 761.853796][T14457] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 761.868413][T14457] usb 6-1: config 0 descriptor?? [ 761.887481][T12454] hid-multitouch 0003:1FD2:6007.0017: unknown main item tag 0x0 [ 761.892247][T12454] hid-multitouch 0003:1FD2:6007.0017: unknown main item tag 0x0 [ 761.904409][T12454] hid-multitouch 0003:1FD2:6007.0017: item fetching failed at offset 2/5 [ 761.909050][T12454] hid-multitouch 0003:1FD2:6007.0017: probe with driver hid-multitouch failed with error -22 [ 762.077172][ T831] usb 7-1: USB disconnect, device number 53 [ 762.266599][T14457] hid-multitouch 0003:1FD2:6007.0018: unknown main item tag 0x0 [ 762.271659][T14457] hid-multitouch 0003:1FD2:6007.0018: unknown main item tag 0x0 [ 762.285747][T14457] hid-multitouch 0003:1FD2:6007.0018: item fetching failed at offset 2/5 [ 762.290279][T14457] hid-multitouch 0003:1FD2:6007.0018: probe with driver hid-multitouch failed with error -22 [ 762.455625][T14457] usb 6-1: USB disconnect, device number 36 [ 762.942733][T14457] usb 7-1: new high-speed USB device number 54 using dummy_hcd [ 763.116887][T14457] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 763.121407][T14457] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 763.126352][T14457] usb 7-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.09 [ 763.130596][T14457] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 763.185975][T14457] usb 7-1: config 0 descriptor?? [ 763.227233][T18370] __find_get_block_slow() failed. block=144115188075855872, b_blocknr=0, b_state=0x00106019, b_size=4096, device sda1 blocksize: 4096 [ 763.234239][T18370] grow_buffers: requested out-of-range block 144115188075855872 for device sda1 [ 763.238745][T18370] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 763.428374][T11221] usb 5-1: new high-speed USB device number 48 using dummy_hcd [ 763.594787][T14457] logitech-hidpp-device 0003:046D:C086.0019: hidraw1: USB HID v0.00 Device [HID 046d:c086] on usb-dummy_hcd.2-1/input0 [ 763.611064][T11221] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 763.615404][T11221] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 763.628453][T11221] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 763.632180][T11221] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 763.648702][T11221] usb 5-1: config 0 descriptor?? [ 763.777925][ T5383] usb 7-1: USB disconnect, device number 54 [ 763.795938][ T39] audit: type=1400 audit(1722742273.110:626): avc: denied { read } for pid=18382 comm="syz.3.3544" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 763.817727][T18384] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3542'. [ 763.991668][T18390] netlink: 'syz.3.3547': attribute type 29 has an invalid length. [ 764.002725][T18390] netlink: 'syz.3.3547': attribute type 29 has an invalid length. [ 764.007600][T18390] netlink: 'syz.3.3547': attribute type 29 has an invalid length. [ 764.068073][T11221] plantronics 0003:047F:FFFF.001A: No inputs registered, leaving [ 764.087630][T11221] plantronics 0003:047F:FFFF.001A: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 764.201975][T15330] usb 6-1: new high-speed USB device number 37 using dummy_hcd [ 764.263681][ T39] audit: type=1400 audit(1722742273.603:627): avc: denied { map } for pid=18395 comm="syz.3.3550" path="socket:[81821]" dev="sockfs" ino=81821 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 764.272437][ T39] audit: type=1400 audit(1722742273.614:628): avc: denied { read accept } for pid=18395 comm="syz.3.3550" path="socket:[81821]" dev="sockfs" ino=81821 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 764.274603][T18396] IPVS: You probably need to specify IP address on multicast interface. [ 764.291555][T18396] IPVS: Error connecting to the multicast addr [ 764.483280][T15330] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 764.493914][T15330] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 764.503768][T15330] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 764.513096][T15330] usb 6-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.10 [ 764.523699][T15330] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 764.544228][T15330] usb 6-1: config 0 descriptor?? [ 764.799543][ C0] hrtimer: interrupt took 49436 ns [ 764.990581][T18415] netlink: 'syz.2.3556': attribute type 29 has an invalid length. [ 764.997564][T18415] netlink: 'syz.2.3556': attribute type 29 has an invalid length. [ 765.004835][T18415] netlink: 'syz.2.3556': attribute type 29 has an invalid length. [ 765.523765][T18428] __find_get_block_slow() failed. block=144115188075855872, b_blocknr=0, b_state=0x00316019, b_size=4096, device sda1 blocksize: 4096 [ 765.529424][T18428] grow_buffers: requested out-of-range block 144115188075855872 for device sda1 [ 765.532794][T18428] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 765.757943][ T39] audit: type=1400 audit(1722742275.178:629): avc: denied { write } for pid=18430 comm="syz.3.3562" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 766.079508][T18437] serio: Serial port pts1 [ 766.603341][T15330] usbhid 6-1:0.0: can't add hid device: -71 [ 766.608151][T15330] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 766.620831][T15330] usb 6-1: USB disconnect, device number 37 [ 766.879038][ T39] audit: type=1400 audit(1722742276.354:630): avc: denied { nlmsg_write } for pid=18444 comm="syz.2.3567" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1 [ 767.459421][T18474] __find_get_block_slow() failed. block=144115188075855872, b_blocknr=0, b_state=0x00316019, b_size=4096, device sda1 blocksize: 4096 [ 767.464609][T18474] grow_buffers: requested out-of-range block 144115188075855872 for device sda1 [ 767.469032][T18474] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 768.213656][T18477] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3579'. [ 768.659738][T18487] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3584'. [ 769.346656][ T39] audit: type=1400 audit(1722742278.947:631): avc: denied { watch watch_reads } for pid=18495 comm="syz.2.3588" path="/proc/1736" dev="proc" ino=81895 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 770.575306][T18517] serio: Serial port ptm1 [ 770.775424][ T39] audit: type=1400 audit(1722742280.448:632): avc: denied { mounton } for pid=18524 comm="syz.2.3597" path="/565/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 770.787930][ T39] audit: type=1400 audit(1722742280.448:633): avc: denied { watch } for pid=18526 comm="syz.1.3598" path="/158/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 