last executing test programs: 2.639732688s ago: executing program 3 (id=626): r0 = socket$inet6(0x10, 0x2, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x40, 0x0, 0x0, 0x7}, {0x16, 0x0, 0x0, 0x40000000}]}, 0x10) (async) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="100000002d000b02d25a806f8c6394f9101a04000a", 0x15}], 0x1}, 0x0) (async, rerun: 32) r2 = socket$inet_udp(0x2, 0x2, 0x0) (rerun: 32) setsockopt$inet_int(r2, 0x0, 0x17, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x66) mremap(&(0x7f0000169000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f00005db000/0x3000)=nil) (async, rerun: 32) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x67) (rerun: 32) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d80000001c0081044e81ffffffffb9040a1d08030e000000e8fea4a1180015000600142603600e1208000f1000810401a80016000a0001", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast1, 0xfffffffc}, 0x80, 0x0}, 0x1) (async) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce620300fe"], 0xfe1b) (async) r3 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10) (async) sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=@ipv4_newroute={0x24, 0x1a, 0x1, 0x80000000, 0x25dfdbfb, {0xa, 0x80, 0x80, 0xfd}, [@RTA_SRC={0x8, 0x2, @rand_addr=0x640100fd}]}, 0x24}, 0x1, 0x0, 0x0, 0x5d2c7973c7bf8b01}, 0x20000050) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001800599c6d0eab070004000523"], 0xfe33) (async) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="563f000019"], 0xfe33) sendto$inet6(r0, &(0x7f00000002c0)="1c0000001200050f0c1000000049b23e9b200a00080001c000000001", 0x1c, 0x408d6, 0x0, 0x0) 2.579504368s ago: executing program 3 (id=628): r0 = socket(0xa, 0x1, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f00000001c0)={0x3, {{0xa, 0x4e24, 0x2, @mcast1, 0xff7ffffd}}, {{0xa, 0x4e08, 0x4a3, @local, 0x4f1}}}, 0x108) (async) unshare(0x6020400) (async) r1 = socket$nl_route(0x10, 0x3, 0x0) (async) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000009c0)={0xffffffffffffffff, 0xffffffffffffffff}) (async) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000ec0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_KEY(r5, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000000100)={0x1c, 0x0, 0x100, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r6}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4002011}, 0x0) (async) ioctl$SIOCSIFHWADDR(r4, 0x8b19, &(0x7f0000000100)={'wlan1\x00', @random="0a0000000100"}) sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=@newtfilter={0x70, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x4, 0xf}, {}, {0xffe0, 0xd}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x5}}]}, 0x70}, 0x1, 0x0, 0x0, 0x10}, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=@bridge_delneigh={0x40, 0x1d, 0x100, 0x70bd2d, 0x25dfdbfb, {0x2, 0x0, 0x0, r3, 0x4, 0x14, 0x6}, [@NDA_DST_MAC={0xa, 0x1, @random="f0e1959419ed"}, @NDA_VNI={0x8, 0x7, 0x7}, @NDA_LINK_NETNSID={0x8, 0xa, 0x1}, @NDA_SRC_VNI={0x8, 0xb, 0x1}]}, 0x40}, 0x1, 0x0, 0x0, 0x1}, 0xc0) (async, rerun: 64) r7 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) (rerun: 64) fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0) r8 = fsmount(r7, 0x0, 0x88) r9 = openat$cgroup_int(r8, &(0x7f0000000140)='cpu.idle\x00', 0x2, 0x0) sendfile(r9, r9, 0x0, 0x10000a006) (async) r10 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_MCAST_MSFILTER(r10, 0x29, 0x30, 0x0, 0x5000) (async) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000001a00)=ANY=[@ANYBLOB="03000000000000000a004e2300000010ff010000000000000000000000000001f8ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b0000000a004e2000000008fe8000000000000000000000000000aa05000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000010000000c0000000000000000000000000000000104000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ad94e2100000073fe8000000000000000000000000000aa09000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a004e210000000800000000000000000000000000000001"], 0x610) (async) r11 = socket(0xa, 0x1, 0x0) setsockopt$inet6_group_source_req(r11, 0x29, 0x2e, &(0x7f00000001c0)={0x3, {{0xa, 0x4e24, 0x2, @mcast1, 0x88f}}, {{0xa, 0x4e08, 0x4a3, @private2, 0x4f0}}}, 0x108) setsockopt$inet6_MCAST_MSFILTER(r11, 0x29, 0x30, &(0x7f0000000780)={0x4, {{0xa, 0x4e23, 0x49, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x3a}}}, 0x90) (async) close(0x4) 2.450151238s ago: executing program 3 (id=629): r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="1201000000030020f003176c400000000001090224725100000000090400001207010300090501020000000000090582020002"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_disconnect(0xffffffffffffffff) syz_open_dev$char_usb(0xc, 0xb4, 0x80000000) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]}) close_range(r1, 0xffffffffffffffff, 0xf0ff) 1.190700018s ago: executing program 1 (id=645): socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet_smc(0x2b, 0x1, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0xc, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018020000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000d000000b70000000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r1, 0x3e8, 0xe80, 0x0, &(0x7f0000000000)="c1df07000000d30a298ee68886dd87", 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50) (fail_nth: 34) 1.059326659s ago: executing program 3 (id=646): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x10}, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup(r2) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) write$tun(r1, &(0x7f0000000300)={@val={0x0, 0x6005}, @void, @eth={@multicast, @remote, @val={@val={0x88a8, 0x2, 0x0, 0x1}, {0x88a8, 0x0, 0x0, 0xfff}}, {@ipv4={0x800, @tipc={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x68, 0x0, 0x9, 0x6, 0x0, @empty, @initdev={0xac, 0x1e, 0x1, 0x0}}, @name_distributor={{0x28, 0x0, 0x0, 0x0, 0x0, 0xa, 0xb, 0x2, 0x6, 0x0, 0x0, 0x4, 0x9, 0x1, 0x4e24, 0x4e22, 0x1, 0x1, 0x0, 0x0, 0x1}}}}}}}, 0x56) sendmsg$DEVLINK_CMD_PORT_SET(r3, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x6c, 0x0, 0x2, 0x70bd2c, 0x25dfdbfd, {}, [{{@pci={{0x8}, {0x11}}, {0x8}}, {0x6}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x6}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x80}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @rt={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_RT_KEY={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_RT_DREG={0x8, 0x1, 0x1, 0x0, 0xf}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x78}}, 0xc040) 1.000177999s ago: executing program 1 (id=647): r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x8000) r1 = syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2) ioctl$FE_SET_PROPERTY(r1, 0x40106f52, &(0x7f0000000000)={0x18, &(0x7f00000000c0)=[{0x11, '\x00', @data=0xb, 0x9}]}) ioctl$EVIOCSABS2F(r0, 0x401845ef, 0x0) keyctl$restrict_keyring(0xa, 0x0, 0x0, &(0x7f0000000000)='i\xacl*c\x822') syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043ef502"], 0xf8) 999.834098ms ago: executing program 0 (id=648): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000003000/0x18000)=nil, &(0x7f0000000340)=[@textreal={0x8, 0x0}], 0x1, 0x20, 0x0, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x4048aec9, &(0x7f0000000740)={0x1, 0x0, @ioapic={0x4, 0x80000001, 0x5, 0x6fc9, 0xf800, [{0x0, 0x9, 0x2, '\x00', 0x9}, {0x40, 0x7, 0x70}, {0xff, 0x2, 0x6, '\x00', 0x3}, {0x5, 0x4, 0x10, '\x00', 0xe}, {0xb, 0x8, 0x7f, '\x00', 0x5}, {0x3, 0x2, 0xaf, '\x00', 0x5}, {0x17, 0x3, 0x6, '\x00', 0x8}, {0x5, 0xa7, 0xda}, {0x4, 0xd1, 0x9, '\x00', 0xd}, {0x9, 0xb, 0x8}, {0x8, 0xff, 0xfb, '\x00', 0x8}, {0x8, 0x8, 0x5, '\x00', 0x8}, {0x5, 0x44, 0x5, '\x00', 0x3}, {0x2, 0xbe, 0x1, '\x00', 0x2}, {0x9, 0x1, 0x7, '\x00', 0x3}, {0xf7, 0x9, 0xa, '\x00', 0x8}, {0x2, 0xe, 0x6, '\x00', 0x17}, {0x6, 0x7f, 0x4, '\x00', 0xb}, {0x7, 0x79, 0x4}, {0x6, 0x6, 0xc3, '\x00', 0x4}, {0x4, 0x4, 0x17, '\x00', 0x5}, {0x80, 0x80, 0x4, '\x00', 0x4}, {0x8, 0xb, 0x1, '\x00', 0x6}, {0xb, 0x10, 0xb, '\x00', 0x9}]}}) 940.406752ms ago: executing program 1 (id=650): ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000006c0)={0x53, 0x4801, 0x6, {0x84, 0x1}, {0x82, 0x4}, @const={0xfff2, {0x4, 0x1, 0x8000, 0xe}}}) 939.818028ms ago: executing program 3 (id=652): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000001f40)=@raw={'raw\x00', 0x8, 0x3, 0x3e8, 0x248, 0x43, 0xa0, 0x248, 0x90, 0x350, 0x178, 0x178, 0x350, 0x178, 0x49, 0x0, {[{{@ip={@loopback, @local, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00'}, 0x12a, 0x228, 0x248, 0x0, {0x0, 0x7a010000}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x8, 0x0, 'syz0\x00'}}, @common=@unspec=@string={{0xc0}, {0x0, 0x3, 'kmp\x00', "7af8bdb4c056dc65949041982abfe9ed51b01289c0026e2e6034ed587be5f09017b907388134b0ede40eb8d493f20d534fc37f23ec524d91a7a041f36bb1d1c3ab474544c5ef3f2fa69a80a0d967ee4464257d28d31e6843bc1221dfb9a6a27ad13af7061b737fd97d94f50942c68242819c941c0b4d9ec154c7d327187e8198", 0x38, 0x2, {0x1}}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0xe8, 0x108, 0x0, {}, [@common=@unspec=@connbytes={{0x38}, {[{0xb}]}}, @common=@set={{0x40}, {{0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x300]}}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x448) 939.490103ms ago: executing program 1 (id=653): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x18ab81, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, 0x0, 0x4008000) recvmmsg(0xffffffffffffffff, &(0x7f0000001200), 0x0, 0x40012000, &(0x7f0000003700)) ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, 0x0}], 0x1, 0x2c, 0x0, 0x0) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000100)=0x3) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0xd, 0x0, 0x1000, &(0x7f0000ffa000/0x1000)=nil}) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f00000001c0)={"c718ae3ddd25e4c2826499cb6a055b56a5a7336f377a556f824db28eb6743cf045afd0e932534b9eb3b847abbcef63c85319991745999ed89ff49783a84d57cf175a89f8733d74a1bdddcb0a6c3f7535e7976e79da1b52de6403f6710d606fafaf685ec19f369b7829b12aa2b8cd2ab52f9c688683979cdb9516cb61f2adb9aefd44fee30bddb81ebefa818f31f60d89a4e390920c7ed0e2512fd59f719e734b0a1d1f3ff7babb54258a1585514aac0b000000733671e0543929c06f72fc598939003ac6777f3497523536fd25ac4f1e265f5038fa7455f2cc6131d4a189a16b0f0b89e6a495e1d95b840c36488adc22cb2d1b8af57f6dce7214152ba1b3c0d3ad0a6db821518e44b24cb36a02d76ea11a1c45879fc77e7bb2af8c345ddddf49f41228df2114f2c27d16499fa36097a5015ad61a6a9484c09e0a2dfb50f7b7ca71135dc32804a80380a6e20e0ae03be775e472cd31d6a31e615937c38e746a5cf6c9d8194242990dd497a2c52ab50300000000000000cebbd983c3f86dbe92c4b751c04693cb09af88521ab305ceabf6d2bab40bb1b219fbe95ace2f6c49fea798e76b4ef336dff5ac0f7ab022b800ac1aa42fd231b52465a410177ed85dcc9c6d794e2aa0b90cdc409541aa85fa16e3cbc3a9d6c83ffd4d01e5ba898555eeffccf0cb28ce5df0ba31cb793675276162de2fdcb486455bca57edf4fb14e1533554eb22527d66a28a960c430f6136927f54e670c46292454fe28485f35405025844fd24fe846f6656c77d9b5f2b4750ac4805897b02c85caba80000bb96f71f468c9e746d860238b3b113ab1eef51e1507f8832d5d69528083d44548e491477cda51d7e083a134097438e9d7ea34eae8a2e6b516327db9310c7478a37f5c562037196131cc7c84fa29c3c2576f2ae7570b5a98aaa49ca7ddfd5a8c046ce82e4a2d06082ad7a3ab0dfbe208630b1410b674781855752c9c57c1c5ab0a74a336ce89b3a9c0d37a3ca4e698a798a85faf7f4f1dc020b7dd5750062c9810c4bc1ad7afe338f2b0f29059e684fe16098eb30da105be01ca11a293635dfc6d25ecc770ba72792fd3c6851d951b770d0f9edafb1cb4241350d85b04ed737a9bfd7e8301c43b65a95dda76d6850860ba3195040b14c8ad1a8b52472785521147182352a1dbd93595cbc26e813ccd75e16f9247fe82ed150c121f0041022522ec76476f0a9cffa3be1d3ffffffffffffffff29358bbfd8b7a12fe94a0355beb9420eee0a5c11220100c782b89e9430de84b220e8c0df4bd40be3400c58f149319f891fe86fba751dab3326bf2deb9e782b37ec9c7adf36025a091a4b3600000000000000000000000000000000000000000000000000000000000000000600"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 891.972862ms ago: executing program 3 (id=654): r0 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)='0', 0x1}], 0x2) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0) r1 = openat$dir(0xffffffffffffff9c, 0x0, 0x84000, 0x0) fanotify_mark(0xffffffffffffffff, 0x39, 0x1a, r1, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x4048aec9, &(0x7f0000000480)={0x6, 0x0, @ioapic={0x0, 0x9fc, 0x0, 0x0, 0x0, [{0x4, 0x8, 0x87, '\x00', 0x81}, {0x4, 0x6, 0x0, '\x00', 0xc}, {0xff, 0x5, 0xff, '\x00', 0x2}, {0x2, 0x10, 0x1, '\x00', 0x1f}, {0xf, 0xff, 0x2, '\x00', 0x3}, {0x0, 0x41, 0x7, '\x00', 0x78}, {0xb, 0x7, 0x7, '\x00', 0x4e}, {0x3, 0x7, 0x6, '\x00', 0x1}, {0xfe, 0x8, 0x3d, '\x00', 0x6}, {0xd, 0x1, 0x1, '\x00', 0x1}, {0x7f, 0x9, 0xff, '\x00', 0xd}, {0x6, 0x1, 0x22, '\x00', 0x7b}, {0x5, 0x6, 0x3b, '\x00', 0x2}, {0x3, 0x7, 0xb, '\x00', 0x9}, {0x8a, 0xb, 0x30, '\x00', 0x7}, {0xe, 0x5, 0x4}, {0x0, 0x4, 0x7, '\x00', 0xc}, {0x4, 0x0, 0x2, '\x00', 0x42}, {0xf2, 0x6, 0x8d, '\x00', 0x80}, {0x81, 0x0, 0x12, '\x00', 0xb}, {0x12, 0x8, 0x99, '\x00', 0x83}, {0x16, 0x46, 0x4, '\x00', 0x4}, {0x7f, 0x23, 0x7d, '\x00', 0xd3}, {0x67, 0x5, 0x3a, '\x00', 0x5}]}}) r2 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[], 0x0) syz_usb_control_io$printer(r2, 0x0, &(0x7f0000000480)={0x34, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0}) r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$HIDIOCGUSAGE(r3, 0xc0145b0e, &(0x7f0000000000)={0x3, 0x1, 0x1800000, 0x10001, 0x8, 0xb}) r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ppoll(&(0x7f0000001400)=[{r4, 0x2420}], 0x1, 0x0, 0x0, 0x0) mount$fuse(0x0, &(0x7f0000000140)='./file0/file1\x00', &(0x7f0000000080), 0x50004, &(0x7f0000000180)=ANY=[@ANYRES8, @ANYBLOB="4a0394ea5cfbbfd7dbccee11b43bd1"]) mkdir(&(0x7f0000000040)='./bus\x00', 0x49) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) 891.841065ms ago: executing program 0 (id=655): mount(&(0x7f00000006c0)=@sr0, &(0x7f0000000000)='./cgroup\x00', &(0x7f00000000c0)='minix\x00', 0x204001, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x100) r1 = getpgid(0x0) fcntl$lock(r0, 0x6, &(0x7f0000000100)={0x1, 0x0, 0x0, 0x0, r1}) r2 = fsmount(0xffffffffffffffff, 0x0, 0x73) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e24, 0x7, @loopback, 0x100}, 0x1c) 810.47528ms ago: executing program 0 (id=656): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2, 0x0, 0x0, 0xff0f}, 0x0) 739.323948ms ago: executing program 0 (id=657): clock_adjtime(0xffffffd3, 0x0) r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0xff070000, 0x0, 0x0) timer_create(0x0, &(0x7f0000000200)={0x0, 0x11, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) 739.144608ms ago: executing program 2 (id=658): socket$nl_route(0x10, 0x3, 0x0) socket$can_bcm(0x1d, 0x2, 0x2) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'xchacha12\x00'}, 0x58) accept4(r0, 0x0, 0x0, 0x80000) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000300)) socket(0x10, 0x3, 0x0) socket$packet(0x11, 0x3, 0x300) socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x80800, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) socket$igmp6(0xa, 0x3, 0x2) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r3 = syz_open_dev$dri(&(0x7f0000000080), 0x6f1dd9aa, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_ATOMIC(r3, 0xc03864bc, &(0x7f0000000180)={0x0, 0x1, &(0x7f0000000340)=[r4], &(0x7f0000000280)=[0x1], &(0x7f0000000200), &(0x7f0000000040), 0x0, 0x7f}) 738.127372ms ago: executing program 0 (id=659): syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaaaa08004500006000000000002f9078640101000000000024806558000000000000000010000800000086dd"], 0x0) sendmmsg$alg(0xffffffffffffffff, &(0x7f0000007e40)=[{0x0, 0x0, &(0x7f0000003740)=[{&(0x7f00000000c0)="4789d3aefc1a4d03345aed327be3", 0xe}], 0x1, 0x0, 0x0, 0x20000000}], 0x1, 0x20040894) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd000280080003"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20010840) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0) 690.206254ms ago: executing program 1 (id=660): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) (async) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0xa82, 0x0) write$cgroup_int(r1, &(0x7f0000000040)=0x900, 0x12) (async) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r2, &(0x7f0000000140)={0x14, 0x88, 0xfa00, {r3, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"00000000000000000000000000000001"}, 0x2000000000001005, 0x19dff}}}, 0x90) (async) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) (async) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) (async) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b40)={{0x14, 0x10, 0x1, 0xefff, 0x0, {0x3}}, [@NFT_MSG_NEWSETELEM={0x58, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x2c, 0x3, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x2df31ab3}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0xa}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x80}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) 689.81116ms ago: executing program 0 (id=661): r0 = socket$inet_sctp(0x2, 0x5, 0x84) close(r0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000180)={0x1, [0x0]}, &(0x7f0000000240)=0x8) sendmsg$inet_sctp(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000440)="be6f88e90400", 0x6}], 0x1, &(0x7f00000000c0)=ANY=[@ANYBLOB="2000000002000000840000000200000006000400280100000b008002", @ANYRES32=r2], 0x20, 0x6044}, 0x6) 610.018213ms ago: executing program 1 (id=662): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000014000300697036746e6c300000000000000000001c0012800b000100697036746e6c00000c00028006000f0002"], 0x50}}, 0x0) openat$ttynull(0xffffffffffffff9c, 0x0, 0x204001, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) ioctl$TCSETAF(r1, 0x5408, &(0x7f00000000c0)={0xcf50, 0x0, 0xffff, 0x99fe, 0x11, ')\x00'}) write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xff2e) ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0xfffffff9, 0x7fff, 0x16, "0062007d82000000000000002240f7ffffff00"}) r2 = syz_open_pts(r1, 0x0) r3 = dup3(r2, r1, 0x0) ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x17) syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="040e0210041859"], 0x7) 609.640228ms ago: executing program 2 (id=663): r0 = socket$unix(0x1, 0x5, 0x0) close(0x3) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000380)={'vcan0\x00', 0x0}) r4 = socket$can_j1939(0x1d, 0x2, 0x7) bind$can_j1939(r4, &(0x7f0000000080)={0x1d, r3, 0x0, {0x2, 0x0, 0x4}, 0x2}, 0x18) sendmsg$can_j1939(r4, &(0x7f00000003c0)={&(0x7f0000000100)={0x1d, r3, 0x0, {0x2, 0xf0, 0x2}, 0xff}, 0x18, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x40080}, 