last executing test programs: 55.062676446s ago: executing program 1 (id=275): r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) r2 = openat(r1, &(0x7f0000000280)='.\x00', 0x2000, 0x0) open_by_handle_at(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="08000000010001"], 0x0) 54.993316733s ago: executing program 1 (id=276): r0 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r0, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000006c0)={0x94, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x94}}, 0x0) sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)={0x14, 0x2, 0x1, 0x5, 0x0, 0x0, {0x2, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x20044804}, 0x40040) 54.993154079s ago: executing program 1 (id=277): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r1, 0x29, 0x4e, &(0x7f0000000000)=0x6, 0x4) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0xfe1d, @loopback={0xe0}, 0x9371}, 0x1c) 54.992967521s ago: executing program 1 (id=278): r0 = open(&(0x7f0000000040)='./file0\x00', 0x101040, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) fcntl$lock(r0, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0x1, 0xfffa}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) rename(&(0x7f0000000140)='./file0\x00', &(0x7f0000001900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 54.093519836s ago: executing program 1 (id=291): r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x8000, 0x1f7) r1 = fanotify_init(0x200, 0x0) fanotify_mark(r1, 0x201, 0x4000003e, r0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000080)={0x8}) 54.012616322s ago: executing program 1 (id=292): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0xd) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0x8080000, 0x1d000, 0x1}) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000040)={0xdddd0000, 0x12000}) 38.74478977s ago: executing program 32 (id=292): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0xd) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0x8080000, 0x1d000, 0x1}) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000040)={0xdddd0000, 0x12000}) 26.799176634s ago: executing program 0 (id=939): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000280)=0x8) r1 = syz_open_dev$ptys(0xc, 0x3, 0x0) readv(r0, &(0x7f0000000900)=[{&(0x7f0000000080)=""/80, 0x50}], 0x1) ioctl$TCXONC(r1, 0x540a, 0x0) 26.724566501s ago: executing program 0 (id=944): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000008680)={0x0, 0x0, &(0x7f0000008640)={&(0x7f0000008280)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWFLOWTABLE={0x78, 0x16, 0xa, 0x101, 0x0, 0x0, {0x7, 0x0, 0x1}, [@NFTA_FLOWTABLE_HOOK={0x64, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x3a480000}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'macvlan0\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x40, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth1_to_hsr\x00'}, {0x14, 0x1, 'team_slave_1\x00'}, {0x14, 0x1, 'veth1_to_bond\x00'}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0xa0}, 0x1, 0x0, 0x0, 0x20000000}, 0x40090) recvmmsg(r1, &(0x7f0000007e80)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000280)=""/119, 0x77}, {&(0x7f0000000300)=""/28, 0x1c}], 0x2}, 0x4}], 0x1, 0x12101, 0x0) 26.620703588s ago: executing program 0 (id=948): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) r1 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000040)) r2 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65) ioctl$SNDRV_PCM_IOCTL_SYNC_PTR(r2, 0xc0884123, &(0x7f0000000280)={0x1, "728d0a4845a5ec93a59bae99831b8ef110181595fe49bc4ac10b67b1b99eeeaa18e15a525115cc71983456358ceb7e1a6f926168ce0c3c2b0f3513a5f2674185", {0x800000000000004, 0x6}}) 25.737659591s ago: executing program 0 (id=968): r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) openat$selinux_create(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) socket$can_raw(0x1d, 0x3, 0x1) ioctl$XFS_IOC_GOINGDOWN(0xffffffffffffffff, 0x8004587d, &(0x7f0000000240)=0xd) sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r1, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000180)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01251000000005001100080000000c00060001000000010000004d2cf91007e865461378d1cc81211fe09571b2b2d6e3cd4cb6ec570c14dec7063e6108cc1ab8a51351f5447daf15a7cf"], 0x28}, 0x1, 0x0, 0x0, 0x48004}, 0x8000) 25.660820693s ago: executing program 0 (id=972): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000140)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="56c78e3c733d76696e65459beb1fb664f6ce6c0c7274696f7874656e642c6163638173733d616e792c63616368653d66736361636865"]) chdir(&(0x7f0000000000)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) write$binfmt_script(r0, &(0x7f0000000080)={'#! ', './file0', [{}, {0x20, '9p\x00'}], 0xa, "a3e5e03a7070de8de6546a722ca49e214119cd421a432e5b5a82e4c1e855ae35e7be342704b14020dfe04545"}, 0x3c) 25.591992358s ago: executing program 0 (id=974): socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000380)={r1}, 0x4) ptrace$getregset(0x4205, r0, 0x202, &(0x7f0000000240)={&(0x7f0000000180)=""/120, 0xffffffffffffff28}) 10.558120033s ago: executing program 33 (id=974): socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000380)={r1}, 0x4) ptrace$getregset(0x4205, r0, 0x202, &(0x7f0000000240)={&(0x7f0000000180)=""/120, 0xffffffffffffff28}) 2.67371883s ago: executing program 4 (id=1484): r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)) read(r0, &(0x7f00000001c0)=""/83, 0x53) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) syz_io_uring_setup(0x131, &(0x7f0000000600)={0x0, 0x800006, 0x2}, &(0x7f0000ffe000), 0x0, &(0x7f0000000000)) ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000}) 2.172709586s ago: executing program 2 (id=1497): r0 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x1, 0x0) close(r0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota') creat(&(0x7f0000000440)='./file0/file0\x00', 0x188) quotactl_fd$Q_GETFMT(r0, 0xffffffff80000401, 0x0, 0x0) 2.062001822s ago: executing program 2 (id=1498): prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000100)={0x0, 0x2d, "e6ce09bbe96c68e71c6b58ffb3215a859efb1b7b61869c41081bc13bfa0fcc16934abdaf49106edbb04feaee31"}, &(0x7f0000000140)=0x35) r0 = io_uring_setup(0x524, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="180000820907"], 0x18}}, 0x0) io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0) 1.97273863s ago: executing program 2 (id=1499): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000001c0)={0x1, 0x0, [{0x40000071, 0x0, 0x80040}]}) 1.771957797s ago: executing program 2 (id=1500): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000100)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5}) syz_io_uring_setup(0x5b13, &(0x7f0000000000)={0x0, 0xfffffffc, 0x8, 0x2, 0x130}, &(0x7f00000002c0), &(0x7f0000ff4000), 0x0) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000000c0)={&(0x7f000089b000/0x1000)=nil, 0x1000}) 1.77180668s ago: executing program 4 (id=1501): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffe}]}) r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) sendto$inet6(r1, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c) ptrace(0x10, r0) ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r0, 0x0, 0x0) 1.051941528s ago: executing program 5 (id=1506): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x13, r0, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil) timer_create(0x2, 0x0, &(0x7f0000bbdffc)) madvise(&(0x7f000042f000/0x800000)=nil, 0x80fd00, 0x15) 974.827255ms ago: executing program 5 (id=1507): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000a40)=ANY=[@ANYBLOB="140000001000010000000000000000000700000a4c000000030a0fdb00000000000000000a0020050900030073797a30000000000900010073797a310000000014000480080002403cb140bb08000140000000030a000700726f75746500000014000000110001"], 0x74}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840) r1 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x4ea3, 0x0, @loopback, 0x3}, 0x1c) sendmsg(r1, &(0x7f00000000c0)={0x0, 0x953a, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0xff8a}], 0x1, 0x0, 0x0, 0x2c}, 0x44004) 887.73791ms ago: executing program 2 (id=1508): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x404c2, 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$int_in(r1, 0x5452, &(0x7f0000000280)=0xffffffffffffffff) sendto$inet6(r1, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c) mount$9p_fd(0x0, &(0x7f0000000240)='./file0/file0\x00', &(0x7f0000000040), 0x1004014, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 885.601421ms ago: executing program 5 (id=1509): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r1, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000640)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x65, 0x0, 0xf, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x11, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xffff}}}}}}, 0x0) 800.971254ms ago: executing program 5 (id=1510): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000006c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x4004000) recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) close_range(r0, 0xffffffffffffffff, 0x2) dup3(r0, r2, 0x0) 796.450928ms ago: executing program 5 (id=1511): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000100)="6507060082762422f9a30250a90def79e5ddb933b83b8f8f1a0daad170478560f60eb8dc258ded60aee45b04b15db386", 0x30) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000002940)=[{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000002b40)="fb1add96e95c4cee3df251747b4c22fa", 0x10}], 0x1, 0x0, 0x0, 0x20000800}], 0x1, 0x200048c0) recvmsg(r1, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000003f80)=""/4109, 0x100d}], 0x1}, 0x20f2) 712.258036ms ago: executing program 5 (id=1512): r0 = epoll_create1(0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000100)={0x20000014}) connect$unix(r2, &(0x7f00000001c0)=@abs={0x0, 0x0, 0x4e23}, 0x6e) 712.060497ms ago: executing program 4 (id=1513): r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x80) r2 = openat$cgroup_procs(r1, &(0x7f0000000600)='cgroup.procs\x00', 0x2, 0x0) r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) write$cgroup_pid(r2, &(0x7f0000000640)=r3, 0x12) 622.389398ms ago: executing program 4 (id=1514): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095", 0x4a}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb", 0x4d}], 0x2}], 0x1, 0x40800) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}, {&(0x7f0000000200)=""/69, 0x45}], 0x2}, 0x0) 622.200136ms ago: executing program 4 (id=1515): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0)) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000200)=0x97) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]}) close_range(r1, 0xffffffffffffffff, 0x0) 562.670541ms ago: executing program 4 (id=1516): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc000000190001002dbd70000000000064010100000000000000000000000000fc01000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000800000000000003000000000000000000000000000000fdfffffffbffffff0000000000000000ffffffffffffffff053b000000000000000000000000000002000000000000005600000000000000feffffffff7f400002000000000000080000000000000000010005000000000044000500ac141426000000000000000000000000000004d53c"], 0xfc}}, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead09f156893e9"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r2, &(0x7f0000000080)={0x10, 0x0, 0x0, 0xfffffffffffffffd}, 0xc) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xfe, 0x0, &(0x7f0000000100)="b9ff03316844268cb89e1413080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b88481aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8024, 0x60000000, 0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040)}, 0x2a) 402.510887ms ago: executing program 3 (id=1517): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfc, {0x0, 0x0, 0x0, r2, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x7, 0x0, 0x5}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70b928, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x0, 0xd}, {0xffff, 0xb}, {0x4, 0xb}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x5, 0x7, 0x40, 0x1, 0x0, 0xa}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x240040e0}, 0x0) 211.551574ms ago: executing program 3 (id=1518): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000002c0)="1000", 0xb) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e7", 0x9b}], 0x2, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0) 52.673552ms ago: executing program 3 (id=1519): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0x10040) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10) syz_emit_ethernet(0x42, &(0x7f00000002c0)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1a}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x67, 0x0, 0x2, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x8, 0xc2, 0x0, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x10000, 0xffffff87}]}}}}}}}, 0x0) syz_emit_ethernet(0x42, &(0x7f0000000080)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0xfffe, 0x0, 0x95, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x8, 0x4, 0x8, 0x0, 0x1000, {[@timestamp={0x8, 0xa, 0x8001, 0x400056}]}}}}}}}, 0x0) 52.518989ms ago: executing program 3 (id=1520): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) r0 = socket$inet6(0xa, 0x2, 0x3a) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x1, 0x2, @loopback, 0xc}, 0x1c) sendto$inet6(r0, &(0x7f0000000080)="800037bbfa9ba1ce", 0xffd8, 0x0, 0x0, 0x0) 52.423475ms ago: executing program 2 (id=1521): socket$packet(0x11, 0x2, 0x300) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}) write$tun(r0, &(0x7f0000000400)={@val={0x0, 0x86dd}, @val={0x0, 0x1, 0x11, 0x4, 0x0, 0xca6}, @mpls={[], @ipv6=@gre_packet={0xe, 0x6, "0200be", 0x44, 0x2f, 0xff, @local, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x88be, 0x0, 0x3}, {0x0, 0x0, 0x1, 0x1}, {0x1, 0x0, 0x1}, {0xa888, 0x88be, 0x2, {{0x6, 0x1, 0x9, 0x2, 0x1, 0x0, 0x3, 0x5}, 0x1, {0x88a8}}}, {0x8, 0x22eb, 0x20000, {{0x0, 0x2, 0x9, 0x0, 0x0, 0x2, 0x7, 0x8}, 0x2, {0x2, 0x4, 0x0, 0x5, 0x1, 0x1, 0x1}}}, {0x8, 0x6558, 0x2}}}}}}, 0x7a) 289.334µs ago: executing program 3 (id=1522): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22}, 0x1c) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r1, 0x1, 0x2, &(0x7f0000000240)=0x9, 0x4) setsockopt$sock_int(r0, 0x1, 0x2, &(0x7f00000002c0)=0xffff, 0x4) bind$inet6(r1, &(0x7f0000000040)={0xa, 0xe22, 0x8000}, 0x1c) 0s ago: executing program 3 (id=1523): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), 0x0, 0x10005}, 0x38) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="11000000040000000400000005"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240)={r1, 0xffffffffffffffff, 0x521}, 0x57) kernel console output (not intermixed with test programs): 1 [ 47.335407][ T5731] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 47.339247][ T5731] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 47.347036][ T5731] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 47.353598][ T5731] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 47.381631][ T5729] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 47.385651][ T5729] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 47.388453][ T5729] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 47.392623][ T5729] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 47.398538][ T5729] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 47.404826][ T5729] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 47.408553][ T5729] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 47.414479][ T5729] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 47.456397][ T5739] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 47.461216][ T5739] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 47.464994][ T5739] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 47.470868][ T5739] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 47.475687][ T5739] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 47.481181][ T5739] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 47.485253][ T5739] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 47.488945][ T5739] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 47.553595][ T5730] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 47.557639][ T5730] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 47.567861][ T5730] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 47.572666][ T5730] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 47.576308][ T5730] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 47.580360][ T5730] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 47.583456][ T5730] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 47.587313][ T5730] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 47.613593][ T5731] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.631651][ T5731] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.645617][ T223] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.648603][ T223] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.669831][ T223] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.672217][ T223] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.683096][ T5729] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.689244][ T5739] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.717418][ T5739] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.722163][ T5729] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.733809][ T1169] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.736286][ T1169] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.740053][ T1169] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.742464][ T1169] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.752166][ T223] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.754600][ T223] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.763345][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.765796][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.781722][ T5730] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.803795][ T5730] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.817230][ T1169] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.819645][ T1169] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.828930][ T1169] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.831359][ T1169] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.968509][ T5731] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.998482][ T5731] veth0_vlan: entered promiscuous mode [ 48.004418][ T5731] veth1_vlan: entered promiscuous mode [ 48.024102][ T5731] veth0_macvtap: entered promiscuous mode [ 48.028457][ T5731] veth1_macvtap: entered promiscuous mode [ 48.030114][ T5735] Bluetooth: hci2: command tx timeout [ 48.032879][ T62] Bluetooth: hci1: command tx timeout [ 48.034566][ T5739] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.040817][ T5735] Bluetooth: hci3: command tx timeout [ 48.046328][ T5731] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.055511][ T5731] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.065713][ T5729] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.074753][ T54] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.079558][ T54] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.087757][ T5730] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.091026][ T54] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.093888][ T54] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.109837][ T5735] Bluetooth: hci0: command tx timeout [ 48.124631][ T5739] veth0_vlan: entered promiscuous mode [ 48.145969][ T5739] veth1_vlan: entered promiscuous mode [ 48.156729][ T5729] veth0_vlan: entered promiscuous mode [ 48.179592][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.181611][ T5729] veth1_vlan: entered promiscuous mode [ 48.182253][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.211938][ T5739] veth0_macvtap: entered promiscuous mode [ 48.219772][ T5730] veth0_vlan: entered promiscuous mode [ 48.223116][ T54] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.223442][ T5739] veth1_macvtap: entered promiscuous mode [ 48.225640][ T54] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.231962][ T5729] veth0_macvtap: entered promiscuous mode [ 48.238058][ T5730] veth1_vlan: entered promiscuous mode [ 48.244483][ T5729] veth1_macvtap: entered promiscuous mode [ 48.255058][ T5739] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.259618][ T5739] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.270670][ T5731] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 48.271275][ T5730] veth0_macvtap: entered promiscuous mode [ 48.279979][ T1169] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.282915][ T1169] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.289876][ T1169] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.292903][ T1169] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.300580][ T5730] veth1_macvtap: entered promiscuous mode [ 48.311483][ T5729] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.331910][ T5729] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.350500][ T54] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.353432][ T54] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.356208][ T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.359263][ T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.370302][ T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.373617][ T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.385270][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.387162][ T5730] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.387943][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.401051][ T5730] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.417902][ T192] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.432306][ T192] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.435638][ T192] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.443510][ T1169] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.443651][ T192] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.449723][ T1169] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.482977][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.487295][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.488104][ T5883] input: syz1 as /devices/virtual/input/input5 [ 48.530704][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.532108][ T5887] syzkaller1: entered promiscuous mode [ 48.535146][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.537138][ T5887] syzkaller1: entered allmulticast mode [ 48.575101][ T192] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.577833][ T192] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.597095][ T5891] tun0: tun_chr_ioctl cmd 1074025675 [ 48.598866][ T5891] tun0: persist enabled [ 48.600649][ T5891] tun0: tun_chr_ioctl cmd 1074025675 [ 48.602436][ T5891] tun0: persist enabled [ 48.642106][ T5894] syz.1.10 uses obsolete (PF_INET,SOCK_PACKET) [ 48.733360][ T5906] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 48.771068][ T5913] Zero length message leads to an empty skb [ 48.806487][ T5918] process 'syz.0.18' launched './file0' with NULL argv: empty string added [ 48.808280][ T5919] warning: `syz.1.19' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 48.976282][ T5942] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.31'. [ 48.987272][ T5943] Bluetooth: MGMT ver 1.23 [ 49.471450][ T5974] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input6 [ 49.510555][ T24] usb 6-1: new low-speed USB device number 2 using dummy_hcd [ 49.605626][ T5988] netlink: 'syz.0.50': attribute type 2 has an invalid length. [ 49.608342][ T5988] netlink: 'syz.0.50': attribute type 2 has an invalid length. [ 49.663989][ T24] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 49.667615][ T24] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 49.670738][ T24] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8 [ 49.675231][ T24] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 49.678166][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 49.684789][ T5967] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 49.690071][ T24] hub 6-1:1.0: bad descriptor, ignoring hub [ 49.692416][ T24] hub 6-1:1.0: probe with driver hub failed with error -5 [ 49.695108][ T24] cdc_wdm 6-1:1.0: skipping garbage [ 49.696832][ T24] cdc_wdm 6-1:1.0: skipping garbage [ 49.700568][ T24] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 49.702500][ T24] cdc_wdm 6-1:1.0: Unknown control protocol [ 49.962920][ C0] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 49.965431][ C0] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 49.967504][ C0] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -1 [ 50.027349][ T5996] netlink: 8 bytes leftover after parsing attributes in process `syz.2.54'. [ 50.071331][ C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 50.073978][ C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 50.076797][ C2] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -1 [ 50.110313][ T5735] Bluetooth: hci3: command tx timeout [ 50.110372][ T62] Bluetooth: hci2: command tx timeout [ 50.110390][ T5742] Bluetooth: hci1: command tx timeout [ 50.189676][ T62] Bluetooth: hci0: command tx timeout [ 50.291318][ T5876] usb 6-1: USB disconnect, device number 2 [ 50.714098][ T6043] kvm: MWAIT instruction emulated as NOP! [ 50.770748][ T6051] netlink: 64 bytes leftover after parsing attributes in process `syz.0.80'. [ 50.854359][ T40] kauditd_printk_skb: 109 callbacks suppressed [ 50.854375][ T40] audit: type=1400 audit(1777972319.011:280): avc: denied { unlink } for pid=6060 comm="syz.0.83" name="#1" dev="tmpfs" ino=172 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 50.867095][ T40] audit: type=1400 audit(1777972319.011:281): avc: denied { mount } for pid=6060 comm="syz.0.83" name="/" dev="overlay" ino=167 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 50.914543][ T40] audit: type=1400 audit(1777972319.071:282): avc: denied { map } for pid=6062 comm="syz.1.84" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=8778 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 50.922258][ T40] audit: type=1400 audit(1777972319.071:283): avc: denied { read write } for pid=6062 comm="syz.1.84" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=8778 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 50.924913][ T6065] netlink: 4 bytes leftover after parsing attributes in process `syz.0.85'. [ 50.932360][ T40] audit: type=1400 audit(1777972319.081:284): avc: denied { bind } for pid=6064 comm="syz.0.85" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 51.123177][ T40] audit: type=1400 audit(1777972319.281:285): avc: denied { watch watch_reads } for pid=6078 comm="syz.0.92" path="/36" dev="tmpfs" ino=206 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 51.229427][ T50] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 51.390294][ T50] usb 6-1: Using ep0 maxpacket: 8 [ 51.394082][ T50] usb 6-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 51.398024][ T50] usb 6-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 51.402409][ T50] usb 6-1: config 0 interface 0 has no altsetting 0 [ 51.405394][ T50] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 51.409687][ T50] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 51.414914][ T50] usb 6-1: config 0 descriptor?? [ 51.436268][ T40] audit: type=1400 audit(1777972319.591:286): avc: denied { unmount } for pid=6086 comm="syz.2.95" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 51.447216][ T40] audit: type=1400 audit(1777972319.591:287): avc: denied { setattr } for pid=6086 comm="syz.2.95" name="/" dev="9p" ino=72876159 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 51.599697][ T34] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 51.625858][ T40] audit: type=1400 audit(1777972319.781:288): avc: denied { name_bind } for pid=6098 comm="syz.2.100" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 51.769448][ T34] usb 5-1: Using ep0 maxpacket: 8 [ 51.775550][ T34] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04 [ 51.783196][ T34] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 51.785905][ T34] usb 5-1: Product: syz [ 51.787616][ T34] usb 5-1: Manufacturer: syz [ 51.789216][ T34] usb 5-1: SerialNumber: syz [ 51.793204][ T34] usb 5-1: config 0 descriptor?? [ 51.832930][ T50] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0 [ 51.835388][ T50] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0 [ 51.837733][ T50] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0 [ 51.840936][ T50] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0 [ 51.843333][ T50] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0 [ 51.846350][ T50] mcp2221 0003:04D8:00DD.0002: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0 [ 51.885920][ T40] audit: type=1400 audit(1777972320.041:289): avc: denied { ioctl } for pid=6109 comm="syz.2.104" path="socket:[8825]" dev="sockfs" ino=8825 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 52.002836][ T34] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 52.012910][ T34] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 52.017898][ T34] usb 5-1: USB disconnect, device number 2 [ 52.036341][ T5807] usb 6-1: USB disconnect, device number 3 [ 52.077170][ T6122] pim6reg1: entered promiscuous mode [ 52.079010][ T6122] pim6reg1: entered allmulticast mode [ 52.189688][ T62] Bluetooth: hci2: command tx timeout [ 52.200328][ T62] Bluetooth: hci3: command tx timeout [ 52.200711][ T5735] Bluetooth: hci1: command tx timeout [ 52.639542][ T10] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 52.789474][ T10] usb 8-1: Using ep0 maxpacket: 8 [ 52.794657][ T10] usb 8-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 52.804964][ T10] usb 8-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 52.810733][ T10] usb 8-1: config 0 interface 0 has no altsetting 0 [ 52.816192][ T10] usb 8-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 52.819175][ T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 52.824069][ T10] usb 8-1: config 0 descriptor?? [ 52.849405][ T50] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 52.959443][ T5807] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 53.010635][ T50] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 53.013633][ T50] usb 6-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config [ 53.017428][ T50] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 53.020392][ T50] usb 6-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 53.024255][ T50] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 53.027872][ T50] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 53.032997][ T50] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 53.036466][ T50] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 53.039108][ T50] usb 6-1: Product: syz [ 53.040559][ T50] usb 6-1: Manufacturer: syz [ 53.044092][ T6143] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 53.047653][ T50] cdc_wdm 6-1:1.0: skipping garbage [ 53.049979][ T50] cdc_wdm 6-1:1.0: skipping garbage [ 53.053061][ T50] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 53.055017][ T50] cdc_wdm 6-1:1.0: Unknown control protocol [ 53.120562][ T5807] usb 5-1: too many configurations: 9, using maximum allowed: 8 [ 53.123929][ T5807] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 53.127075][ T5807] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 53.131780][ T5807] usb 5-1: config 0 interface 0 has no altsetting 0 [ 53.135775][ T5807] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 53.138721][ T5807] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 53.144897][ T5807] usb 5-1: config 0 interface 0 has no altsetting 0 [ 53.154044][ T5807] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 53.157417][ T5807] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 53.161232][ T5807] usb 5-1: config 0 interface 0 has no altsetting 0 [ 53.164039][ T5807] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 53.167015][ T5807] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 53.170517][ T5807] usb 5-1: config 0 interface 0 has no altsetting 0 [ 53.173830][ T5807] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 53.176777][ T5807] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 53.180325][ T5807] usb 5-1: config 0 interface 0 has no altsetting 0 [ 53.183193][ T5807] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 53.186138][ T5807] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 53.189663][ T5807] usb 5-1: config 0 interface 0 has no altsetting 0 [ 53.192825][ T5807] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 53.195696][ T5807] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 53.199088][ T5807] usb 5-1: config 0 interface 0 has no altsetting 0 [ 53.202533][ T5807] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 53.205539][ T5807] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 53.213492][ T5807] usb 5-1: config 0 interface 0 has no altsetting 0 [ 53.217048][ T5807] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 53.220240][ T5807] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 53.223129][ T5807] usb 5-1: Product: syz [ 53.224675][ T5807] usb 5-1: Manufacturer: syz [ 53.226130][ T5807] usb 5-1: SerialNumber: syz [ 53.233093][ T5807] usb 5-1: config 0 descriptor?? [ 53.237446][ T6160] team0: Device ipvlan1 failed to register rx_handler [ 53.240763][ T5807] yurex 5-1:0.0: USB YUREX device now attached to Yurex #1 [ 53.241201][ T10] mcp2221 0003:04D8:00DD.0003: unknown main item tag 0x0 [ 53.246102][ T10] mcp2221 0003:04D8:00DD.0003: unknown main item tag 0x0 [ 53.248774][ T10] mcp2221 0003:04D8:00DD.0003: unknown main item tag 0x0 [ 53.251164][ T10] mcp2221 0003:04D8:00DD.0003: unknown main item tag 0x0 [ 53.253478][ T10] mcp2221 0003:04D8:00DD.0003: unknown main item tag 0x0 [ 53.256752][ T10] mcp2221 0003:04D8:00DD.0003: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.3-1/input0 [ 53.258283][ C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 53.263040][ C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 53.265315][ C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 53.267745][ C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 53.270227][ C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 53.272455][ C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 53.274698][ C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 53.276955][ C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 53.279231][ C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 53.281694][ C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 53.284698][ C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 53.286927][ C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 53.289408][ C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 53.291659][ C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 53.293867][ C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 53.296046][ C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 53.299851][ T50] usb 6-1: USB disconnect, device number 4 [ 53.301964][ C3] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 53.370131][ T6166] ======================================================= [ 53.370131][ T6166] WARNING: The mand mount option has been deprecated and [ 53.370131][ T6166] and is ignored by this kernel. Remove the mand [ 53.370131][ T6166] option from the mount to silence this warning. [ 53.370131][ T6166] ======================================================= [ 53.386661][ T6166] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 53.438372][ T5807] usb 8-1: USB disconnect, device number 2 [ 53.448305][ T34] usb 5-1: USB disconnect, device number 3 [ 53.457943][ T34] yurex 5-1:0.0: USB YUREX #1 now disconnected [ 54.269630][ T5735] Bluetooth: hci3: command tx timeout [ 54.270198][ T5742] Bluetooth: hci2: command tx timeout [ 54.271058][ T62] Bluetooth: hci1: command tx timeout [ 54.408087][ T6218] netlink: 'syz.1.152': attribute type 29 has an invalid length. [ 54.413523][ T6218] netlink: 'syz.1.152': attribute type 29 has an invalid length. [ 54.418417][ T6218] netlink: 