772.671836][T18562] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3609'. [ 773.083262][T18569] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=64873 sclass=netlink_xfrm_socket pid=18569 comm=syz.2.3611 [ 773.796355][ T5353] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 773.811115][ T5353] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 773.819926][ T5353] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 773.824912][ T5353] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 773.831512][ T5353] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 773.836530][ T5353] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 774.014759][T18581] netlink: 830 bytes leftover after parsing attributes in process `syz.1.3614'. [ 774.020948][T18581] bond_slave_0: entered promiscuous mode [ 774.025225][T18581] bond_slave_1: entered promiscuous mode [ 774.033082][T18570] chnl_net:caif_netlink_parms(): no params data found [ 774.044700][T18581] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3614'. [ 774.046529][ T39] audit: type=1400 audit(1722742283.870:634): avc: denied { accept } for pid=18579 comm="syz.1.3614" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 774.313409][ T39] audit: type=1400 audit(1722742284.154:635): avc: denied { write } for pid=18574 comm="syz.3.3613" name="usbmon7" dev="devtmpfs" ino=745 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 774.606302][T18570] bridge0: port 1(bridge_slave_0) entered blocking state [ 774.614993][T18570] bridge0: port 1(bridge_slave_0) entered disabled state [ 774.618317][T18570] bridge_slave_0: entered allmulticast mode [ 774.623516][T18570] bridge_slave_0: entered promiscuous mode [ 774.632524][T18570] bridge0: port 2(bridge_slave_1) entered blocking state [ 774.635499][T18570] bridge0: port 2(bridge_slave_1) entered disabled state [ 774.638766][T18570] bridge_slave_1: entered allmulticast mode [ 774.651908][T18570] bridge_slave_1: entered promiscuous mode [ 774.727497][T18408] plantronics 0003:047F:FFFF.001A: timeout initializing reports [ 774.761965][T18570] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 774.778152][T18570] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 774.897539][T18570] team0: Port device team_slave_0 added [ 774.910204][T18570] team0: Port device team_slave_1 added [ 775.126937][T18570] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 775.135104][T18570] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 775.152441][T18570] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 775.153839][ T5353] Bluetooth: hci4: Malformed HCI Event: 0x22 [ 775.180199][T18570] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 775.196419][T18570] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 775.208132][T18594] input: syz0 as /devices/virtual/input/input178 [ 775.213125][T18570] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 775.384470][T18570] hsr_slave_0: entered promiscuous mode [ 775.393427][T18570] hsr_slave_1: entered promiscuous mode [ 775.397463][T18570] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 775.400802][T18570] Cannot create hsr debugfs directory [ 775.626049][T15330] usb 5-1: USB disconnect, device number 48 [ 775.694911][T18570] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 775.795441][ T5353] Bluetooth: hci6: command tx timeout [ 775.805771][T18570] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 775.891403][T18570] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 775.980535][T18570] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 776.074140][ T1108] bridge_slave_1: left allmulticast mode [ 776.076666][ T1108] bridge_slave_1: left promiscuous mode [ 776.085144][ T1108] bridge0: port 2(bridge_slave_1) entered disabled state [ 776.092839][ T1108] bridge_slave_0: left allmulticast mode [ 776.096462][ T1108] bridge_slave_0: left promiscuous mode [ 776.113340][ T1108] bridge0: port 1(bridge_slave_0) entered disabled state [ 777.484053][T18606] FAULT_INJECTION: forcing a failure. [ 777.484053][T18606] name failslab, interval 1, probability 0, space 0, times 0 [ 777.497698][T18606] CPU: 2 UID: 0 PID: 18606 Comm: syz.2.3619 Not tainted 6.11.0-rc1-syzkaller-00283-gd3426a6ed9d8 #0 [ 777.501957][T18606] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 777.506028][T18606] Call Trace: [ 777.507373][T18606] [ 777.508533][T18606] dump_stack_lvl+0x16c/0x1f0 [ 777.510395][T18606] should_fail_ex+0x497/0x5b0 [ 777.512240][T18606] ? fs_reclaim_acquire+0xae/0x160 [ 777.514209][T18606] should_failslab+0xc2/0x120 [ 777.516051][T18606] kmem_cache_alloc_lru_noprof+0x72/0x2f0 [ 777.518254][T18606] ? sock_alloc_inode+0x25/0x1c0 [ 777.520173][T18606] ? __pfx_sock_alloc_inode+0x10/0x10 [ 777.522237][T18606] sock_alloc_inode+0x25/0x1c0 [ 777.524124][T18606] alloc_inode+0x5d/0x230 [ 777.525809][T18606] sock_alloc+0x40/0x280 [ 777.527477][T18606] __sock_create+0xc0/0x800 [ 777.529245][T18606] ? __pfx_lock_release+0x10/0x10 [ 777.531207][T18606] __sys_socket+0x14f/0x260 [ 777.532978][T18606] ? handle_mm_fault+0x4c9/0x7b0 [ 777.534902][T18606] ? __pfx___sys_socket+0x10/0x10 [ 777.536855][T18606] ? do_user_addr_fault+0x83d/0x13f0 [ 777.538842][T18606] __x64_sys_socket+0x72/0xb0 [ 777.540456][T18606] ? lockdep_hardirqs_on+0x7c/0x110 [ 777.542218][T18606] do_syscall_64+0xcd/0x250 [ 777.544039][T18606] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 777.546448][T18606] RIP: 0033:0x7f02bdd79817 [ 777.548129][T18606] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 777.555577][T18606] RSP: 002b:00007f02bea84fb8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 777.558776][T18606] RAX: ffffffffffffffda RBX: 00007f02bdf05f80 RCX: 00007f02bdd79817 [ 777.561749][T18606] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 777.564787][T18606] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 777.567836][T18606] R10: 0000000020000140 R11: 0000000000000286 R12: 0000000000000001 [ 777.570886][T18606] R13: 000000000000000b R14: 00007f02bdf05f80 R15: 00007ffd04ad9168 [ 777.573920][T18606] [ 777.578212][T18606] socket: no more sockets [ 777.774119][ T5353] Bluetooth: hci6: command tx timeout [ 778.109646][ T1108] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 778.133755][ T1108] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 778.151531][ T1108] bond0 (unregistering): Released all slaves [ 778.204374][T18602] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3618'. [ 778.325515][T18570] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 