0x4000001) sendmmsg$inet6(r1, &(0x7f0000000000)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x5, @empty, 0xfffffffe}, 0x1c, 0x0}}], 0x1, 0x20080058) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="b4000000000b00007910000000000000c310000401000000950074000000000031fb0d3a42319fa204399d17d34e075fdcda533ab1aa71ab1d764152e63925789381db3fe455e8dadc7dcf81189517730bed5d8036168bd2e27cc611027d29066927603deb92de3141e8ed7ac5b8902070213cdfdc506c4890cdeb50347c32060581172b94c6ba22a2b58eb6cbad46ed6e7964a2ba103b0b36f790bb41931f9a3d4dd127c1b4e49f7468f5e623950c4f67581c92ef9e7e8ece17d566c93a114d68c577d694b9844e0d9e306404cfc3bfbead9e1b96c6a6cb639bca6d"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48) getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f00000000c0)) 560.127437ms ago: executing program 2 (id=664): setresuid(0xee01, 0x0, 0x0) prlimit64(0x0, 0x6, &(0x7f0000000040), 0x0) syz_clone(0x44200400, 0x0, 0x700, 0x0, 0x0, 0x0) 470.028574ms ago: executing program 2 (id=665): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c00000045000900000000000000000003000000080002"], 0x1c}}, 0x0) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x13, r2, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r4 = syz_kvm_setup_syzos_vm$x86(r3, &(0x7f0000c00000/0x400000)=nil) syz_kvm_add_vcpu$x86(r4, &(0x7f00000000c0)={0x0, 0x0}) 179.647811ms ago: executing program 2 (id=666): socket$nl_route(0x10, 0x3, 0x0) (async) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000280)=0x1, 0xffffff63) (async) connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) (async) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x006'], 0x48) sendmmsg$sock(0xffffffffffffffff, &(0x7f0000001500)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000001400)=[{0x0}, {&(0x7f0000000d00)}, {&(0x7f0000000600)="000000000000000000a7727da00f6c496ee1746143ef20a789369dd16738f45ebaf3af167c00e814e673ef0000000000000000000000000000dca773b10c3d962cd14ac3c0c8a3db928ee63aff55786b168ebf64d4d72fe2b086413da73dfa0a09889a3c85d1fa6710466a83e0891b940fb12eaeb7895ffde506ca853bc1384b35f6cd47a9609be291bc40102119177c23a78cfa9a3cb38b7120346fe258631eec626eea66bdee6f4388d3b76aa9a45c7de3d6db82d29357441ebe267149d49f685c5b32040ad090404d2763745c9b71f40c89867524445a65ab8ea3e0d101d5cba291c5f35eca50d6032d45b18a57560b0c2739f6dcd6f5662c07acee7e93f25a9e7fbd32ba2606690fdaa6a846d702259eb04a5a0179cf389c736a2a99b08f78a735b5510065027c2d60a06589", 0x12e}, {0x0}], 0x4, &(0x7f0000000500)=[@mark={{0x14, 0x1, 0x24, 0x7}}, @timestamping={{0x14, 0x1, 0x25, 0x8}}, @mark={{0x14, 0x1, 0x24, 0xae5}}, @mark={{0x14, 0x1, 0x24, 0x2}}], 0x60}}], 0x2, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r2 = socket$alg(0x26, 0x5, 0x0) ioctl$vim2m_VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0205647, &(0x7f0000000940)={0xf010000, @vbi={0x0, 0x9, 0x6, 0x32435750, [0x1, 0x4bf], [0x1, 0x2], 0x13a}}) (async) bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5) (async) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000b40)=ANY=[@ANYBLOB="f800000040000701fefeffff00000000007c00011400f900fc010000000000000000000000000000ce004e00712c60970813b97ffa449fa29f05cde6ff9c576d3397cc8335c7e11272f7a7c18b8da77363b7c2db23708d5be328de6254dbd3d32a5e9d8ebef17cf220e676e98a80bc9a2946edfb12f3ec884dedadb19b1261d38ce641b88f840e34b1fc04f635fc8207a2b39e74219e33580b5ad9999b4fcb4d1f9ad744ca0e789203ca021647e303b70812db655401fbad630ceab4a0893d9e0ed732064ac66954f1f35e73e6649e6a2d92b33187f63dcdb9f13577b8975b3ffdc0f246725365b060b851a3590000d0cb2ba650866a3c3d11d4069e72b56eed9f797bcaac43e0985c4f922251b494e7618fbed03ed766bdb3f8807c72b36f8c413154e443c868986923472b0973918bd0e9bb0e521fd6eb4960545f835ff489d5b10b9749f68d279c9f1a09ebd8756115156c8f0b18839216e669721808296bc7002eec343768f421052e989dbe6254a10036fe9eb613d5281c44619bb7fac68f2e70f1"], 0xf8}, 0x1, 0x0, 0x0, 0x48815}, 0xc000) (async) r3 = accept4(r2, 0x0, 0x0, 0x800) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) (async, rerun: 32) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) (async, rerun: 32) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000001000/0x2000)=nil}) (async) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0) (async) pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2) (async) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x1c, 0x0, 0x0) (async) ioctl$KVM_RUN(r4, 0xae80, 0x0) (async) socket$nl_route(0x10, 0x3, 0x0) (async) socket$inet6_udp(0xa, 0x2, 0x0) (async) r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) (async) ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000480)={0x73622a85, 0x100, 0x2}) r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000340)='./binderfs/binder0\x00', 0x2, 0x0) ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) (async, rerun: 64) r7 = dup3(r6, r5, 0x0) (rerun: 64) ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f0000000000)={0x10, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313}], 0x0, 0x1000000, 0x0}) ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f00000002c0)={0x8, 0x0, &(0x7f0000000180)=[@decrefs], 0x0, 0x0, 0x0}) 0s ago: executing program 2 (id=667): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) syz_fuse_handle_req(r0, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x1, {0x6, 0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x0, {0x40, 0x0, 0xb, 0xfffc, 0x0, 0x1, 0x0, 0xffffffff, 0x120, 0x2000, 0xa8, r2, r3, 0x501, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0d000003005a"], 0x50) write$FUSE_INIT(r0, &(0x7f0000000440)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0x1086cce0, 0x40, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}}, 0x50) r4 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300000d, 0x1) ioctl$BLKPG(r4, 0x1269, &(0x7f00000000c0)={0x1, 0x0, 0x98, &(0x7f0000000000)={0x0, 0x20003, 0x6}}) (fail_nth: 8) kernel console output (not intermixed with test programs): r=ee8d, idProduct=db1e, bcdDevice=61.23 [ 426.407719][ T1342] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 426.414587][ T1342] usb 5-1: config 0 descriptor?? [ 426.626188][ T1342] usb 5-1: string descriptor 0 read error: -71 [ 426.632157][ T1342] usb 5-1: USB disconnect, device number 7 [ 426.639805][ T6160] em28xx 8-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 426.645380][ T6160] em28xx 8-1:0.0: dvb set to bulk mode. [ 426.649751][ T6033] em28xx 8-1:0.0: Binding DVB extension [ 426.694976][ T6160] usb 8-1: USB disconnect, device number 3 [ 426.705987][ T6160] em28xx 8-1:0.0: Disconnecting em28xx [ 426.739703][ T6033] em28xx 8-1:0.0: Registering input extension [ 426.743155][ T6160] em28xx 8-1:0.0: Closing input extension [ 426.764183][ T6160] em28xx 8-1:0.0: Freeing device [ 426.778288][ T1485] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 426.928509][ T1485] usb 6-1: Using ep0 maxpacket: 8 [ 426.932088][ T1485] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 426.934738][ T1485] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 426.937735][ T1485] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 426.941091][ T1485] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 426.944306][ T1485] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 426.948722][ T1485] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 426.952343][ T1485] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 426.996027][ T6943] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.291'. [ 427.065081][ T41] kauditd_printk_skb: 16 callbacks suppressed [ 427.065101][ T41] audit: type=1400 audit(1776695068.137:904): avc: denied { ioctl } for pid=6944 comm="syz.2.292" path="/dev/binderfs/binder0" dev="binder" ino=10 ioctlcmd=0x620c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 427.065257][ T6945] binder: 6944:6945 ioctl c018620c 200000000c40 returned -1 [ 427.086596][ T41] audit: type=1400 audit(1776695068.157:905): avc: denied { append } for pid=6944 comm="syz.2.292" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 427.152292][ T6949] netlink: 12 bytes leftover after parsing attributes in process `syz.3.293'. [ 427.163007][ T1485] usb 6-1: GET_CAPABILITIES returned 0 [ 427.165443][ T1485] usbtmc 6-1:16.0: can't read capabilities [ 427.193455][ T41] audit: type=1400 audit(1776695068.267:906): avc: denied { bind } for pid=6948 comm="syz.3.293" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 427.306766][ T6946] kvm: MONITOR instruction emulated as NOP! [ 427.417418][ C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 427.535021][ T41] audit: type=1400 audit(1776695068.607:907): avc: denied { unlink } for pid=6937 comm="syz.1.290" name="#15" dev="tmpfs" ino=350 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 427.609597][ T41] audit: type=1400 audit(1776695068.687:908): avc: denied { setopt } for pid=6959 comm="syz.3.297" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 427.744076][ T6966] netlink: 184 bytes leftover after parsing attributes in process `syz.3.298'. [ 427.804323][ T6968] usb 2-1: USB disconnect, device number 2 [ 427.931549][ T41] audit: type=1400 audit(1776695069.007:909): avc: denied { read } for pid=6970 comm="syz.2.300" path="socket:[17279]" dev="sockfs" ino=17279 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 428.034403][ T41] audit: type=1400 audit(1776695069.107:910): avc: denied { read } for pid=6974 comm="syz.0.302" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 428.484124][ T6989] netlink: 8 bytes leftover after parsing attributes in process `syz.3.306'. [ 428.548813][ T6988] sp0: Synchronizing with TNC [ 428.728338][ T41] audit: type=1400 audit(1776695069.797:911): avc: denied { search } for pid=5661 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 428.742786][ T41] audit: type=1400 audit(1776695069.807:912): avc: denied { search } for pid=5661 comm="dhcpcd" name="udev" dev="tmpfs" ino=9 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 428.753394][ T41] audit: type=1400 audit(1776695069.807:913): avc: denied { search } for pid=5661 comm="dhcpcd" name="data" dev="tmpfs" ino=14 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 429.095592][ T7006] xt_connbytes: Forcing CT accounting to be enabled [ 429.100191][ T7006] set match dimension is over the limit! [ 429.288815][ T6986] [U] è [ 429.417355][ T7016] qnx6: unable to set blocksize [ 429.533382][ T1342] usb 6-1: USB disconnect, device number 6 [ 429.749459][ T7029] 0x000000000000-0x000000020003 : "" [ 429.758994][ T7031] Bluetooth: MGMT ver 1.23 [ 429.760169][ T7029] mtd: partition "" extends beyond the end of device "mtdram test device" -- size truncated to 0x20000 [ 429.775120][ T7029] ftl_cs: FTL header not found. [ 430.018961][ T6238] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 430.128351][ T1342] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 430.168734][ T6238] usb 5-1: Using ep0 maxpacket: 32 [ 430.178682][ T1485] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 430.179125][ T6238] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 430.186122][ T6238] usb 5-1: config 0 has no interfaces? [ 430.190905][ T6238] usb 5-1: New USB device found, idVendor=1f71, idProduct=3306, bcdDevice=9d.b7 [ 430.194828][ T6238] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 430.198097][ T6238] usb 5-1: Product: syz [ 430.200266][ T6238] usb 5-1: Manufacturer: syz [ 430.202568][ T6238] usb 5-1: SerialNumber: syz [ 430.218378][ T6238] usb 5-1: config 0 descriptor?? [ 430.288588][ T1342] usb 8-1: Using ep0 maxpacket: 16 [ 430.293014][ T1342] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 430.310706][ T1342] usb 8-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 430.313645][ T1342] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 430.316145][ T1342] usb 8-1: Product: syz [ 430.317487][ T1342] usb 8-1: Manufacturer: syz [ 430.319381][ T1342] usb 8-1: SerialNumber: syz [ 430.324532][ T1342] usb 8-1: config 0 descriptor?? [ 430.333894][ T1342] em28xx 8-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 430.337477][ T1342] em28xx 8-1:0.0: DVB interface 0 found: bulk [ 430.338573][ T1485] usb 6-1: Using ep0 maxpacket: 8 [ 430.343592][ T1485] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 430.346485][ T1485] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 430.349998][ T1485] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 430.353662][ T1485] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 430.358068][ T1485] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 430.363179][ T1485] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 430.366752][ T1485] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 430.575464][ T1485] usb 6-1: GET_CAPABILITIES returned 0 [ 430.580794][ T1485] usbtmc 6-1:16.0: can't read capabilities [ 430.783088][ C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 430.801965][ T7051] netlink: 24 bytes leftover after parsing attributes in process `syz.2.329'. [ 430.937441][ T1342] em28xx 8-1:0.0: unknown em28xx chip ID (0) [ 431.355196][ T1342] em28xx 8-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 431.358151][ T1342] em28xx 8-1:0.0: board has no eeprom [ 431.718312][ T1342] em28xx 8-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 431.720807][ T1342] em28xx 8-1:0.0: dvb set to bulk mode. [ 431.724789][ T10] em28xx 8-1:0.0: Binding DVB extension [ 431.946225][ T7071] FAULT_INJECTION: forcing a failure. [ 431.946225][ T7071] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 431.950836][ T7071] CPU: 3 UID: 0 PID: 7071 Comm: syz.2.336 Tainted: G L syzkaller #0 PREEMPT(full) [ 431.950854][ T7071] Tainted: [L]=SOFTLOCKUP [ 431.950858][ T7071] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 431.950920][ T7071] Call Trace: [ 431.950981][ T7071] [ 431.950986][ T7071] dump_stack_lvl+0x100/0x190 [ 431.951068][ T7071] should_fail_ex.cold+0x5/0xa [ 431.951084][ T7071] _copy_to_iter+0x1f3/0x1720 [ 431.951161][ T7071] ? __pfx__copy_to_iter+0x10/0x10 [ 431.951173][ T7071] ? __pfx_disk_seqf_stop+0x10/0x10 [ 431.951241][ T7071] ? disk_seqf_stop+0x4f/0xa0 [ 431.951256][ T7071] ? kfree+0x223/0x6c0 [ 431.951269][ T7071] ? kobject_put+0xb9/0x640 [ 431.951642][ T7071] seq_read_iter+0xdab/0x1270 [ 431.951660][ T7071] proc_reg_read_iter+0x220/0x310 [ 431.951675][ T7071] ? __pfx_proc_reg_read_iter+0x10/0x10 [ 431.951689][ T7071] vfs_read+0x825/0xb30 [ 431.951702][ T7071] ? __pfx_vfs_read+0x10/0x10 [ 431.951721][ T7071] ksys_read+0x12a/0x250 [ 431.951732][ T7071] ? __pfx_ksys_read+0x10/0x10 [ 431.951744][ T7071] ? rcu_is_watching+0x12/0xc0 [ 431.951762][ T7071] do_syscall_64+0x10b/0xf80 [ 431.951772][ T7071] ? clear_bhb_loop+0x40/0x90 [ 431.951785][ T7071] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 431.951797][ T7071] RIP: 0033:0x7f758ab9c819 [ 431.951863][ T7071] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 431.951878][ T7071] RSP: 002b:00007f758bb34028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 431.951961][ T7071] RAX: ffffffffffffffda RBX: 00007f758ae15fa0 RCX: 00007f758ab9c819 [ 431.951968][ T7071] RDX: 0000000000002020 RSI: 00002000000020c0 RDI: 0000000000000003 [ 431.951975][ T7071] RBP: 00007f758bb34090 R08: 0000000000000000 R09: 0000000000000000 [ 431.951981][ T7071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 431.951987][ T7071] R13: 00007f758ae16038 R14: 00007f758ae15fa0 R15: 00007fff509d12f8 [ 431.952002][ T7071] [ 432.052668][ T7073] FAULT_INJECTION: forcing a failure. [ 432.052668][ T7073] name failslab, interval 1, probability 0, space 0, times 0 [ 432.056957][ T7073] CPU: 0 UID: 0 PID: 7073 Comm: syz.2.337 Tainted: G L syzkaller #0 PREEMPT(full) [ 432.056977][ T7073] Tainted: [L]=SOFTLOCKUP [ 432.056981][ T7073] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 432.056988][ T7073] Call Trace: [ 432.056995][ T7073] [ 432.057000][ T7073] dump_stack_lvl+0x100/0x190 [ 432.057030][ T7073] should_fail_ex.cold+0x5/0xa [ 432.057048][ T7073] should_failslab+0xc2/0x120 [ 432.057060][ T7073] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 432.057078][ T7073] ? __alloc_skb+0x140/0x710 [ 432.057240][ T7073] __alloc_skb+0x140/0x710 [ 432.057250][ T7073] ? __alloc_skb+0x5b7/0x710 [ 432.057260][ T7073] ? __pfx___alloc_skb+0x10/0x10 [ 432.057272][ T7073] ? trace_contention_end+0x122/0x170 [ 432.057289][ T7073] nl80211_tx_mgmt+0x942/0xf30 [ 432.057442][ T7073] ? __pfx_nl80211_tx_mgmt+0x10/0x10 [ 432.057457][ T7073] ? __pfx_netdev_run_todo+0x10/0x10 [ 432.057480][ T7073] ? nl80211_pre_doit+0x19a/0xae0 [ 432.057493][ T7073] genl_family_rcv_msg_doit+0x214/0x300 [ 432.057643][ T7073] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 432.057665][ T7073] ? bpf_lsm_capable+0x9/0x10 [ 432.057676][ T7073] ? security_capable+0x80/0x260 [ 432.057747][ T7073] ? ns_capable+0xd2/0xf0 [ 432.057764][ T7073] genl_rcv_msg+0x560/0x800 [ 432.057782][ T7073] ? __pfx_genl_rcv_msg+0x10/0x10 [ 432.057799][ T7073] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 432.057810][ T7073] ? __pfx_nl80211_tx_mgmt+0x10/0x10 [ 432.057824][ T7073] ? __pfx_nl80211_post_doit+0x10/0x10 [ 432.057839][ T7073] netlink_rcv_skb+0x159/0x420 [ 432.057855][ T7073] ? __pfx_genl_rcv_msg+0x10/0x10 [ 432.057872][ T7073] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 432.057893][ T7073] ? netlink_deliver_tap+0x1ae/0xcc0 [ 432.057909][ T7073] genl_rcv+0x28/0x40 [ 432.057924][ T7073] netlink_unicast+0x585/0x850 [ 432.057945][ T7073] ? __pfx_netlink_unicast+0x10/0x10 [ 432.057965][ T7073] netlink_sendmsg+0x8b0/0xda0 [ 432.057982][ T7073] ? __pfx_netlink_sendmsg+0x10/0x10 [ 432.057997][ T7073] ? __might_fault+0x90/0x140 [ 432.058016][ T7073] ____sys_sendmsg+0x9e1/0xb70 [ 432.058031][ T7073] ? __pfx_netlink_sendmsg+0x10/0x10 [ 432.058047][ T7073] ? __pfx_____sys_sendmsg+0x10/0x10 [ 432.058069][ T7073] ___sys_sendmsg+0x190/0x1e0 [ 432.058086][ T7073] ? __pfx____sys_sendmsg+0x10/0x10 [ 432.058117][ T7073] __sys_sendmsg+0x170/0x220 [ 432.058130][ T7073] ? __pfx___sys_sendmsg+0x10/0x10 [ 432.058148][ T7073] ? rcu_is_watching+0x12/0xc0 [ 432.058166][ T7073] do_syscall_64+0x10b/0xf80 [ 432.058176][ T7073] ? clear_bhb_loop+0x40/0x90 [ 432.058190][ T7073] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 432.058202][ T7073] RIP: 0033:0x7f758ab9c819 [ 432.058214][ T7073] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 432.058224][ T7073] RSP: 002b:00007f758bb34028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 432.058236][ T7073] RAX: ffffffffffffffda RBX: 00007f758ae15fa0 RCX: 00007f758ab9c819 [ 432.058243][ T7073] RDX: 0000000000000010 RSI: 0000200000000240 RDI: 0000000000000003 [ 432.058250][ T7073] RBP: 00007f758bb34090 R08: 0000000000000000 R09: 0000000000000000 [ 432.058256][ T7073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 432.058262][ T7073] R13: 00007f758ae16038 R14: 00007f758ae15fa0 R15: 00007fff509d12f8 [ 432.058277][ T7073] [ 432.347668][ T7081] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.341'. [ 432.383535][ T41] kauditd_printk_skb: 20 callbacks suppressed [ 432.383550][ T41] audit: type=1400 audit(1776695073.457:932): avc: denied { bind } for pid=7082 comm="syz.2.342" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 432.392341][ T41] audit: type=1400 audit(1776695073.457:933): avc: denied { node_bind } for pid=7082 comm="syz.2.342" saddr=172.20.20.