500 bytes leftover after parsing attributes in process `syz.1.152'. [ 54.481743][ T6222] Bluetooth: hci0: service_discovery: expected 4 bytes, got 7 bytes [ 54.779439][ T34] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 54.829946][ T5742] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 54.833269][ T5742] Bluetooth: hci0: Injecting HCI hardware error event [ 54.836184][ T5742] Bluetooth: hci0: hardware error 0x00 [ 54.939627][ T34] usb 6-1: Using ep0 maxpacket: 32 [ 54.942790][ T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 54.946430][ T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 54.949844][ T34] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 54.954055][ T34] usb 6-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00 [ 54.958275][ T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 54.963090][ T34] usb 6-1: config 0 descriptor?? [ 55.037512][ T6232] netlink: 16 bytes leftover after parsing attributes in process `syz.0.159'. [ 55.231928][ T6252] (syz.3.169,6252,3):dlmfs_mkdir:421 ERROR: invalid domain name for directory. [ 55.388289][ T34] input: HID 0458:5011 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:0458:5011.0004/input/input7 [ 55.458266][ T34] input: HID 0458:5011 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:0458:5011.0004/input/input8 [ 55.489844][ T34] kye 0003:0458:5011.0004: input,hiddev0,hidraw1: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.1-1/input0 [ 56.175228][ T6304] hpfs: Bad magic ... probably not HPFS [ 56.180176][ T6304] hpfs: Bad magic ... probably not HPFS [ 56.213440][ T40] kauditd_printk_skb: 40 callbacks suppressed [ 56.213451][ T40] audit: type=1400 audit(1777972324.371:330): avc: denied { block_suspend } for pid=6305 comm="syz.0.190" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 56.400832][ C3] kye 0003:0458:5011.0004: usb_submit_urb(ctrl) failed: -1 [ 56.412199][ T6313] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 56.413394][ T40] audit: type=1400 audit(1777972324.571:331): avc: denied { mounton } for pid=6312 comm="syz.0.193" path="/57/file0" dev="tmpfs" ino=320 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1 [ 56.791175][ T40] audit: type=1400 audit(1777972324.951:332): avc: denied { setopt } for pid=6323 comm="syz.3.198" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 56.825751][ T40] audit: type=1400 audit(1777972324.981:333): avc: denied { mounton } for pid=6333 comm="syz.2.202" path="/71/file0" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1 [ 56.826021][ T6334] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 56.848015][ T6334] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 56.852061][ T6334] overlayfs: inode number too big (/, ino=4611686018427387905, xinobits=3) [ 56.868751][ T40] audit: type=1400 audit(1777972325.021:334): avc: denied { unmount } for pid=5739 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 56.882785][ T5735] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201' [ 56.886330][ T5735] CPU: 3 UID: 0 PID: 5735 Comm: kworker/u33:2 Not tainted syzkaller #0 PREEMPT(full) [ 56.886345][ T5735] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 56.886353][ T5735] Workqueue: hci3 hci_rx_work [ 56.886444][ T5735] Call Trace: [ 56.886451][ T5735] [ 56.886458][ T5735] dump_stack_lvl+0x100/0x190 [ 56.886521][ T5735] sysfs_warn_dup.cold+0x1c/0x28 [ 56.886562][ T5735] sysfs_create_dir_ns+0x24b/0x2b0 [ 56.886597][ T5735] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 56.886610][ T5735] ? find_held_lock+0x2b/0x80 [ 56.886643][ T5735] ? kobject_add_internal+0x25f/0x930 [ 56.886676][ T5735] ? kobject_add_internal+0x25f/0x930 [ 56.886699][ T5735] ? do_raw_spin_unlock+0x145/0x1e0 [ 56.886725][ T5735] kobject_add_internal+0x2c8/0x930 [ 56.886752][ T5735] kobject_add+0x16a/0x1e0 [ 56.886775][ T5735] ? __pfx_kobject_add+0x10/0x10 [ 56.886796][ T5735] ? class_to_subsys+0x10f/0x150 [ 56.886850][ T5735] ? kobject_put+0xb9/0x640 [ 56.886863][ T5735] ? _raw_spin_unlock+0x28/0x50 [ 56.886879][ T5735] device_add+0x294/0x1950 [ 56.886891][ T5735] ? __pfx_dev_set_name+0x10/0x10 [ 56.886906][ T5735] ? __pfx_device_add+0x10/0x10 [ 56.886918][ T5735] ? mgmt_send_event_skb+0x2fb/0x460 [ 56.886935][ T5735] hci_conn_add_sysfs+0x1a3/0x260 [ 56.886950][ T5735] le_conn_complete_evt+0x11eb/0x1f60 [ 56.886966][ T5735] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 56.886982][ T5735] hci_le_enh_conn_complete_evt+0x23d/0x3b0 [ 56.886995][ T5735] ? skb_pull_data+0x15f/0x1e0 [ 56.887024][ T5735] hci_le_meta_evt+0x34a/0x5f0 [ 56.887038][ T5735] ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10 [ 56.887053][ T5735] hci_event_packet+0x51c/0xcd0 [ 56.887066][ T5735] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 56.887079][ T5735] ? __pfx_hci_event_packet+0x10/0x10 [ 56.887093][ T5735] ? kcov_remote_start+0x374/0x660 [ 56.887107][ T5735] ? lockdep_hardirqs_on+0x78/0x100 [ 56.887124][ T5735] hci_rx_work+0x451/0xfc0 [ 56.887139][ T5735] process_one_work+0xa0e/0x1980 [ 56.887160][ T5735] ? __pfx_process_one_work+0x10/0x10 [ 56.887178][ T5735] ? __pfx_hci_rx_work+0x10/0x10 [ 56.887191][ T5735] worker_thread+0x5ef/0xe50 [ 56.887210][ T5735] ? kthread+0x13a/0x450 [ 56.887222][ T5735] ? __pfx_worker_thread+0x10/0x10 [ 56.887235][ T5735] kthread+0x370/0x450 [ 56.887247][ T5735] ? __pfx_kthread+0x10/0x10 [ 56.887261][ T5735] ret_from_fork+0x72b/0xd50 [ 56.887276][ T5735] ? __pfx_ret_from_fork+0x10/0x10 [ 56.887290][ T5735] ? __switch_to+0x800/0x1100 [ 56.887307][ T5735] ? __pfx_kthread+0x10/0x10 [ 56.887321][ T5735] ret_from_fork_asm+0x1a/0x30 [ 56.887342][ T5735] [ 56.887356][ T5735] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 56.909384][ T5742] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 56.910578][ T5735] Bluetooth: hci3: failed to register connection device [ 56.934457][ T40] audit: type=1400 audit(1777972325.091:335): avc: denied { write } for pid=6337 comm="syz.1.204" name="mcfilter" dev="proc" ino=4026533172 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 56.966426][ T6340] netlink: 'syz.1.205': attribute type 21 has an invalid length. [ 56.966461][ T6340] netlink: 'syz.1.205': attribute type 6 has an invalid length. [ 57.003126][ T6340] netlink: 132 bytes leftover after parsing attributes in process `syz.1.205'. [ 57.070293][ T844] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 57.211756][ T50] usb 6-1: USB disconnect, device number 5 [ 57.215518][ T6350] netlink: 207952 bytes leftover after parsing attributes in process `syz.1.210'. [ 57.230463][ T844] usb 8-1: Using ep0 maxpacket: 32 [ 57.234911][ T844] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 57.240036][ T844] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 57.243107][ T844] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 57.245813][ T844] usb 8-1: Product: syz [ 57.247161][ T844] usb 8-1: Manufacturer: syz [ 57.248710][ T844] usb 8-1: SerialNumber: syz [ 57.256825][ T844] usb 8-1: config 0 descriptor?? [ 57.259691][ T6332] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 57.266417][ T844] hub 8-1:0.0: bad descriptor, ignoring hub [ 57.268661][ T844] hub 8-1:0.0: probe with driver hub failed with error -5 [ 57.388959][ T40] audit: type=1400 audit(1777972325.541:336): avc: denied { mounton } for pid=6357 comm="syz.1.214" path="/34/file0" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=dir permissive=1 [ 57.399840][ T40] audit: type=1400 audit(1777972325.551:337): avc: denied { unmount } for pid=5729 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1 [ 57.403102][ T6361] netlink: 84 bytes leftover after parsing attributes in process `syz.0.215'. [ 57.410473][ T6361] nbd: must specify at least one socket [ 57.432327][ T6363] syzkaller1: entered promiscuous mode [ 57.434799][ T6363] syzkaller1: entered allmulticast mode [ 57.737576][ T40] audit: type=1400 audit(1777972325.891:338): avc: denied { unmount } for pid=5729 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 57.861201][ T6332] usb 8-1: reset high-speed USB device number 3 using dummy_hcd [ 57.878968][ T40] audit: type=1400 audit(1777972326.031:339): avc: denied { create } for pid=6409 comm="syz.0.238" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 57.927683][ T6414] erspan0: entered promiscuous mode [ 57.931521][ T6414] netlink: 8 bytes leftover after parsing attributes in process `syz.2.240'. [ 57.973140][ T6419] netlink: 16 bytes leftover after parsing attributes in process `syz.0.241'. [ 57.976075][ T6419] netlink: 16 bytes leftover after parsing attributes in process `syz.0.241'. [ 57.978975][ T6419] netlink: 6 bytes leftover after parsing attributes in process `syz.0.241'. [ 57.985221][ T6419] netlink: 16 bytes leftover after parsing attributes in process `syz.0.241'. [ 58.023796][ T6332] usb 8-1: device firmware changed [ 58.027010][ T34] usb 8-1: USB disconnect, device number 3 [ 58.160061][ T34] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 58.309873][ T34] usb 8-1: Using ep0 maxpacket: 32 [ 58.313067][ T34] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 58.318829][ T34] usb 8-1: string descriptor 0 read error: -22 [ 58.321161][ T34] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 58.324393][ T34] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 58.328479][ T34] usb 8-1: config 0 descriptor?? [ 58.330787][ T6372] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 58.334047][ T34] hub 8-1:0.0: bad descriptor, ignoring hub [ 58.336147][ T34] hub 8-1:0.0: probe with driver hub failed with error -5 [ 58.660067][ T844] usb 8-1: USB disconnect, device number 4 [ 59.321680][ T6491] netlink: 'syz.3.273': attribute type 7 has an invalid length. [ 59.324854][ T6491] netlink: 'syz.3.273': attribute type 8 has an invalid length. [ 59.331049][ T6491] erspan0: entered promiscuous mode [ 59.333422][ T6491] gretap0: entered promiscuous mode [ 59.336466][ T6491] erspan0: left promiscuous mode [ 59.339028][ T6491] gretap0: left promiscuous mode [ 60.279445][ T34] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 60.427925][ T6532] faux_driver vgem: [drm] Unknown color mode 9; guessing buffer size. [ 60.439442][ T34] usb 8-1: Using ep0 maxpacket: 16 [ 60.442947][ T34] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 60.446229][ T34] usb 8-1: config 0 has no interfaces? [ 60.448002][ T34] usb 8-1: New USB device found, idVendor=1b96, idProduct=0008, bcdDevice= 0.00 [ 60.451072][ T34] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 60.454866][ T34] usb 8-1: config 0 descriptor?? [ 60.476583][ T6534] __nla_validate_parse: 10 callbacks suppressed [ 60.476594][ T6534] netlink: 16 bytes leftover after parsing attributes in process `syz.0.294'. [ 60.872700][ T6528] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 60.878341][ T6528] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 60.883267][ T5808] usb 8-1: USB disconnect, device number 5 [ 61.239418][ T844] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 61.362172][ T40] kauditd_printk_skb: 9 callbacks suppressed [ 61.362182][ T40] audit: type=1400 audit(1777972329.521:349): avc: denied { bind } for pid=6576 comm="syz.2.314" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 61.393669][ T844] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 61.397677][ T844] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 61.401663][ T844] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 61.405514][ T844] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 61.411090][ T844] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 61.416427][ T844] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 61.424731][ T844] usb 5-1: config 0 descriptor?? [ 61.429787][ T40] audit: type=1400 audit(1777972329.581:350): avc: denied { create } for pid=6581 comm="syz.3.316" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 61.442554][ T40] audit: type=1400 audit(1777972329.601:351): avc: denied { read write } for pid=5731 comm="syz-executor" name="loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 61.451028][ T40] audit: type=1400 audit(1777972329.601:352): avc: denied { open } for pid=5731 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 61.458919][ T40] audit: type=1400 audit(1777972329.601:353): avc: denied { ioctl } for pid=5731 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 61.487208][ T40] audit: type=1400 audit(1777972329.641:354): avc: denied { mounton } for pid=6587 comm="syz.2.319" path="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 61.536254][ T40] audit: type=1326 audit(1777972329.691:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6593 comm="syz.2.322" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fba5df9cdd9 code=0x0 [ 61.690882][ T6602] netlink: 4 bytes leftover after parsing attributes in process `syz.3.325'. [ 61.793008][ T6607] netlink: 14 bytes leftover after parsing attributes in process `syz.3.327'. [ 61.805053][ T6607] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 61.813812][ T6607] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 61.819050][ T6607] bond0 (unregistering): Released all slaves [ 61.838272][ T844] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 61.841476][ T844] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 61.843836][ T844] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 61.846307][ T844] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 61.848700][ T844] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 61.851316][ T844] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 61.853732][ T844] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 61.856109][ T844] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 61.858557][ T844] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 61.861349][ T844] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 61.870279][ T844] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 62.111108][ T39] usb 5-1: USB disconnect, device number 4 [ 62.241391][ T40] audit: type=1400 audit(1777972330.401:356): avc: denied { connect } for pid=6614 comm="syz.3.330" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 62.247632][ T40] audit: type=1400 audit(1777972330.401:357): avc: denied { read } for pid=6614 comm="syz.3.330" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 62.293761][ T40] audit: type=1400 audit(1777972330.451:358): avc: denied { setopt } for pid=6614 comm="syz.3.330" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 62.815705][ T6649] o2cb: This node has not been configured. [ 62.817681][ T6649] o2cb: Cluster check failed. Fix errors before retrying. [ 62.821515][ T6649] (syz.3.344,6649,2):user_dlm_register:674 ERROR: status = -22 [ 62.825055][ T6649] (syz.3.344,6649,2):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "file0" [ 63.621426][ T6668] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 64.025206][ T6700] netlink: 8 bytes leftover after parsing attributes in process `syz.0.368'. [ 64.173865][ T6720] netlink: 'syz.2.377': attribute type 1 has an invalid length. [ 64.176413][ T6720] netlink: 'syz.2.377': attribute type 2 has an invalid length. [ 64.403901][ T34] hid-generic 0005:16C0:5505.0006: hidraw1: BLUETOOTH HID v0.8b Device [syz0] on aa:aa:aa:aa:aa:aa [ 64.439522][ T59] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 64.448207][ T6732] fido_id[6732]: Failed to open report descriptor at '/sys/devices/virtual/bluetooth/hci3/hci3:200/report_descriptor': No such file or directory [ 64.548071][ T6742] netlink: 20 bytes leftover after parsing attributes in process `syz.0.387'. [ 64.591389][ T59] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 64.596137][ T59] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 64.599833][ T59] usb 7-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 64.602817][ T59] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 64.606580][ T59] usb 7-1: config 0 descriptor?? [ 64.828046][ T6765] netlink: 8 bytes leftover after parsing attributes in process `syz.3.398'. [ 64.831288][ T6765] netlink: 'syz.3.398': attribute type 30 has an invalid length. [ 64.833840][ T6765] netlink: 4 bytes leftover after parsing attributes in process `syz.3.398'. [ 65.018457][ T59] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:0D8C:0022.0007/input/input9 [ 65.035429][ T59] cm6533_jd 0003:0D8C:0022.0007: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.2-1/input0 [ 65.215435][ T6325] usb 7-1: USB disconnect, device number 2 [ 65.429509][ T1488] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 65.591087][ T1488] usb 8-1: config index 0 descriptor too short (expected 39, got 27) [ 65.594498][ T1488] usb 8-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 65.598754][ T1488] usb 8-1: config 0 interface 0 has no altsetting 0 [ 65.604051][ T1488] usb 8-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 65.607957][ T1488] usb 8-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 65.612241][ T1488] usb 8-1: Product: syz [ 65.614126][ T1488] usb 8-1: Manufacturer: syz [ 65.616166][ T1488] usb 8-1: SerialNumber: syz [ 65.625209][ T1488] usb 8-1: config 0 descriptor?? [ 65.630886][ T1488] hub 8-1:0.0: bad descriptor, ignoring hub [ 65.633798][ T1488] hub 8-1:0.0: probe with driver hub failed with error -5 [ 65.640495][ T1488] usb 8-1: selecting invalid altsetting 0 [ 65.950033][ C1] vcan0: j1939_tp_rxtimer: 0xffff888055bf1800: rx timeout, send abort [ 65.954507][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888055bf1800: 0x20000: (3) A timeout occurred and this is the connection abort to close the session. [ 66.013194][ T6796] Illegal XDP return value 4232617984 on prog (id 20) dev N/A, expect packet loss! [ 66.042600][ T6798] netlink: 20 bytes leftover after parsing attributes in process `syz.0.413'. [ 66.180798][ T6815] use of bytesused == 0 is deprecated and will be removed in the future, [ 66.184557][ T6815] use the actual size instead. [ 66.248541][ T6825] vcan0: tx drop: invalid da for name 0x0000000000000003 [ 66.271328][ T6782] usb 8-1: reset high-speed USB device number 6 using dummy_hcd [ 66.542033][ T40] kauditd_printk_skb: 37 callbacks suppressed [ 66.542042][ T40] audit: type=1400 audit(1777972334.701:396): avc: denied { create } for pid=6837 comm="syz.2.432" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 