778.510513][T18570] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 778.544211][T18570] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 778.566021][T18570] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 779.043119][T18570] 8021q: adding VLAN 0 to HW filter on device bond0 [ 779.260576][T18625] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=64873 sclass=netlink_xfrm_socket pid=18625 comm=syz.1.3622 [ 779.394513][T18570] 8021q: adding VLAN 0 to HW filter on device team0 [ 779.473766][ T832] bridge0: port 1(bridge_slave_0) entered blocking state [ 779.476481][ T832] bridge0: port 1(bridge_slave_0) entered forwarding state [ 779.519327][ T832] bridge0: port 2(bridge_slave_1) entered blocking state [ 779.523100][ T832] bridge0: port 2(bridge_slave_1) entered forwarding state [ 779.563898][T18570] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 779.571024][T18570] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 779.691647][ T1108] hsr_slave_0: left promiscuous mode [ 779.708504][ T1108] hsr_slave_1: left promiscuous mode [ 779.728320][ T1108] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 779.731592][ T1108] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 779.736668][ T1108] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 779.739890][ T1108] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 779.755442][ T5353] Bluetooth: hci6: command tx timeout [ 779.822002][T14457] usb 7-1: new high-speed USB device number 55 using dummy_hcd [ 779.871461][ T1108] veth1_macvtap: left promiscuous mode [ 779.874051][ T1108] veth0_macvtap: left promiscuous mode [ 779.886749][ T1108] veth1_vlan: left promiscuous mode [ 779.889288][ T1108] veth0_vlan: left promiscuous mode [ 780.012090][T14457] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 780.018230][T14457] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 780.028473][T14457] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 780.035019][T14457] usb 7-1: config 0 descriptor?? [ 780.042058][T14457] usbhid 7-1:0.0: couldn't find an input interrupt endpoint [ 781.460771][ T1108] team0 (unregistering): Port device team_slave_1 removed [ 781.565353][ T1108] team0 (unregistering): Port device team_slave_0 removed [ 781.748035][ T5353] Bluetooth: hci6: command tx timeout [ 782.398136][T18653] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3629'. [ 782.467430][T18570] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 782.504677][T12454] usb 7-1: USB disconnect, device number 55 [ 782.593357][T18570] veth0_vlan: entered promiscuous mode [ 782.600177][T18661] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18661 comm=syz.2.3631 [ 782.626293][T18661] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3631'. [ 782.652421][T18570] veth1_vlan: entered promiscuous mode [ 782.695440][T18570] veth0_macvtap: entered promiscuous mode [ 782.698163][ T39] audit: type=1400 audit(1722742292.951:636): avc: denied { ioctl } for pid=18660 comm="syz.2.3631" path="socket:[83075]" dev="sockfs" ino=83075 ioctlcmd=0x89f1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 782.732595][T18570] veth1_macvtap: entered promiscuous mode [ 782.764315][T18570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 782.770243][T18570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 782.774441][T18570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 782.780625][T18570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 782.789027][T18570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 782.793336][T18570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 782.798436][T18570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 782.802620][T18570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 782.811242][T18570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 782.815799][T18570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 782.820134][T18570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 782.825378][T18570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 782.831148][T18570] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 782.853395][T18570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 782.857799][T18570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 782.863649][T18570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 782.868031][T18570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 782.872469][T18570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 782.876628][T18570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 782.880655][T18570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 782.884413][T18570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 782.887720][T18570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 782.892216][T18570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 782.896364][T18570] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 782.901137][T18570] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 782.907208][T18570] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 782.917984][T18570] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 782.920974][T18570] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 782.924328][T18570] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 782.928356][T18570] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 783.009204][ T204] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 783.011761][ T204] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 783.045746][ T1111] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 783.048787][ T1111] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 783.883428][ T1382] ieee802154 phy0 wpan0: encryption failed: -22 [ 783.886537][ T1382] ieee802154 phy1 wpan1: encryption failed: -22 [ 784.534572][ T5354] Bluetooth: hci0: unexpected event for opcode 0x0c46 [ 784.546795][ T5354] Bluetooth: hci0: Malformed HCI Event: 0x22 [ 784.569625][T18676] input: syz0 as /devices/virtual/input/input179 [ 785.668171][ T39] audit: type=1400 audit(1722742296.080:637): avc: denied { bind } for pid=18686 comm="syz.0.3638" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 785.846323][T18697] FAULT_INJECTION: forcing a failure. [ 785.846323][T18697] name failslab, interval 1, probability 0, space 0, times 0 [ 785.851804][ T5354] Bluetooth: hci4: command 0x0406 tx timeout [ 785.860389][T18697] CPU: 3 UID: 0 PID: 18697 Comm: syz.2.3641 Not tainted 6.11.0-rc1-syzkaller-00283-gd3426a6ed9d8 #0 [ 785.864341][T18697] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 785.868668][T18697] Call Trace: [ 