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 432.400348][ T41] audit: type=1400 audit(1776695073.467:934): avc: denied { nlmsg_read } for pid=7082 comm="syz.2.342" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 432.452389][ T7085] FAULT_INJECTION: forcing a failure. [ 432.452389][ T7085] name failslab, interval 1, probability 0, space 0, times 0 [ 432.456427][ T7085] CPU: 2 UID: 0 PID: 7085 Comm: syz.2.343 Tainted: G L syzkaller #0 PREEMPT(full) [ 432.456447][ T7085] Tainted: [L]=SOFTLOCKUP [ 432.456451][ T7085] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 432.456458][ T7085] Call Trace: [ 432.456464][ T7085] [ 432.456470][ T7085] dump_stack_lvl+0x100/0x190 [ 432.456489][ T7085] should_fail_ex.cold+0x5/0xa [ 432.456505][ T7085] should_failslab+0xc2/0x120 [ 432.456518][ T7085] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 432.456535][ T7085] ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0 [ 432.456551][ T7085] __kvm_mmu_topup_memory_cache+0x18f/0x5f0 [ 432.456567][ T7085] mmu_topup_memory_caches+0x25/0x170 [ 432.456583][ T7085] kvm_mmu_load+0xd6/0x23e0 [ 432.456598][ T7085] ? kvm_apic_has_interrupt+0xfe/0x1f0 [ 432.456639][ T7085] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 432.456660][ T7085] ? kvm_apic_accept_pic_intr+0xdf/0x1b0 [ 432.456678][ T7085] ? __pfx_kvm_mmu_load+0x10/0x10 [ 432.456691][ T7085] ? kvm_cpu_has_injectable_intr+0x9c/0x1a0 [ 432.456704][ T7085] ? kvm_check_and_inject_events+0x961/0x1070 [ 432.456719][ T7085] ? record_steal_time+0x3d0/0xbc0 [ 432.456731][ T7085] vcpu_run+0x39f4/0x5ca0 [ 432.456752][ T7085] ? __pfx_vcpu_run+0x10/0x10 [ 432.456772][ T7085] ? rcu_is_watching+0x12/0xc0 [ 432.456790][ T7085] ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890 [ 432.456806][ T7085] kvm_arch_vcpu_ioctl_run+0x5b6/0x1890 [ 432.456825][ T7085] kvm_vcpu_ioctl+0x730/0x1720 [ 432.456838][ T7085] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 432.456850][ T7085] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 432.456864][ T7085] ? do_vfs_ioctl+0x226/0x13e0 [ 432.456875][ T7085] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 432.456885][ T7085] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 432.456975][ T7085] ? __fget_files+0x215/0x3d0 [ 432.456987][ T7085] ? hook_file_ioctl_common+0x149/0x410 [ 432.457005][ T7085] ? selinux_file_ioctl+0x13b/0x290 [ 432.457016][ T7085] ? selinux_file_ioctl+0xb6/0x290 [ 432.457028][ T7085] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 432.457040][ T7085] __x64_sys_ioctl+0x18e/0x210 [ 432.457051][ T7085] do_syscall_64+0x10b/0xf80 [ 432.457062][ T7085] ? clear_bhb_loop+0x40/0x90 [ 432.457076][ T7085] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 432.457088][ T7085] RIP: 0033:0x7f758ab9c819 [ 432.457099][ T7085] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 432.457110][ T7085] RSP: 002b:00007f758bb34028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 432.457122][ T7085] RAX: ffffffffffffffda RBX: 00007f758ae15fa0 RCX: 00007f758ab9c819 [ 432.457128][ T7085] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 432.457135][ T7085] RBP: 00007f758bb34090 R08: 0000000000000000 R09: 0000000000000000 [ 432.457141][ T7085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 432.457147][ T7085] R13: 00007f758ae16038 R14: 00007f758ae15fa0 R15: 00007fff509d12f8 [ 432.457161][ T7085] [ 432.736235][ T7089] netlink: 48 bytes leftover after parsing attributes in process `syz.2.344'. [ 432.834342][ T41] audit: type=1400 audit(1776695073.907:935): avc: denied { read } for pid=7091 comm="syz.2.345" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 432.844298][ T41] audit: type=1400 audit(1776695073.907:936): avc: denied { ioctl } for pid=7091 comm="syz.2.345" path="/dev/sg0" dev="devtmpfs" ino=721 ioctlcmd=0x2270 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 432.879485][ T7097] xt_hashlimit: size too large, truncated to 1048576 [ 432.881513][ T6238] usb 5-1: USB disconnect, device number 8 [ 432.940417][ T7099] FAULT_INJECTION: forcing a failure. [ 432.940417][ T7099] name failslab, interval 1, probability 0, space 0, times 0 [ 432.952853][ T7099] CPU: 2 UID: 0 PID: 7099 Comm: syz.2.346 Tainted: G L syzkaller #0 PREEMPT(full) [ 432.952875][ T7099] Tainted: [L]=SOFTLOCKUP [ 432.952879][ T7099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 432.952886][ T7099] Call Trace: [ 432.952891][ T7099] [ 432.952896][ T7099] dump_stack_lvl+0x100/0x190 [ 432.952914][ T7099] should_fail_ex.cold+0x5/0xa [ 432.952929][ T7099] should_failslab+0xc2/0x120 [ 432.952941][ T7099] __kmalloc_cache_noprof+0x7a/0x6f0 [ 432.952956][ T7099] ? sctp_association_new+0xbb/0x2990 [ 432.952976][ T7099] sctp_association_new+0xbb/0x2990 [ 432.952995][ T7099] sctp_connect_new_asoc+0x1a8/0x770 [ 432.953013][ T7099] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 432.953029][ T7099] ? selinux_sctp_bind_connect+0x112/0x2a0 [ 432.953052][ T7099] sctp_sendmsg+0x171a/0x22b0 [ 432.953071][ T7099] ? __pfx_sctp_sendmsg+0x10/0x10 [ 432.953088][ T7099] ? rcu_is_watching+0x12/0xc0 [ 432.953106][ T7099] ? lockdep_hardirqs_on+0x78/0x100 [ 432.953124][ T7099] ? irqentry_exit+0x246/0x790 [ 432.953137][ T7099] ? __pfx_sctp_sendmsg+0x10/0x10 [ 432.953153][ T7099] ? inet_sendmsg+0x4e/0x140 [ 432.953171][ T7099] ? __pfx_sctp_sendmsg+0x10/0x10 [ 432.953188][ T7099] inet_sendmsg+0x11c/0x140 [ 432.953205][ T7099] __sys_sendto+0x446/0x4b0 [ 432.953215][ T7099] ? __pfx_inet_sendmsg+0x10/0x10 [ 432.953237][ T7099] ? __pfx___sys_sendto+0x10/0x10 [ 432.953257][ T7099] ? xfd_validate_state+0x129/0x190 [ 432.953270][ T7099] ? ksys_write+0x1ac/0x250 [ 432.953284][ T7099] __x64_sys_sendto+0xe0/0x1c0 [ 432.953294][ T7099] ? do_syscall_64+0x90/0xf80 [ 432.953304][ T7099] ? lockdep_hardirqs_on+0x78/0x100 [ 432.953322][ T7099] do_syscall_64+0x10b/0xf80 [ 432.953330][ T7099] ? clear_bhb_loop+0x40/0x90 [ 432.953344][ T7099] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 432.953356][ T7099] RIP: 0033:0x7f758ab9c819 [ 432.953366][ T7099] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 432.953377][ T7099] RSP: 002b:00007f758bb13028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 432.953389][ T7099] RAX: ffffffffffffffda RBX: 00007f758ae16090 RCX: 00007f758ab9c819 [ 432.953396][ T7099] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000004 [ 432.953402][ T7099] RBP: 00007f758bb13090 R08: 0000200000000100 R09: 000000000000001c [ 432.953409][ T7099] R10: 0000000000044004 R11: 0000000000000246 R12: 0000000000000001 [ 432.953415][ T7099] R13: 00007f758ae16128 R14: 00007f758ae16090 R15: 00007fff509d12f8 [ 432.953428][ T7099] [ 432.955307][ T1039] usb 6-1: USB disconnect, device number 7 [ 433.074763][ T7041] em28xx 8-1:0.0: failed to get i2c transfer status from bridge register (error=-5) [ 433.087620][ T1485] usb 8-1: USB disconnect, device number 4 [ 433.090599][ T1485] em28xx 8-1:0.0: Disconnecting em28xx [ 433.094418][ T10] em28xx 8-1:0.0: Registering input extension [ 433.110233][ T1485] em28xx 8-1:0.0: Closing input extension [ 433.145034][ T1485] em28xx 8-1:0.0: Freeing device [ 433.158483][ T7109] bond3: (slave wlan1): Device is not bonding slave [ 433.159277][ T7105] netlink: 348 bytes leftover after parsing attributes in process `syz.0.350'. [ 433.160684][ T7109] bond3: option active_slave: invalid value (wlan1) [ 433.167975][ T7109] bond3 (unregistering): Released all slaves [ 433.193083][ T7112] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 433.197039][ T7105] netlink: 4 bytes leftover after parsing attributes in process `syz.0.350'. [ 433.209488][ T7112] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 433.232839][ T7115] netlink: 36 bytes leftover after parsing attributes in process `syz.2.352'. [ 433.289987][ T7117] ªªªªªª: renamed from vlan0 (while UP) [ 433.296994][ T7119] Cannot find add_set index 0 as target [ 433.562318][ T41] audit: type=1400 audit(1776695074.637:937): avc: denied { create } for pid=7120 comm="syz.0.355" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 433.568713][ T10] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 433.571697][ T41] audit: type=1400 audit(1776695074.637:938): avc: denied { ioctl } for pid=7120 comm="syz.0.355" path="socket:[20036]" dev="sockfs" ino=20036 ioctlcmd=0x89e6 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 433.642280][ T41] audit: type=1400 audit(1776695074.717:939): avc: denied { append } for pid=7120 comm="syz.0.355" name="001" dev="devtmpfs" ino=745 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 433.738364][ T10] usb 7-1: Using ep0 maxpacket: 8 [ 433.743496][ T10] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 433.747412][ T10] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 433.752221][ T10] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 433.756315][ T10] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 433.760837][ T10] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 433.766178][ T10] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 433.769588][ T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 433.818886][ T6025] Bluetooth: hci0: SCO packet for unknown connection handle 200 [ 433.884039][ T7135] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 433.954100][ T7139] netlink: 36 bytes leftover after parsing attributes in process `syz.1.361'. [ 433.999679][ T10] usb 7-1: usb_control_msg returned -32 [ 434.001641][ T10] usbtmc 7-1:16.0: can't read capabilities [ 434.020149][ T1039] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 434.123710][ T7144] FAULT_INJECTION: forcing a failure. [ 434.123710][ T7144] name failslab, interval 1, probability 0, space 0, times 0 [ 434.127601][ T41] audit: type=1400 audit(1776695075.197:940): avc: denied { setopt } for pid=7147 comm="syz.1.364" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 434.129954][ T7144] CPU: 1 UID: 0 PID: 7144 Comm: syz.3.363 Tainted: G L syzkaller #0 PREEMPT(full) [ 434.129978][ T7144] Tainted: [L]=SOFTLOCKUP [ 434.129984][ T7144] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 434.130055][ T7144] Call Trace: [ 434.130108][ T7144] [ 434.130114][ T7144] dump_stack_lvl+0x100/0x190 [ 434.130209][ T7144] should_fail_ex.cold+0x5/0xa [ 434.130284][ T7144] ? tomoyo_realpath_from_path+0xb6/0x690 [ 434.130359][ T7144] should_failslab+0xc2/0x120 [ 434.130374][ T7144] __kmalloc_noprof+0xe0/0x850 [ 434.130393][ T7144] ? kfree+0x1dd/0x6c0 [ 434.130413][ T7144] tomoyo_realpath_from_path+0xb6/0x690 [ 434.130433][ T7144] tomoyo_path_number_perm+0x23c/0x580 [ 434.130455][ T7144] ? tomoyo_path_number_perm+0x22e/0x580 [ 434.130477][ T7144] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 434.130518][ T7144] ? find_held_lock+0x2b/0x80 [ 434.130530][ T7144] ? __fget_files+0x215/0x3d0 [ 434.130546][ T7144] ? hook_file_ioctl_common+0x149/0x410 [ 434.130563][ T7144] ? __fget_files+0x215/0x3d0 [ 434.130582][ T7144] ? __fget_files+0x21f/0x3d0 [ 434.130602][ T7144] security_file_ioctl+0xd3/0x230 [ 434.130660][ T7144] __x64_sys_ioctl+0xb7/0x210 [ 434.130676][ T7144] do_syscall_64+0x10b/0xf80 [ 434.131146][ T7144] ? clear_bhb_loop+0x40/0x90 [ 434.131164][ T7144] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 434.131179][ T7144] RIP: 0033:0x7f753d59c819 [ 434.131192][ T7144] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 434.131206][ T7144] RSP: 002b:00007f753e45f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 434.131268][ T7144] RAX: ffffffffffffffda RBX: 00007f753d815fa0 RCX: 00007f753d59c819 [ 434.131277][ T7144] RDX: 0000200000000180 RSI: 00000000c03864bc RDI: 0000000000000018 [ 434.131286][ T7144] RBP: 00007f753e45f090 R08: 0000000000000000 R09: 0000000000000000 [ 434.131294][ T7144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 434.131302][ T7144] R13: 00007f753d816038 R14: 00007f753d815fa0 R15: 00007ffc8159dee8 [ 434.131321][ T7144] [ 434.133955][ T7144] ERROR: Out of memory at tomoyo_realpath_from_path. [ 434.134761][ T41] audit: type=1400 audit(1776695075.207:941): avc: denied { write } for pid=7147 comm="syz.1.364" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 434.168433][ T1039] usb 5-1: Using ep0 maxpacket: 8 [ 434.183420][ T1039] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 434.188870][ T7150] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 434.189353][ T1039] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 434.211824][ T7150] input: syz0 as /devices/virtual/input/input8 [ 434.216739][ T1039] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 434.244550][ T1039] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 434.247654][ T1039] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 434.252030][ T1039] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 434.255604][ T1039] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 434.342008][ T7155] CIFS: bad ip= option (.‹R¯HÖe'ì»Ë /Ïâµüë1ýC¸ £~—1W–쯑ë¨eþxEA®ÁþeSb{~Rð) [ 434.468390][ T1039] usb 5-1: GET_CAPABILITIES returned 0 [ 434.470502][ T1039] usbtmc 5-1:16.0: can't read capabilities [ 434.675894][ C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 434.714759][ T7160] usbtmc 7-1:16.0: usb_control_msg returned -71 [ 434.918854][ T1039] usb 7-1: USB disconnect, device number 3 [ 435.066399][ T7163] netlink: 'syz.1.369': attribute type 1 has an invalid length. [ 435.083305][ T7163] bond3: entered promiscuous mode [ 435.085265][ T7163] 8021q: adding VLAN 0 to HW filter on device bond3 [ 435.104473][ T7163] macvtap1: entered allmulticast mode [ 435.122368][ T7163] bond3: (slave bridge2): making interface the new active one [ 435.124819][ T7163] bridge2: entered promiscuous mode [ 435.128799][ T7163] bond3: (slave bridge2): Enslaving as an active interface with an up link [ 435.418306][ T1485] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 435.578342][ T1485] usb 6-1: Using ep0 maxpacket: 32 [ 435.582839][ T1485] usb 6-1: config index 0 descriptor too short (expected 156, got 27) [ 435.585942][ T1485] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 435.590849][ T1485] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 435.594355][ T1485] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 435.599246][ T1485] usb 6-1: config 0 interface 0 has no altsetting 0 [ 435.604109][ T1485] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 435.607906][ T1485] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 435.609961][ T7171] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.372'. [ 435.610827][ T1485] usb 6-1: Product: syz [ 435.615037][ T1485] usb 6-1: Manufacturer: syz [ 435.616912][ T1485] usb 6-1: SerialNumber: syz [ 435.623624][ T1485] usb 6-1: config 0 descriptor?? [ 435.637712][ T1485] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 435.647181][ T1485] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 435.848947][ T10] usb 6-1: USB disconnect, device number 8 [ 435.853747][ T10] ldusb 6-1:0.0: LD USB Device #0 now disconnected [ 436.386472][ T7192] FAULT_INJECTION: forcing a failure. [ 436.386472][ T7192] name failslab, interval 1, probability 0, space 0, times 0 [ 436.392566][ T7192] CPU: 0 UID: 0 PID: 7192 Comm: syz.3.381 Tainted: G L syzkaller #0 PREEMPT(full) [ 436.392623][ T7192] Tainted: [L]=SOFTLOCKUP [ 436.392630][ T7192] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 436.392643][ T7192] Call Trace: [ 436.392650][ T7192] [ 436.392658][ T7192] dump_stack_lvl+0x100/0x190 [ 436.392688][ T7192] should_fail_ex.cold+0x5/0xa [ 436.392715][ T7192] should_failslab+0xc2/0x120 [ 436.392736][ T7192] __kmalloc_cache_noprof+0x7a/0x6f0 [ 436.392759][ T7192] ? drm_atomic_state_alloc+0xb8/0x120 [ 436.392942][ T7192] ? __kasan_slab_free+0x5f/0x80 [ 436.393101][ T7192] ? kfree+0x223/0x6c0 [ 436.393123][ T7192] ? tomoyo_path_number_perm+0x46d/0x580 [ 436.393156][ T7192] drm_atomic_state_alloc+0xb8/0x120 [ 436.393177][ T7192] drm_mode_atomic_ioctl+0x395/0x2680 [ 436.393200][ T7192] ? avc_has_extended_perms+0x33a/0x1080 [ 436.393230][ T7192] ? avc_has_extended_perms+0x484/0x1080 [ 436.393257][ T7192] ? __pfx_drm_mode_atomic_ioctl+0x10/0x10 [ 436.393278][ T7192] ? __lock_acquire+0x4a5/0x2630 [ 436.393314][ T7192] ? drm_is_current_master+0x2c/0x40 [ 436.393334][ T7192] ? drm_is_current_master+0x2c/0x40 [ 436.393356][ T7192] ? do_raw_spin_unlock+0x145/0x1e0 [ 436.393386][ T7192] drm_ioctl_kernel+0x1f3/0x3e0 [ 436.393567][ T7192] ? __pfx_drm_mode_atomic_ioctl+0x10/0x10 [ 436.393589][ T7192] ? __pfx_drm_ioctl_kernel+0x10/0x10 [ 436.393615][ T7192] drm_ioctl+0x5e6/0xc60 [ 436.393636][ T7192] ? __pfx_drm_mode_atomic_ioctl+0x10/0x10 [ 436.393658][ T7192] ? __pfx_drm_ioctl+0x10/0x10 [ 436.393687][ T7192] ? selinux_file_ioctl+0x13b/0x290 [ 436.393708][ T7192] ? selinux_file_ioctl+0xb6/0x290 [ 436.393728][ T7192] ? __pfx_drm_ioctl+0x10/0x10 [ 436.393748][ T7192] __x64_sys_ioctl+0x18e/0x210 [ 436.393770][ T7192] do_syscall_64+0x10b/0xf80 [ 436.393790][ T7192] ? clear_bhb_loop+0x40/0x90 [ 436.393814][ T7192] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 436.393835][ T7192] RIP: 0033:0x7f753d59c819 [ 436.393855][ T7192] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 436.393872][ T7192] RSP: 002b:00007f753e45f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 436.393893][ T7192] RAX: ffffffffffffffda RBX: 00007f753d815fa0 RCX: 00007f753d59c819 [ 436.393906][ T7192] RDX: 0000200000000180 RSI: 00000000c03864bc RDI: 0000000000000015 [ 436.393916][ T7192] RBP: 00007f753e45f090 R08: 0000000000000000 R09: 0000000000000000 [ 436.393928][ T7192] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 436.393938][ T7192] R13: 00007f753d816038 R14: 00007f753d815fa0 R15: 00007ffc8159dee8 [ 436.393961][ T7192] [ 436.657072][ T7198] FAULT_INJECTION: forcing a failure. [ 436.657072][ T7198] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 436.662841][ T7198] CPU: 0 UID: 0 PID: 7198 Comm: syz.1.384 Tainted: G L syzkaller #0 PREEMPT(full) [ 436.662861][ T7198] Tainted: [L]=SOFTLOCKUP [ 436.662866][ T7198] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 436.662873][ T7198] Call Trace: [ 436.662879][ T7198] [ 436.662887][ T7198] dump_stack_lvl+0x100/0x190 [ 436.662915][ T7198] should_fail_ex.cold+0x5/0xa [ 436.662936][ T7198] ? prepare_alloc_pages+0x16d/0x5f0 [ 436.662962][ T7198] should_fail_alloc_page+0xeb/0x140 [ 436.662991][ T7198] prepare_alloc_pages+0x1f0/0x5f0 [ 436.663017][ T7198] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 436.663047][ T7198] ? stack_depot_save_flags+0x27/0x9d0 [ 436.663129][ T7198] ? stack_depot_save_flags+0x27/0x9d0 [ 436.663147][ T7198] ? kasan_save_stack+0x3f/0x50 [ 436.663164][ T7198] ? kasan_save_stack+0x30/0x50 [ 436.663181][ T7198] ? kasan_save_track+0x14/0x30 [ 436.663199][ T7198] ? __kasan_kmalloc+0xaa/0xb0 [ 436.663217][ T7198] ? __kvmalloc_node_noprof+0x360/0xa00 [ 436.663242][ T7198] ? __kvm_mmu_topup_memory_cache+0x455/0x5f0 [ 436.663262][ T7198] ? mmu_topup_memory_caches+0xbc/0x170 [ 436.663282][ T7198] ? kvm_mmu_load+0xd6/0x23e0 [ 436.663298][ T7198] ? vcpu_run+0x39f4/0x5ca0 [ 436.663316][ T7198] ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890 [ 436.663336][ T7198] ? kvm_vcpu_ioctl+0x730/0x1720 [ 436.663350][ T7198] ? __x64_sys_ioctl+0x18e/0x210 [ 436.663367][ T7198] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 436.663415][ T7198] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 436.663441][ T7198] ? policy_nodemask+0xed/0x4f0 [ 436.663463][ T7198] alloc_pages_mpol+0x1fb/0x540 [ 436.663486][ T7198] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 436.663509][ T7198] ? __kvmalloc_node_noprof+0x37b/0xa00 [ 436.663537][ T7198] ? __kvm_mmu_topup_memory_cache+0x455/0x5f0 [ 436.663564][ T7198] alloc_pages_noprof+0x1a/0x160 [ 436.663589][ T7198] get_free_pages_noprof+0x10/0xb0 [ 436.663608][ T7198] __kvm_mmu_topup_memory_cache+0x278/0x5f0 [ 436.663637][ T7198] mmu_topup_memory_caches+0xbc/0x170 [ 436.663665][ T7198] kvm_mmu_load+0xd6/0x23e0 [ 436.663686][ T7198] ? kvm_apic_has_interrupt+0xfe/0x1f0 [ 436.663708][ T7198] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 436.663729][ T7198] ? __pfx_kvm_mmu_load+0x10/0x10 [ 436.663744][ T7198] ? kvm_cpu_has_injectable_intr+0x9c/0x1a0 [ 436.663758][ T7198] ? kvm_check_and_inject_events+0x961/0x1070 [ 436.663774][ T7198] ? record_steal_time+0x3d0/0xbc0 [ 436.663787][ T7198] vcpu_run+0x39f4/0x5ca0 [ 436.663810][ T7198] ? __pfx_vcpu_run+0x10/0x10 [ 436.663831][ T7198] ? rcu_is_watching+0x12/0xc0 [ 436.663851][ T7198] ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890 [ 436.663868][ T7198] kvm_arch_vcpu_ioctl_run+0x5b6/0x1890 [ 436.663889][ T7198] kvm_vcpu_ioctl+0x730/0x1720 [ 436.663903][ T7198] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 436.663916][ T7198] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 436.663930][ T7198] ? do_vfs_ioctl+0x226/0x13e0 [ 436.663942][ T7198] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 436.663953][ T7198] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 436.663977][ T7198] ? __fget_files+0x215/0x3d0 [ 436.663991][ T7198] ? hook_file_ioctl_common+0x149/0x410 [ 436.664010][ T7198] ? selinux_file_ioctl+0x13b/0x290 [ 436.664022][ T7198] ? selinux_file_ioctl+0xb6/0x290 [ 436.664035][ T7198] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 436.664048][ T7198] __x64_sys_ioctl+0x18e/0x210 [ 436.664060][ T7198] do_syscall_64+0x10b/0xf80 [ 436.664072][ T7198] ? clear_bhb_loop+0x40/0x90 [ 436.664087][ T7198] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 436.664100][ T7198] RIP: 0033:0x7fbef199c819 [ 436.664112][ T7198] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 436.664124][ T7198] RSP: 002b:00007fbef27d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 436.664137][ T7198] RAX: ffffffffffffffda RBX: 00007fbef1c15fa0 RCX: 00007fbef199c819 [ 436.664146][ T7198] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 436.664156][ T7198] RBP: 00007fbef27d5090 R08: 0000000000000000 R09: 0000000000000000 [ 436.664166][ T7198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 436.664177][ T7198] R13: 00007fbef1c16038 R14: 00007fbef1c15fa0 R15: 00007ffc2e0760b8 [ 436.664203][ T7198] [ 436.755125][ T7197] xt_l2tp: invalid flags combination: 8 [ 436.834439][ T7197] netlink: 'syz.2.383': attribute type 3 has an invalid length. [ 436.839691][ T10] usb 5-1: USB disconnect, device number 9 [ 436.841847][ T7197] netlink: 'syz.2.383': attribute type 3 has an invalid length. [ 436.960721][ T7204] FAULT_INJECTION: forcing a failure. [ 436.960721][ T7204] name failslab, interval 1, probability 0, space 0, times 0 [ 436.965104][ T7204] CPU: 0 UID: 0 PID: 7204 Comm: syz.0.386 Tainted: G L syzkaller #0 PREEMPT(full) [ 436.965131][ T7204] Tainted: [L]=SOFTLOCKUP [ 436.965137][ T7204] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 436.965149][ T7204] Call Trace: [ 436.965157][ T7204] [ 436.965164][ T7204] dump_stack_lvl+0x100/0x190 [ 436.965190][ T7204] should_fail_ex.cold+0x5/0xa [ 436.965216][ T7204] should_failslab+0xc2/0x120 [ 436.965234][ T7204] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 436.965260][ T7204] ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0 [ 436.965286][ T7204] __kvm_mmu_topup_memory_cache+0x18f/0x5f0 [ 436.965313][ T7204] mmu_topup_memory_caches+0x25/0x170 [ 436.965336][ T7204] kvm_mmu_load+0xd6/0x23e0 [ 436.965351][ T7204] ? kvm_apic_has_interrupt+0xfe/0x1f0 [ 436.965368][ T7204] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 436.965388][ T7204] ? __pfx_kvm_mmu_load+0x10/0x10 [ 436.965401][ T7204] ? kvm_cpu_has_injectable_intr+0x9c/0x1a0 [ 436.965419][ T7204] ? kvm_check_and_inject_events+0x961/0x1070 [ 436.965442][ T7204] ? record_steal_time+0x3d0/0xbc0 [ 436.965464][ T7204] vcpu_run+0x39f4/0x5ca0 [ 436.965496][ T7204] ? __pfx_vcpu_run+0x10/0x10 [ 436.965529][ T7204] ? rcu_is_watching+0x12/0xc0 [ 436.965556][ T7204] ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890 [ 436.965577][ T7204] kvm_arch_vcpu_ioctl_run+0x5b6/0x1890 [ 436.965608][ T7204] kvm_vcpu_ioctl+0x730/0x1720 [ 436.965629][ T7204] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 436.965650][ T7204] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 436.965673][ T7204] ? do_vfs_ioctl+0x226/0x13e0 [ 436.965693][ T7204] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 436.965712][ T7204] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 436.965741][ T7204] ? __fget_files+0x215/0x3d0 [ 436.965761][ T7204] ? hook_file_ioctl_common+0x149/0x410 [ 436.965789][ T7204] ? selinux_file_ioctl+0x13b/0x290 [ 436.965804][ T7204] ? selinux_file_ioctl+0xb6/0x290 [ 436.965821][ T7204] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 436.965839][ T7204] __x64_sys_ioctl+0x18e/0x210 [ 436.965851][ T7204] do_syscall_64+0x10b/0xf80 [ 436.965863][ T7204] ? clear_bhb_loop+0x40/0x90 [ 436.965876][ T7204] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 436.965888][ T7204] RIP: 0033:0x7ff9a319c819 [ 436.965898][ T7204] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 436.965909][ T7204] RSP: 002b:00007ff9a3ff0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 436.965920][ T7204] RAX: ffffffffffffffda RBX: 00007ff9a3415fa0 RCX: 00007ff9a319c819 [ 436.965927][ T7204] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 436.965933][ T7204] RBP: 00007ff9a3ff0090 R08: 0000000000000000 R09: 0000000000000000 [ 436.965940][ T7204] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 436.965946][ T7204] R13: 00007ff9a3416038 R14: 00007ff9a3415fa0 R15: 00007ffecf839a38 [ 436.965959][ T7204] [ 437.161292][ T7218] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.391'. [ 437.307600][ T7231] IPVS: persistence engine module ip_vs_pe_s not found [ 437.311417][ T7231] xt_ipcomp: unknown flags 1D [ 437.363100][ T7235] team0: No ports can be present during mode change [ 437.370986][ T7230] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer. [ 437.489644][ T1485] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 437.521382][ T7243] netlink: 8 bytes leftover after parsing attributes in process `syz.1.401'. [ 437.525213][ T7243] netlink: 'syz.1.401': attribute type 21 has an invalid length. [ 437.528181][ T7243] netlink: 4 bytes leftover after parsing attributes in process `syz.1.401'. [ 437.543567][ T7243] netlink: 8 bytes leftover after parsing attributes in process `syz.1.401'. [ 437.543639][ T6830] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 437.547081][ T7243] netlink: 'syz.1.401': attribute type 21 has an invalid length. [ 437.550923][ T6830] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 437.553511][ T7243] netlink: 4 bytes leftover after parsing attributes in process `syz.1.401'. [ 437.561746][ T6830] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 437.566020][ T6830] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 437.575320][ T7243] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1549 sclass=netlink_route_socket pid=7243 comm=syz.1.401 [ 437.620492][ T7247] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.403'. [ 437.668304][ T1485] usb 5-1: Using ep0 maxpacket: 8 [ 437.671253][ T1485] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 437.674048][ T1485] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 437.677282][ T1485] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 437.680432][ T1485] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 437.683576][ T1485] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 437.688361][ T1485] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 437.691555][ T1485] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 437.921341][ T1485] usb 5-1: GET_CAPABILITIES returned 0 [ 437.923798][ T1485] usbtmc 5-1:16.0: can't read capabilities [ 438.125449][ C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 438.166818][ T7267] netlink: 'syz.1.411': attribute type 25 has an invalid length. [ 438.174100][ T7267] openvswitch: netlink: Invalid VLAN frame [ 438.226194][ T41] kauditd_printk_skb: 11 callbacks suppressed [ 438.226212][ T41] audit: type=1400 audit(1776695079.297:953): avc: denied { map } for pid=7270 comm="syz.1.412" path="/dev/comedi3" dev="devtmpfs" ino=1305 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 438.749549][ T7284] netlink: 20 bytes leftover after parsing attributes in process `syz.2.417'. [ 438.754900][ T7284] netlink: 256 bytes leftover after parsing attributes in process `syz.2.417'. [ 438.762037][ T7284] team0: No ports can be present during mode change [ 438.796921][ T7286] netlink: 'syz.2.418': attribute type 21 has an invalid length. [ 439.219081][ T41] audit: type=1400 audit(1776695080.297:954): avc: denied { connect } for pid=7294 comm="syz.1.422" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 439.222578][ T7295] netlink: 'syz.1.422': attribute type 28 has an invalid length. [ 439.226516][ T41] audit: type=1400 audit(1776695080.297:955): avc: denied { write } for pid=7294 comm="syz.1.422" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 439.230500][ T7295] netlink: 'syz.1.422': attribute type 3 has an invalid length. [ 439.240748][ T7295] netlink: 132 bytes leftover after parsing attributes in process `syz.1.422'. [ 439.355908][ T7304] FAULT_INJECTION: forcing a failure. [ 439.355908][ T7304] name failslab, interval 1, probability 0, space 0, times 0 [ 439.361496][ T7304] CPU: 0 UID: 0 PID: 7304 Comm: syz.1.425 Tainted: G L syzkaller #0 PREEMPT(full) [ 439.361524][ T7304] Tainted: [L]=SOFTLOCKUP [ 439.361530][ T7304] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 439.361541][ T7304] Call Trace: [ 439.361547][ T7304] [ 439.361555][ T7304] dump_stack_lvl+0x100/0x190 [ 439.361582][ T7304] should_fail_ex.cold+0x5/0xa [ 439.361608][ T7304] should_failslab+0xc2/0x120 [ 439.361627][ T7304] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 439.361651][ T7304] ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0 [ 439.361676][ T7304] __kvm_mmu_topup_memory_cache+0x18f/0x5f0 [ 439.361703][ T7304] mmu_topup_memory_caches+0x25/0x170 [ 439.361728][ T7304] kvm_mmu_load+0xd6/0x23e0 [ 439.361748][ T7304] ? kvm_apic_has_interrupt+0xfe/0x1f0 [ 439.361777][ T7304] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 439.361807][ T7304] ? __pfx_kvm_mmu_load+0x10/0x10 [ 439.361827][ T7304] ? kvm_cpu_has_injectable_intr+0x9c/0x1a0 [ 439.361854][ T7304] ? kvm_check_and_inject_events+0x961/0x1070 [ 439.361878][ T7304] ? record_steal_time+0x3d0/0xbc0 [ 439.361898][ T7304] vcpu_run+0x39f4/0x5ca0 [ 439.361929][ T7304] ? __pfx_vcpu_run+0x10/0x10 [ 439.361960][ T7304] ? rcu_is_watching+0x12/0xc0 [ 439.361990][ T7304] ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890 [ 439.362014][ T7304] kvm_arch_vcpu_ioctl_run+0x5b6/0x1890 [ 439.362045][ T7304] kvm_vcpu_ioctl+0x730/0x1720 [ 439.362065][ T7304] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 439.362084][ T7304] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 439.362107][ T7304] ? do_vfs_ioctl+0x226/0x13e0 [ 439.362124][ T7304] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 439.362142][ T7304] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 439.362175][ T7304] ? __fget_files+0x215/0x3d0 [ 439.362194][ T7304] ? hook_file_ioctl_common+0x149/0x410 [ 439.362224][ T7304] ? selinux_file_ioctl+0x13b/0x290 [ 439.362241][ T7304] ? selinux_file_ioctl+0xb6/0x290 [ 439.362260][ T7304] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 439.362279][ T7304] __x64_sys_ioctl+0x18e/0x210 [ 439.362299][ T7304] do_syscall_64+0x10b/0xf80 [ 439.362316][ T7304] ? clear_bhb_loop+0x40/0x90 [ 439.362336][ T7304] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 439.362355][ T7304] RIP: 0033:0x7fbef199c819 [ 439.362370][ T7304] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 439.362387][ T7304] RSP: 002b:00007fbef27d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 439.362406][ T7304] RAX: ffffffffffffffda RBX: 00007fbef1c15fa0 RCX: 00007fbef199c819 [ 439.362417][ T7304] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 439.362427][ T7304] RBP: 00007fbef27d5090 R08: 0000000000000000 R09: 0000000000000000 [ 439.362437][ T7304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 439.362446][ T7304] R13: 00007fbef1c16038 R14: 00007fbef1c15fa0 R15: 00007ffc2e0760b8 [ 439.362470][ T7304] [ 439.667108][ T41] audit: type=1400 audit(1776695080.737:956): avc: denied { mounton } for pid=7307 comm="syz.3.426" path="/94/bus" dev="tmpfs" ino=529 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1 [ 439.667800][ T7308] MTD: Couldn't look up './bus': -15 [ 439.726217][ T7316] netlink: 36 bytes leftover after parsing attributes in process `syz.1.428'. [ 439.733804][ T7318] FAULT_INJECTION: forcing a failure. [ 439.733804][ T7318] name failslab, interval 1, probability 0, space 0, times 0 [ 439.745835][ T7318] CPU: 3 UID: 0 PID: 7318 Comm: syz.3.429 Tainted: G L syzkaller #0 PREEMPT(full) [ 439.745867][ T7318] Tainted: [L]=SOFTLOCKUP [ 439.745873][ T7318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 439.745884][ T7318] Call Trace: [ 439.745896][ T7318] [ 439.745904][ T7318] dump_stack_lvl+0x100/0x190 [ 439.745930][ T7318] should_fail_ex.cold+0x5/0xa [ 439.745955][ T7318] should_failslab+0xc2/0x120 [ 439.745973][ T7318] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 439.746016][ T7318] ? __alloc_skb+0x140/0x710 [ 439.746171][ T7318] ? __alloc_skb+0x5b7/0x710 [ 439.746191][ T7318] __alloc_skb+0x140/0x710 [ 439.746207][ T7318] ? __alloc_skb+0x5b7/0x710 [ 439.746223][ T7318] ? __pfx___alloc_skb+0x10/0x10 [ 439.746247][ T7318] netlink_alloc_large_skb+0x69/0x150 [ 439.746416][ T7318] netlink_sendmsg+0x680/0xda0 [ 439.746443][ T7318] ? __pfx_netlink_sendmsg+0x10/0x10 [ 439.746465][ T7318] ? __might_fault+0x90/0x140 [ 439.746497][ T7318] ____sys_sendmsg+0x9e1/0xb70 [ 439.746519][ T7318] ? __pfx_netlink_sendmsg+0x10/0x10 [ 439.746545][ T7318] ? __pfx_____sys_sendmsg+0x10/0x10 [ 439.746593][ T7318] ___sys_sendmsg+0x190/0x1e0 [ 439.746622][ T7318] ? __pfx____sys_sendmsg+0x10/0x10 [ 439.746674][ T7318] __sys_sendmsg+0x170/0x220 [ 439.746694][ T7318] ? __pfx___sys_sendmsg+0x10/0x10 [ 439.746722][ T7318] ? rcu_is_watching+0x12/0xc0 [ 439.746752][ T7318] do_syscall_64+0x10b/0xf80 [ 439.746769][ T7318] ? clear_bhb_loop+0x40/0x90 [ 439.746791][ T7318] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 439.746809][ T7318] RIP: 0033:0x7f753d59c819 [ 439.746825][ T7318] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 439.746843][ T7318] RSP: 002b:00007f753e45f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 439.746862][ T7318] RAX: ffffffffffffffda RBX: 00007f753d815fa0 RCX: 00007f753d59c819 [ 439.746873][ T7318] RDX: 0000000020004080 RSI: 0000200000000800 RDI: 0000000000000003 [ 439.746883][ T7318] RBP: 00007f753e45f090 R08: 0000000000000000 R09: 0000000000000000 [ 439.746898][ T7318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 439.746909][ T7318] R13: 00007f753d816038 R14: 00007f753d815fa0 R15: 00007ffc8159dee8 [ 439.746932][ T7318] [ 439.850261][ T41] audit: type=1400 audit(1776695080.927:957): avc: denied { remount } for pid=7319 comm="syz.1.431" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 440.098306][ T34] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 440.248819][ T10] usb 5-1: USB disconnect, device number 10 [ 440.258313][ T34] usb 7-1: Using ep0 maxpacket: 32 [ 440.261802][ T34] usb 7-1: config index 0 descriptor too short (expected 29220, got 36) [ 440.264569][ T34] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 440.267497][ T34] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 440.271479][ T34] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 440.274591][ T34] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 440.277714][ T34] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 440.282067][ T34] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 440.285016][ T34] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 440.293228][ T34] usb 7-1: config 0 descriptor?? [ 440.383485][ T7341] dlm: no locking on control device [ 440.388035][ T7341] xt_hashlimit: size too large, truncated to 1048576 [ 440.499477][ T7325] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 440.503413][ T7345] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 440.504967][ T7325] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 440.505451][ T34] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 4 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 440.510740][ T7345] netlink: 4 bytes leftover after parsing attributes in process `syz.0.438'. [ 440.720709][ T41] audit: type=1400 audit(1776695081.797:958): avc: denied { read write } for pid=7323 comm="syz.2.430" name="lp0" dev="devtmpfs" ino=2954 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1 [ 440.727848][ T1485] usb 7-1: USB disconnect, device number 4 [ 440.730561][ T41] audit: type=1400 