66.550649][ T40] audit: type=1400 audit(1777972334.701:397): avc: denied { read } for pid=6837 comm="syz.2.432" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 66.635820][ T6782] usb 8-1: failed to restore interface 0 altsetting 251 (error=-71) [ 66.640809][ T1488] usb 8-1: USB disconnect, device number 6 [ 66.665348][ T6851] syzkaller1: entered promiscuous mode [ 66.668934][ T6851] syzkaller1: entered allmulticast mode [ 66.833693][ T40] audit: type=1400 audit(1777972334.991:398): avc: denied { mount } for pid=6857 comm="syz.2.440" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1 [ 66.836904][ T6859] capability: warning: `syz.2.440' uses 32-bit capabilities (legacy support in use) [ 66.846190][ T6858] netlink: 16 bytes leftover after parsing attributes in process `syz.0.441'. [ 66.846891][ T40] audit: type=1400 audit(1777972335.001:399): avc: denied { create } for pid=6856 comm="syz.0.441" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 66.855657][ T40] audit: type=1400 audit(1777972335.001:400): avc: denied { write } for pid=6856 comm="syz.0.441" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 66.877610][ T40] audit: type=1400 audit(1777972335.031:401): avc: denied { allowed } for pid=6862 comm="syz.0.442" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 66.945253][ T6874] netlink: 8 bytes leftover after parsing attributes in process `syz.2.447'. [ 66.997015][ T6880] misc userio: Invalid payload size [ 67.248931][ T40] audit: type=1400 audit(1777972335.401:402): avc: denied { getopt } for pid=6898 comm="syz.2.458" lport=55515 faddr=fc00::1 fport=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 67.275593][ T40] audit: type=1400 audit(1777972335.431:403): avc: denied { write } for pid=6902 comm="syz.2.460" name="/" dev="9p" ino=72876159 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 67.290765][ T40] audit: type=1400 audit(1777972335.441:404): avc: denied { mount } for pid=6904 comm="syz.0.461" name="/" dev="ramfs" ino=12967 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 67.321976][ T40] audit: type=1400 audit(1777972335.481:405): avc: denied { setopt } for pid=6906 comm="syz.0.463" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 67.423870][ T6913] can0: slcan on ttynull. [ 67.519944][ T6922] netlink: 8 bytes leftover after parsing attributes in process `syz.3.467'. [ 67.523837][ T6922] netlink: 'syz.3.467': attribute type 30 has an invalid length. [ 67.535555][ T1169] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 67.538539][ T6922] netlink: 8 bytes leftover after parsing attributes in process `syz.3.467'. [ 67.541715][ T1169] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 67.541921][ T6922] netlink: 'syz.3.467': attribute type 30 has an invalid length. [ 67.544694][ T1169] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 67.551023][ T1169] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 67.668432][ T6933] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined [ 67.679445][ T1488] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 67.850963][ T1488] usb 5-1: config 0 has no interfaces? [ 67.852937][ T1488] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 67.855941][ T1488] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 67.860031][ T1488] usb 5-1: config 0 descriptor?? [ 68.070517][ T1488] usb 5-1: USB disconnect, device number 5 [ 68.173233][ T6912] can0 (unregistered): slcan off ttynull. [ 68.498381][ T6971] netlink: 8 bytes leftover after parsing attributes in process `syz.2.485'. [ 68.501441][ T1488] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 68.529957][ T6973] netlink: 4 bytes leftover after parsing attributes in process `syz.2.486'. [ 68.649411][ T1488] usb 8-1: Using ep0 maxpacket: 8 [ 68.652999][ T1488] usb 8-1: config index 0 descriptor too short (expected 301, got 45) [ 68.656614][ T1488] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 68.663164][ T1488] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 68.667445][ T1488] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 68.672837][ T1488] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 68.678659][ T1488] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 68.688763][ T1488] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 68.900311][ T1488] usb 8-1: usb_control_msg returned -32 [ 68.902277][ T1488] usbtmc 8-1:16.0: can't read capabilities [ 68.989432][ T59] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 69.139383][ T59] usb 5-1: Using ep0 maxpacket: 8 [ 69.142450][ T59] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 69.145226][ T59] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 69.148446][ T59] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 69.151784][ T59] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 69.155025][ T59] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 69.159287][ T59] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 69.162634][ T59] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 69.254432][ T6981] usbtmc 8-1:16.0: stb usb_control_msg returned -32 [ 69.258290][ T1488] usb 8-1: USB disconnect, device number 7 [ 69.375456][ T59] usb 5-1: usb_control_msg returned -32 [ 69.377559][ T59] usbtmc 5-1:16.0: can't read capabilities [ 69.731375][ T6982] usb 5-1: usbtmc_ioctl_clear_in_halt returned -32 [ 70.149428][ T59] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 70.299516][ T59] usb 8-1: Using ep0 maxpacket: 8 [ 70.304239][ T59] usb 8-1: New USB device found, idVendor=0fe9, idProduct=db01, bcdDevice=e9.9b [ 70.307260][ T59] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 70.309996][ T59] usb 8-1: Product: syz [ 70.311380][ T59] usb 8-1: Manufacturer: syz [ 70.312982][ T59] usb 8-1: SerialNumber: syz [ 70.316389][ T59] usb 8-1: config 0 descriptor?? [ 70.324721][ T59] dvb-usb: found a 'DViCO FusionHDTV DVB-T USB (LGZ201)' in warm state. [ 70.327720][ T59] dvb-usb: bulk message failed: -22 (2/0) [ 70.334070][ T59] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 70.337488][ T59] dvbdev: DVB: registering new adapter (DViCO FusionHDTV DVB-T USB (LGZ201)) [ 70.340569][ T59] usb 8-1: media controller created [ 70.347452][ T59] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 70.528675][ T6990] dvb-usb: bulk message failed: -22 (4/0) [ 70.532495][ T6990] cxusb: i2c read failed [ 70.538195][ T59] cxusb: set interface failed [ 70.541907][ T59] dvb-usb: bulk message failed: -22 (1/0) [ 70.565279][ T59] DVB: Unable to find symbol mt352_attach() [ 70.567364][ T59] dvb-usb: no frontend was attached by 'DViCO FusionHDTV DVB-T USB (LGZ201)' [ 70.609450][ T59] rc_core: IR keymap rc-dvico-portable not found [ 70.611607][ T59] Registered IR keymap rc-empty [ 70.614629][ T59] rc rc0: DViCO FusionHDTV DVB-T USB (LGZ201) as /devices/platform/dummy_hcd.3/usb8/8-1/rc/rc0 [ 70.618922][ T59] input: DViCO FusionHDTV DVB-T USB (LGZ201) as /devices/platform/dummy_hcd.3/usb8/8-1/rc/rc0/input12 [ 70.627181][ T59] dvb-usb: schedule remote query interval to 100 msecs. [ 70.629814][ T59] dvb-usb: DViCO FusionHDTV DVB-T USB (LGZ201) successfully initialized and connected. [ 70.636006][ T59] usb 8-1: USB disconnect, device number 8 [ 70.683643][ T59] dvb-usb: DViCO FusionHDTV DVB-T USB (LGZ201) successfully deinitialized and disconnected. [ 70.784888][ T7010] syzkaller1: entered promiscuous mode [ 70.786812][ T7010] syzkaller1: entered allmulticast mode [ 71.064606][ T7020] xt_hashlimit: size too large, truncated to 1048576 [ 71.759971][ T6325] usb 5-1: USB disconnect, device number 6 [ 71.803479][ T7038] netlink: 8 bytes leftover after parsing attributes in process `syz.0.512'. [ 71.838907][ T40] kauditd_printk_skb: 26 callbacks suppressed [ 71.838917][ T40] audit: type=1400 audit(1777972339.991:432): avc: denied { read } for pid=7039 comm="syz.0.513" name="usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 71.849874][ T40] audit: type=1400 audit(1777972340.001:433): avc: denied { open } for pid=7039 comm="syz.0.513" path="/dev/usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 71.858103][ T40] audit: type=1400 audit(1777972340.011:434): avc: denied { map } for pid=7039 comm="syz.0.513" path="/dev/usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 72.016726][ T7048] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.020924][ T7048] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.069178][ T40] audit: type=1400 audit(1777972340.221:435): avc: denied { watch } for pid=7050 comm="syz.2.517" path="/174/bus" dev="tmpfs" ino=913 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 72.081256][ T40] audit: type=1400 audit(1777972340.221:436): avc: denied { watch_sb watch_reads } for pid=7050 comm="syz.2.517" path="/174/bus" dev="tmpfs" ino=913 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 72.109469][ T7048] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 72.116411][ T7048] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 72.122266][ T7053] loop5: detected capacity change from 0 to 7 [ 72.136778][ T7053] Dev loop5: unable to read RDB block 7 [ 72.138929][ T7053] loop5: AHDI p1 [ 72.140436][ T7053] loop5: partition table partially beyond EOD, truncated [ 72.196422][ T7053] Dev loop5: unable to read RDB block 7 [ 72.200043][ T7053] loop5: AHDI p1 [ 72.201727][ T7053] loop5: partition table partially beyond EOD, truncated [ 72.260383][ T13] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 72.266941][ T13] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 72.280377][ T13] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 72.287307][ T13] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 72.341607][ T7073] could not open pipe file descriptor [ 72.569426][ T59] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 72.609886][ T5828] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 72.719465][ T59] usb 7-1: Using ep0 maxpacket: 8 [ 72.722419][ T59] usb 7-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 72.726107][ T59] usb 7-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 72.729622][ T59] usb 7-1: config 0 interface 0 has no altsetting 0 [ 72.731862][ T59] usb 7-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 72.734862][ T59] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 72.738776][ T59] usb 7-1: config 0 descriptor?? [ 73.149220][ T59] hid_parser_main: 7 callbacks suppressed [ 73.149232][ T59] mcp2221 0003:04D8:00DD.0008: unknown main item tag 0x0 [ 73.153845][ T59] mcp2221 0003:04D8:00DD.0008: unknown main item tag 0x0 [ 73.156211][ T59] mcp2221 0003:04D8:00DD.0008: unknown main item tag 0x0 [ 73.158556][ T59] mcp2221 0003:04D8:00DD.0008: unknown main item tag 0x0 [ 73.161187][ T59] mcp2221 0003:04D8:00DD.0008: unknown main item tag 0x0 [ 73.163849][ T59] mcp2221 0003:04D8:00DD.0008: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.2-1/input0 [ 73.269430][ T7061] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 73.353311][ T7071] i2c i2c-2: unsupported multi-msg i2c transaction [ 73.357850][ T24] usb 7-1: USB disconnect, device number 3 [ 73.420636][ T7061] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 73.423937][ T7061] usb 8-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 73.427738][ T7061] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 73.433520][ T7061] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41 [ 73.436621][ T7061] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11 [ 73.439275][ T7061] usb 8-1: Product: syz [ 73.440853][ T7061] usb 8-1: Manufacturer: syz [ 73.442461][ T7061] usb 8-1: SerialNumber: syz [ 73.652788][ T7061] usblp 8-1:1.0: usblp0: USB Unidirectional printer dev 9 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 73.852096][ T40] audit: type=1400 audit(1777972342.011:437): avc: denied { read write } for pid=7096 comm="syz.3.538" name="lp0" dev="devtmpfs" ino=2969 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1 [ 73.856570][ T7061] usb 8-1: USB disconnect, device number 9 [ 73.859704][ T40] audit: type=1400 audit(1777972342.011:438): avc: denied { open } for pid=7096 comm="syz.3.538" path="/dev/usb/lp0" dev="devtmpfs" ino=2969 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1 [ 73.864099][ T7061] usblp0: removed [ 73.885443][ T40] audit: type=1400 audit(1777972342.041:439): avc: denied { map_read map_write } for pid=7104 comm="syz.2.542" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 74.045907][ T40] audit: type=1326 audit(1777972342.201:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7110 comm="syz.2.545" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fba5df9cdd9 code=0x0 [ 74.281119][ T40] audit: type=1400 audit(1777972342.441:441): avc: denied { create } for pid=7121 comm="syz.0.549" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 74.587286][ T7130] netlink: 64 bytes leftover after parsing attributes in process `syz.0.553'. [ 74.851551][ T7061] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 75.024143][ T7061] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 75.039378][ T7061] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 75.042694][ T7061] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 75.045545][ T7061] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 75.049025][ T7061] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 75.053900][ T7061] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 75.056794][ T7061] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 75.059252][ T7061] usb 8-1: Product: syz [ 75.062154][ T7061] usb 8-1: Manufacturer: syz [ 75.066954][ T7061] cdc_wdm 8-1:1.0: skipping garbage [ 75.071023][ T7061] cdc_wdm 8-1:1.0: skipping garbage [ 75.073780][ T7061] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device [ 75.075830][ T7061] cdc_wdm 8-1:1.0: Unknown control protocol [ 75.470151][ T7126] raw-gadget.0 gadget.3: fail, usb_ep_set_wedge returned -11 [ 75.474178][ T7061] usb 8-1: USB disconnect, device number 10 [ 75.655819][ T7061] IPVS: starting estimator thread 0... [ 75.658632][ T7143] IPVS: sed: FWM 3 0x00000003 - no destination available [ 75.723621][ T5742] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 75.728477][ T5742] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 75.742398][ T5742] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 75.746408][ T5742] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 75.752394][ T5742] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 75.770271][ T7144] IPVS: using max 28 ests per chain, 67200 per kthread [ 75.881206][ T7171] netlink: 4 bytes leftover after parsing attributes in process `syz.0.569'. [ 76.008745][ T7185] netlink: 28 bytes leftover after parsing attributes in process `syz.3.574'. [ 76.012790][ T7185] netlink: 28 bytes leftover after parsing attributes in process `syz.3.574'. [ 76.017283][ T7185] netlink: 28 bytes leftover after parsing attributes in process `syz.3.574'. [ 76.021626][ T7185] netlink: 28 bytes leftover after parsing attributes in process `syz.3.574'. [ 76.095485][ T7148] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.097939][ T7148] bridge0: port 1(bridge_slave_0) entered disabled state [ 76.102258][ T7148] bridge_slave_0: entered allmulticast mode [ 76.105459][ T7148] bridge_slave_0: entered promiscuous mode [ 76.108518][ T7148] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.114193][ T7148] bridge0: port 2(bridge_slave_1) entered disabled state [ 76.116726][ T7148] bridge_slave_1: entered allmulticast mode [ 76.119615][ T7148] bridge_slave_1: entered promiscuous mode [ 76.150633][ T7148] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 76.155629][ T7148] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 76.173088][ T7148] team0: Port device team_slave_0 added [ 76.176461][ T7148] team0: Port device team_slave_1 added [ 76.191014][ T7148] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 76.193845][ T7148] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 76.202473][ T7148] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 76.207061][ T7148] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 76.209432][ T7148] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 76.219206][ T7148] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 76.240709][ T7148] hsr_slave_0: entered promiscuous mode [ 76.243034][ T7148] hsr_slave_1: entered promiscuous mode [ 76.245255][ T7148] debugfs: 'hsr0' already exists in 'hsr' [ 76.247060][ T7148] Cannot create hsr debugfs directory [ 76.274808][ T1433] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.277445][ T1433] ieee802154 phy1 wpan1: encryption failed: -22 [ 76.377748][ T7148] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 76.382079][ T7148] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 76.384908][ T7148] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 76.388518][ T7148] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 76.391476][ T7148] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 76.397214][ T7148] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 76.401028][ T7148] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 76.407018][ T7148] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 76.447692][ T7148] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.456595][ T7148] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.461609][ T1169] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.463917][ T1169] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.472406][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.474575][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.659548][ T59] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 76.685431][ T7148] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 76.810467][ T7148] veth0_vlan: entered promiscuous mode [ 76.810610][ T59] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 76.815183][ T7148] veth1_vlan: entered promiscuous mode [ 76.815944][ T59] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 76.821052][ T59] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 76.825194][ T59] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 76.828070][ T59] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 76.830086][ T7148] veth0_macvtap: entered promiscuous mode [ 76.832175][ T59] usb 7-1: config 0 descriptor?? [ 76.836964][ T7148] veth1_macvtap: entered promiscuous mode [ 76.848006][ T7148] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 76.855264][ T7148] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 76.861631][ T12] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.864492][ T12] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.870443][ T12] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.873201][ T12] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.915550][ T1169] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.918214][ T1169] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.933432][ T1169] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.936452][ T1169] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.017665][ T40] kauditd_printk_skb: 7 callbacks suppressed [ 77.017680][ T40] audit: type=1400 audit(1777972345.171:449): avc: denied { unlink } for pid=7237 comm="syz.0.584" name="#7" dev="tmpfs" ino=1034 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 77.030080][ T40] audit: type=1400 audit(1777972345.181:450): avc: denied { remount } for pid=7237 comm="syz.0.584" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 77.081615][ T40] audit: type=1400 audit(1777972345.241:451): avc: denied { create } for pid=7245 comm="syz.0.588" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 77.093076][ T40] audit: type=1400 audit(1777972345.251:452): avc: denied { write } for pid=7245 comm="syz.0.588" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 77.105274][ T40] audit: type=1400 audit(1777972345.261:453): avc: denied { sqpoll } for pid=7249 comm="syz.4.589" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 77.193735][ T7257] syzkaller1: entered promiscuous mode [ 77.198454][ T40] audit: type=1400 audit(1777972345.351:454): avc: denied { remount } for pid=7258 comm="syz.4.593" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 77.200526][ T7257] syzkaller1: entered allmulticast mode [ 77.243560][ T59] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0 [ 77.246098][ T59] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0 [ 77.248520][ T59] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0 [ 77.251453][ T59] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0 [ 77.253849][ T59] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0 [ 77.262468][ T59] plantronics 0003:047F:FFFF.0009: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 77.289774][ T40] audit: type=1400 audit(1777972345.441:455): avc: denied { setopt } for pid=7265 comm="syz.4.596" lport=49894 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 77.501896][ T40] audit: type=1400 audit(1777972345.661:456): avc: denied { wake_alarm } for pid=7282 comm="syz.3.605" capability=35 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 77.502773][ T844] usb 7-1: USB disconnect, device number 4 [ 77.539366][ T40] audit: type=1400 audit(1777972345.691:457): avc: denied { ioctl } for pid=7282 comm="syz.3.605" path="/dev/fuse" dev="devtmpfs" ino=105 ioctlcmd=0xe500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 77.589391][ T5808] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 77.769514][ T5808] usb 5-1: Using ep0 maxpacket: 16 [ 77.772641][ T5808] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 77.776306][ T5808] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 77.780629][ T5808] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 77.783766][ T40] audit: type=1400 audit(1777972345.941:458): avc: denied { watch } for pid=7301 comm="syz.4.612" path=2F6D656D66643A2D42D54E34A64579DBD1A7B153F13A29202864656C6574656429 dev="tmpfs" ino=3077 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 77.783973][ T5808] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 77.789456][ T5735] Bluetooth: hci4: command tx timeout [ 77.801446][ T5808] usb 5-1: config 0 descriptor?? [ 78.216167][ T5808] usbhid 5-1:0.0: can't add hid device: -71 [ 78.218184][ T5808] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 78.222852][ T5808] usb 5-1: USB disconnect, device number 7 [ 78.463205][ T7341] netlink: 8 bytes leftover after parsing attributes in process `syz.4.631'. [ 78.545794][ T7354] netlink: 16 bytes leftover after parsing attributes in process `syz.0.637'. [ 78.548498][ T7356] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.638'. [ 78.760438][ T39] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 78.819423][ T6822] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 78.910325][ T39] usb 7-1: Using ep0 maxpacket: 8 [ 78.914606][ T39] usb 7-1: config 0 has an invalid interface number: 1 but max is 0 [ 78.918305][ T39] usb 7-1: config 0 has no interface number 0 [ 78.921404][ T39] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 78.926520][ T39] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 78.929674][ T39] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 78.933696][ T39] usb 7-1: config 0 descriptor?? [ 78.941384][ T39] iowarrior 7-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 78.979456][ T6822] usb 5-1: Using ep0 maxpacket: 8 [ 78.982409][ T6822] usb 5-1: config index 0 descriptor too short (expected 74, got 45) [ 78.985085][ T6822] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 78.988657][ T6822] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 78.991988][ T6822] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024 [ 78.995259][ T6822] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 78.998427][ T6822] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 79.002882][ T6822] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 79.006521][ T6822] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 79.218340][ T6822] usb 5-1: usb_control_msg returned -32 [ 79.220314][ T6822] usbtmc 5-1:16.0: can't read capabilities [ 79.440488][ T7395] ip6gre0: Master is either lo or non-ether device [ 79.498274][ T6822] usb 7-1: USB disconnect, device number 5 [ 79.809474][ T59] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 79.869486][ T5735] Bluetooth: hci4: command tx timeout [ 79.924204][ T7427] netlink: 212348 bytes leftover after parsing attributes in process `syz.4.672'. [ 79.959447][ T59] usb 8-1: Using ep0 maxpacket: 32 [ 79.962299][ T59] usb 8-1: config 0 has an invalid interface number: 119 but max is 0 [ 79.964957][ T59] usb 8-1: config 0 has no interface number 0 [ 79.966876][ T59] usb 8-1: config 0 interface 119 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 79.970301][ T59] usb 8-1: config 0 interface 119 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83 [ 79.973809][ T59] usb 8-1: config 0 interface 119 altsetting 0 endpoint 0x83 has an invalid bInterval 115, changing to 7 [ 79.977553][ T59] usb 8-1: config 0 interface 119 altsetting 0 endpoint 0x83 has invalid maxpacket 25972, setting to 1024 [ 79.982135][ T59] usb 8-1: config 0 interface 119 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 79.989853][ T59] usb 8-1: New USB device found, idVendor=05ac, idProduct=0292, bcdDevice=88.73 [ 79.992927][ T59] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 79.995524][ T59] usb 8-1: Product: syz [ 79.997119][ T59] usb 8-1: Manufacturer: syz [ 79.998728][ T59] usb 8-1: SerialNumber: syz [ 80.003798][ T59] usb 8-1: config 0 descriptor?? [ 80.020801][ T59] input: bcm5974 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.119/input/input14 [ 80.188622][ T7448] syzkaller1: entered promiscuous mode [ 80.191045][ T7448] syzkaller1: entered allmulticast mode [ 80.213788][ T59] usb 8-1: USB disconnect, device number 11 [ 81.067243][ T7491] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.699'. [ 81.125556][ T7493] "syz.3.700" (7493) uses obsolete ecb(arc4) skcipher [ 81.402091][ T29] cfg80211: failed to load regulatory.db [ 81.448391][ T7516] sctp: [Deprecated]: syz.2.708 (pid 7516) Use of struct sctp_assoc_value in delayed_ack socket option. [ 81.448391][ T7516] Use struct sctp_sack_info instead [ 81.514398][ T7521] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 81.578487][ T5808] usb 5-1: USB disconnect, device number 8 [ 81.779458][ T5828] usb 8-1: new high-speed USB device number 12 using dummy_hcd [ 81.929499][ T5828] usb 8-1: Using ep0 maxpacket: 8 [ 81.934153][ T5828] usb 8-1: config 0 has an invalid interface number: 186 but max is 0 [ 81.937040][ T5828] usb 8-1: config 0 has no interface number 0 [ 81.939067][ T5828] usb 8-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 81.942915][ T5828] usb 8-1: config 0 interface 186 altsetting 0 endpoint 0x1 has an invalid bInterval 18, changing to 8 [ 81.946435][ T5828] usb 8-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A [ 81.950845][ T5735] Bluetooth: hci4: command tx timeout [ 81.955099][ T5828] usb 8-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 81.958712][ T5828] usb 8-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3 [ 81.964723][ T5828] usb 8-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5 [ 81.967764][ T5828] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 81.970619][ T5828] usb 8-1: Product: syz [ 81.972097][ T5828] usb 8-1: Manufacturer: syz [ 81.973658][ T5828] usb 8-1: SerialNumber: syz [ 81.978823][ T5828] usb 8-1: config 0 descriptor?? [ 82.165573][ T40] kauditd_printk_skb: 16 callbacks suppressed [ 82.165584][ T40] audit: type=1400 audit(1777972350.321:475): avc: denied { ioctl } for pid=7549 comm="syz.0.723" path="socket:[17189]" dev="sockfs" ino=17189 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 82.196756][ T5828] iowarrior 8-1:0.186: IOWarrior product=0x1505, serial=42424242 interface=186 now attached to iowarrior0 [ 82.266792][ T7560] netlink: 20 bytes leftover after parsing attributes in process `syz.0.727'. [ 82.283471][ T5735] Bluetooth: hci4: Malformed LE Event: 0x1b [ 82.403184][ T5828] usb 8-1: USB disconnect, device number 12 [ 82.421774][ T40] audit: type=1400 audit(1777972350.581:476): avc: denied { mount } for pid=7573 comm="syz.0.736" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 82.469498][ T40] audit: type=1400 audit(1777972350.631:477): avc: denied { append } for pid=7578 comm="syz.0.737" name="001" dev="devtmpfs" ino=761 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 82.488213][ T40] audit: type=1400 audit(1777972350.631:478): avc: denied { ioctl } for pid=7578 comm="syz.0.737" path="/dev/usbmon7" dev="devtmpfs" ino=759 ioctlcmd=0x9203 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 82.514556][ T7584] netlink: 8 bytes leftover after parsing attributes in process `syz.4.739'. [ 82.517500][ T7584] netlink: 16 bytes leftover after parsing attributes in process `syz.4.739'. [ 82.577652][ T7595] netlink: 6032 bytes leftover after parsing attributes in process `syz.0.743'. [ 82.580902][ T7594] netlink: 72 bytes leftover after parsing attributes in process `syz.4.744'. [ 83.317621][ T7620] input input16: cannot allocate more than FF_MAX_EFFECTS effects [ 83.417344][ T7630] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 83.580643][ T7651] 8021q: adding VLAN 0 to HW filter on device bond0 [ 83.583553][ T7651] 8021q: adding VLAN 0 to HW filter on device team0 [ 83.587853][ T7651] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.615292][ T7651] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.618975][ T7651] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.623800][ T7651] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 83.627236][ T7651] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 83.634358][ T40] audit: type=1400 audit(1777972351.791:479): avc: denied { write } for pid=7659 comm="syz.4.774" path="socket:[19737]" dev="sockfs" ino=19737 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 83.634612][ T7651] veth1_vlan: left promiscuous mode [ 83.646279][ T7651] veth0_vlan: left promiscuous mode [ 83.648512][ T7651] veth0_vlan: entered promiscuous mode [ 83.652400][ T7651] veth1_vlan: entered promiscuous mode [ 83.656346][ T7651] veth1_macvtap: left promiscuous mode [ 83.658871][ T7651] veth0_macvtap: left promiscuous mode [ 83.661908][ T7651] veth0_macvtap: entered promiscuous mode [ 83.664717][ T7651] veth1_macvtap: entered promiscuous mode [ 83.670733][ T7651] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 83.673630][ T7651] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 83.676359][ T7651] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 83.681685][ T7651] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 83.685936][ T7664] __nla_validate_parse: 4 callbacks suppressed [ 83.685945][ T7664] netlink: 207952 bytes leftover after parsing attributes in process `syz.4.776'. [ 83.687464][ T7651] 8021q: adding VLAN 0 to HW filter on device bond1 [ 83.697098][ T54] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.699522][ T54] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.703350][ T54] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.705822][ T54] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.722966][ T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.725912][ T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.728796][ T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.755432][ T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.758324][ T40] audit: type=1400 audit(1777972351.911:480): avc: denied { name_bind } for pid=7669 comm="syz.3.779" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1 [ 83.794114][ T40] audit: type=1400 audit(1777972351.951:481): avc: denied { mounton } for pid=7673 comm="syz.3.781" path="/177/file0" dev="9p" ino=72876159 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 83.813685][ T40] audit: type=1400 audit(1777972351.971:482): avc: denied { unmount } for pid=5731 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 84.016656][ T40] audit: type=1400 audit(1777972352.171:483): avc: denied { mount } for pid=7695 comm="syz.4.792" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1 [ 84.018656][ T7696] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 84.025547][ T40] audit: type=1400 audit(1777972352.171:484): avc: denied { mounton } for pid=7695 comm="syz.4.792" path="/102/file0" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1 [ 84.030578][ T5735] Bluetooth: hci4: command tx timeout [ 84.249418][ T6822] usb 8-1: new high-speed USB device number 13 using dummy_hcd [ 84.398689][ T7716] overlayfs: upper fs does not support file handles, falling back to index=off. [ 84.409642][ T6822] usb 8-1: Using ep0 maxpacket: 8 [ 84.414771][ T6822] usb 8-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 84.420991][ T6822] usb 8-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 84.430455][ T6822] usb 8-1: config 0 interface 0 has no altsetting 0 [ 84.436117][ T6822] usb 8-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 84.446353][ T6822] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 84.460307][ T6822] usb 8-1: config 0 descriptor?? [ 84.503846][ T7731] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.809'. [ 84.875652][ T6822] mcp2221 0003:04D8:00DD.000A: unknown main item tag 0x0 [ 84.880461][ T6822] mcp2221 0003:04D8:00DD.000A: unknown main item tag 0x0 [ 84.882861][ T6822] mcp2221 0003:04D8:00DD.000A: unknown main item tag 0x0 [ 84.885084][ T6822] mcp2221 0003:04D8:00DD.000A: unknown main item tag 0x0 [ 84.887296][ T6822] mcp2221 0003:04D8:00DD.000A: unknown main item tag 0x0 [ 84.890209][ T6822] mcp2221 0003:04D8:00DD.000A: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.3-1/input0 [ 84.960940][ T7766] netem: change failed [ 85.071678][ T6822] usb 8-1: USB disconnect, device number 13 [ 85.124115][ T7774] trusted_key: syz.2.830 sent an empty control message without MSG_MORE. [ 85.341692][ T7789] netlink: 16 bytes leftover after parsing attributes in process `syz.2.837'. [ 85.367551][ T7791] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 85.371287][ T7791] IPv6: NLM_F_CREATE should be set when creating new route [ 85.428276][ T7797] netlink: 8 bytes leftover after parsing attributes in process `syz.4.841'. [ 85.432523][ T7797] netlink: 12 bytes leftover after parsing attributes in process `syz.4.841'. [ 85.624543][ T7825] netlink: 8 bytes leftover after parsing attributes in process `syz.3.854'. [ 85.689551][ T6822] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 85.839405][ T6822] usb 7-1: Using ep0 maxpacket: 8 [ 85.844001][ T6822] usb 7-1: config 179 has an invalid interface number: 65 but max is 0 [ 85.848685][ T6822] usb 7-1: config 179 has no interface number 0 [ 85.854336][ T6822] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 85.859434][ T6822] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 85.866551][ T6822] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 52, changing to 9 [ 85.868513][ T7841] netlink: 8 bytes leftover after parsing attributes in process `syz.0.861'. [ 85.873656][ T6822] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 8241, setting to 1024 [ 85.881643][ T6822] usb 7-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 85.886237][ T6822] usb 7-1: config 179 interface 65 has no altsetting 0 [ 85.888488][ T6822] usb 7-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 85.899227][ T6822] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 85.924064][ T6822] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:179.65/input/input17 [ 85.994738][ T5127] input input17: unable to receive magic message: -110 [ 86.013517][ T7859] netlink: 212348 bytes leftover after parsing attributes in process `syz.4.870'. [ 86.018166][ T7859] netlink: ct family unspecified [ 86.020221][ T5127] input input17: unable to receive magic message: -32 [ 86.024852][ T5127] input input17: unable to receive magic message: -32 [ 86.042042][ T5127] input input17: unable to receive magic message: -32 [ 86.049031][ T5127] input input17: unable to receive magic message: -32 [ 86.056920][ T5127] input input17: unable to receive magic message: -32 [ 86.109442][ T5735] Bluetooth: hci4: command tx timeout [ 86.114168][ T7799] input input17: unable to receive magic message: -32 [ 86.122575][ T6822] usb 7-1: USB disconnect, device number 6 [ 86.124607][ C2] xpad 7-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 86.233226][ T7883] netlink: 8 bytes leftover after parsing