785.870099][T18697] [ 785.871127][T18697] dump_stack_lvl+0x16c/0x1f0 [ 785.873095][T18697] should_fail_ex+0x497/0x5b0 [ 785.875299][T18697] ? fs_reclaim_acquire+0xae/0x160 [ 785.877483][T18697] should_failslab+0xc2/0x120 [ 785.879526][T18697] kmem_cache_alloc_node_noprof+0x71/0x310 [ 785.882065][T18697] ? __alloc_skb+0x2b1/0x380 [ 785.884128][T18697] __alloc_skb+0x2b1/0x380 [ 785.886058][T18697] ? __pfx___alloc_skb+0x10/0x10 [ 785.888204][T18697] ? __might_fault+0x13b/0x190 [ 785.890150][T18697] ? __import_iovec+0x1fd/0x6e0 [ 785.892088][T18697] pfkey_sendmsg+0x16e/0x840 [ 785.894164][T18697] ? security_socket_sendmsg+0x8c/0xc0 [ 785.896505][T18697] ____sys_sendmsg+0xab5/0xc90 [ 785.898653][T18697] ? copy_msghdr_from_user+0x10b/0x160 [ 785.900990][T18697] ? __pfx_____sys_sendmsg+0x10/0x10 [ 785.902817][T18697] ? find_held_lock+0x2d/0x110 [ 785.904748][T18697] ? __pfx___lock_acquire+0x10/0x10 [ 785.906920][T18697] ___sys_sendmsg+0x135/0x1e0 [ 785.908852][T18697] ? __pfx____sys_sendmsg+0x10/0x10 [ 785.910797][T18697] ? ksys_write+0x21c/0x260 [ 785.912655][T18697] ? __fget_light+0x173/0x210 [ 785.914734][T18697] __sys_sendmsg+0x117/0x1f0 [ 785.916477][T18697] ? __pfx___sys_sendmsg+0x10/0x10 [ 785.917994][T18697] do_syscall_64+0xcd/0x250 [ 785.919778][T18697] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 785.921715][T18697] RIP: 0033:0x7f02bdd779f9 [ 785.923616][T18697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 785.932076][T18697] RSP: 002b:00007f02bea86048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 785.935693][T18697] RAX: ffffffffffffffda RBX: 00007f02bdf05f80 RCX: 00007f02bdd779f9 [ 785.938817][T18697] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 785.942306][T18697] RBP: 00007f02bea860a0 R08: 0000000000000000 R09: 0000000000000000 [ 785.945874][T18697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 785.949442][T18697] R13: 000000000000000b R14: 00007f02bdf05f80 R15: 00007ffd04ad9168 [ 785.953003][T18697] [ 786.094060][ T5353] Bluetooth: hci0: unexpected event for opcode 0x0c46 [ 786.096460][ T5353] Bluetooth: hci0: Malformed HCI Event: 0x22 [ 786.114461][T18701] input: syz0 as /devices/virtual/input/input180 [ 788.564370][ T5353] Bluetooth: hci6: Malformed HCI Event: 0x22 [ 788.629179][T18736] input: syz0 as /devices/virtual/input/input181 [ 789.817651][ T39] audit: type=1400 audit(1722742300.436:638): avc: denied { setopt } for pid=18760 comm="syz.3.3660" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 789.861831][ T5401] usb 6-1: new low-speed USB device number 38 using dummy_hcd [ 790.047269][ T5401] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 790.050468][ T5401] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 790.056449][ T5401] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 790.060673][ T5401] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 790.066718][ T5401] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 790.079875][ T5401] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 790.084889][ T5401] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 790.089347][ T5401] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 790.094026][ T5401] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 790.098816][ T5401] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 790.107069][ T5401] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 790.111470][ T5401] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 790.116089][ T5401] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 790.121308][ T5401] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 790.126256][ T5401] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 790.156817][ T5401] usb 6-1: string descriptor 0 read error: -22 [ 790.160450][ T5401] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 790.164993][ T5401] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 790.182721][ T5401] adutux 6-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 790.301112][ T10] usb 5-1: new high-speed USB device number 49 using dummy_hcd [ 790.400979][T18757] usb 6-1: Couldn't submit interrupt_out_urb -90 [ 790.413714][ T5401] usb 6-1: USB disconnect, device number 38 [ 790.481115][ T10] usb 5-1: Using ep0 maxpacket: 8 [ 790.487493][ T10] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 790.491557][ T10] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 790.497152][ T10] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 790.501904][ T10] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 790.506184][ T10] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 790.512243][ T10] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 790.516500][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 790.750931][T18771] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 790.788586][T18771] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 790.796678][ T10] usb 5-1: usb_control_msg returned -32 [ 790.799148][ T10] usbtmc 5-1:16.0: can't read capabilities [ 790.808181][ T39] audit: type=1326 audit(1722742301.476:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18777 comm="syz.3.3664" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f71877779f9 code=0x0 [ 790.911235][T18781] bridge0: adding interface bridge0 with same address as a received packet (addr:aa:aa:aa:aa:aa:bb, vlan:0) [ 792.161329][ T39] audit: type=1400 audit(1722742302.893:640): avc: denied { getopt } for pid=18797 comm="syz.1.3667" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 792.752945][T18817] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3673'. [ 793.901171][ T5353] Bluetooth: hci0: unexpected event for opcode 0x0c46 [ 793.904207][ T5353] Bluetooth: hci0: Malformed HCI Event: 0x22 [ 793.915109][T18828] input: syz0 as /devices/virtual/input/input183 [ 793.924051][T18832] syz.1.3677: attempt to access beyond end of device [ 793.924051][T18832] nbd1: rw=0, sector=64, nr_sectors = 2 limit=0 [ 793.948238][T18832] isofs_fill_super: bread failed, dev=nbd1, iso_blknum=16, block=32 [ 794.104699][T18835] input: syz0 as /devices/virtual/input/input184 [ 794.539006][T11221] usb 7-1: new high-speed USB device number 56 using dummy_hcd [ 794.713525][T11221] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 794.718047][T11221] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 794.729359][T11221] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 794.733596][T11221] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 794.742150][T11221] usb 7-1: config 0 descriptor?? [ 794.747841][T11221] usbhid 7-1:0.0: couldn't