audit(1776695081.797:959): avc: denied { open } for pid=7323 comm="syz.2.430" path="/dev/usb/lp0" dev="devtmpfs" ino=2954 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1 [ 440.743260][ T1485] usblp0: removed [ 440.777002][ T41] audit: type=1400 audit(1776695081.847:960): avc: denied { bind } for pid=7356 comm="syz.0.443" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 440.847675][ T7361] FAULT_INJECTION: forcing a failure. [ 440.847675][ T7361] name failslab, interval 1, probability 0, space 0, times 0 [ 440.852808][ T7361] CPU: 0 UID: 0 PID: 7361 Comm: syz.0.445 Tainted: G L syzkaller #0 PREEMPT(full) [ 440.852837][ T7361] Tainted: [L]=SOFTLOCKUP [ 440.852844][ T7361] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 440.852854][ T7361] Call Trace: [ 440.852861][ T7361] [ 440.852870][ T7361] dump_stack_lvl+0x100/0x190 [ 440.852895][ T7361] should_fail_ex.cold+0x5/0xa [ 440.852921][ T7361] should_failslab+0xc2/0x120 [ 440.852940][ T7361] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 440.852967][ T7361] ? __alloc_skb+0x140/0x710 [ 440.852984][ T7361] ? __alloc_skb+0x5b7/0x710 [ 440.853005][ T7361] __alloc_skb+0x140/0x710 [ 440.853020][ T7361] ? __alloc_skb+0x5b7/0x710 [ 440.853035][ T7361] ? __pfx___alloc_skb+0x10/0x10 [ 440.853060][ T7361] alloc_skb_with_frags+0xdd/0x760 [ 440.853082][ T7361] ? __might_fault+0xc5/0x140 [ 440.853106][ T7361] ? __might_fault+0xc5/0x140 [ 440.853132][ T7361] sock_alloc_send_pskb+0x801/0x980 [ 440.853162][ T7361] ? _copy_from_iter+0x270/0x1690 [ 440.853273][ T7361] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 440.853300][ T7361] ? _parse_integer_limit+0x17f/0x1d0 [ 440.853329][ T7361] ? _kstrtoull+0x13c/0x1f0 [ 440.853352][ T7361] ? iov_iter_advance+0xac/0x6d0 [ 440.853370][ T7361] ? __pfx__kstrtoull+0x10/0x10 [ 440.853397][ T7361] tun_get_user+0x904/0x3c20 [ 440.853486][ T7361] ? __pfx_tun_get_user+0x10/0x10 [ 440.853514][ T7361] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 440.853546][ T7361] ? find_held_lock+0x2b/0x80 [ 440.853562][ T7361] ? tun_get+0x191/0x370 [ 440.853586][ T7361] ? tun_get+0x191/0x370 [ 440.853615][ T7361] tun_chr_write_iter+0xdc/0x200 [ 440.853645][ T7361] vfs_write+0x6ac/0x1070 [ 440.853664][ T7361] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 440.853691][ T7361] ? __pfx_vfs_write+0x10/0x10 [ 440.853708][ T7361] ? find_held_lock+0x2b/0x80 [ 440.853736][ T7361] ksys_write+0x12a/0x250 [ 440.853753][ T7361] ? __pfx_ksys_write+0x10/0x10 [ 440.853773][ T7361] ? rcu_is_watching+0x12/0xc0 [ 440.853798][ T7361] do_syscall_64+0x10b/0xf80 [ 440.853816][ T7361] ? clear_bhb_loop+0x40/0x90 [ 440.853838][ T7361] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 440.853855][ T7361] RIP: 0033:0x7ff9a319c819 [ 440.853872][ T7361] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 440.853888][ T7361] RSP: 002b:00007ff9a3ff0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 440.853907][ T7361] RAX: ffffffffffffffda RBX: 00007ff9a3415fa0 RCX: 00007ff9a319c819 [ 440.853918][ T7361] RDX: 0000000000000ffe RSI: 0000200000000240 RDI: 0000000000000003 [ 440.853927][ T7361] RBP: 00007ff9a3ff0090 R08: 0000000000000000 R09: 0000000000000000 [ 440.853937][ T7361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 440.853948][ T7361] R13: 00007ff9a3416038 R14: 00007ff9a3415fa0 R15: 00007ffecf839a38 [ 440.853971][ T7361] [ 440.908444][ T6033] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 441.133635][ T6033] usb 6-1: Using ep0 maxpacket: 8 [ 441.137195][ T6033] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 441.140237][ T6033] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 441.143770][ T6033] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 441.147020][ T6033] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 441.150555][ T6033] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 441.154758][ T6033] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 441.157620][ T6033] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 441.272288][ T7373] FAULT_INJECTION: forcing a failure. [ 441.272288][ T7373] name failslab, interval 1, probability 0, space 0, times 0 [ 441.277641][ T7373] CPU: 1 UID: 0 PID: 7373 Comm: syz.2.450 Tainted: G L syzkaller #0 PREEMPT(full) [ 441.277671][ T7373] Tainted: [L]=SOFTLOCKUP [ 441.277677][ T7373] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 441.277688][ T7373] Call Trace: [ 441.277696][ T7373] [ 441.277704][ T7373] dump_stack_lvl+0x100/0x190 [ 441.277731][ T7373] should_fail_ex.cold+0x5/0xa [ 441.277756][ T7373] should_failslab+0xc2/0x120 [ 441.277775][ T7373] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 441.277799][ T7373] ? skb_clone+0x190/0x400 [ 441.277823][ T7373] skb_clone+0x190/0x400 [ 441.277843][ T7373] netlink_deliver_tap+0xaed/0xcc0 [ 441.277873][ T7373] netlink_unicast+0x62b/0x850 [ 441.277900][ T7373] ? __pfx_netlink_unicast+0x10/0x10 [ 441.277930][ T7373] netlink_sendmsg+0x8b0/0xda0 [ 441.277964][ T7373] ? __pfx_netlink_sendmsg+0x10/0x10 [ 441.277996][ T7373] sock_write_iter+0x524/0x5a0 [ 441.278019][ T7373] ? __pfx_netlink_sendmsg+0x10/0x10 [ 441.278042][ T7373] ? __pfx_sock_write_iter+0x10/0x10 [ 441.278063][ T7373] ? _kstrtoull+0x13c/0x1f0 [ 441.278097][ T7373] ? __pfx___file_has_perm+0x10/0x10 [ 441.278129][ T7373] do_iter_readv_writev+0x6ee/0x920 [ 441.278158][ T7373] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 441.278183][ T7373] ? selinux_file_permission+0x8f/0x6d0 [ 441.278221][ T7373] ? bpf_lsm_file_permission+0x9/0x10 [ 441.278246][ T7373] ? security_file_permission+0x76/0x210 [ 441.278267][ T7373] ? rw_verify_area+0xce/0x6d0 [ 441.278294][ T7373] vfs_writev+0x360/0xe10 [ 441.278318][ T7373] ? __pfx_vfs_writev+0x10/0x10 [ 441.278335][ T7373] ? find_held_lock+0x2b/0x80 [ 441.278351][ T7373] ? ksys_write+0x190/0x250 [ 441.278382][ T7373] ? __fget_files+0x21f/0x3d0 [ 441.278408][ T7373] ? do_writev+0x28a/0x340 [ 441.278424][ T7373] do_writev+0x28a/0x340 [ 441.278441][ T7373] ? __pfx_do_writev+0x10/0x10 [ 441.278464][ T7373] do_syscall_64+0x10b/0xf80 [ 441.278482][ T7373] ? clear_bhb_loop+0x40/0x90 [ 441.278503][ T7373] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 441.278521][ T7373] RIP: 0033:0x7f758ab9c819 [ 441.278537][ T7373] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 441.278553][ T7373] RSP: 002b:00007f758bb34028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 441.278572][ T7373] RAX: ffffffffffffffda RBX: 00007f758ae15fa0 RCX: 00007f758ab9c819 [ 441.278584][ T7373] RDX: 0000000000000001 RSI: 0000200000000180 RDI: 0000000000000003 [ 441.278594][ T7373] RBP: 00007f758bb34090 R08: 0000000000000000 R09: 0000000000000000 [ 441.278605][ T7373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 441.278615][ T7373] R13: 00007f758ae16038 R14: 00007f758ae15fa0 R15: 00007fff509d12f8 [ 441.278639][ T7373] [ 441.285756][ T7371] FAULT_INJECTION: forcing a failure. [ 441.285756][ T7371] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 441.364782][ T6033] usb 6-1: GET_CAPABILITIES returned 0 [ 441.372234][ T7371] CPU: 1 UID: 0 PID: 7371 Comm: syz.0.449 Tainted: G L syzkaller #0 PREEMPT(full) [ 441.372254][ T7371] Tainted: [L]=SOFTLOCKUP [ 441.372259][ T7371] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 441.372266][ T7371] Call Trace: [ 441.372271][ T7371] [ 441.372277][ T7371] dump_stack_lvl+0x100/0x190 [ 441.372295][ T7371] should_fail_ex.cold+0x5/0xa [ 441.372309][ T7371] ? prepare_alloc_pages+0x16d/0x5f0 [ 441.372343][ T7371] should_fail_alloc_page+0xeb/0x140 [ 441.372356][ T7371] prepare_alloc_pages+0x1f0/0x5f0 [ 441.372371][ T7371] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 441.372389][ T7371] ? stack_depot_save_flags+0x27/0x9d0 [ 441.372405][ T7371] ? stack_depot_save_flags+0x27/0x9d0 [ 441.372421][ T7371] ? kasan_save_stack+0x3f/0x50 [ 441.372438][ T7371] ? kasan_save_stack+0x30/0x50 [ 441.372454][ T7371] ? kasan_save_track+0x14/0x30 [ 441.372469][ T7371] ? __kasan_kmalloc+0xaa/0xb0 [ 441.372485][ T7371] ? __kvmalloc_node_noprof+0x360/0xa00 [ 441.372501][ T7371] ? __kvm_mmu_topup_memory_cache+0x455/0x5f0 [ 441.372513][ T7371] ? mmu_topup_memory_caches+0xbc/0x170 [ 441.372528][ T7371] ? kvm_mmu_load+0xd6/0x23e0 [ 441.372540][ T7371] ? vcpu_run+0x39f4/0x5ca0 [ 441.372555][ T7371] ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890 [ 441.372570][ T7371] ? kvm_vcpu_ioctl+0x730/0x1720 [ 441.372604][ T7371] ? __x64_sys_ioctl+0x18e/0x210 [ 441.372615][ T7371] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 441.372642][ T7371] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 441.372655][ T7371] ? policy_nodemask+0xed/0x4f0 [ 441.372668][ T7371] alloc_pages_mpol+0x1fb/0x540 [ 441.372680][ T7371] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 441.372692][ T7371] ? __kvmalloc_node_noprof+0x37b/0xa00 [ 441.372708][ T7371] ? __kvm_mmu_topup_memory_cache+0x455/0x5f0 [ 441.372722][ T7371] alloc_pages_noprof+0x1a/0x160 [ 441.372736][ T7371] get_free_pages_noprof+0x10/0xb0 [ 441.372747][ T7371] __kvm_mmu_topup_memory_cache+0x278/0x5f0 [ 441.372855][ T7371] mmu_topup_memory_caches+0xbc/0x170 [ 441.372871][ T7371] kvm_mmu_load+0xd6/0x23e0 [ 441.372885][ T7371] ? kvm_apic_has_interrupt+0xfe/0x1f0 [ 441.372902][ T7371] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 441.372922][ T7371] ? __pfx_kvm_mmu_load+0x10/0x10 [ 441.372935][ T7371] ? kvm_cpu_has_injectable_intr+0x9c/0x1a0 [ 441.372948][ T7371] ? kvm_check_and_inject_events+0x961/0x1070 [ 441.372963][ T7371] ? record_steal_time+0x3d0/0xbc0 [ 441.372976][ T7371] vcpu_run+0x39f4/0x5ca0 [ 441.372996][ T7371] ? __pfx_vcpu_run+0x10/0x10 [ 441.373015][ T7371] ? rcu_is_watching+0x12/0xc0 [ 441.373034][ T7371] ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890 [ 441.373049][ T7371] kvm_arch_vcpu_ioctl_run+0x5b6/0x1890 [ 441.373069][ T7371] kvm_vcpu_ioctl+0x730/0x1720 [ 441.373081][ T7371] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 441.373093][ T7371] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 441.373106][ T7371] ? do_vfs_ioctl+0x226/0x13e0 [ 441.373116][ T7371] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 441.373126][ T7371] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 441.373148][ T7371] ? __fget_files+0x215/0x3d0 [ 441.373160][ T7371] ? hook_file_ioctl_common+0x149/0x410 [ 441.373178][ T7371] ? selinux_file_ioctl+0x13b/0x290 [ 441.373189][ T7371] ? selinux_file_ioctl+0xb6/0x290 [ 441.373200][ T7371] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 441.373212][ T7371] __x64_sys_ioctl+0x18e/0x210 [ 441.373224][ T7371] do_syscall_64+0x10b/0xf80 [ 441.373235][ T7371] ? clear_bhb_loop+0x40/0x90 [ 441.373248][ T7371] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 441.373260][ T7371] RIP: 0033:0x7ff9a319c819 [ 441.373270][ T7371] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 441.373281][ T7371] RSP: 002b:00007ff9a3ff0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 441.373292][ T7371] RAX: ffffffffffffffda RBX: 00007ff9a3415fa0 RCX: 00007ff9a319c819 [ 441.373299][ T7371] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 441.373305][ T7371] RBP: 00007ff9a3ff0090 R08: 0000000000000000 R09: 0000000000000000 [ 441.373311][ T7371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 441.373317][ T7371] R13: 00007ff9a3416038 R14: 00007ff9a3415fa0 R15: 00007ffecf839a38 [ 441.373331][ T7371] [ 441.574729][ T6033] usbtmc 6-1:16.0: can't read capabilities [ 441.647382][ T7384] syzkaller0: entered promiscuous mode [ 441.649330][ T7384] syzkaller0: entered allmulticast mode [ 442.008950][ T10] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 442.144765][ T41] audit: type=1400 audit(1776695083.217:961): avc: denied { create } for pid=7402 comm="syz.2.461" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_dnrt_socket permissive=1 [ 442.181405][ T41] audit: type=1400 audit(1776695083.257:962): avc: denied { ioctl } for pid=7402 comm="syz.2.461" path="socket:[22188]" dev="sockfs" ino=22188 ioctlcmd=0x583f scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 442.189713][ T10] usb 8-1: Using ep0 maxpacket: 16 [ 442.192942][ T10] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 442.198011][ T10] usb 8-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 442.201001][ T10] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 442.203667][ T10] usb 8-1: Product: syz [ 442.205117][ T10] usb 8-1: Manufacturer: syz [ 442.206786][ T10] usb 8-1: SerialNumber: syz [ 442.218875][ T10] usb 8-1: config 0 descriptor?? [ 442.225911][ T10] em28xx 8-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 442.228797][ T10] em28xx 8-1:0.0: DVB interface 0 found: bulk [ 442.793689][ T7417] netlink: 'syz.0.466': attribute type 10 has an invalid length. [ 442.796989][ T7417] __nla_validate_parse: 5 callbacks suppressed [ 442.797003][ T7417] netlink: 40 bytes leftover after parsing attributes in process `syz.0.466'. [ 442.806756][ T7417] batman_adv: batadv0: Adding interface: virt_wifi0 [ 442.809746][ T7417] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 442.823037][ T7417] batman_adv: batadv0: Interface activated: virt_wifi0 [ 442.827431][ T10] em28xx 8-1:0.0: unknown em28xx chip ID (0) [ 443.376191][ T41] audit: type=1400 audit(1776695084.447:963): avc: denied { getopt } for pid=7424 comm="syz.0.469" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 443.472790][ T7427] netlink: 20 bytes leftover after parsing attributes in process `syz.2.470'. [ 443.480488][ T7427] netlink: 256 bytes leftover after parsing attributes in process `syz.2.470'. [ 443.513474][ T7427] team0: No ports can be present during mode change [ 443.554477][ T10] em28xx 8-1:0.0: failed to get i2c transfer status from bridge register (error=-5) [ 443.560511][ T10] em28xx 8-1:0.0: board has no eeprom [ 443.678061][ T34] usb 6-1: USB disconnect, device number 9 [ 443.912299][ T1342] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 444.025535][ T7438] syzkaller0: entered promiscuous mode [ 444.028059][ T7438] syzkaller0: entered allmulticast mode [ 444.043520][ T7438] netlink: 'syz.1.473': attribute type 1 has an invalid length. [ 444.046942][ T7438] netlink: 24 bytes leftover after parsing attributes in process `syz.1.473'. [ 444.098570][ T1342] usb 7-1: Using ep0 maxpacket: 8 [ 444.102352][ T1342] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 444.105698][ T1342] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 444.110401][ T1342] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 444.143220][ T1342] usb 7-1: config 0 descriptor?? [ 444.145849][ T10] em28xx 8-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 444.150868][ T10] em28xx 8-1:0.0: dvb set to bulk mode. [ 444.154670][ T6065] em28xx 8-1:0.0: Binding DVB extension [ 444.180234][ T10] usb 8-1: USB disconnect, device number 5 [ 444.187974][ T10] em28xx 8-1:0.0: Disconnecting em28xx [ 444.207678][ T6065] em28xx 8-1:0.0: Registering input extension [ 444.219321][ T10] em28xx 8-1:0.0: Closing input extension [ 444.242532][ T10] em28xx 8-1:0.0: Freeing device [ 444.360192][ T1342] usb 7-1: string descriptor 0 read error: -71 [ 444.369936][ T1342] usb 7-1: USB disconnect, device number 5 [ 444.622625][ T41] audit: type=1400 audit(1776695085.697:964): avc: denied { write } for pid=7455 comm="syz.3.478" name="rtc0" dev="devtmpfs" ino=944 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 445.114147][ T7470] netlink: 8 bytes leftover after parsing attributes in process `syz.1.483'. [ 445.115576][ T7471] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.482'. [ 445.118650][ T7470] netlink: 16 bytes leftover after parsing attributes in process `syz.1.483'. [ 445.120035][ T7469] netlink: 8 bytes leftover after parsing attributes in process `syz.1.483'. [ 445.125036][ T7473] netlink: 4 bytes leftover after parsing attributes in process `syz.2.481'. [ 445.135185][ T7473] openvswitch: netlink: IPv4 frag type 127 is out of range max 2 [ 445.152185][ T7469] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7469 comm=syz.1.483 [ 445.153861][ T41] audit: type=1326 audit(1776695086.227:965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7465 comm="syz.2.481" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f758ab9c819 code=0x0 [ 445.158503][ T7469] netlink: 8 bytes leftover after parsing attributes in process `syz.1.483'. [ 445.242564][ T7476] FAULT_INJECTION: forcing a failure. [ 445.242564][ T7476] name failslab, interval 1, probability 0, space 0, times 0 [ 445.249542][ T7476] CPU: 1 UID: 0 PID: 7476 Comm: syz.3.484 Tainted: G L syzkaller #0 PREEMPT(full) [ 445.249574][ T7476] Tainted: [L]=SOFTLOCKUP [ 445.249580][ T7476] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 445.249808][ T7476] Call Trace: [ 445.250054][ T7476] [ 445.250065][ T7476] dump_stack_lvl+0x100/0x190 [ 445.250620][ T7476] should_fail_ex.cold+0x5/0xa [ 445.250647][ T7476] should_failslab+0xc2/0x120 [ 445.250669][ T7476] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 445.250695][ T7476] ? vm_area_dup+0x27/0x8e0 [ 445.250718][ T7476] ? __vma_start_write+0x17f/0x280 [ 445.250746][ T7476] vm_area_dup+0x27/0x8e0 [ 445.250773][ T7476] dup_mmap+0x6f6/0x2180 [ 445.250805][ T7476] ? __pfx_dup_mmap+0x10/0x10 [ 445.250826][ T7476] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 445.252683][ T7476] ? __lock_acquire+0x4a5/0x2630 [ 445.252708][ T7476] ? find_held_lock+0x2b/0x80 [ 445.252726][ T7476] ? __percpu_counter_init_many+0x2bc/0x3b0 [ 445.252996][ T7476] copy_process+0x7b37/0x7fa0 [ 445.253041][ T7476] ? __pfx_copy_process+0x10/0x10 [ 445.253069][ T7476] ? find_held_lock+0x2b/0x80 [ 445.253097][ T7476] kernel_clone+0x12e/0x9c0 [ 445.253123][ T7476] ? find_held_lock+0x2b/0x80 [ 445.253143][ T7476] ? __pfx_kernel_clone+0x10/0x10 [ 445.253182][ T7476] ? __mutex_unlock_slowpath+0x15d/0x8a0 [ 445.253202][ T7476] __do_sys_clone+0xd9/0x120 [ 445.253231][ T7476] ? __pfx___do_sys_clone+0x10/0x10 [ 445.253270][ T7476] ? ksys_write+0x1ac/0x250 [ 445.253291][ T7476] ? __pfx_ksys_write+0x10/0x10 [ 445.253312][ T7476] ? rcu_is_watching+0x12/0xc0 [ 445.253343][ T7476] do_syscall_64+0x10b/0xf80 [ 445.253362][ T7476] ? clear_bhb_loop+0x40/0x90 [ 445.253385][ T7476] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 445.253405][ T7476] RIP: 0033:0x7f753d59c819 [ 445.253691][ T7476] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 445.253709][ T7476] RSP: 002b:00007f753e45efd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 445.253999][ T7476] RAX: ffffffffffffffda RBX: 00007f753d815fa0 RCX: 00007f753d59c819 [ 445.254013][ T7476] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044200400 [ 445.254024][ T7476] RBP: 00007f753e45f090 R08: 0000000000000000 