attributes in process `syz.4.881'. [ 86.931052][ T7960] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 87.235875][ T40] kauditd_printk_skb: 16 callbacks suppressed [ 87.235886][ T40] audit: type=1400 audit(1777972355.391:501): avc: denied { mount } for pid=7976 comm="syz.2.922" name="/" dev="autofs" ino=18103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1 [ 87.248868][ T40] audit: type=1400 audit(1777972355.401:502): avc: denied { unmount } for pid=5739 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1 [ 87.308270][ T7987] netlink: 'syz.2.926': attribute type 8 has an invalid length. [ 87.313457][ T7987] netlink: 4 bytes leftover after parsing attributes in process `syz.2.926'. [ 87.318905][ T7987] bond0: entered promiscuous mode [ 87.320951][ T7987] bond_slave_0: entered promiscuous mode [ 87.322920][ T7987] bond_slave_1: entered promiscuous mode [ 87.327848][ T7987] gretap0: entered promiscuous mode [ 87.330309][ T7987] ip6gretap0: entered promiscuous mode [ 87.334745][ T7987] hsr1: entered promiscuous mode [ 87.438059][ T8000] netlink: 'syz.4.932': attribute type 1 has an invalid length. [ 87.441397][ T8000] netlink: 'syz.4.932': attribute type 4 has an invalid length. [ 87.506265][ T8007] tls_set_device_offload_rx: netdev not found [ 87.597452][ T40] audit: type=1400 audit(1777972355.741:503): avc: denied { open } for pid=8021 comm="syz.0.939" path="/dev/ptyq4" dev="devtmpfs" ino=131 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 87.625945][ T40] audit: type=1400 audit(1777972355.741:504): avc: denied { ioctl } for pid=8021 comm="syz.0.939" path="/dev/ptyq4" dev="devtmpfs" ino=131 ioctlcmd=0x5420 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 87.918113][ T8055] overlayfs: failed to set uuid (274/file1, err=-1); falling back to uuid=null. [ 87.921329][ T8055] overlayfs: failed to verify upper root origin [ 88.052359][ T8070] veth1_macvtap: left promiscuous mode [ 88.054222][ T8070] macsec0: entered promiscuous mode [ 88.056026][ T8070] macsec0: entered allmulticast mode [ 88.064791][ T8070] veth1_macvtap: entered promiscuous mode [ 88.066768][ T8070] veth1_macvtap: entered allmulticast mode [ 88.068957][ T8070] macsec0: left promiscuous mode [ 88.071059][ T8070] macsec0: left allmulticast mode [ 88.072788][ T8070] veth1_macvtap: left allmulticast mode [ 88.220852][ T40] audit: type=1400 audit(1777972356.381:505): avc: denied { map } for pid=8079 comm="syz.2.964" path="socket:[19346]" dev="sockfs" ino=19346 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 88.230241][ T40] audit: type=1400 audit(1777972356.381:506): avc: denied { read } for pid=8079 comm="syz.2.964" path="socket:[19346]" dev="sockfs" ino=19346 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 88.654190][ T40] audit: type=1326 audit(1777972356.811:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8089 comm="syz.4.969" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5764d9cdd9 code=0x7ffc0000 [ 88.662447][ T40] audit: type=1326 audit(1777972356.811:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8089 comm="syz.4.969" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5764d9cdd9 code=0x7ffc0000 [ 88.675004][ T40] audit: type=1326 audit(1777972356.811:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8089 comm="syz.4.969" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5764d9cdd9 code=0x7ffc0000 [ 88.688182][ T40] audit: type=1326 audit(1777972356.811:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8089 comm="syz.4.969" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5764d9cdd9 code=0x7ffc0000 [ 88.699432][ T39] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 88.791246][ T8097] netfs: Couldn't get user pages (rc=-14) [ 88.861677][ T39] usb 7-1: config index 0 descriptor too short (expected 39, got 27) [ 88.864456][ T39] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 88.867662][ T39] usb 7-1: config 0 interface 0 has no altsetting 0 [ 88.872462][ T39] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 88.878124][ T39] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 88.883450][ T39] usb 7-1: Product: syz [ 88.884869][ T39] usb 7-1: Manufacturer: syz [ 88.887198][ T39] usb 7-1: SerialNumber: syz [ 88.890163][ T39] usb 7-1: config 0 descriptor?? [ 88.893450][ T39] hub 7-1:0.0: bad descriptor, ignoring hub [ 88.895982][ T39] hub 7-1:0.0: probe with driver hub failed with error -5 [ 88.902072][ T39] usb 7-1: selecting invalid altsetting 0 [ 89.029680][ T8113] __nla_validate_parse: 2 callbacks suppressed [ 89.029691][ T8113] netlink: 16 bytes leftover after parsing attributes in process `syz.3.980'. [ 89.174879][ T8130] netlink: 207952 bytes leftover after parsing attributes in process `syz.4.988'. [ 89.401666][ T39] usb 8-1: new high-speed USB device number 14 using dummy_hcd [ 89.571221][ T39] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 89.575093][ T39] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 89.578324][ T39] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 89.581916][ T39] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 89.591462][ T8128] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 89.597708][ T39] usb 8-1: Quirk or no altset; falling back to MIDI 1.0 [ 89.789707][ T8086] usb 7-1: reset high-speed USB device number 7 using dummy_hcd [ 89.804128][ T59] usb 8-1: USB disconnect, device number 14 [ 90.029140][ T8159] evm: overlay not supported [ 90.369643][ T6822] usb 7-1: USB disconnect, device number 7 [ 90.727605][ T8174] xt_hashlimit: size too large, truncated to 1048576 [ 91.066205][ T8191] netlink: 'syz.4.1016': attribute type 15 has an invalid length. [ 91.068853][ T8191] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1016'. [ 91.076366][ T8191] netlink: 'syz.4.1016': attribute type 15 has an invalid length. [ 91.078958][ T192] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 2816 - 0 [ 91.080709][ T8191] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1016'. [ 91.083883][ T192] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 2816 - 0 [ 91.088669][ T192] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 2816 - 0 [ 91.094324][ T192] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 2816 - 0 [ 91.311534][ T8220] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1026'. [ 91.314710][ T8220] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1026'. [ 91.317661][ T8220] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1026'. [ 91.320615][ T8220] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1026'. [ 91.362763][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 91.384605][ T8226] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1029'. [ 91.975054][ T8265] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input18 [ 92.336073][ T8302] 9pnet_virtio: no channels available for device syz [ 92.441843][ T8312] netlink: 27 bytes leftover after parsing attributes in process `syz.4.1065'. [ 93.663964][ T8367] xt_CT: No such helper "netbios-ns" [ 93.707829][ T40] kauditd_printk_skb: 13 callbacks suppressed [ 93.707840][ T40] audit: type=1400 audit(1777972361.861:524): avc: denied { ioctl } for pid=8369 comm="syz.3.1088" path="socket:[23686]" dev="sockfs" ino=23686 ioctlcmd=0x745a scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 93.780449][ T40] audit: type=1400 audit(1777972361.941:525): avc: denied { listen } for pid=8374 comm="syz.2.1090" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 93.843823][ T40] audit: type=1400 audit(1777972362.001:526): avc: denied { accept } for pid=8374 comm="syz.2.1090" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 93.870156][ T40] audit: type=1400 audit(1777972362.031:527): avc: denied { listen } for pid=8380 comm="syz.2.1093" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 93.896584][ T8384] input: syz0 as /devices/virtual/input/input19 [ 94.276276][ T8401] ceph: No mds server is up or the cluster is laggy [ 94.309574][ T40] audit: type=1400 audit(1777972362.461:528): avc: denied { getopt } for pid=8329 comm="syz.4.1073" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 94.532655][ T8414] __nla_validate_parse: 4 callbacks suppressed [ 94.532666][ T8414] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1106'. [ 94.552661][ T40] audit: type=1400 audit(1777972362.711:529): avc: denied { create } for pid=8415 comm="syz.4.1107" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 94.561925][ T40] audit: type=1400 audit(1777972362.711:530): avc: denied { read } for pid=8415 comm="syz.4.1107" path="socket:[21815]" dev="sockfs" ino=21815 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 94.663872][ T40] audit: type=1400 audit(1777972362.821:531): avc: denied { write } for pid=8415 comm="syz.4.1107" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 94.664085][ T8418] netlink: 240 bytes leftover after parsing attributes in process `syz.4.1107'. [ 94.738243][ T40] audit: type=1400 audit(1777972362.891:532): avc: denied { mounton } for pid=8426 comm="syz.2.1110" path="/proc/694/cgroup" dev="proc" ino=21091 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1 [ 94.793086][ T8435] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1114'. [ 94.800424][ T8437] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 95.014753][ T40] audit: type=1400 audit(1777972363.161:533): avc: denied { load_policy } for pid=8451 comm="syz.2.1121" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 95.018299][ T8452] SELinux: ebitmap: start bit 512 comes after start bit 768 [ 95.043230][ T8452] SELinux: failed to load policy [ 95.118234][ T8459] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1124'. [ 95.127631][ T8459] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.130619][ T8459] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.502016][ T8490] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1137'. [ 95.506010][ T8490] netlink: 'syz.3.1137': attribute type 6 has an invalid length. [ 95.508562][ T8490] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1137'. [ 95.601528][ T8490] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1137'. [ 95.604522][ T8490] netlink: 'syz.3.1137': attribute type 6 has an invalid length. [ 95.607039][ T8490] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1137'. [ 96.769777][ T29] IPVS: starting estimator thread 0... [ 96.869425][ T8533] IPVS: using max 45 ests per chain, 108000 per kthread [ 96.985824][ T8549] fuse: Bad value for 'fd' [ 97.462615][ T8582] SELinux: ebitmap: high bit 1536 is not equal to the expected value 1152 [ 97.468317][ T8582] SELinux: failed to load policy [ 97.706858][ T8586] af_packet: tpacket_rcv: packet too big, clamped from 1 to 4294967272. macoff=96 [ 97.711079][ T8588] pim6reg1: entered promiscuous mode [ 97.713062][ T8588] pim6reg1: entered allmulticast mode [ 98.065474][ T8613] 9pnet_virtio: no channels available for device syz [ 98.201789][ T8628] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 98.273290][ T5735] Bluetooth: hci3: ISO packet for unknown connection handle 0 [ 99.060300][ T8677] netlink: 'syz.3.1220': attribute type 3 has an invalid length. [ 99.121870][ T40] kauditd_printk_skb: 10 callbacks suppressed [ 99.121880][ T40] audit: type=1400 audit(1777972367.281:544): avc: denied { getopt } for pid=8686 comm="syz.2.1224" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 99.204041][ T8700] Bluetooth: MGMT ver 1.23 [ 99.206852][ T8700] Bluetooth: hci1: expected 2178 bytes, got 2 bytes [ 99.250290][ T8706] netlink: 212348 bytes leftover after parsing attributes in process `syz.3.1233'. [ 99.254479][ T8706] netlink: Unknown conntrack attr (0) [ 99.394578][ T8716] fuse: Bad value for 'fd' [ 99.433963][ T40] audit: type=1400 audit(1777972367.591:545): avc: denied { mount } for pid=8717 comm="syz.4.1238" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1 [ 99.512265][ T8725] netlink: 'syz.4.1241': attribute type 1 has an invalid length. [ 99.528315][ T8725] 8021q: adding VLAN 0 to HW filter on device bond1 [ 99.547480][ T8725] bond1: (slave geneve2): making interface the new active one [ 99.550894][ T8725] bond1: (slave geneve2): Enslaving as an active interface with an up link [ 100.180055][ T40] audit: type=1400 audit(1777972368.341:546): avc: denied { read write } for pid=8755 comm="syz.3.1256" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 100.188495][ T40] audit: type=1400 audit(1777972368.341:547): avc: denied { open } for pid=8755 comm="syz.3.1256" path="/dev/autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 100.288092][ T8763] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1259'. [ 100.291444][ T8763] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1259'. [ 100.294336][ T8763] netlink: 'syz.3.1259': attribute type 20 has an invalid length. [ 100.362265][ T8765] xt_hashlimit: size too large, truncated to 1048576 [ 100.379846][ T39] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 100.400147][ T8763] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1259'. [ 100.404485][ T8763] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1259'. [ 100.408280][ T8763] netlink: 'syz.3.1259': attribute type 20 has an invalid length. [ 100.539553][ T39] usb 7-1: Using ep0 maxpacket: 8 [ 100.545163][ T39] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 100.560335][ T39] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 100.564769][ T39] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 100.569108][ T39] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 100.573933][ T39] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 100.579810][ T39] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 100.584007][ T39] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 100.687668][ T40] audit: type=1400 audit(1777972368.841:548): avc: denied { write } for pid=8775 comm="syz.4.1263" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 100.797485][ T39] usb 7-1: usb_control_msg returned -32 [ 100.799549][ T39] usbtmc 7-1:16.0: can't read capabilities [ 100.843340][ T8795] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1267'. [ 100.857817][ T8795] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1267'. [ 100.861120][ T8795] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1267'. [ 100.932690][ T40] audit: type=1400 audit(1777972369.091:549): avc: denied { mount } for pid=8798 comm="syz.4.1269" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 100.943015][ T40] audit: type=1400 audit(1777972369.101:550): avc: denied { unmount } for pid=7148 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 101.160665][ T5808] usb 7-1: USB disconnect, device number 8 [ 101.161524][ T8808] usbtmc 7-1:16.0: usb_control_msg returned -71 [ 101.990893][ T8828] xt_hashlimit: size too large, truncated to 1048576 [ 102.256010][ T8849] netlink: 'syz.4.1291': attribute type 1 has an invalid length. [ 102.267949][ T8849] 8021q: adding VLAN 0 to HW filter on device bond2 [ 102.287393][ T8849] bond2: (slave geneve3): making interface the new active one [ 102.290716][ T8849] bond2: (slave geneve3): Enslaving as an active interface with an up link [ 102.422567][ T8856] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1293'. [ 102.425603][ T8856] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1293'. [ 102.427324][ T8854] netlink: 'syz.2.1294': attribute type 29 has an invalid length. [ 102.438159][ T8854] netlink: 'syz.2.1294': attribute type 29 has an invalid length. [ 102.438338][ T8856] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1293'. [ 102.441446][ T12] netdevsim netdevsim4 netdevsim0: set [0, 1] type 1 family 0 port 8472 - 0 [ 102.446711][ T12] netdevsim netdevsim4 netdevsim1: set [0, 1] type 1 family 0 port 8472 - 0 [ 102.446975][ T8854] unsupported nla_type 58 [ 102.453732][ T12] netdevsim netdevsim4 netdevsim2: set [0, 1] type 1 family 0 port 8472 - 0 [ 102.456626][ T12] netdevsim netdevsim4 netdevsim3: set [0, 1] type 1 family 0 port 8472 - 0 [ 102.487470][ T40] audit: type=1400 audit(1777972370.641:551): avc: denied { append } for pid=8857 comm="syz.2.1295" name="loop5" dev="devtmpfs" ino=663 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 102.488531][ T8858] loop5: detected capacity change from 0 to 7 [ 102.498290][ T8858] Dev loop5: unable to read RDB block 7 [ 102.500286][ T8858] loop5: unable to read partition table [ 102.502547][ T8858] loop5: partition table beyond EOD, truncated [ 102.504706][ T8858] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5) [ 102.786694][ T8870] netlink: 'syz.4.1301': attribute type 2 has an invalid length. [ 102.802528][ T8874] xt_hashlimit: size too large, truncated to 1048576 [ 102.854274][ T40] audit: type=1400 audit(1777972371.011:552): avc: denied { read write } for pid=8873 comm="syz.2.1303" name="loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 102.865147][ T40] audit: type=1400 audit(1777972371.011:553): avc: denied { open } for pid=8873 comm="syz.2.1303" path="/dev/loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 102.881543][ T8880] bridge_slave_0 (unregistering): left allmulticast mode [ 102.884969][ T8880] bridge_slave_0 (unregistering): left promiscuous mode [ 102.888721][ T8880] bridge0: port 1(bridge_slave_0) entered disabled state [ 103.299465][ T24] IPVS: starting estimator thread 0... [ 103.389454][ T8912] IPVS: using max 45 ests per chain, 108000 per kthread [ 103.565883][ T8916] loop5: detected capacity change from 0 to 7 [ 103.569181][ T8916] Dev loop5: unable to read RDB block 7 [ 103.572085][ T8916] loop5: unable to read partition table [ 103.574401][ T8916] loop5: partition table beyond EOD, truncated [ 103.576453][ T8916] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5) [ 103.937927][ T5742] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 103.943132][ T5742] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 103.947663][ T5742] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 103.950553][ T5742] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 103.953090][ T5742] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 104.471099][ T8927] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.473574][ T8927] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.476054][ T8927] bridge_slave_0: entered allmulticast mode [ 104.478926][ T8927] bridge_slave_0: entered promiscuous mode [ 104.482447][ T8927] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.484889][ T8927] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.487868][ T8927] bridge_slave_1: entered allmulticast mode [ 104.491289][ T8927] bridge_slave_1: entered promiscuous mode [ 104.513348][ T8927] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 104.517871][ T8927] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 104.535325][ T8927] team0: Port device team_slave_0 added [ 104.540178][ T8927] team0: Port device team_slave_1 added [ 104.554392][ T8927] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 104.556728][ T8927] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 104.568110][ T8927] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 104.572637][ T8927] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 104.574947][ T8927] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 104.583376][ T8927] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 104.604723][ T8927] hsr_slave_0: entered promiscuous mode [ 104.607036][ T8927] hsr_slave_1: entered promiscuous mode [ 104.609212][ T8927] debugfs: 'hsr0' already exists in 'hsr' [ 104.611282][ T8927] Cannot create hsr debugfs directory [ 104.744368][ T40] kauditd_printk_skb: 2 callbacks suppressed [ 104.744405][ T40] audit: type=1400 audit(1777972372.901:556): avc: denied { mounton } for pid=8964 comm="syz.2.1333" path="/407/file0" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1 [ 104.745342][ T8965] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 104.748943][ T40] audit: type=1400 audit(1777972372.901:557): avc: denied { read } for pid=8964 comm="syz.2.1333" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1 [ 104.748967][ T8927] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 104.763164][ T40] audit: type=1400 audit(1777972372.911:558): avc: denied { read } for pid=8964 comm="syz.2.1333" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1 [ 104.763228][ T40] audit: type=1400 audit(1777972372.911:559): avc: denied { read } for pid=8964 comm="syz.2.1333" name="/" dev="overlay" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1 [ 104.783870][ T40] audit: type=1400 audit(1777972372.911:560): avc: denied { read } for pid=8964 comm="syz.2.1333" name="/" dev="overlay" ino=4611686018427387906 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1 [ 104.784288][ T8927] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 104.794160][ T8927] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 104.798617][ T40] audit: type=1400 audit(1777972372.911:561): avc: denied { open } for pid=8964 comm="syz.2.1333" path="/407/file0" dev="overlay" ino=4611686018427387906 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1 [ 104.799586][ T8965] audit: audit_backlog=65 > audit_backlog_limit=64 [ 104.808088][ T40] audit: type=1400 audit(1777972372.911:562): avc: denied { read } for pid=8964 comm="syz.2.1333" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1 [ 104.810107][ T8965] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64 [ 104.816833][ T40] audit: type=1400 audit(1777972372.911:563): avc: denied { read } for pid=8964 comm="syz.2.1333" name="/" dev="overlay" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1 [ 104.843116][ T8927] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 104.852327][ T8927] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 104.860250][ T8927] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 104.863041][ T8927] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 104.884735][ T8927] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 104.943374][ T8927] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.946018][ T8927] bridge0: port 2(bridge_slave_1) entered forwarding state [ 104.949991][ T8927] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.952381][ T8927] bridge0: port 1(bridge_slave_0) entered forwarding state [ 104.986406][ T8927] 8021q: adding VLAN 0 to HW filter on device bond0 [ 105.033396][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.046587][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.084818][ T29] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 105.093154][ T8927] 8021q: adding VLAN 0 to HW filter on device team0 [ 105.115659][ T29] hid-generic 0000:0000:0000.000B: hidraw1: HID v0.00 Device [syz1] on syz0 [ 105.129928][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.132441][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.155105][ T8982] veth3: entered allmulticast mode [ 105.159545][ T223] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.161940][ T223] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.515674][ T8984] hid-generic 0003:0627:0001.0001: pid 8984 passed too short report [ 105.543730][ T9024] __nla_validate_parse: 4 callbacks suppressed [ 105.543742][ T9024] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1352'. [ 105.601547][ T9026] : renamed from bond0 (while UP) [ 105.707860][ T8927] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 105.861852][ T8927] veth0_vlan: entered promiscuous mode [ 105.867315][ T8927] veth1_vlan: entered promiscuous mode [ 105.888111][ T8927] veth0_macvtap: entered promiscuous mode [ 105.896349][ T8927] veth1_macvtap: entered promiscuous mode [ 105.904844][ T8927] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 105.915912][ T8927] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 105.926775][ T223] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.929946][ T223] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.933229][ T223] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.936183][ T223] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.963003][ T9047] loop5: detected capacity change from 0 to 7 [ 105.968519][ T9047] Dev loop5: unable to read RDB block 7 [ 105.970487][ T9047] loop5: unable to read partition table [ 105.972448][ T9047] loop5: partition table beyond EOD, truncated [ 105.976944][ T9047] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5) [ 106.020701][ T1169] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 106.023984][ T1169] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 106.030391][ T5735] Bluetooth: hci0: command tx timeout [ 106.046752][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 106.049279][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 106.183011][ T12] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0x5 [ 106.356691][ T1169] Bluetooth: hci5: Frame reassembly failed (-84) [ 106.362863][ T1169] Bluetooth: hci5: Frame reassembly failed (-84) [ 106.517460][ T9081] Bluetooth: MGMT ver 1.23 [ 106.667516][ T9087] netlink: 212348 bytes leftover after parsing attributes in process `syz.3.1375'. [ 107.369812][ T5742] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201' [ 107.373995][ T5742] CPU: 1 UID: 0 PID: 5742 Comm: kworker/u33:5 Tainted: G L syzkaller #0 PREEMPT(full) [ 107.374026][ T5742] Tainted: [L]=SOFTLOCKUP [ 107.374033][ T5742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 107.374045][ T5742] Workqueue: hci3 hci_rx_work [ 107.374183][ T5742] Call Trace: [ 107.374191][ T5742] [ 107.374199][ T5742] dump_stack_lvl+0x100/0x190 [ 107.374280][ T5742] sysfs_warn_dup.cold+0x1c/0x28 [ 107.374327][ T5742] sysfs_create_dir_ns+0x24b/0x2b0 [ 107.374370][ T5742] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 107.374388][ T5742] ? find_held_lock+0x2b/0x80 [ 107.374423][ T5742] ? kobject_add_internal+0x25f/0x930 [ 107.374466][ T5742] ? kobject_add_internal+0x25f/0x930 [ 107.374497][ T5742] ? do_raw_spin_unlock+0x145/0x1e0 [ 107.374527][ T5742] kobject_add_internal+0x2c8/0x930 [ 107.374557][ T5742] kobject_add+0x16a/0x1e0 [ 107.374584][ T5742] ? __pfx_kobject_add+0x10/0x10 [ 107.374608][ T5742] ? class_to_subsys+0x10f/0x150 [ 107.374674][ T5742] ? kobject_put+0xb9/0x640 [ 107.374697][ T5742] ? _raw_spin_unlock+0x28/0x50 [ 107.374725][ T5742] device_add+0x294/0x1950 [ 107.374745][ T5742] ? __pfx_dev_set_name+0x10/0x10 [ 107.374769][ T5742] ? __pfx_device_add+0x10/0x10 [ 107.374789][ T5742] ? mgmt_send_event_skb+0x2fb/0x460 [ 107.374825][ T5742] hci_conn_add_sysfs+0x1a3/0x260 [ 107.374851][ T5742] le_conn_complete_evt+0x11eb/0x1f60 [ 107.374882][ T5742] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 107.374910][ T5742] hci_le_conn_complete_evt+0x23c/0x3a0 [ 107.374932][ T5742] ? skb_pull_data+0x15f/0x1e0 [ 107.374977][ T5742] hci_le_meta_evt+0x34a/0x5f0 [ 107.375001][ T5742] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 107.375026][ T5742] hci_event_packet+0x51c/0xcd0 [ 107.375046][ T5742] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 107.375067][ T5742] ? __pfx_hci_event_packet+0x10/0x10 [ 107.375091][ T5742] ? kcov_remote_start+0x384/0x660 [ 107.375119][ T5742] hci_rx_work+0x451/0xfc0 [ 107.375144][ T5742] process_one_work+0xa0e/0x1980 [ 107.375180][ T5742] ? __pfx_process_one_work+0x10/0x10 [ 107.375214][ T5742] ? __pfx_hci_rx_work+0x10/0x10 [ 107.375236][ T5742] worker_thread+0x5ef/0xe50 [ 107.375271][ T5742] ? kthread+0x13a/0x450 [ 107.375291][ T5742] ? __pfx_worker_thread+0x10/0x10 [ 107.375313][ T5742] kthread+0x370/0x450 [ 107.375332][ T5742] ? __pfx_kthread+0x10/0x10 [ 107.375353][ T5742] ret_from_fork+0x72b/0xd50 [ 107.375375][ T5742] ? __pfx_ret_from_fork+0x10/0x10 [ 107.375402][ T5742] ? __switch_to+0x800/0x1100 [ 107.375431][ T5742] ? __pfx_kthread+0x10/0x10 [ 107.375454][ T5742] ret_from_fork_asm+0x1a/0x30 [ 107.375496][ T5742] [ 107.375520][ T5742] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 107.411362][ T9141] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 107.413550][ T5742] Bluetooth: hci3: failed to register connection device [ 108.109412][ T5742] Bluetooth: hci0: command tx timeout [ 108.430751][ T5735] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 108.433026][ T5742] Bluetooth: hci5: command 0x1003 tx timeout [ 109.409621][ T59] usb 10-1: new full-speed USB device number 2 using dummy_hcd [ 109.561122][ T59] usb 10-1: config index 0 descriptor too short (expected 29220, got 36) [ 109.564195][ T59] usb 10-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 109.567172][ T59] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 109.570173][ T59] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 109.573376][ T59] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 109.576891][ T59] usb 10-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 109.581363][ T59] usb 10-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 109.584452][ T59] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.588896][ T59] usb 10-1: config 0 descriptor?? [ 109.591331][ T9182] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 109.693038][ T9214] netlink: 212348 bytes leftover after parsing attributes in process `syz.4.1431'. [ 109.722670][ T9216] 9pnet_virtio: no channels available for device syz [ 109.801578][ T59] usblp 10-1:0.0: usblp0: USB Bidirectional printer dev 2 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 109.864625][ T9223] netlink: 'syz.2.1435': attribute type 12 has an invalid length. [ 109.867278][ T9223] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1435'. [ 109.874889][ T1169] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 109.877888][ T9223] netlink: 'syz.2.1435': attribute type 12 has an invalid length. [ 109.880628][ T9223] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1435'. [ 109.880883][ T192] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 109.886490][ T192] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 109.891494][ T192] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 110.004607][ C1] usblp0: nonzero read bulk status received: -71 [ 110.011188][ T59] usb 10-1: USB disconnect, device number 2 [ 110.071127][ T40] kauditd_printk_skb: 564 callbacks suppressed [ 110.071139][ T40] audit: type=1400 audit(1777972378.231:719): avc: denied { ioctl } for pid=9228 comm="syz.2.1438" path="socket:[26059]" dev="sockfs" ino=26059 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1 [ 110.191302][ T5735] Bluetooth: hci0: command tx timeout [ 110.213378][ T9181] usblp0: removed [ 110.398884][ T9239] input: syz0 as /devices/virtual/input/input20 [ 110.443819][ T40] audit: type=1400 audit(1777972378.601:720): avc: denied { write } for pid=9240 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 110.489133][ T40] audit: type=1400 audit(1777972378.641:721): avc: denied { write } for pid=9243 comm="rm" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 110.572008][ T40] audit: type=1400 audit(1777972378.731:722): avc: denied { write } for pid=9248 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 110.615005][ T40] audit: type=1400 audit(1777972378.771:723): avc: denied { write } for pid=9254 comm="rm" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 110.678773][ T40] audit: type=1400 audit(1777972378.831:724): avc: denied { write } for pid=9260 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 110.738307][ T40] audit: type=1400 audit(1777972378.891:725): avc: denied { write } for pid=9269 comm="rm" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 110.771737][ T40] audit: type=1400 audit(1777972378.931:726): avc: denied { mount } for pid=9271 comm="syz.5.1452" name="/" dev="ramfs" ino=27934 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 110.816579][ T40] audit: type=1400 audit(1777972378.971:727): avc: denied { write } for pid=9275 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 110.868516][ T40] audit: type=1400 audit(1777972379.021:728): avc: denied { write } for pid=9282 comm="rm" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 111.036055][ T9279] netlink: 348 bytes leftover after parsing attributes in process `syz.3.1454'. [ 111.333539][ T9323] netlink: 'syz.2.1467': attribute type 7 has an invalid length. [ 111.336548][ T9323] netlink: 'syz.2.1467': attribute type 7 has an invalid length. [ 111.605978][ T9338] input: syz0 as /devices/virtual/input/input21 [ 111.716505][ T9348] kvm: kvm [9347]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010015) = 0x1000000000000000 [ 111.761334][ T9349] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1479'. [ 111.764316][ T9349] netlink: 'syz.2.1479': attribute type 3 has an invalid length. [ 111.766823][ T9349] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1479'. [ 111.774452][ T9349] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1479'. [ 111.777727][ T9349] netlink: 'syz.2.1479': attribute type 3 has an invalid length. [ 111.783364][ T9349] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1479'. [ 112.269495][ T5735] Bluetooth: hci0: command tx timeout [ 112.510409][ T5735] Bluetooth: hci1: command 0x0c1a tx timeout [ 112.511086][ T59] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 112.515836][ T59] Bluetooth: hci1: Error when powering off device on rfkill (-110) [ 113.630909][ T5735] Bluetooth: hci3: command 0x0406 tx timeout [ 114.426310][ C3] ================================================================== [ 114.429068][ C3] BUG: KASAN: use-after-free in qdisc_pkt_len_segs_init+0xa51/0xb30 [ 114.431752][ C3] Read of size 2 at addr ffff88812ea4d3f4 by task syz.2.1521/9446 [ 114.435733][ C3] [ 114.436859][ C3] CPU: 3 UID: 0 PID: 9446 Comm: syz.2.1521 Tainted: G L syzkaller #0 PREEMPT(full) [ 114.436877][ C3] Tainted: [L]=SOFTLOCKUP [ 114.436881][ C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 114.436888][ C3] Call Trace: [ 114.436892][ C3] [ 114.436897][ C3] dump_stack_lvl+0x100/0x190 [ 114.436913][ C3] print_report+0x13d/0x4b0 [ 114.436929][ C3] ? __virt_addr_valid+0x239/0x430 [ 114.436943][ C3] ? qdisc_pkt_len_segs_init+0xa51/0xb30 [ 114.436954][ C3] kasan_report+0xdf/0x1d0 [ 114.436990][ C3] ? qdisc_pkt_len_segs_init+0xa51/0xb30 [ 114.437002][ C3] qdisc_pkt_len_segs_init+0xa51/0xb30 [ 114.437015][ C3] __dev_queue_xmit+0x270/0x4950 [ 114.437029][ C3] ? kmem_cache_alloc_node_noprof+0x2a9/0x6f0 [ 114.437045][ C3] ? kmalloc_reserve+0x148/0x350 [ 114.437058][ C3] ? __kasan_kfree_large+0x30/0x80 [ 114.437069][ C3] ? __pfx___dev_queue_xmit+0x10/0x10 [ 114.437082][ C3] ? __asan_memset+0x23/0x50 [ 114.437097][ C3] ? __alloc_skb+0x4e9/0x710 [ 114.437111][ C3] ? __alloc_skb+0x5b7/0x710 [ 114.437126][ C3] ? __asan_memcpy+0x3c/0x60 [ 114.437140][ C3] ? __asan_memcpy+0x3c/0x60 [ 114.437155][ C3] ? skb_copy_header+0x20/0x2b0 [ 114.437169][ C3] ? __pskb_copy_fclone+0x498/0xdb0 [ 114.437179][ C3] ? __pfx_netif_rx_internal+0x10/0x10 [ 114.437190][ C3] ? __asan_memmove+0x3c/0x60 [ 114.437204][ C3] ? hsr_create_tagged_frame+0x795/0xf00 [ 114.437229][ C3] hsr_forward_skb+0xdcf/0x28a0 [ 114.437246][ C3] ? __pfx_hsr_drop_frame+0x10/0x10 [ 114.437264][ C3] ? __pfx_hsr_forward_skb+0x10/0x10 [ 114.437284][ C3] hsr_handle_frame+0x82f/0xac0 [ 114.437301][ C3] ? __pfx_hsr_handle_frame+0x10/0x10 [ 114.437317][ C3] __netif_receive_skb_core.constprop.0+0x6c5/0x3530 [ 114.437333][ C3] ? __pfx_ieee80211_rx_handlers+0x10/0x10 [ 114.437369][ C3] ? is_bpf_text_address+0x8a/0x1a0 [ 114.437383][ C3] ? is_bpf_text_address+0x8a/0x1a0 [ 114.437397][ C3] ? bpf_ksym_find+0x128/0x1c0 [ 114.437413][ C3] ? rcu_is_watching+0x12/0xc0 [ 114.437430][ C3] ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10 [ 114.437445][ C3] ? arch_scale_cpu_capacity+0x15/0xb0 [ 114.437460][ C3] ? cpu_util.constprop.0+0x1a7/0x370 [ 114.437474][ C3] ? update_sd_lb_stats.constprop.0+0x430/0x3360 [ 114.437490][ C3] ? __pfx_update_sd_lb_stats.constprop.0+0x10/0x10 [ 114.437503][ C3] __netif_receive_skb_list_core+0x353/0x940 [ 114.437520][ C3] ? __pfx___netif_receive_skb_list_core+0x10/0x10 [ 114.437536][ C3] ? lock_acquire+0x1b1/0x370 [ 114.437550][ C3] ? update_curr+0x71/0x4b0 [ 114.437568][ C3] netif_receive_skb_list_internal+0x722/0xd40 [ 114.437584][ C3] ? __pfx_netif_receive_skb_list_internal+0x10/0x10 [ 114.437601][ C3] ? __lock_acquire+0x4a5/0x2630 [ 114.437615][ C3] ? dev_gro_receive+0x238/0x3060 [ 114.437633][ C3] napi_complete_done+0x221/0x940 [ 114.437656][ C3] ? __pfx_napi_complete_done+0x10/0x10 [ 114.437671][ C3] ? find_held_lock+0x2b/0x80 [ 114.437681][ C3] ? gro_cell_poll+0x441/0x690 [ 114.437696][ C3] ? gro_cell_poll+0x441/0x690 [ 114.437715][ C3] gro_cell_poll+0x46e/0x690 [ 