find an input interrupt endpoint [ 796.674088][T18791] usbtmc 5-1:16.0: usb_control_msg returned -110 [ 796.754439][ T831] usb 5-1: USB disconnect, device number 49 [ 797.168412][ T5399] usb 7-1: USB disconnect, device number 56 [ 797.218087][T18875] input: syz0 as /devices/virtual/input/input185 [ 798.216954][ T39] audit: type=1400 audit(1722742309.255:641): avc: denied { write } for pid=18884 comm="syz.1.3693" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 798.217444][T18885] random: crng reseeded on system resumption [ 798.344373][T18891] syz.0.3694: attempt to access beyond end of device [ 798.344373][T18891] nbd0: rw=0, sector=64, nr_sectors = 2 limit=0 [ 798.358767][T18891] isofs_fill_super: bread failed, dev=nbd0, iso_blknum=16, block=32 [ 798.413327][ T5353] Bluetooth: hci0: unexpected event for opcode 0x0c46 [ 798.423618][ T5353] Bluetooth: hci0: Malformed HCI Event: 0x22 [ 798.652001][ T39] audit: type=1400 audit(1722742309.706:642): avc: denied { write } for pid=18895 comm="syz.2.3696" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 798.663367][T18896] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3696'. [ 798.835109][ T831] usb 6-1: new high-speed USB device number 39 using dummy_hcd [ 798.890182][T18900] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 798.898526][T18900] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 798.902526][T18900] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 798.907058][T18900] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 798.911736][T18900] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 798.916075][T18900] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 799.025438][ T831] usb 6-1: Using ep0 maxpacket: 16 [ 799.039646][ T831] usb 6-1: config 0 has no interfaces? [ 799.042251][ T831] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 799.049495][ T831] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 799.075071][ T831] usb 6-1: config 0 descriptor?? [ 799.273513][T18898] chnl_net:caif_netlink_parms(): no params data found [ 799.328648][ T39] audit: type=1400 audit(1722742310.409:643): avc: denied { ioctl } for pid=18884 comm="syz.1.3693" path="/dev/snapshot" dev="devtmpfs" ino=98 ioctlcmd=0x3311 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 799.410544][T18888] overlay: Unknown parameter 'obj_type' [ 799.473966][ T5401] usb 6-1: USB disconnect, device number 39 [ 799.536114][ T1108] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 799.553863][T18898] bridge0: port 1(bridge_slave_0) entered blocking state [ 799.557217][T18898] bridge0: port 1(bridge_slave_0) entered disabled state [ 799.562335][T18898] bridge_slave_0: entered allmulticast mode [ 799.566548][T18898] bridge_slave_0: entered promiscuous mode [ 799.581102][T18898] bridge0: port 2(bridge_slave_1) entered blocking state [ 799.584332][T18898] bridge0: port 2(bridge_slave_1) entered disabled state [ 799.589038][T18898] bridge_slave_1: entered allmulticast mode [ 799.593706][T18898] bridge_slave_1: entered promiscuous mode [ 799.677607][ T1108] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 799.731688][T18898] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 799.758460][ T1108] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 799.774677][T18898] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 799.863116][ T1108] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 799.891946][T18898] team0: Port device team_slave_0 added [ 799.906220][T18898] team0: Port device team_slave_1 added [ 799.998015][T18898] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 800.001129][T18898] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 800.023959][T18898] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 800.035018][T18898] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 800.038037][T18898] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 800.050199][T18898] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 800.214641][T18898] hsr_slave_0: entered promiscuous mode [ 800.228136][T18898] hsr_slave_1: entered promiscuous mode [ 800.233147][T18898] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 800.237292][T18898] Cannot create hsr debugfs directory [ 800.295781][ T1108] bridge_slave_1: left allmulticast mode [ 800.298245][ T1108] bridge_slave_1: left promiscuous mode [ 800.300857][ T1108] bridge0: port 2(bridge_slave_1) entered disabled state [ 800.313320][ T1108] bridge_slave_0: left allmulticast mode [ 800.315714][ T1108] bridge_slave_0: left promiscuous mode [ 800.318171][ T1108] bridge0: port 1(bridge_slave_0) entered disabled state [ 800.865001][ T5353] Bluetooth: hci5: command tx timeout [ 801.277303][ T1108] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 801.292872][ T1108] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 801.299262][ T1108] bond0 (unregistering): Released all slaves [ 801.435799][ T5401] usb 6-1: new high-speed USB device number 40 using dummy_hcd [ 801.695434][ T5401] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 801.700782][ T5401] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 801.706143][ T5401] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 801.709772][ T5401] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 801.718563][ T5401] usb 6-1: config 0 descriptor?? [ 801.726059][ T5401] usbhid 6-1:0.0: couldn't find an input interrupt endpoint [ 801.789756][ T1108] hsr_slave_0: left promiscuous mode [ 801.792953][ T1108] hsr_slave_1: left promiscuous mode [ 801.796827][ T1108] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 801.800192][ T1108] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 801.804481][ T1108] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 801.807952][ T1108] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 801.869112][ T1108] veth1_macvtap: left promiscuous mode [ 801.871597][ T1108] veth0_macvtap: left promiscuous mode [ 801.874466][ T1108] veth1_vlan: left promiscuous mode [ 801.876853][ T1108] veth0_vlan: left promiscuous mode [ 802.854995][ T5353] Bluetooth: hci5: command tx timeout [ 803.282121][T18954] random: crng reseeded on system resumption [ 803.547527][ T1108] team0 (unregistering): Port device team_slave_1 removed [ 803.760026][ T1108] team0 (unregistering): Port device team_slave_0 removed [ 803.997710][T14457] usb 5-1: new high-speed USB device number 50 using dummy_hcd [ 804.062523][T11221] usb 6-1: USB disconnect, device number 40 [ 804.169532][T14457] usb 5-1: Using ep0 maxpacket: 8 [ 804.173510][T14457] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 