R09: 0000000000000000 [ 445.254036][ T7476] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002 [ 445.254047][ T7476] R13: 00007f753d816038 R14: 00007f753d815fa0 R15: 00007ffc8159dee8 [ 445.254074][ T7476] [ 445.455203][ T7489] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 445.486281][ T7486] 0x000000000000-0x000000020003 : "" [ 445.488778][ T7486] mtd: partition "" extends beyond the end of device "mtdram test device" -- size truncated to 0x20000 [ 445.509419][ T7486] ftl_cs: FTL header not found. [ 445.539774][ T7489] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 445.758490][ T1342] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 445.835069][ T7501] bond4: (slave wlan1): Device is not bonding slave [ 445.838038][ T7501] bond4: option active_slave: invalid value (wlan1) [ 445.843276][ T7501] bond4 (unregistering): Released all slaves [ 445.918322][ T1342] usb 5-1: Using ep0 maxpacket: 32 [ 445.923041][ T1342] usb 5-1: config 0 has an invalid interface number: 119 but max is 0 [ 445.930959][ T1342] usb 5-1: config 0 has no interface number 0 [ 445.935156][ T1342] usb 5-1: config 0 interface 119 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 445.939845][ T1342] usb 5-1: config 0 interface 119 altsetting 0 has an endpoint descriptor with address 0xD3, changing to 0x83 [ 445.944829][ T1342] usb 5-1: config 0 interface 119 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 2 [ 445.949211][ T1342] usb 5-1: config 0 interface 119 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 445.954806][ T7504] netlink: 'syz.2.494': attribute type 3 has an invalid length. [ 445.957177][ T1342] usb 5-1: New USB device found, idVendor=05ac, idProduct=0292, bcdDevice=88.73 [ 445.965737][ T1342] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 445.969369][ T1342] usb 5-1: Product: syz [ 445.971223][ T1342] usb 5-1: Manufacturer: syz [ 445.973352][ T1342] usb 5-1: SerialNumber: syz [ 445.982814][ T41] audit: type=1400 audit(1776695087.057:966): avc: denied { bind } for pid=7505 comm="syz.3.495" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 445.989554][ T1342] usb 5-1: config 0 descriptor?? [ 445.994095][ T7491] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 446.004121][ T1342] input: bcm5974 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.119/input/input10 [ 446.028046][ T5342] usb 5-1: BOGUS urb xfer, pipe 1 != type 3 [ 446.202475][ T41] audit: type=1400 audit(1776695087.277:967): avc: denied { read write } for pid=7490 comm="syz.0.490" name="ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 446.213190][ T41] audit: type=1400 audit(1776695087.277:968): avc: denied { open } for pid=7490 comm="syz.0.490" path="/dev/ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 446.222934][ T41] audit: type=1400 audit(1776695087.277:969): avc: denied { ioctl } for pid=7490 comm="syz.0.490" path="/dev/ppp" dev="devtmpfs" ino=730 ioctlcmd=0x744b scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 446.227736][ T7523] xt_hashlimit: size too large, truncated to 1048576 [ 446.256494][ T41] audit: type=1400 audit(1776695087.327:970): avc: denied { mount } for pid=7524 comm="syz.1.504" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 446.266217][ T7525] openvswitch: netlink: Actions may not be safe on all matching packets [ 446.281072][ T1433] ieee802154 phy0 wpan0: encryption failed: -22 [ 446.284839][ T1433] ieee802154 phy1 wpan1: encryption failed: -22 [ 446.320033][ T7491] batman_adv: batadv0: Interface deactivated: virt_wifi0 [ 446.378374][ T1039] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 446.405024][ T6058] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 446.409952][ T6058] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 446.413724][ T6058] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 446.418073][ T6058] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 446.519228][ T41] audit: type=1400 audit(1776695087.597:971): avc: denied { add_name } for pid=7535 comm="syz.1.506" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 446.526603][ T41] audit: type=1400 audit(1776695087.597:972): avc: denied { create } for pid=7535 comm="syz.1.506" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=sock_file permissive=1 [ 446.538487][ T1039] usb 8-1: Using ep0 maxpacket: 16 [ 446.542557][ T1039] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 446.551191][ T1039] usb 8-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 446.554280][ T1039] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 446.556810][ T1039] usb 8-1: Product: syz [ 446.558164][ T1039] usb 8-1: Manufacturer: syz [ 446.559783][ T1039] usb 8-1: SerialNumber: syz [ 446.563272][ T1039] usb 8-1: config 0 descriptor?? [ 446.571734][ T1039] em28xx 8-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 446.574775][ T1039] em28xx 8-1:0.0: DVB interface 0 found: bulk [ 447.181286][ T1039] em28xx 8-1:0.0: unknown em28xx chip ID (0) [ 447.588036][ T1039] em28xx 8-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 447.590756][ T1039] em28xx 8-1:0.0: board has no eeprom [ 447.972619][ T7566] __nla_validate_parse: 1 callbacks suppressed [ 447.973010][ T7566] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.515'. [ 447.988506][ T1039] em28xx 8-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 447.991849][ T1039] em28xx 8-1:0.0: dvb set to bulk mode. [ 448.003194][ T54] em28xx 8-1:0.0: Binding DVB extension [ 448.011662][ T7568] netlink: 'syz.1.516': attribute type 1 has an invalid length. [ 448.014243][ T7568] netlink: 'syz.1.516': attribute type 1 has an invalid length. [ 448.016696][ T7568] netlink: 9172 bytes leftover after parsing attributes in process `syz.1.516'. [ 448.327778][ T7517] em28xx 8-1:0.0: read from i2c device at 0x482c failed with unknown error (status=65) [ 448.501834][ T1342] usb 5-1: USB disconnect, device number 11 [ 448.558422][ T7578] sp0: Synchronizing with TNC [ 448.561611][ T6033] usb 8-1: USB disconnect, device number 6 [ 448.580713][ T6033] em28xx 8-1:0.0: Disconnecting em28xx [ 448.600192][ T54] em28xx 8-1:0.0: Registering input extension [ 448.604093][ T6033] em28xx 8-1:0.0: Closing input extension [ 448.634990][ T6033] em28xx 8-1:0.0: Freeing device [ 448.916919][ T41] kauditd_printk_skb: 4 callbacks suppressed [ 448.917008][ T41] audit: type=1400 audit(1776695089.987:977): avc: denied { read } for pid=7599 comm="syz.0.523" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 448.929747][ T41] audit: type=1400 audit(1776695089.987:978): avc: denied { open } for pid=7599 comm="syz.0.523" path="/dev/autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 448.940258][ T41] audit: type=1400 audit(1776695089.997:979): avc: denied { ioctl } for pid=7599 comm="syz.0.523" path="/dev/autofs" dev="devtmpfs" ino=104 ioctlcmd=0x9379 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 449.042853][ T41] audit: type=1400 audit(1776695090.117:980): avc: denied { execute } for pid=7601 comm="syz.1.524" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 449.472244][ T1342] hid-generic 0006:0004:0009.0003: unknown main item tag 0x0 [ 449.477368][ T1342] hid-generic 0006:0004:0009.0003: unknown main item tag 0x0 [ 449.481837][ T1342] hid-generic 0006:0004:0009.0003: unknown main item tag 0x0 [ 449.486866][ T1342] hid-generic 0006:0004:0009.0003: unknown main item tag 0x0 [ 449.490088][ T1342] hid-generic 0006:0004:0009.0003: unknown main item tag 0x0 [ 449.490612][ T7625] FAULT_INJECTION: forcing a failure. [ 449.490612][ T7625] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 449.494271][ T1342] hid-generic 0006:0004:0009.0003: unknown main item tag 0x0 [ 449.501112][ T7625] CPU: 2 UID: 0 PID: 7625 Comm: syz.3.532 Tainted: G L syzkaller #0 PREEMPT(full) [ 449.501140][ T7625] Tainted: [L]=SOFTLOCKUP [ 449.501146][ T7625] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 449.501257][ T7625] Call Trace: [ 449.501413][ T7625] [ 449.501421][ T7625] dump_stack_lvl+0x100/0x190 [ 449.501682][ T7625] should_fail_ex.cold+0x5/0xa [ 449.501813][ T7625] _copy_from_user+0x2e/0xd0 [ 449.501988][ T7625] input_event_from_user+0x123/0x310 [ 449.502088][ T7625] ? __pfx_input_event_from_user+0x10/0x10 [ 449.502111][ T7625] ? __pfx___might_resched+0x10/0x10 [ 449.502129][ T7625] ? input_inject_event+0x1a6/0x390 [ 449.502147][ T7625] evdev_write+0x342/0x610 [ 449.502174][ T7625] ? __pfx_evdev_write+0x10/0x10 [ 449.502192][ T7625] ? bpf_lsm_file_permission+0x9/0x10 [ 449.502209][ T7625] ? security_file_permission+0x76/0x210 [ 449.502282][ T7625] ? rw_verify_area+0xce/0x6d0 [ 449.502300][ T7625] vfs_write+0x2aa/0x1070 [ 449.502313][ T7625] ? __pfx_evdev_write+0x10/0x10 [ 449.502330][ T7625] ? __pfx_vfs_write+0x10/0x10 [ 449.502340][ T7625] ? find_held_lock+0x2b/0x80 [ 449.502349][ T7625] ? __fget_files+0x215/0x3d0 [ 449.502362][ T7625] ? __fget_files+0x215/0x3d0 [ 449.502377][ T7625] ? __fget_files+0x21f/0x3d0 [ 449.502393][ T7625] ksys_write+0x1f8/0x250 [ 449.502404][ T7625] ? __pfx_ksys_write+0x10/0x10 [ 449.502416][ T7625] ? rcu_is_watching+0x12/0xc0 [ 449.502434][ T7625] do_syscall_64+0x10b/0xf80 [ 449.502966][ T7625] ? clear_bhb_loop+0x40/0x90 [ 449.502980][ T7625] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 449.502992][ T7625] RIP: 0033:0x7f753d59c819 [ 449.503049][ T7625] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 449.503060][ T7625] RSP: 002b:00007f753e45f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 449.503188][ T7625] RAX: ffffffffffffffda RBX: 00007f753d815fa0 RCX: 00007f753d59c819 [ 449.503195][ T7625] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000003 [ 449.503201][ T7625] RBP: 00007f753e45f090 R08: 0000000000000000 R09: 0000000000000000 [ 449.503208][ T7625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 449.503214][ T7625] R13: 00007f753d816038 R14: 00007f753d815fa0 R15: 00007ffc8159dee8 [ 449.503228][ T7625] [ 449.600649][ T1342] hid-generic 0006:0004:0009.0003: unknown main item tag 0x0 [ 449.603917][ T1342] hid-generic 0006:0004:0009.0003: unknown main item tag 0x0 [ 449.607047][ T1342] hid-generic 0006:0004:0009.0003: unknown main item tag 0x0 [ 449.610576][ T1342] hid-generic 0006:0004:0009.0003: unknown main item tag 0x0 [ 449.628120][ T1342] hid-generic 0006:0004:0009.0003: hidraw0: VIRTUAL HID v0.04 Device [syz1] on syz0 [ 449.642660][ T41] audit: type=1400 audit(1776695090.717:981): avc: denied { map } for pid=7627 comm="syz.3.533" path="/dev/fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 449.651010][ T7629] fuse: Bad value for 'rootmode' [ 449.738522][ T7638] netlink: 24 bytes leftover after parsing attributes in process `syz.2.536'. [ 449.782817][ T7641] netlink: 20 bytes leftover after parsing attributes in process `syz.2.537'. [ 449.787933][ T7641] netlink: 256 bytes leftover after parsing attributes in process `syz.2.537'. [ 449.796845][ T7641] team0: No ports can be present during mode change [ 450.099216][ T1039] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 450.249309][ T1039] usb 7-1: Using ep0 maxpacket: 8 [ 450.258040][ T1039] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 450.263646][ T1039] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 450.267897][ T1039] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 450.285491][ T41] audit: type=1400 audit(1776695091.357:982): avc: denied { append } for pid=7653 comm="syz.3.541" name="video7" dev="devtmpfs" ino=974 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 450.294616][ T1039] usb 7-1: config 0 descriptor?? [ 450.304771][ T7654] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined [ 450.310495][ T41] audit: type=1400 audit(1776695091.387:983): avc: denied { create } for pid=7653 comm="syz.3.541" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1 [ 450.319116][ T41] audit: type=1400 audit(1776695091.387:984): avc: denied { write } for pid=7653 comm="syz.3.541" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1 [ 450.332787][ T7654] bond4: entered allmulticast mode [ 450.362660][ T7654] veth3: entered allmulticast mode [ 450.367694][ T7654] bond4: (slave veth3): Enslaving as an active interface with an up link [ 450.381097][ T7654] bond4 (unregistering): (slave veth3): Releasing backup interface [ 450.387069][ T7654] bond4 (unregistering): Released all slaves [ 450.505043][ T1039] usb 7-1: string descriptor 0 read error: -71 [ 450.515784][ T1039] usb 7-1: USB disconnect, device number 6 [ 450.594918][ T41] audit: type=1400 audit(1776695091.667:985): avc: denied { ioctl } for pid=7663 comm="syz.1.544" path="socket:[25851]" dev="sockfs" ino=25851 ioctlcmd=0x89f3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 450.637224][ T7666] xt_hashlimit: size too large, truncated to 1048576 [ 450.664285][ T7664] overlay: ./file0 is not a directory [ 450.668651][ T7664] netlink: 80 bytes leftover after parsing attributes in process `syz.1.544'. [ 450.762251][ T7671] FAULT_INJECTION: forcing a failure. [ 450.762251][ T7671] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 450.770202][ T7671] CPU: 1 UID: 0 PID: 7671 Comm: syz.3.546 Tainted: G L syzkaller #0 PREEMPT(full) [ 450.770232][ T7671] Tainted: [L]=SOFTLOCKUP [ 450.770239][ T7671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 450.770335][ T7671] Call Trace: [ 450.770400][ T7671] [ 450.770409][ T7671] dump_stack_lvl+0x100/0x190 [ 450.770618][ T7671] should_fail_ex.cold+0x5/0xa [ 450.770704][ T7671] _copy_to_user+0x32/0xd0 [ 450.770795][ T7671] simple_read_from_buffer+0xcb/0x170 [ 450.770818][ T7671] proc_fail_nth_read+0x1af/0x230 [ 450.770847][ T7671] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 450.770877][ T7671] ? rw_verify_area+0xce/0x6d0 [ 450.770901][ T7671] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 450.770928][ T7671] vfs_read+0x1e4/0xb30 [ 450.770949][ T7671] ? __pfx_vfs_read+0x10/0x10 [ 450.770965][ T7671] ? __fget_files+0x215/0x3d0 [ 450.770990][ T7671] ? __fget_files+0x21f/0x3d0 [ 450.771017][ T7671] ksys_read+0x12a/0x250 [ 450.771034][ T7671] ? __pfx_ksys_read+0x10/0x10 [ 450.771053][ T7671] ? rcu_is_watching+0x12/0xc0 [ 450.771082][ T7671] do_syscall_64+0x10b/0xf80 [ 450.771579][ T7671] ? clear_bhb_loop+0x40/0x90 [ 450.771601][ T7671] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 450.771619][ T7671] RIP: 0033:0x7f753d55d04e [ 450.771636][ T7671] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 450.771652][ T7671] RSP: 002b:00007f753e45efe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 450.771720][ T7671] RAX: ffffffffffffffda RBX: 00007f753e45f6c0 RCX: 00007f753d55d04e [ 450.771731][ T7671] RDX: 000000000000000f RSI: 00007f753e45f0a0 RDI: 0000000000000005 [ 450.771741][ T7671] RBP: 00007f753e45f090 R08: 0000000000000000 R09: 0000000000000000 [ 450.771751][ T7671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 450.771761][ T7671] R13: 00007f753d816038 R14: 00007f753d815fa0 R15: 00007ffc8159dee8 [ 450.771786][ T7671] [ 451.038310][ T1485] usb 6-1: new full-speed USB device number 10 using dummy_hcd [ 451.221124][ T1485] usb 6-1: not running at top speed; connect to a high speed hub [ 451.225763][ T1485] usb 6-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x12, changing to 0x2 [ 451.235390][ T1485] usb 6-1: New USB device found, idVendor=0944, idProduct=0201, bcdDevice= 0.40 [ 451.239556][ T1485] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 451.242798][ T1485] usb 6-1: Product: syz [ 451.244625][ T1485] usb 6-1: Manufacturer: syz [ 451.246978][ T1485] usb 6-1: SerialNumber: syz [ 451.274752][ T41] audit: type=1400 audit(1776695092.347:986): avc: denied { write } for pid=7681 comm="syz.2.550" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 451.275808][ T7682] netlink: 28 bytes leftover after parsing attributes in process `syz.2.550'. [ 451.376976][ T7684] netlink: 24 bytes leftover after parsing attributes in process `syz.2.551'. [ 451.384478][ T7684] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7684 comm=syz.2.551 [ 451.480613][ T1485] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 451.484465][ T1485] usb 6-1: MIDIStreaming interface descriptor not found [ 451.566029][ T1485] usb 6-1: USB disconnect, device number 10 [ 451.610806][ T6027] udevd[6027]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 451.716634][ T7694] netlink: 4 bytes leftover after parsing attributes in process `syz.3.554'. [ 451.720801][ T7694] openvswitch: netlink: nsh attr 8 is out of range max 3 [ 451.770329][ T7696] fuse: Unknown parameter '' [ 452.073708][ T7704] Cannot find add_set index 65532 as target [ 452.741890][ T7711] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 452.752633][ T7711] CIFS mount error: No usable UNC path provided in device string! [ 452.752633][ T7711] [ 452.756902][ T7711] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 452.882833][ T7722] FAULT_INJECTION: forcing a failure. [ 452.882833][ T7722] name failslab, interval 1, probability 0, space 0, times 0 [ 452.887586][ T7722] CPU: 3 UID: 0 PID: 7722 Comm: syz.3.566 Tainted: G L syzkaller #0 PREEMPT(full) [ 452.887612][ T7722] Tainted: [L]=SOFTLOCKUP [ 452.887617][ T7722] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 452.887686][ T7722] Call Trace: [ 452.887804][ T7722] [ 452.887811][ T7722] dump_stack_lvl+0x100/0x190 [ 452.887890][ T7722] should_fail_ex.cold+0x5/0xa [ 452.887945][ T7722] should_failslab+0xc2/0x120 [ 452.887957][ T7722] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 452.887974][ T7722] ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0 [ 452.887993][ T7722] __kvm_mmu_topup_memory_cache+0x18f/0x5f0 [ 452.888017][ T7722] mmu_topup_memory_caches+0x25/0x170 [ 452.888043][ T7722] kvm_mmu_load+0xd6/0x23e0 [ 452.888063][ T7722] ? kvm_apic_has_interrupt+0xfe/0x1f0 [ 452.888091][ T7722] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 452.888116][ T7722] ? __pfx_kvm_mmu_load+0x10/0x10 [ 452.888129][ T7722] ? kvm_cpu_has_injectable_intr+0x9c/0x1a0 [ 452.888142][ T7722] ? kvm_check_and_inject_events+0x961/0x1070 [ 452.888158][ T7722] ? record_steal_time+0x3d0/0xbc0 [ 452.888176][ T7722] vcpu_run+0x39f4/0x5ca0 [ 452.888221][ T7722] ? __pfx_vcpu_run+0x10/0x10 [ 452.888253][ T7722] ? rcu_is_watching+0x12/0xc0 [ 452.888283][ T7722] ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890 [ 452.888305][ T7722] kvm_arch_vcpu_ioctl_run+0x5b6/0x1890 [ 452.888326][ T7722] kvm_vcpu_ioctl+0x730/0x1720 [ 452.888339][ T7722] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 452.888351][ T7722] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 452.888366][ T7722] ? do_vfs_ioctl+0x226/0x13e0 [ 452.888377][ T7722] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 