114.437732][ C3] __napi_poll.constprop.0+0xaf/0x450 [ 114.437748][ C3] net_rx_action+0xa40/0xf20 [ 114.437763][ C3] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 114.437776][ C3] ? __pfx_net_rx_action+0x10/0x10 [ 114.437791][ C3] ? hrtimer_bases_first+0x1a0/0x210 [ 114.437807][ C3] ? kvm_sched_clock_read+0x11/0x20 [ 114.437819][ C3] ? sched_clock+0x38/0x60 [ 114.437830][ C3] ? sched_clock_cpu+0x6c/0x570 [ 114.437846][ C3] ? sched_clock+0x38/0x60 [ 114.437857][ C3] ? rcu_is_watching+0x12/0xc0 [ 114.437874][ C3] handle_softirqs+0x1ea/0xa00 [ 114.437890][ C3] ? __sysvec_apic_timer_interrupt+0x10b/0x460 [ 114.437907][ C3] ? __pfx_handle_softirqs+0x10/0x10 [ 114.437922][ C3] ? irqtime_account_irq+0x176/0x2d0 [ 114.437936][ C3] ? tun_rx_batched.isra.0+0x402/0x750 [ 114.437974][ C3] do_softirq+0xac/0xe0 [ 114.437996][ C3] [ 114.438001][ C3] [ 114.438007][ C3] __local_bh_enable_ip+0xf8/0x120 [ 114.438031][ C3] tun_rx_batched.isra.0+0x407/0x750 [ 114.438052][ C3] ? __pfx_tun_rx_batched.isra.0+0x10/0x10 [ 114.438073][ C3] ? rcu_is_watching+0x12/0xc0 [ 114.438095][ C3] ? tun_get_user+0x1cc8/0x3c20 [ 114.438109][ C3] tun_get_user+0x1e31/0x3c20 [ 114.438125][ C3] ? __pfx_tun_get_user+0x10/0x10 [ 114.438140][ C3] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 114.438175][ C3] ? find_held_lock+0x2b/0x80 [ 114.438185][ C3] ? tun_get+0x191/0x370 [ 114.438196][ C3] ? tun_get+0x191/0x370 [ 114.438209][ C3] tun_chr_write_iter+0xdc/0x200 [ 114.438223][ C3] vfs_write+0x6ac/0x1070 [ 114.438236][ C3] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 114.438250][ C3] ? __pfx_vfs_write+0x10/0x10 [ 114.438261][ C3] ? find_held_lock+0x2b/0x80 [ 114.438274][ C3] ksys_write+0x12a/0x250 [ 114.438285][ C3] ? __pfx_ksys_write+0x10/0x10 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 114.438297][ C3] ? rcu_is_watching+0x12/0xc0 [ 114.438313][ C3] do_syscall_64+0x10b/0xf80 [ 114.438325][ C3] ? clear_bhb_loop+0x40/0x90 [ 114.438338][ C3] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 114.438349][ C3] RIP: 0033:0x7fba5df9cdd9 [ 114.438359][ C3] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 114.438370][ C3] RSP: 002b:00007fba5eef7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 114.438381][ C3] RAX: ffffffffffffffda RBX: 00007fba5e215fa0 RCX: 00007fba5df9cdd9 [ 114.438388][ C3] RDX: 000000000000007a RSI: 0000200000000400 RDI: 0000000000000004 [ 114.438395][ C3] RBP: 00007fba5e032d69 R08: 0000000000000000 R09: 0000000000000000 [ 114.438401][ C3] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 114.438407][ C3] R13: 00007fba5e216038 R14: 00007fba5e215fa0 R15: 00007fffb40ec318 [ 114.438417][ C3] [ 114.438421][ C3] [ 114.589734][ T5742] Bluetooth: hci2: command 0x0c1a tx timeout [ 114.590115][ C3] The buggy address belongs to the physical page: [ 114.590123][ C3] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xa1a pfn:0x12ea4d [ 114.590135][ C3] flags: 0x57ff00000000000(node=1|zone=2|lastcpupid=0x7ff) [ 114.590149][ C3] raw: 057ff00000000000 ffffea0004ba9308 ffffea0004ba9388 0000000000000000 [ 114.590159][ C3] raw: 0000000000000a1a 0000000000000000 00000000ffffffff 0000000000000000 [ 114.647472][ C3] page dumped because: kasan: bad access detected [ 114.649634][ C3] page_owner tracks the page as freed [ 114.651429][ C3] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 9145, tgid 9144 (syz.2.1401), ts 108731403463, free_ts 108828752655 [ 114.657208][ C3] post_alloc_hook+0x153/0x170 [ 114.658815][ C3] get_page_from_freelist+0x11a6/0x33b0 [ 114.660657][ C3] __alloc_frozen_pages_noprof+0x27c/0x2bc0 [ 114.662591][ C3] alloc_pages_mpol+0x1fb/0x540 [ 114.664266][ C3] folio_alloc_mpol_noprof+0x36/0x260 [ 114.666087][ C3] shmem_alloc_folio+0x135/0x160 [ 114.667757][ C3] shmem_alloc_and_add_folio+0x371/0xd40 [ 114.669703][ C3] shmem_get_folio_gfp+0x6ab/0x1900 [ 114.671567][ C3] shmem_fault+0x1f9/0xa20 [ 114.673034][ C3] __do_fault+0x10b/0x440 [ 114.674481][ C3] do_fault+0xa99/0x1750 [ 114.675938][ C3] __handle_mm_fault+0x187d/0x2a00 [ 114.677682][ C3] handle_mm_fault+0x36d/0xa20 [ 114.679326][ C3] __get_user_pages+0x1178/0x32a0 [ 114.681015][ C3] populate_vma_page_range+0x267/0x3f0 [ 114.682855][ C3] __mm_populate+0x107/0x3a0 [ 114.684442][ C3] page last free pid 9145 tgid 9144 stack trace: [ 114.686578][ C3] free_unref_folios+0xa0d/0x16f0 [ 114.688338][ C3] folios_put_refs+0x571/0xa90 [ 114.689963][ C3] shmem_undo_range+0x5e5/0x1570 [ 114.691701][ C3] shmem_evict_inode+0x3f3/0xc40 [ 114.693383][ C3] evict+0x3c2/0xad0 [ 114.694751][ C3] iput.part.0+0x605/0xf50 [ 114.696292][ C3] iput+0x35/0x40 [ 114.697558][ C3] dentry_unlink_inode+0x2c0/0x4c0 [ 114.699318][ C3] __dentry_kill+0x1d0/0x690 [ 114.700908][ C3] finish_dput+0x76/0x480 [ 114.702380][ C3] dput.part.0+0x456/0x570 [ 114.703948][ C3] dput+0x1f/0x30 [ 114.705182][ C3] __fput+0x519/0xb50 [ 114.706509][ C3] task_work_run+0x150/0x240 [ 114.708072][ C3] do_exit+0x8d2/0x2a60 [ 114.709544][ C3] do_group_exit+0xd5/0x2a0 [ 114.711179][ C3] [ 114.712013][ C3] Memory state around the buggy address: [ 114.713915][ C3] ffff88812ea4d280: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 114.716531][ C3] ffff88812ea4d300: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 114.719185][ C3] >ffff88812ea4d380: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 114.721870][ C3] ^ [ 114.724424][ C3] ffff88812ea4d400: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 114.727032][ C3] ffff88812ea4d480: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 114.729743][ C3] ================================================================== [ 114.732504][ C3] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 114.734897][ C3] CPU: 3 UID: 0 PID: 9446 Comm: syz.2.1521 Tainted: G L syzkaller #0 PREEMPT(full) [ 114.738527][ C3] Tainted: [L]=SOFTLOCKUP [ 114.740027][ C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 114.743381][ C3] Call Trace: [ 114.744551][ C3] [ 114.745551][ C3] dump_stack_lvl+0x100/0x190 [ 114.747084][ C3] vpanic+0x552/0x970 [ 114.748409][ C3] ? __pfx_vpanic+0x10/0x10 [ 114.749962][ C3] ? mark_held_locks+0x40/0x70 [ 114.751605][ C3] ? qdisc_pkt_len_segs_init+0xa51/0xb30 [ 114.753511][ C3] panic+0xd1/0xe0 [ 114.754771][ C3] ? __pfx_panic+0x10/0x10 [ 114.756293][ C3] ? check_panic_on_warn+0x1f/0x90 [ 114.758005][ C3] check_panic_on_warn.cold+0x19/0x34 [ 114.759902][ C3] end_report.part.0+0x3a/0x90 [ 114.761462][ C3] kasan_report.cold+0xe/0x18 [ 114.763066][ C3] ? qdisc_pkt_len_segs_init+0xa51/0xb30 [ 114.764997][ C3] qdisc_pkt_len_segs_init+0xa51/0xb30 [ 114.766762][ C3] __dev_queue_xmit+0x270/0x4950 [ 114.768430][ C3] ? kmem_cache_alloc_node_noprof+0x2a9/0x6f0 [ 114.770500][ C3] ? kmalloc_reserve+0x148/0x350 [ 114.772214][ C3] ? __kasan_kfree_large+0x30/0x80 [ 114.774022][ C3] ? __pfx___dev_queue_xmit+0x10/0x10 [ 114.775902][ C3] ? __asan_memset+0x23/0x50 [ 114.777496][ C3] ? __alloc_skb+0x4e9/0x710 [ 114.779068][ C3] ? __alloc_skb+0x5b7/0x710 [ 114.780671][ C3] ? __asan_memcpy+0x3c/0x60 [ 114.782265][ C3] ? __asan_memcpy+0x3c/0x60 [ 114.783863][ C3] ? skb_copy_header+0x20/0x2b0 [ 114.785539][ C3] ? __pskb_copy_fclone+0x498/0xdb0 [ 114.787280][ C3] ? __pfx_netif_rx_internal+0x10/0x10 [ 114.789116][ C3] ? __asan_memmove+0x3c/0x60 [ 114.790741][ C3] ? hsr_create_tagged_frame+0x795/0xf00 [ 114.792945][ C3] hsr_forward_skb+0xdcf/0x28a0 [ 114.794643][ C3] ? __pfx_hsr_drop_frame+0x10/0x10 [ 114.796382][ C3] ? __pfx_hsr_forward_skb+0x10/0x10 [ 114.798096][ C3] hsr_handle_frame+0x82f/0xac0 [ 114.799709][ C3] ? __pfx_hsr_handle_frame+0x10/0x10 [ 114.801462][ C3] __netif_receive_skb_core.constprop.0+0x6c5/0x3530 [ 114.803763][ C3] ? __pfx_ieee80211_rx_handlers+0x10/0x10 [ 114.805774][ C3] ? is_bpf_text_address+0x8a/0x1a0 [ 114.807572][ C3] ? is_bpf_text_address+0x8a/0x1a0 [ 114.809313][ C3] ? bpf_ksym_find+0x128/0x1c0 [ 114.810897][ C3] ? rcu_is_watching+0x12/0xc0 [ 114.812502][ C3] ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10 [ 114.814834][ C3] ? arch_scale_cpu_capacity+0x15/0xb0 [ 114.816653][ C3] ? cpu_util.constprop.0+0x1a7/0x370 [ 114.818421][ C3] ? update_sd_lb_stats.constprop.0+0x430/0x3360 [ 114.820613][ C3] ? __pfx_update_sd_lb_stats.constprop.0+0x10/0x10 [ 114.822747][ C3] __netif_receive_skb_list_core+0x353/0x940 [ 114.824886][ C3] ? __pfx___netif_receive_skb_list_core+0x10/0x10 [ 114.827067][ C3] ? lock_acquire+0x1b1/0x370 [ 114.828698][ C3] ? update_curr+0x71/0x4b0 [ 114.830237][ C3] netif_receive_skb_list_internal+0x722/0xd40 [ 114.832291][ C3] ? __pfx_netif_receive_skb_list_internal+0x10/0x10 [ 114.834613][ C3] ? __lock_acquire+0x4a5/0x2630 [ 114.836205][ C3] ? dev_gro_receive+0x238/0x3060 [ 114.837862][ C3] napi_complete_done+0x221/0x940 [ 114.839527][ C3] ? __pfx_napi_complete_done+0x10/0x10 [ 114.841426][ C3] ? find_held_lock+0x2b/0x80 [ 114.842957][ C3] ? gro_cell_poll+0x441/0x690 [ 114.844567][ C3] ? gro_cell_poll+0x441/0x690 [ 114.846151][ C3] gro_cell_poll+0x46e/0x690 [ 114.847718][ C3] __napi_poll.constprop.0+0xaf/0x450 [ 114.849489][ C3] net_rx_action+0xa40/0xf20 [ 114.851028][ C3] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 114.852942][ C3] ? __pfx_net_rx_action+0x10/0x10 [ 114.854663][ C3] ? hrtimer_bases_first+0x1a0/0x210 [ 114.856487][ C3] ? kvm_sched_clock_read+0x11/0x20 [ 114.858275][ C3] ? sched_clock+0x38/0x60 [ 114.859808][ C3] ? sched_clock_cpu+0x6c/0x570 [ 114.861458][ C3] ? sched_clock+0x38/0x60 [ 114.862969][ C3] ? rcu_is_watching+0x12/0xc0 [ 114.864635][ C3] handle_softirqs+0x1ea/0xa00 [ 114.866236][ C3] ? __sysvec_apic_timer_interrupt+0x10b/0x460 [ 114.868289][ C3] ? __pfx_handle_softirqs+0x10/0x10 [ 114.870070][ C3] ? irqtime_account_irq+0x176/0x2d0 [ 114.871880][ C3] ? tun_rx_batched.isra.0+0x402/0x750 [ 114.873699][ C3] do_softirq+0xac/0xe0 [ 114.875104][ C3] [ 114.876123][ C3] [ 114.877132][ C3] __local_bh_enable_ip+0xf8/0x120 [ 114.878874][ C3] tun_rx_batched.isra.0+0x407/0x750 [ 114.880676][ C3] ? __pfx_tun_rx_batched.isra.0+0x10/0x10 [ 114.882635][ C3] ? rcu_is_watching+0x12/0xc0 [ 114.884251][ C3] ? tun_get_user+0x1cc8/0x3c20 [ 114.885772][ C3] tun_get_user+0x1e31/0x3c20 [ 114.887338][ C3] ? __pfx_tun_get_user+0x10/0x10 [ 114.889014][ C3] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 114.890817][ C3] ? find_held_lock+0x2b/0x80 [ 114.892421][ C3] ? tun_get+0x191/0x370 [ 114.893854][ C3] ? tun_get+0x191/0x370 [ 114.895275][ C3] tun_chr_write_iter+0xdc/0x200 [ 114.896895][ C3] vfs_write+0x6ac/0x1070 [ 114.898416][ C3] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 114.900280][ C3] ? __pfx_vfs_write+0x10/0x10 [ 114.901877][ C3] ? find_held_lock+0x2b/0x80 [ 114.903531][ C3] ksys_write+0x12a/0x250 [ 114.905030][ C3] ? __pfx_ksys_write+0x10/0x10 [ 114.906674][ C3] ? rcu_is_watching+0x12/0xc0 [ 114.908290][ C3] do_syscall_64+0x10b/0xf80 [ 114.909874][ C3] ? clear_bhb_loop+0x40/0x90 [ 114.911501][ C3] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 114.913515][ C3] RIP: 0033:0x7fba5df9cdd9 [ 114.915012][ C3] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 114.921348][ C3] RSP: 002b:00007fba5eef7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 114.924119][ C3] RAX: ffffffffffffffda RBX: 00007fba5e215fa0 RCX: 00007fba5df9cdd9 [ 114.926761][ C3] RDX: 000000000000007a RSI: 0000200000000400 RDI: 0000000000000004 [ 114.929366][ C3] RBP: 00007fba5e032d69 R08: 0000000000000000 R09: 0000000000000000 [ 114.932008][ C3] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 114.934623][ C3] R13: 00007fba5e216038 R14: 00007fba5e215fa0 R15: 00007fffb40ec318 [ 114.937212][ C3] [ 114.938987][ C3] Kernel Offset: disabled [ 114.940460][ C3] Rebooting in 86400 seconds.. VM DIAGNOSIS: 09:13:02 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=ffff88806a43cd80 RCX=ffffc90000007e8c RDX=ffff88801cfc0000 RSI=ffffffff8a2d8f78 RDI=ffff88806a43cd80 RBP=ffffc90000007f10 RSP=ffffc90000007df8 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=ffff88806a43ce50 R13=dffffc0000000000 R14=0000000000000004 R15=1ffff92000000fc4 RIP=ffffffff8b8d3b20 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6376000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f2dc724f0d1 CR3=000000000e596000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000010001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 203a6b6361747320 6461657268747020 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc4292b316 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc4292b316 00007ffc4292b31c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2dc723334c ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2dc723338c ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2dc72334f0 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2dc723337e ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 657a6973203c2065 7a69736565726600 632e6b6361747365 7461636f6c6c6100 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 405f4c5605190540 5f4c564040574300 460b4e4644515640 5144464a49494400 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2dc73ed5f8 00007f2dc73ed5c8 00007f2dc73ed600 00007f2dc73ed5e0 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=0000000000000003 RCX=ffffffff81fc0f8d RDX=ffff88801e2f4a00 RSI=ffffffff81fc0f67 RDI=ffff88801e2f4a00 RBP=ffff88806a7431c0 RSP=ffffc900000f7870 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=0000000000000003 R13=ffffed100d4e8639 R14=0000000000000001 R15=ffff88806a53c5c0 RIP=ffffffff81fc0f69 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6476000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f2dc7f456b8 CR3=000000000e596000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7372656c6c6f7274 6e6f632e70756f72 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc4292b316 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc4292b316 00007ffc4292b31c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2dc723334c ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2dc723338c ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2dc72334f0 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2dc723337e ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6379656b00657461 69746e6174736e69 246c746379656b00 7974697275636573 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000001 RBX=ffffffff899bac30 RCX=ffffffff81f4633a RDX=0000000000000001 RSI=0000000000000008 RDI=ffffffff90d79b50 RBP=ffff88806a628600 RSP=ffffc90000648e88 R8 =0000000000000000 R9 =fffffbfff21af36a R10=ffffffff90d79b57 R11=0000000000000001 R12=ffff8880569c4300 R13=0000000000000002 R14=dffffc0000000000 R15=ffff88806a628650 RIP=ffffffff81f46342 RFL=00000047 [---Z-PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007fef107c1880 ffffffff 00c00000 GS =0000 ffff8880d6576000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c31204a CR3=00000000342ab000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000104080 Opmask01=0000000010410101 Opmask02=00000000ffffffff Opmask03=0000000000400004 Opmask04=00000000ffffffff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd1d33fb68 00007ffd1d33fb68 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd1d33fd40 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000556a15e8e5e0 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fef101f1b20 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fef101f1b20 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffff0000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 73732619669b1483 7373261c3016c659 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2b1525531887b2cd 7373737625d22de2 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 716d2f33706f6f6c 2f6b636f6c622f6c 6175747269762f73 6563697665642f73 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4057444d560a4657 560a0b0b0a0b0b00 41480a4e464a4947 0a000a565c560a00 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7377685f31313230 3863616d2f6c6175 747269762f736563 697665642f737973 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7766732c342c332c 322c312c306c6d61 722c32432c31432c 30432c46422c4542 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2c44422c43422c42 422c41422c39422c 38422c37422c3242 2c31422c30422c44 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 412c36412c35412c 34412c33412c3141 2c46392c45392c38 392c36392c45382c ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 43382c41382c3938 2c38382c37382c36 382c35382c34382c 33382c32382c3138 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 323032302c313032 302c394631302c32 4331302c38423130 2c464131302c4541 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000014100 000000000000303d 44440045525f5346 0054242044492065 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff857e38d5 RDI=ffffffff9b470140 RBP=ffffffff9b470100 RSP=ffffc900006f7d50 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552 R12=0000000000000000 R13=0000000000000020 R14=0000000000000010 R15=ffffffff857e3870 RIP=ffffffff857e38ff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007fba5eef76c0 ffffffff 00c00000 GS =0000 ffff8880d6676000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fba5e04f0d1 CR3=000000012f728000 CR4=00352ef0 DR0=ffffffffffffffff DR1=00000000000001f8 DR2=0000000000000002 DR3=ffffffffefffff15 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000010001 Opmask01=0000000001000001 Opmask02=00000000ff02fefc Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 203a6b6361747320 6461657268747020 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffb40ec806 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffb40ec806 00007fffb40ec80c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fba5e03334c ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fba5e03338c ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fba5e0334f0 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fba5e03337e ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 657a6973203c2065 7a69736565726600 632e6b6361747365 7461636f6c6c6100 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 405f4c5605190540 5f4c564040574300 460b4e4644515640 5144464a49494400 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fba5e1ed5f8 00007fba5e1ed5c8 00007fba5e1ed600 00007fba5e1ed5e0 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 00000000000000a0 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000