804.183271][T14457] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 804.187511][T14457] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 804.194973][T14457] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 804.199534][T14457] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 804.205018][T14457] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 804.209218][T14457] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 804.442547][T14457] usb 5-1: usb_control_msg returned -32 [ 804.444806][T14457] usbtmc 5-1:16.0: can't read capabilities [ 804.836042][ T5353] Bluetooth: hci5: command tx timeout [ 805.132196][T18974] usbtmc 5-1:16.0: CHECK_CLEAR_STATUS returned 0 [ 805.333753][ T5383] usb 5-1: USB disconnect, device number 50 [ 805.372744][T18898] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 805.387699][T18898] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 805.397059][T18898] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 805.402701][T18898] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 805.522273][T18898] 8021q: adding VLAN 0 to HW filter on device bond0 [ 805.548208][T18898] 8021q: adding VLAN 0 to HW filter on device team0 [ 805.558679][ T831] bridge0: port 1(bridge_slave_0) entered blocking state [ 805.562164][ T831] bridge0: port 1(bridge_slave_0) entered forwarding state [ 805.585524][ T831] bridge0: port 2(bridge_slave_1) entered blocking state [ 805.588619][ T831] bridge0: port 2(bridge_slave_1) entered forwarding state [ 805.641951][T18898] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 806.038174][T18898] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 806.124486][T18898] veth0_vlan: entered promiscuous mode [ 806.149144][T18898] veth1_vlan: entered promiscuous mode [ 806.270539][T18898] veth0_macvtap: entered promiscuous mode [ 806.281150][T18898] veth1_macvtap: entered promiscuous mode [ 806.296198][T18898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 806.306288][T18898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 806.407745][T18898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 806.413121][T18898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 806.421644][T18898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 806.434020][T18898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 806.434051][ T5353] Bluetooth: hci6: Malformed HCI Event: 0x22 [ 806.439404][T18898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 806.439465][T18898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 806.439485][T18898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 806.439499][T18898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 806.439557][T18898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 806.439572][T18898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 806.441952][T18898] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 806.488391][T18898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 806.490920][T19003] input: syz0 as /devices/virtual/input/input186 [ 806.492929][T18898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 806.500148][T18898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 806.507027][T18898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 806.513182][T18898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 806.517820][T18898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 806.522960][T18898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 806.527391][T18898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 806.536128][T18898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 806.540337][T18898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 806.544898][T18898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 806.549214][T18898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 806.558088][T18898] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 806.575226][T18898] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 806.579374][T18898] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 806.583664][T18898] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 806.588798][T18898] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 806.751813][ T831] usb 6-1: new high-speed USB device number 41 using dummy_hcd [ 806.785207][ T1109] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 806.788839][ T1109] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 806.817230][ T5353] Bluetooth: hci5: command tx timeout [ 806.840193][ T204] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 806.852116][ T204] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 806.949123][ T831] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 806.960771][ T831] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 806.966562][ T831] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 806.986948][ T831] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 807.003788][ T831] usb 6-1: config 0 descriptor?? [ 807.020936][ T831] usbhid 6-1:0.0: couldn't find an input interrupt endpoint [ 807.221062][ T39] audit: type=1326 audit(1722742318.703:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19032 comm="syz.0.3718" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbaf55779f9 code=0x0 [ 807.414115][T19063] sp0: Synchronizing with TNC [ 808.398641][ T5401] usb 7-1: new high-speed USB device number 57 using dummy_hcd [ 808.579733][ T5401] usb 7-1: Using ep0 maxpacket: 8 [ 808.586308][ T5401] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 808.598293][ T5401] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 808.621330][ T5401] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 808.631612][ T5401] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 808.637540][ T5401] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 808.665506][ T5401] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 808.680483][ T5401] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 808.909582][ T5401] usb 7-1: usb_control_msg returned -32 [ 808.912255][ T5401] usbtmc 7-1:16.0: can't read capabilities [ 809.323446][T12454] usb 6-1: USB disconnect, device number 41 [ 809.587413][T19089] usbtmc 7-1:16.0: usb_clear_halt returned -32 [ 809.779153][ T5399] usb 7-1: USB disconnect, device number 57 [ 810.393105][T19093] random: crng reseeded on system resumption [ 811.408207][ T6484] usb 7-1: new high-speed USB device number 58 using dummy_hcd [ 811.589766][ T6484] usb 7-1: Using ep0 maxpacket: 16 [ 811.596500][ T6484] usb 7-1: config 0 has no