452.888387][ T7722] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 452.888449][ T7722] ? __fget_files+0x215/0x3d0 [ 452.888461][ T7722] ? hook_file_ioctl_common+0x149/0x410 [ 452.888480][ T7722] ? selinux_file_ioctl+0x13b/0x290 [ 452.888490][ T7722] ? selinux_file_ioctl+0xb6/0x290 [ 452.888502][ T7722] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 452.888514][ T7722] __x64_sys_ioctl+0x18e/0x210 [ 452.888552][ T7722] do_syscall_64+0x10b/0xf80 [ 452.889154][ T7722] ? clear_bhb_loop+0x40/0x90 [ 452.889173][ T7722] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 452.889185][ T7722] RIP: 0033:0x7f753d59c819 [ 452.889196][ T7722] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 452.889206][ T7722] RSP: 002b:00007f753e45f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 452.889265][ T7722] RAX: ffffffffffffffda RBX: 00007f753d815fa0 RCX: 00007f753d59c819 [ 452.889272][ T7722] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 452.889278][ T7722] RBP: 00007f753e45f090 R08: 0000000000000000 R09: 0000000000000000 [ 452.889285][ T7722] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 452.889291][ T7722] R13: 00007f753d816038 R14: 00007f753d815fa0 R15: 00007ffc8159dee8 [ 452.889305][ T7722] [ 453.117688][ T7738] team0: Mode changed to "activebackup" [ 453.361425][ T7742] FAULT_INJECTION: forcing a failure. [ 453.361425][ T7742] name failslab, interval 1, probability 0, space 0, times 0 [ 453.368326][ T7742] CPU: 0 UID: 0 PID: 7742 Comm: syz.3.571 Tainted: G L syzkaller #0 PREEMPT(full) [ 453.368358][ T7742] Tainted: [L]=SOFTLOCKUP [ 453.368365][ T7742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 453.368644][ T7742] Call Trace: [ 453.369034][ T7742] [ 453.369045][ T7742] dump_stack_lvl+0x100/0x190 [ 453.369689][ T7742] should_fail_ex.cold+0x5/0xa [ 453.369820][ T7742] should_failslab+0xc2/0x120 [ 453.369842][ T7742] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 453.369868][ T7742] ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0 [ 453.369901][ T7742] __kvm_mmu_topup_memory_cache+0x18f/0x5f0 [ 453.369930][ T7742] mmu_topup_memory_caches+0x25/0x170 [ 453.369958][ T7742] kvm_mmu_load+0xd6/0x23e0 [ 453.369982][ T7742] ? kvm_apic_has_interrupt+0xfe/0x1f0 [ 453.370010][ T7742] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 453.370042][ T7742] ? __pfx_kvm_mmu_load+0x10/0x10 [ 453.370065][ T7742] ? kvm_cpu_has_injectable_intr+0x9c/0x1a0 [ 453.370086][ T7742] ? kvm_check_and_inject_events+0x961/0x1070 [ 453.370111][ T7742] ? record_steal_time+0x3d0/0xbc0 [ 453.370132][ T7742] vcpu_run+0x39f4/0x5ca0 [ 453.370167][ T7742] ? __pfx_vcpu_run+0x10/0x10 [ 453.370201][ T7742] ? rcu_is_watching+0x12/0xc0 [ 453.370231][ T7742] ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890 [ 453.370256][ T7742] kvm_arch_vcpu_ioctl_run+0x5b6/0x1890 [ 453.370290][ T7742] kvm_vcpu_ioctl+0x730/0x1720 [ 453.370312][ T7742] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 453.370332][ T7742] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 453.370356][ T7742] ? do_vfs_ioctl+0x226/0x13e0 [ 453.370374][ T7742] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 453.370393][ T7742] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 453.370505][ T7742] ? __fget_files+0x215/0x3d0 [ 453.370524][ T7742] ? hook_file_ioctl_common+0x149/0x410 [ 453.370554][ T7742] ? selinux_file_ioctl+0x13b/0x290 [ 453.370572][ T7742] ? selinux_file_ioctl+0xb6/0x290 [ 453.370591][ T7742] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 453.370611][ T7742] __x64_sys_ioctl+0x18e/0x210 [ 453.370631][ T7742] do_syscall_64+0x10b/0xf80 [ 453.371857][ T7742] ? clear_bhb_loop+0x40/0x90 [ 453.371881][ T7742] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 453.371906][ T7742] RIP: 0033:0x7f753d59c819 [ 453.372004][ T7742] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 453.372022][ T7742] RSP: 002b:00007f753e45f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 453.372090][ T7742] RAX: ffffffffffffffda RBX: 00007f753d815fa0 RCX: 00007f753d59c819 [ 453.372103][ T7742] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 453.372113][ T7742] RBP: 00007f753e45f090 R08: 0000000000000000 R09: 0000000000000000 [ 453.372122][ T7742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 453.372131][ T7742] R13: 00007f753d816038 R14: 00007f753d815fa0 R15: 00007ffc8159dee8 [ 453.372157][ T7742] [ 453.643636][ T7752] FAULT_INJECTION: forcing a failure. [ 453.643636][ T7752] name failslab, interval 1, probability 0, space 0, times 0 [ 453.648450][ T7752] CPU: 3 UID: 0 PID: 7752 Comm: syz.0.573 Tainted: G L syzkaller #0 PREEMPT(full) [ 453.648470][ T7752] Tainted: [L]=SOFTLOCKUP [ 453.648474][ T7752] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 453.648481][ T7752] Call Trace: [ 453.648486][ T7752] [ 453.648491][ T7752] dump_stack_lvl+0x100/0x190 [ 453.648509][ T7752] should_fail_ex.cold+0x5/0xa [ 453.648553][ T7752] ? tomoyo_realpath_from_path+0xb6/0x690 [ 453.648568][ T7752] should_failslab+0xc2/0x120 [ 453.648584][ T7752] __kmalloc_noprof+0xe0/0x850 [ 453.648605][ T7752] ? kfree+0x1dd/0x6c0 [ 453.648629][ T7752] tomoyo_realpath_from_path+0xb6/0x690 [ 453.648652][ T7752] tomoyo_path_number_perm+0x23c/0x580 [ 453.648680][ T7752] ? tomoyo_path_number_perm+0x22e/0x580 [ 453.648707][ T7752] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 453.648749][ T7752] ? find_held_lock+0x2b/0x80 [ 453.648759][ T7752] ? __fget_files+0x215/0x3d0 [ 453.648772][ T7752] ? hook_file_ioctl_common+0x149/0x410 [ 453.648785][ T7752] ? __fget_files+0x215/0x3d0 [ 453.648800][ T7752] ? __fget_files+0x21f/0x3d0 [ 453.648815][ T7752] security_file_ioctl+0xd3/0x230 [ 453.648918][ T7752] __x64_sys_ioctl+0xb7/0x210 [ 453.648930][ T7752] do_syscall_64+0x10b/0xf80 [ 453.648941][ T7752] ? clear_bhb_loop+0x40/0x90 [ 453.648954][ T7752] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 453.648966][ T7752] RIP: 0033:0x7ff9a319c819 [ 453.648976][ T7752] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 453.648987][ T7752] RSP: 002b:00007ff9a3ff0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 453.648999][ T7752] RAX: ffffffffffffffda RBX: 00007ff9a3415fa0 RCX: 00007ff9a319c819 [ 453.649006][ T7752] RDX: 00002000000000c0 RSI: 0000000040946400 RDI: 0000000000000003 [ 453.649013][ T7752] RBP: 00007ff9a3ff0090 R08: 0000000000000000 R09: 0000000000000000 [ 453.649019][ T7752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 453.649025][ T7752] R13: 00007ff9a3416038 R14: 00007ff9a3415fa0 R15: 00007ffecf839a38 [ 453.649039][ T7752] [ 453.649044][ T7752] ERROR: Out of memory at tomoyo_realpath_from_path. [ 453.702829][ T7760] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.577'. [ 453.708788][ T7761] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.576'. [ 453.763650][ T7764] netlink: 'syz.1.579': attribute type 1 has an invalid length. [ 453.766842][ T7764] netlink: 24 bytes leftover after parsing attributes in process `syz.1.579'. [ 453.817304][ T7764] sp0: Synchronizing with TNC [ 453.837685][ T7764] [U] éè [ 453.851034][ T7771] sch_tbf: peakrate 7 is lower than or equals to rate 7 ! [ 454.072904][ T7784] netlink: 32 bytes leftover after parsing attributes in process `syz.1.585'. [ 454.079812][ T7784] netlink: 32 bytes leftover after parsing attributes in process `syz.1.585'. [ 454.205401][ T7791] netlink: 32 bytes leftover after parsing attributes in process `syz.0.588'. [ 454.209648][ T7791] netlink: 4 bytes leftover after parsing attributes in process `syz.0.588'. [ 454.435157][ T7804] netlink: 'syz.1.593': attribute type 29 has an invalid length. [ 454.440462][ T7804] netlink: 'syz.1.593': attribute type 29 has an invalid length. [ 454.558035][ T7809] netlink: 104 bytes leftover after parsing attributes in process `syz.1.595'. [ 454.808690][ T10] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 454.835455][ T7823] netlink: 24 bytes leftover after parsing attributes in process `syz.3.602'. [ 454.908563][ T1342] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 454.944948][ T7829] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 454.958567][ T10] usb 5-1: Using ep0 maxpacket: 32 [ 454.961487][ T10] usb 5-1: config index 0 descriptor too short (expected 29220, got 36) [ 454.964045][ T10] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 454.966631][ T10] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 454.969822][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 454.972785][ T10] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 454.975576][ T10] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 454.979884][ T10] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 454.982724][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 454.997008][ T10] usb 5-1: config 0 descriptor?? [ 455.058361][ T1342] usb 7-1: Using ep0 maxpacket: 16 [ 455.063166][ T1342] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 455.071836][ T1342] usb 7-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 455.075501][ T1342] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 455.078771][ T1342] usb 7-1: Product: syz [ 455.080439][ T1342] usb 7-1: Manufacturer: syz [ 455.082321][ T1342] usb 7-1: SerialNumber: syz [ 455.087715][ T1342] usb 7-1: config 0 descriptor?? [ 455.094869][ T1342] em28xx 7-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 455.097665][ T1342] em28xx 7-1:0.0: DVB interface 0 found: bulk [ 455.182728][ T7837] xt_CT: No such helper "pptp" [ 455.211834][ T10] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 12 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 455.226950][ T7840] netlink: 8 bytes leftover after parsing attributes in process `syz.3.607'. [ 455.262413][ T7840] 8021q: adding VLAN 0 to HW filter on device bond4 [ 455.271055][ T7840] F2FS-fs: Conflicting test_dummy_encryption options [ 455.410329][ T7849] vxcan1: entered promiscuous mode [ 455.416417][ T10] usb 5-1: USB disconnect, device number 12 [ 455.426114][ T7849] Attempt to restore checkpoint with obsolete wellknown handles [ 455.430377][ T10] usblp0: removed [ 455.697407][ T1342] em28xx 7-1:0.0: unknown em28xx chip ID (0) [ 455.996743][ T7860] bridge0: port 2(bridge_slave_1) entered disabled state [ 456.000014][ T7860] bridge0: port 1(bridge_slave_0) entered disabled state [ 456.100753][ T7860] bridge_slave_0: left allmulticast mode [ 456.103243][ T7860] bridge_slave_0: left promiscuous mode [ 456.105787][ T7860] bridge0: port 1(bridge_slave_0) entered disabled state [ 456.127404][ T41] kauditd_printk_skb: 6 callbacks suppressed [ 456.127492][ T41] audit: type=1400 audit(1776695098.198:993): avc: denied { read write } for pid=7872 comm="syz.3.620" name="file0" dev="9p" ino=74473875 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 456.136966][ T7860] bridge_slave_1: left allmulticast mode [ 456.141423][ T41] audit: type=1400 audit(1776695098.198:994): avc: denied { open } for pid=7872 comm="syz.3.620" path="/149/file0/file0" dev="9p" ino=74473875 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 456.148537][ T7860] bridge0: port 2(bridge_slave_1) entered disabled state [ 456.183071][ T7860] bond0: (slave bond_slave_0): Releasing backup interface [ 456.210232][ T7860] bond0: (slave bond_slave_1): Releasing backup interface [ 456.218704][ T7860] team0: Port device team_slave_0 removed [ 456.242997][ T7860] team0: Port device team_slave_1 removed [ 456.253224][ T7860] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 456.258673][ T7860] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 456.267529][ T7860] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 456.272556][ T7860] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 456.284081][ T7860] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 456.375663][ T41] audit: type=1400 audit(1776695098.448:995): avc: denied { ioctl } for pid=7876 comm="syz.1.622" path="socket:[27752]" dev="sockfs" ino=27752 ioctlcmd=0x745a scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 456.391198][ T1342] em28xx 7-1:0.0: failed to get i2c transfer status from bridge register (error=-5) [ 456.394431][ T1342] em28xx 7-1:0.0: board has no eeprom [ 456.396354][ T7880] FAULT_INJECTION: forcing a failure. [ 456.396354][ T7880] name failslab, interval 1, probability 0, space 0, times 0 [ 456.401872][ T7880] CPU: 3 UID: 0 PID: 7880 Comm: syz.3.621 Tainted: G L syzkaller #0 PREEMPT(full) [ 456.401903][ T7880] Tainted: [L]=SOFTLOCKUP [ 456.401910][ T7880] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 456.401922][ T7880] Call Trace: [ 456.401930][ T7880] [ 456.401938][ T7880] dump_stack_lvl+0x100/0x190 [ 456.401968][ T7880] should_fail_ex.cold+0x5/0xa [ 456.401994][ T7880] should_failslab+0xc2/0x120 [ 456.402017][ T7880] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 456.402046][ T7880] ? __alloc_skb+0x140/0x710 [ 456.402331][ T7880] ? __alloc_skb+0x5b7/0x710 [ 456.402354][ T7880] __alloc_skb+0x140/0x710 [ 456.402371][ T7880] ? __alloc_skb+0x5b7/0x710 [ 456.402389][ T7880] ? __pfx___alloc_skb+0x10/0x10 [ 456.402413][ T7880] netlink_ack+0x117/0xb80 [ 456.402638][ T7880] ? avc_has_perm_noaudit+0x145/0x3b0 [ 456.402672][ T7880] netlink_rcv_skb+0x333/0x420 [ 456.402699][ T7880] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 456.402741][ T7880] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 456.402773][ T7880] ? ns_capable+0xd2/0xf0 [ 456.402797][ T7880] nfnetlink_rcv+0x1b3/0x440 [ 456.402814][ T7880] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 456.402831][ T7880] ? netlink_deliver_tap+0x1ae/0xcc0 [ 456.402855][ T7880] netlink_unicast+0x585/0x850 [ 456.402880][ T7880] ? __pfx_netlink_unicast+0x10/0x10 [ 456.402907][ T7880] netlink_sendmsg+0x8b0/0xda0 [ 456.402932][ T7880] ? __pfx_netlink_sendmsg+0x10/0x10 [ 456.402952][ T7880] ? __might_fault+0x90/0x140 [ 456.402982][ T7880] ____sys_sendmsg+0x9e1/0xb70 [ 456.403002][ T7880] ? __pfx_netlink_sendmsg+0x10/0x10 [ 456.403026][ T7880] ? __pfx_____sys_sendmsg+0x10/0x10 [ 456.403056][ T7880] ___sys_sendmsg+0x190/0x1e0 [ 456.403085][ T7880] ? __pfx____sys_sendmsg+0x10/0x10 [ 456.403133][ T7880] __sys_sendmsg+0x170/0x220 [ 456.403150][ T7880] ? __pfx___sys_sendmsg+0x10/0x10 [ 456.403176][ T7880] ? rcu_is_watching+0x12/0xc0 [ 456.403202][ T7880] do_syscall_64+0x10b/0xf80 [ 456.403218][ T7880] ? clear_bhb_loop+0x40/0x90 [ 456.403238][ T7880] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 456.403254][ T7880] RIP: 0033:0x7f753d59c819 [ 456.403269][ T7880] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 456.403285][ T7880] RSP: 002b:00007f753e45f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 456.403302][ T7880] RAX: ffffffffffffffda RBX: 00007f753d815fa0 RCX: 00007f753d59c819 [ 456.403312][ T7880] RDX: 0000000000004000 RSI: 0000200000000440 RDI: 0000000000000003 [ 456.403321][ T7880] RBP: 00007f753e45f090 R08: 0000000000000000 R09: 0000000000000000 [ 456.403331][ T7880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 456.403341][ T7880] R13: 00007f753d816038 R14: 00007f753d815fa0 R15: 00007ffc8159dee8 [ 456.403363][ T7880] [ 456.598896][ T7817] em28xx 7-1:0.0: read from i2c device at 0x482c failed with unknown error (status=119) [ 456.858355][ T1342] em28xx 7-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 456.860940][ T1342] em28xx 7-1:0.0: dvb set to bulk mode. [ 456.867191][ T10] em28xx 7-1:0.0: Binding DVB extension [ 456.870109][ T1342] usb 7-1: USB disconnect, device number 7 [ 456.877437][ T1342] em28xx 7-1:0.0: Disconnecting em28xx [ 456.898686][ T10] em28xx 7-1:0.0: Registering input extension [ 456.901354][ T1342] em28xx 7-1:0.0: Closing input extension [ 456.911013][ T1342] em28xx 7-1:0.0: Freeing device [ 456.988656][ T6160] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 457.138338][ T6160] usb 8-1: Using ep0 maxpacket: 32 [ 457.142475][ T6160] usb 8-1: config index 0 descriptor too short (expected 29220, got 36) [ 457.146064][ T6160] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 457.149780][ T6160] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 457.153584][ T6160] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 457.157659][ T6160] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 457.163172][ T6160] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 457.168418][ T6160] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 457.172045][ T6160] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 457.177808][ T6160] usb 8-1: config 0 descriptor?? [ 457.386775][ T6160] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 7 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 457.402841][ T7921] FAULT_INJECTION: forcing a failure. [ 457.402841][ T7921] name failslab, interval 1, probability 0, space 0, times 0 [ 457.407982][ T7921] CPU: 1 UID: 0 PID: 7921 Comm: syz.2.635 Tainted: G L syzkaller #0 PREEMPT(full) [ 457.408001][ T7921] Tainted: [L]=SOFTLOCKUP [ 457.408005][ T7921] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 457.408012][ T7921] Call Trace: [ 457.408017][ T7921] [ 457.408022][ T7921] dump_stack_lvl+0x100/0x190 [ 457.408040][ T7921] should_fail_ex.cold+0x5/0xa [ 457.408056][ T7921] should_failslab+0xc2/0x120 [ 457.408073][ T7921] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 457.408109][ T7921] ? dst_alloc+0x99/0x1a0 [ 457.408139][ T7921] ? __pfx_ip6_dst_gc+0x10/0x10 [ 457.408158][ T7921] dst_alloc+0x99/0x1a0 [ 457.408176][ T7921] ip6_pol_route+0x948/0x1230 [ 457.408194][ T7921] ? __pfx_ip6_pol_route+0x10/0x10 [ 457.408209][ T7921] ? ip6t_do_table+0xbed/0x1c90 [ 457.408224][ T7921] ? __local_bh_enable_ip+0x9e/0x120 [ 457.408241][ T7921] ? ip6t_do_table+0xc1d/0x1c90 [ 457.408261][ T7921] ? __pfx_ip6_pol_route_input+0x10/0x10 [ 457.408277][ T7921] fib6_rule_lookup+0x52f/0x720 [ 457.408292][ T7921] ? __pfx_fib6_rule_lookup+0x10/0x10 [ 457.408307][ T7921] ? __pfx_ip6t_do_table+0x10/0x10 [ 457.408322][ T7921] ? nf_nat_ipv6_fn+0xff/0x2d0 [ 457.408335][ T7921] ? __pfx_nf_nat_ipv6_fn+0x10/0x10 [ 457.408349][ T7921] ip6_route_input+0x662/0xc50 [ 457.408367][ T7921] ? __pfx_ip6_route_input+0x10/0x10 [ 457.408459][ T7921] ? __pfx_nf_nat_ipv6_in+0x10/0x10 [ 457.408473][ T7921] ? find_held_lock+0x2b/0x80 [ 457.408483][ T7921] ? nf_hook.constprop.0+0x2d9/0x750 [ 457.408523][ T7921] ? nf_hook.constprop.0+0x2e3/0x750 [ 457.408540][ T7921] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 457.408557][ T7921] ? udp_v6_early_demux+0x4a8/0xfd0 [ 457.408572][ T7921] ip6_rcv_finish_core.isra.0+0x1b1/0x1260 [ 457.408594][ T7921] ipv6_rcv+0x1e8/0x3d0 [ 457.408611][ T7921] ? __pfx_ipv6_rcv+0x10/0x10 [ 457.408627][ T7921] __netif_receive_skb_one_core+0x12d/0x1e0 [ 457.408646][ T7921] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 