interfaces? [ 811.598453][ T6484] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 811.607196][ T6484] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 811.638293][ T6484] usb 7-1: config 0 descriptor?? [ 811.979528][T19096] overlay: Unknown parameter 'obj_type' [ 812.010356][T19109] input: syz0 as /devices/virtual/input/input187 [ 812.115096][ T5401] usb 7-1: USB disconnect, device number 58 [ 815.787729][ T39] audit: type=1326 audit(1722742327.689:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19198 comm="syz.3.3747" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f71877779f9 code=0x0 [ 815.920571][T19202] sp0: Synchronizing with TNC [ 817.777919][T19213] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 817.813559][T19213] kvm: pic: non byte read [ 817.817478][T19213] kvm: pic: level sensitive irq not supported [ 817.818172][T19213] kvm: pic: non byte read [ 818.886061][ T5353] Bluetooth: hci5: Malformed HCI Event: 0x22 [ 818.944541][T19243] input: syz0 as /devices/virtual/input/input188 [ 820.130716][T19266] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3760'. [ 820.179910][ T5353] Bluetooth: hci6: Malformed HCI Event: 0x22 [ 820.226487][T19262] input: syz0 as /devices/virtual/input/input189 [ 820.243691][T19264] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 820.311504][T19264] kvm: pic: non byte read [ 820.317855][ T39] audit: type=1326 audit(1722742332.455:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19275 comm="syz.1.3766" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4dd09779f9 code=0x0 [ 820.586924][T19263] jump_label: Fatal kernel bug, unexpected op at preempt_notifier_register+0xd/0xf0 [ffffffff815967ed] (eb 12 90 48 c7 != 66 90 0f 1f 00)) size:2 type:1 [ 820.610468][T19263] ------------[ cut here ]------------ [ 820.612933][T19263] kernel BUG at arch/x86/kernel/jump_label.c:73! [ 820.615707][T19263] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 820.618727][T19263] CPU: 1 UID: 0 PID: 19263 Comm: syz.2.3763 Not tainted 6.11.0-rc1-syzkaller-00283-gd3426a6ed9d8 #0 [ 820.622783][T19263] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 820.626996][T19263] RIP: 0010:__jump_label_patch+0x378/0x400 [ 820.631161][T19263] Code: 48 c7 c3 60 40 24 93 e8 c6 7c 59 00 45 89 e1 49 89 d8 4c 89 f1 41 55 4c 89 f2 4c 89 f6 48 c7 c7 20 38 46 8b e8 f9 ef 39 00 90 <0f> 0b e8 a1 7c 59 00 90 0f 0b e8 99 7c 59 00 90 0f 0b 48 c7 c7 30 [ 820.638946][T19263] RSP: 0000:ffffc90003427c38 EFLAGS: 00010286 [ 820.641917][T19263] RAX: 0000000000000096 RBX: ffffffff8b466ea1 RCX: ffffffff816b0039 [ 820.645247][T19263] RDX: 0000000000000000 RSI: ffffffff816b9416 RDI: 0000000000000005 [ 820.648469][T19263] RBP: ffffc90003427c80 R08: 0000000000000005 R09: 0000000000000000 [ 820.651384][T19263] R10: 0000000080000000 R11: 0000000000000000 R12: 0000000000000002 [ 820.654389][T19263] R13: 0000000000000001 R14: ffffffff815967ed R15: 0000000000000085 [ 820.657143][T19263] FS: 000055556128b500(0000) GS:ffff88806b100000(0000) knlGS:0000000000000000 [ 820.660873][T19263] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 820.663633][T19263] CR2: 0000001b2ea16ff8 CR3: 000000004fb26000 CR4: 0000000000352ef0 [ 820.666413][T19263] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 820.669398][T19263] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 820.672457][T19263] Call Trace: [ 820.673819][T19263] [ 820.674992][T19263] ? show_regs+0x8c/0xa0 [ 820.676882][T19263] ? die+0x36/0xa0 [ 820.678470][T19263] ? do_trap+0x232/0x430 [ 820.679947][T19263] ? __jump_label_patch+0x378/0x400 [ 820.681814][T19263] ? __jump_label_patch+0x378/0x400 [ 820.683738][T19263] ? do_error_trap+0xf4/0x230 [ 820.685582][T19263] ? __jump_label_patch+0x378/0x400 [ 820.687202][T19263] ? handle_invalid_op+0x34/0x40 [ 820.688887][T19263] ? __jump_label_patch+0x378/0x400 [ 820.691049][T19263] ? exc_invalid_op+0x2e/0x50 [ 820.692719][T19263] ? asm_exc_invalid_op+0x1a/0x20 [ 820.694656][T19263] ? preempt_notifier_register+0xd/0xf0 [ 820.696569][T19263] ? __wake_up_klogd.part.0+0x99/0xf0 [ 820.698643][T19263] ? vprintk+0x86/0xa0 [ 820.700350][T19263] ? __jump_label_patch+0x378/0x400 [ 820.702564][T19263] ? __jump_label_patch+0x377/0x400 [ 820.704781][T19263] arch_jump_label_transform_queue+0x7e/0x120 [ 820.707096][T19263] __jump_label_update+0x125/0x420 [ 820.709202][T19263] jump_label_update+0x1d7/0x400 [ 820.711334][T19263] __static_key_slow_dec_cpuslocked.part.0+0x4e/0x90 [ 820.714204][T19263] static_key_slow_dec+0x7c/0xc0 [ 820.716064][T19284] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 820.716334][T19263] kvm_put_kvm+0x8f8/0xb80 [ 820.721157][T19263] ? __pfx_kvm_vm_release+0x10/0x10 [ 820.723348][T19263] kvm_vm_release+0x42/0x60 [ 820.723368][T19263] __fput+0x408/0xbb0 [ 820.723389][T19263] task_work_run+0x14e/0x250 [ 820.723402][T19263] ? __pfx_task_work_run+0x10/0x10 [ 820.723414][T19263] ? __pkru_allows_pkey+0x52/0xb0 [ 820.733200][T19263] syscall_exit_to_user_mode+0x27b/0x2a0 [ 820.735442][T19263] do_syscall_64+0xda/0x250 [ 820.737293][T19263] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 820.739941][T19263] RIP: 0033:0x7f604db779f9 [ 820.741507][T19263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 820.744279][T19284] kvm: pic: non byte read [ 820.748742][T19263] RSP: 002b:00007fff77093ee8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 820.748769][T19263] RAX: 0000000000000000 RBX: 00000000000d011e RCX: 00007f604db779f9 [ 820.748781][T19263] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 820.748791][T19263] RBP: 00007fff77093fc0 R08: 0000000000000001 R09: 00007fff770941cf [ 820.748800][T19263] R10: 00007f604da00000 R11: 0000000000000246 R12: 0000000000000032 [ 820.748806][T19263] R13: 00007fff77093fe0 R14: 00007fff77094000 R15: ffffffffffffffff [ 820.748814][T19263] [ 820.748818][T19263] Modules linked in: [ 820.758508][T19263] ---[ end trace 0000000000000000 ]--- SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 820.790712][T19263] RIP: 0010:__jump_label_patch+0x378/0x400 [ 820.795982][T19263] Code: 48 c7 c3 60 40 24 93 e8 c6 7c 59 00 45 89 e1 49 89 d8 4c 89 f1 41 55 4c 89 f2 4c 89 f6 48 c7 c7 20 38 46 8b e8 f9 ef 39 00 90 <0f> 0b e8 a1 7c 59 00 90 0f 0b e8 99 7c 59 00 90 0f 0b 48 c7 c7 30 [ 820.821210][T19263] RSP: 0000:ffffc90003427c38 EFLAGS: 00010286 [ 820.823621][T19263] RAX: 0000000000000096 RBX: ffffffff8b466ea1 RCX: ffffffff816b0039 [ 820.826600][T19263] RDX: 0000000000000000 RSI: ffffffff816b9416 RDI: 0000000000000005 [ 820.829577][T19263] RBP: ffffc90003427c80 R08: 0000000000000005 R09: 0000000000000000 [ 820.832635][T19263] R10: 0000000080000000 R11: 0000000000000000 R12: 0000000000000002 [ 820.835801][T19263] R13: 0000000000000001 R14: ffffffff815967ed R15: 0000000000000085 [ 820.839450][T19263] FS: 000055556128b500(0000) GS:ffff88806b200000(0000) knlGS:0000000000000000 [ 820.844261][T19263] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 820.850353][T19263] CR2: 0000001b2e9f3ff8 CR3: 000000004fb26000 CR4: 0000000000352ef0 [ 820.853811][T19263] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 820.857274][T19263] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 820.873773][T19263] Kernel panic - not syncing: Fatal exception [ 820.876650][T19263] Kernel Offset: disabled [ 820.878001][T19263] Rebooting in 86400 seconds.. VM DIAGNOSIS: 03:23:08 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=ffffc900033b7978 RCX=ffffffff813cedbe RDX=ffff88801e44c880 RSI=0000000000000004 RDI=0000000000000001 RBP=0000000000000001 RSP=ffffc900033b78e0 R8 =0000000000000001 R9 =0000000000000004 R10=0000000000000001 R11=0000000000000000 R12=ffffffff90b07bc4 R13=0000000000000001 R14=0000000000000003 R15=0000000000000001 RIP=ffffffff818a76ed RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fbaf63126c0 ffffffff 00c00000 GS =0000 ffff88806b000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fbaf62f0fa8 CR3=000000001f9f4000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fff00000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbaf55e66e4 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbaf55e66f1 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbaf55e66eb ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbaf55e66ff ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbaf55e6785 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbaf55e6863 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 2323232323232323 2323232323232323 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000003130302f 3830302f6273752f 7375622f7665642f ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000001213130c 1b13130c4150560c 5056410c5546470c ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000036 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84fe2865 RDI=ffffffff9519d720 RBP=ffffffff9519d6e0 RSP=ffffc900034275b8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=313030203a504952 R12=0000000000000000 R13=0000000000000036 R14=ffffffff84fe2800 R15=0000000000000000 RIP=ffffffff84fe288f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 000055556128b500 ffffffff 00c00000 GS =0000 ffff88806b100000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000001b2ea16ff8 CR3=000000004fb26000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000040001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff813cdd20 ffffffff813cdd79 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff813cdd79 ffffffff813cdd20 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 ffffffff813cdd20 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f71877e66e4 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f71877e66f1 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f71877e66eb ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f71877e66ff ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f71877e6785 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f71877e6863 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f71878d6488 00007f71878d6480 00007f71878d6478 00007f71878d6450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f718843d100 00007f71878d6440 00007f7100040008 0000000f0010000c ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f71878d6498 00007f71878d6490 00007f71878d6488 00007f71878d6480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000001 RBX=0000000000000002 RCX=ffffffff8168761b RDX=fffffbfff202574c RSI=ffffffff8bb08480 RDI=ffffffff8bb084c0 RBP=0000000000000002 RSP=ffffc90003237ae8 R8 =0000000000000000 R9 =fffffbfff202574b R10=ffffffff9012ba5f R11=0000000000000001 R12=0000000000000001 R13=0000000000000000 R14=ffff88804a3b63d8 R15=0000000000000000 RIP=ffffffff8b11cdaf RFL=00000296 [--S-AP-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fbd9d8096c0 ffffffff 00c00000 GS =0000 ffff88806b200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=000000002f144000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001030001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 302031313a61613a 61613a61613a6161 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4dd09e66e4 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4dd09e66f1 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4dd09e66eb ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4dd09e66ff ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4dd09e6785 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4dd09e6863 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e776f6e6b6e7500 6f6c6c3332302500 657a697320740004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4b524a4b4e4b5000 4a49491617150000 405f4c560551464a 5751560541444700 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=000000000003ffff RBX=ffff888011eb0000 RCX=ffffc90003fd9000 RDX=0000000000040000 RSI=ffffffff847842fd RDI=0000000000000001 RBP=0000000000000000 RSP=ffffc90003457be0 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=0000000000000000 R13=0000000000004000 R14=ffff88804ae80000 R15=0000000000000001 RIP=ffffffff818a7b78 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f292fb816c0 ffffffff 00c00000 GS =0000 ffff88806b300000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002001a000 CR3=000000001e478000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000040001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 006b636f73762d74 736f68762f766564 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4dd09e66e4 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4dd09e66f1 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4dd09e66eb ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4dd09e66ff ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4dd09e6785 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4dd09e6863 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4dd0ad6488 00007f4dd0ad6480 00007f4dd0ad6478 00007f4dd0ad6450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4dd163d100 00007f4dd0ad6440 00007f4dd0ad0004 0008000f0010000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4dd0ad6498 00007f4dd0ad6490 00007f4dd0ad6488 00007f4dd0ad6480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000