457.408664][ T7921] ? lock_acquire+0x1b1/0x370 [ 457.408680][ T7921] __netif_receive_skb+0x1f/0x120 [ 457.408698][ T7921] netif_receive_skb+0x13b/0x7f0 [ 457.408713][ T7921] ? tun_build_skb.constprop.0+0x9b5/0x18f0 [ 457.408795][ T7921] ? __pfx_netif_receive_skb+0x10/0x10 [ 457.408817][ T7921] tun_rx_batched.isra.0+0x3f6/0x750 [ 457.408835][ T7921] ? __pfx_tun_rx_batched.isra.0+0x10/0x10 [ 457.408854][ T7921] ? rcu_is_watching+0x12/0xc0 [ 457.408870][ T7921] ? tun_get_user+0x1cc8/0x3c20 [ 457.408889][ T7921] tun_get_user+0x1e31/0x3c20 [ 457.408911][ T7921] ? __pfx_tun_get_user+0x10/0x10 [ 457.408929][ T7921] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 457.409006][ T7921] ? find_held_lock+0x2b/0x80 [ 457.409016][ T7921] ? tun_get+0x191/0x370 [ 457.409030][ T7921] ? tun_get+0x191/0x370 [ 457.409048][ T7921] tun_chr_write_iter+0xdc/0x200 [ 457.409067][ T7921] vfs_write+0x6ac/0x1070 [ 457.409079][ T7921] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 457.409102][ T7921] ? __pfx_vfs_write+0x10/0x10 [ 457.409112][ T7921] ? find_held_lock+0x2b/0x80 [ 457.409129][ T7921] ksys_write+0x12a/0x250 [ 457.409140][ T7921] ? __pfx_ksys_write+0x10/0x10 [ 457.409152][ T7921] ? rcu_is_watching+0x12/0xc0 [ 457.409170][ T7921] do_syscall_64+0x10b/0xf80 [ 457.409181][ T7921] ? clear_bhb_loop+0x40/0x90 [ 457.409195][ T7921] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 457.409207][ T7921] RIP: 0033:0x7f758ab5d04e [ 457.409218][ T7921] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 457.409229][ T7921] RSP: 002b:00007f758bb33fb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 457.409241][ T7921] RAX: ffffffffffffffda RBX: 00007f758bb346c0 RCX: 00007f758ab5d04e [ 457.409248][ T7921] RDX: 0000000000000046 RSI: 00002000000004c0 RDI: 00000000000000c8 [ 457.409254][ T7921] RBP: 00007f758bb34090 R08: 0000000000000000 R09: 0000000000000000 [ 457.409260][ T7921] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 457.409266][ T7921] R13: 00007f758ae16038 R14: 00007f758ae15fa0 R15: 00007fff509d12f8 [ 457.409280][ T7921] [ 457.587315][ T54] usb 8-1: USB disconnect, device number 7 [ 457.592400][ T54] usblp0: removed [ 457.916828][ T7935] snd_dummy snd_dummy.0: control 0:7:3:syz0:7 is already present [ 457.925916][ T7935] netlink: 'syz.0.639': attribute type 1 has an invalid length. [ 457.929517][ T7935] fuse: Unknown parameter '00000000000000000000011' [ 457.981472][ T41] audit: type=1400 audit(1776695100.053:996): avc: denied { watch watch_reads } for pid=7940 comm="syz.1.642" path="/159" dev="tmpfs" ino=875 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 458.024099][ T7948] FAULT_INJECTION: forcing a failure. [ 458.024099][ T7948] name failslab, interval 1, probability 0, space 0, times 0 [ 458.028794][ T7948] CPU: 1 UID: 0 PID: 7948 Comm: syz.1.645 Tainted: G L syzkaller #0 PREEMPT(full) [ 458.028813][ T7948] Tainted: [L]=SOFTLOCKUP [ 458.028817][ T7948] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 458.028823][ T7948] Call Trace: [ 458.028829][ T7948] [ 458.028834][ T7948] dump_stack_lvl+0x100/0x190 [ 458.028851][ T7948] should_fail_ex.cold+0x5/0xa [ 458.028867][ T7948] should_failslab+0xc2/0x120 [ 458.028878][ T7948] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 458.028898][ T7948] ? skb_clone+0x190/0x400 [ 458.028913][ T7948] skb_clone+0x190/0x400 [ 458.028924][ T7948] bpf_clone_redirect+0x166/0x500 [ 458.028938][ T7948] ? __pfx___cant_migrate+0x10/0x10 [ 458.028953][ T7948] bpf_prog_8dc8bbec83c669e7+0x22/0x2a [ 458.028963][ T7948] bpf_test_run+0x39c/0xa40 [ 458.028978][ T7948] ? bpf_test_run+0x1c6/0xa40 [ 458.028992][ T7948] ? __pfx_bpf_test_run+0x10/0x10 [ 458.029009][ T7948] ? do_csum+0x1e5/0x380 [ 458.029034][ T7948] bpf_prog_test_run_skb+0x15c4/0x3540 [ 458.029056][ T7948] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 458.029073][ T7948] ? fput+0x79/0x100 [ 458.029088][ T7948] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 458.029103][ T7948] __sys_bpf+0x1725/0x4b90 [ 458.029122][ T7948] ? __pfx___sys_bpf+0x10/0x10 [ 458.029138][ T7948] ? proc_fail_nth_write+0x9f/0x220 [ 458.029149][ T7948] ? find_held_lock+0x2b/0x80 [ 458.029160][ T7948] ? find_held_lock+0x2b/0x80 [ 458.029170][ T7948] ? ksys_write+0x190/0x250 [ 458.029180][ T7948] ? ksys_write+0x190/0x250 [ 458.029192][ T7948] ? __mutex_unlock_slowpath+0x15d/0x8a0 [ 458.029205][ T7948] ? kernel_write+0x5e3/0x6c0 [ 458.029215][ T7948] ? __fget_files+0x215/0x3d0 [ 458.029234][ T7948] ? fput+0x79/0x100 [ 458.029248][ T7948] ? ksys_write+0x1ac/0x250 [ 458.029258][ T7948] ? __pfx_ksys_write+0x10/0x10 [ 458.029271][ T7948] __x64_sys_bpf+0x7b/0xc0 [ 458.029288][ T7948] ? lockdep_hardirqs_on+0x78/0x100 [ 458.029306][ T7948] do_syscall_64+0x10b/0xf80 [ 458.029315][ T7948] ? clear_bhb_loop+0x40/0x90 [ 458.029328][ T7948] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 458.029340][ T7948] RIP: 0033:0x7fbef199c819 [ 458.029349][ T7948] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 458.029360][ T7948] RSP: 002b:00007fbef27d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 458.029371][ T7948] RAX: ffffffffffffffda RBX: 00007fbef1c15fa0 RCX: 00007fbef199c819 [ 458.029378][ T7948] RDX: 0000000000000050 RSI: 00002000000003c0 RDI: 000000000000000a [ 458.029385][ T7948] RBP: 00007fbef27d5090 R08: 0000000000000000 R09: 0000000000000000 [ 458.029391][ T7948] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 458.029397][ T7948] R13: 00007fbef1c16038 R14: 00007fbef1c15fa0 R15: 00007ffc2e0760b8 [ 458.029410][ T7948] [ 458.197833][ T6025] Bluetooth: hci0: Dropping invalid advertising data [ 458.200970][ T6025] Bluetooth: hci0: Dropping invalid advertising data [ 458.203706][ T6025] Bluetooth: hci0: Malformed LE Event: 0x02 [ 458.215680][ T41] audit: type=1400 audit(1776695100.283:997): avc: denied { write } for pid=7956 comm="syz.2.649" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 458.215968][ T7957] ALSA: mixer_oss: invalid OSS volume '00000000000000000000003' [ 458.274731][ T7961] tap0: tun_chr_ioctl cmd 1074025676 [ 458.276485][ T7961] tap0: owner set to 0 [ 458.279212][ T7965] set match dimension is over the limit! [ 458.328164][ T7968] MINIX-fs: blocksize too small for device [ 458.330404][ T7964] kvm: vcpu 2: requested 148514 ns lapic timer period limited to 200000 ns [ 458.334328][ T7964] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (200000 ns). Using initial count to start timer. [ 458.528133][ T7980] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 458.532688][ T7980] block device autoloading is deprecated and will be removed. [ 458.588405][ T1342] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 458.642851][ T6025] Bluetooth: hci0: unexpected event for opcode 0x1804 [ 458.718325][ T1342] usb 8-1: device descriptor read/64, error -71 [ 458.958320][ T1342] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 459.088335][ T1342] usb 8-1: device descriptor read/64, error -71 [ 459.199647][ T1342] usb usb8-port1: attempt power cycle [ 459.247448][ T8004] 0x000000000000-0x000000020003 : "" [ 459.250365][ T8004] mtd: partition "" extends beyond the end of device "mtdram test device" -- size truncated to 0x20000 [ 459.254766][ T8004] FAULT_INJECTION: forcing a failure. [ 459.254766][ T8004] name failslab, interval 1, probability 0, space 0, times 0 [ 459.260247][ T8004] CPU: 2 UID: 0 PID: 8004 Comm: syz.2.667 Tainted: G L syzkaller #0 PREEMPT(full) [ 459.260274][ T8004] Tainted: [L]=SOFTLOCKUP [ 459.260280][ T8004] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 459.260290][ T8004] Call Trace: [ 459.260297][ T8004] [ 459.260305][ T8004] dump_stack_lvl+0x100/0x190 [ 459.260331][ T8004] should_fail_ex.cold+0x5/0xa [ 459.260353][ T8004] should_failslab+0xc2/0x120 [ 459.260371][ T8004] __kmalloc_cache_noprof+0x7a/0x6f0 [ 459.260391][ T8004] ? device_add+0xd3a/0x1950 [ 459.260522][ T8004] ? __pfx___debug_object_init+0x10/0x10 [ 459.260602][ T8004] ? do_raw_spin_lock+0x128/0x260 [ 459.260628][ T8004] device_add+0xd3a/0x1950 [ 459.260651][ T8004] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 459.260669][ T8004] ? lockdep_init_map_type+0x5c/0x250 [ 459.260690][ T8004] ? __pfx_device_add+0x10/0x10 [ 459.260711][ T8004] ? lockdep_init_map_type+0x5c/0x250 [ 459.260732][ T8004] ? __init_waitqueue_head+0xca/0x150 [ 459.260761][ T8004] add_mtd_device+0x928/0x17a0 [ 459.260838][ T8004] ? __pfx_add_mtd_device+0x10/0x10 [ 459.260864][ T8004] mtd_add_partition+0x30a/0x660 [ 459.260886][ T8004] ? __pfx_mtd_add_partition+0x10/0x10 [ 459.260905][ T8004] ? __might_fault+0xc5/0x140 [ 459.260927][ T8004] ? __might_fault+0xc5/0x140 [ 459.260957][ T8004] mtdchar_blkpg_ioctl+0x207/0x250 [ 459.260979][ T8004] ? __pfx_mtdchar_blkpg_ioctl+0x10/0x10 [ 459.261020][ T8004] mtdchar_ioctl+0x1670/0x1fd0 [ 459.261046][ T8004] ? __pfx_mtdchar_ioctl+0x10/0x10 [ 459.261074][ T8004] ? lock_acquire+0x1b1/0x370 [ 459.261099][ T8004] ? trace_contention_end+0x122/0x170 [ 459.261122][ T8004] ? mtdchar_unlocked_ioctl+0xa2/0xf0 [ 459.261146][ T8004] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 459.261163][ T8004] ? __pfx___mutex_lock+0x10/0x10 [ 459.261198][ T8004] mtdchar_unlocked_ioctl+0xb0/0xf0 [ 459.261219][ T8004] ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10 [ 459.261243][ T8004] __x64_sys_ioctl+0x18e/0x210 [ 459.261260][ T8004] do_syscall_64+0x10b/0xf80 [ 459.261275][ T8004] ? clear_bhb_loop+0x40/0x90 [ 459.261296][ T8004] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 459.261312][ T8004] RIP: 0033:0x7f758ab9c819 [ 459.261328][ T8004] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 459.261343][ T8004] RSP: 002b:00007f758bb34028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 459.261361][ T8004] RAX: ffffffffffffffda RBX: 00007f758ae15fa0 RCX: 00007f758ab9c819 [ 459.261371][ T8004] RDX: 00002000000000c0 RSI: 0000000000001269 RDI: 0000000000000004 [ 459.261381][ T8004] RBP: 00007f758bb34090 R08: 0000000000000000 R09: 0000000000000000 [ 459.261390][ T8004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 459.261399][ T8004] R13: 00007f758ae16038 R14: 00007f758ae15fa0 R15: 00007fff509d12f8 [ 459.261436][ T8004] [ 459.263357][ T8004] ------------[ cut here ]------------ [ 459.379425][ T8004] !list_empty(&mtd->part.node) [ 459.379466][ T8004] WARNING: drivers/mtd/mtdpart.c:38 at release_mtd_partition+0x71/0x90, CPU#2: syz.2.667/8004 [ 459.385898][ T8004] Modules linked in: [ 459.387889][ T8004] CPU: 2 UID: 0 PID: 8004 Comm: syz.2.667 Tainted: G L syzkaller #0 PREEMPT(full) [ 459.392429][ T8004] Tainted: [L]=SOFTLOCKUP [ 459.392628][ T41] audit: type=1326 audit(1776695101.463:998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8006 comm="syz.0.668" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff9a319c819 code=0x0 [ 459.394261][ T8004] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 459.394285][ T8004] RIP: 0010:release_mtd_partition+0x71/0x90 [ 459.407806][ T8004] Code: 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 1e 48 8b 7b 38 e8 6f 92 d8 fb 48 89 df 5b 5d e9 65 92 d8 fb e8 e0 ab 76 fb 90 <0f> 0b 90 eb c2 e8 15 65 e4 fb eb db 48 89 ef e8 0b 65 e4 fb eb a5 [ 459.415700][ T8004] RSP: 0018:ffffc9000397f818 EFLAGS: 00010293 [ 459.417928][ T8004] RAX: 0000000000000000 RBX: ffff888059ea5000 RCX: ffffffff8b943117 [ 459.421180][ T8004] RDX: ffff888058c80000 RSI: ffffffff8692cda0 RDI: ffff888059ea5000 [ 459.424447][ T8004] RBP: ffff888059ea56a8 R08: 0000000000000001 R09: 0000000000000001 [ 459.427286][ T8004] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000 [ 459.430646][ T8004] R13: dffffc0000000000 R14: ffff888056fb9b00 R15: 0000000000000000 [ 459.433920][ T8004] FS: 00007f758bb346c0(0000) GS:ffff8880d64e7000(0000) knlGS:0000000000000000 [ 459.437575][ T8004] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 459.440652][ T8004] CR2: 00007f758bb13d58 CR3: 000000002f31f000 CR4: 0000000000352ef0 [ 459.443572][ T8004] Call Trace: [ 459.445012][ T8004] [ 459.446294][ T8004] mtd_release+0xa0/0xd0 [ 459.448435][ T8004] ? __pfx_mtd_release+0x10/0x10 [ 459.450524][ T8004] device_release+0xd2/0x270 [ 459.452467][ T8004] kobject_put+0x1f7/0x640 [ 459.454380][ T8004] put_device+0x1f/0x30 [ 459.456128][ T8004] add_mtd_device+0xbd7/0x17a0 [ 459.458176][ T8004] ? __pfx_add_mtd_device+0x10/0x10 [ 459.460445][ T8004] mtd_add_partition+0x30a/0x660 [ 459.462603][ T8004] ? __pfx_mtd_add_partition+0x10/0x10 [ 459.464886][ T8004] ? __might_fault+0xc5/0x140 [ 459.466861][ T8004] ? __might_fault+0xc5/0x140 [ 459.469041][ T8004] mtdchar_blkpg_ioctl+0x207/0x250 [ 459.471192][ T8004] ? __pfx_mtdchar_blkpg_ioctl+0x10/0x10 [ 459.473589][ T8004] mtdchar_ioctl+0x1670/0x1fd0 [ 459.475601][ T8004] ? __pfx_mtdchar_ioctl+0x10/0x10 [ 459.477728][ T8004] ? lock_acquire+0x1b1/0x370 [ 459.479806][ T8004] ? trace_contention_end+0x122/0x170 [ 459.482117][ T8004] ? mtdchar_unlocked_ioctl+0xa2/0xf0 [ 459.484349][ T8004] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 459.486455][ T8004] ? __pfx___mutex_lock+0x10/0x10 [ 459.488670][ T8004] mtdchar_unlocked_ioctl+0xb0/0xf0 [ 459.490840][ T8004] ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10 [ 459.493298][ T8004] __x64_sys_ioctl+0x18e/0x210 [ 459.495295][ T8004] do_syscall_64+0x10b/0xf80 [ 459.497228][ T8004] ? clear_bhb_loop+0x40/0x90 [ 459.499387][ T8004] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 459.501894][ T8004] RIP: 0033:0x7f758ab9c819 [ 459.503768][ T8004] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 459.511663][ T8004] RSP: 002b:00007f758bb34028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 459.515151][ T8004] RAX: ffffffffffffffda RBX: 00007f758ae15fa0 RCX: 00007f758ab9c819 [ 459.518553][ T8004] RDX: 00002000000000c0 RSI: 0000000000001269 RDI: 0000000000000004 [ 459.521862][ T8004] RBP: 00007f758bb34090 R08: 0000000000000000 R09: 0000000000000000 [ 459.524225][ T41] audit: type=1400 audit(1776695101.593:999): avc: denied { create } for pid=8006 comm="syz.0.668" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 459.525118][ T8004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 459.525132][ T8004] R13: 00007f758ae16038 R14: 00007f758ae15fa0 R15: 00007fff509d12f8 [ 459.525158][ T8004] [ 459.525170][ T8004] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 459.525187][ T8004] CPU: 2 UID: 0 PID: 8004 Comm: syz.2.667 Tainted: G L syzkaller #0 PREEMPT(full) [ 459.525209][ T8004] Tainted: [L]=SOFTLOCKUP [ 459.525216][ T8004] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 459.525227][ T8004] Call Trace: [ 459.525234][ T8004] [ 459.525241][ T8004] dump_stack_lvl+0x100/0x190 [ 459.525266][ T8004] vpanic+0x552/0x970 [ 459.525284][ T8004] ? __pfx_vpanic+0x10/0x10 [ 459.525306][ T8004] panic+0xd1/0xe0 [ 459.525322][ T8004] ? __pfx_panic+0x10/0x10 [ 459.525345][ T8004] ? check_panic_on_warn+0x1f/0x90 [ 459.525366][ T8004] check_panic_on_warn.cold+0x19/0x34 [ 459.525384][ T8004] ? release_mtd_partition+0x71/0x90 [ 459.525406][ T8004] __warn.cold+0x191/0x328 [ 459.525425][ T8004] __report_bug+0x296/0x3d0 [ 459.525452][ T8004] ? release_mtd_partition+0x71/0x90 [ 459.525474][ T8004] ? __pfx___report_bug+0x10/0x10 [ 459.525504][ T8004] ? dump_stack_lvl+0x16c/0x190 [ 459.525521][ T8004] ? dump_stack_lvl+0x176/0x190 [ 459.525537][ T8004] ? delete_node+0x20a/0x8f0 [ 459.525560][ T8004] ? release_mtd_partition+0x71/0x90 [ 459.525582][ T8004] report_bug+0xb2/0x220 [ 459.525605][ T8004] ? release_mtd_partition+0x71/0x90 [ 459.525627][ T8004] handle_bug+0x16a/0x2a0 [ 459.525645][ T8004] exc_invalid_op+0x17/0x50 [ 459.525663][ T8004] asm_exc_invalid_op+0x1a/0x20 [ 459.525680][ T8004] RIP: 0010:release_mtd_partition+0x71/0x90 [ 459.525703][ T8004] Code: 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 1e 48 8b 7b 38 e8 6f 92 d8 fb 48 89 df 5b 5d e9 65 92 d8 fb e8 e0 ab 76 fb 90 <0f> 0b 90 eb c2 e8 15 65 e4 fb eb db 48 89 ef e8 0b 65 e4 fb eb a5 [ 459.525719][ T8004] RSP: 0018:ffffc9000397f818 EFLAGS: 00010293 [ 459.525734][ T8004] RAX: 0000000000000000 RBX: ffff888059ea5000 RCX: ffffffff8b943117 [ 459.525745][ T8004] RDX: ffff888058c80000 RSI: ffffffff8692cda0 RDI: ffff888059ea5000 [ 459.525756][ T8004] RBP: ffff888059ea56a8 R08: 0000000000000001 R09: 0000000000000001 [ 459.525766][ T8004] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000 [ 459.525776][ T8004] R13: dffffc0000000000 R14: ffff888056fb9b00 R15: 0000000000000000 [ 459.525792][ T8004] ? delete_node+0x417/0x8f0 [ 459.525812][ T8004] ? release_mtd_partition+0x70/0x90 [ 459.525837][ T8004] ? release_mtd_partition+0x70/0x90 [ 459.525859][ T8004] mtd_release+0xa0/0xd0 [ 459.525881][ T8004] ? __pfx_mtd_release+0x10/0x10 [ 459.525902][ T8004] device_release+0xd2/0x270 [ 459.525920][ T8004] kobject_put+0x1f7/0x640 [ 459.525941][ T8004] put_device+0x1f/0x30 [ 459.525956][ T8004] add_mtd_device+0xbd7/0x17a0 [ 459.525982][ T8004] ? __pfx_add_mtd_device+0x10/0x10 [ 459.526007][ T8004] mtd_add_partition+0x30a/0x660 [ 459.526030][ T8004] ? __pfx_mtd_add_partition+0x10/0x10 [ 459.526050][ T8004] ? __might_fault+0xc5/0x140 [ 459.526077][ T8004] ? __might_fault+0xc5/0x140 [ 459.526109][ T8004] mtdchar_blkpg_ioctl+0x207/0x250 [ 459.526132][ T8004] ? __pfx_mtdchar_blkpg_ioctl+0x10/0x10 [ 459.526173][ T8004] mtdchar_ioctl+0x1670/0x1fd0 [ 459.526200][ T8004] ? __pfx_mtdchar_ioctl+0x10/0x10 [ 459.526224][ T8004] ? lock_acquire+0x1b1/0x370 [ 459.526250][ T8004] ? trace_contention_end+0x122/0x170 [ 459.526274][ T8004] ? mtdchar_unlocked_ioctl+0xa2/0xf0 [ 459.526298][ T8004] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 459.526317][ T8004] ? __pfx___mutex_lock+0x10/0x10 [ 459.526350][ T8004] mtdchar_unlocked_ioctl+0xb0/0xf0 [ 459.526373][ T8004] ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10 [ 459.526398][ T8004] __x64_sys_ioctl+0x18e/0x210 [ 459.526416][ T8004] do_syscall_64+0x10b/0xf80 [ 459.526431][ T8004] ? clear_bhb_loop+0x40/0x90 [ 459.526451][ T8004] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 459.526469][ T8004] RIP: 0033:0x7f758ab9c819 [ 459.526483][ T8004] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 459.526499][ T8004] RSP: 002b:00007f758bb34028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 459.526514][ T8004] RAX: ffffffffffffffda RBX: 00007f758ae15fa0 RCX: 00007f758ab9c819 [ 459.526526][ T8004] RDX: 00002000000000c0 RSI: 0000000000001269 RDI: 0000000000000004 [ 459.526536][ T8004] RBP: 00007f758bb34090 R08: 0000000000000000 R09: 0000000000000000 [ 459.526546][ T8004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 459.526556][ T8004] R13: 00007f758ae16038 R14: 00007f758ae15fa0 R15: 00007fff509d12f8 [ 459.526578][ T8004] [ 459.531727][ T8004] Kernel Offset: disabled