last executing test programs: 3.640968535s ago: executing program 2 (id=1355): ioctl$KVM_SET_GUEST_DEBUG_x86(0xffffffffffffffff, 0x4048ae9b, &(0x7f0000000080)={0x80003, 0x0, {[0x94f, 0xfffffffffffffffc, 0x40, 0x389831d1, 0x7, 0x8, 0x40, 0xd]}}) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]}) r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xe45, 0x9, 0xfffffffffffffffd, 0x10000000, 0x10000, 0x3, 0x4002004c2, 0x7ff, 0x1, 0x0, 0x400, 0x80, 0x88, 0x0, 0x8, 0x8d], 0xeeee8000, 0x240046}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r5, 0x4138ae84, &(0x7f0000000280)={{0x1, 0x5000, 0xc, 0x9, 0x4, 0xa, 0x3, 0xa, 0x0, 0x1, 0xc, 0x3}, {0x2, 0x80a0000, 0xe, 0x13, 0x1, 0x8, 0x3, 0x7, 0x0, 0x46, 0x2}, {0x54000, 0xb000, 0x4, 0xb, 0x5, 0x3, 0xc3, 0x6, 0x3, 0x6, 0x5, 0x3}, {0xeeef0000, 0x0, 0x1a, 0x1, 0x7f, 0x6, 0x8, 0x7f, 0x9, 0x2, 0x1, 0x6}, {0x1, 0x3000, 0x0, 0xd, 0x59, 0x29, 0x5, 0xc, 0xfc, 0x0, 0xf8, 0xe5}, {0x3000, 0x8092000, 0x8, 0xbd, 0x6, 0x10, 0x10, 0x1, 0xbf, 0x18, 0x2, 0x4}, {0x8000000, 0x800f000, 0xc, 0x9, 0x6, 0xf, 0x10, 0x3, 0x8, 0x0, 0x2, 0x8}, {0xdddd0000, 0xffff, 0x10, 0x4, 0xb8, 0x3, 0x0, 0xf9, 0x1, 0x8, 0x0, 0xfe}, {0x1, 0xedd8}, {0xffff1000, 0x17}, 0x40019, 0x0, 0x2, 0x0, 0x100000000, 0x100, 0x58000, [0x5, 0x4, 0x4, 0x7]}) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000010c0)={[0x60000000007, 0x1000000000, 0x2, 0x3ff, 0x2000001, 0x0, 0x2004cb, 0x9ffffffffffffffc, 0xffff, 0xfffffffffffffff7, 0x599, 0x3, 0x7fffffffffffffff, 0xfffffffffffffffc, 0x0, 0xfffffffffffffffc], 0x1, 0x21044}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 3.426704048s ago: executing program 2 (id=1359): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0xfe, 0x0, 0x7fffffff}]}) syz_usb_connect(0x0, 0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000f3c7c820da059a0095620102030109023400010000000009049200030f6276000905000000000000000705e37e1b82e60905f2020000060000090501"], 0x0) socket$nl_route(0x10, 0x3, 0x0) 3.0309623s ago: executing program 0 (id=1366): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)={0x1, 0x0, [{0x40000002, 0x0, 0x6}]}) r3 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil) r4 = syz_kvm_add_vcpu$x86(r3, &(0x7f0000000080)={0x0, &(0x7f00000001c0)=[@wrmsr={0x65, 0x20, {0x40000000, 0x3}}, @wrmsr={0x65, 0x20, {0x40000001, 0x3f}}], 0x40}) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000740)={0x1, 0x0, [{0x40000001, 0x4, 0x2, 0x31237648, 0x6, 0x2, 0x80}]}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x5, 0x0, 0x20013, 0xb4, 0x9, 0x1000, 0xcf, 0x3, 0x865e, 0x7ffffffffffffffc, 0x3, 0xfffffffffffffffd, 0x3, 0x5, 0x5], 0x0, 0x1019c4}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 2.680174711s ago: executing program 0 (id=1370): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000bfe000/0x400000)=nil) r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000040)={0x0, &(0x7f0000000080)=[@cpuid={0x64, 0x18, {0x7}}], 0x18}) r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r5 = syz_kvm_setup_syzos_vm$x86(r4, &(0x7f0000bfe000/0x400000)=nil) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2) ioctl$KVM_RUN(r8, 0xae80, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) ioctl$KVM_SET_CPUID(r8, 0x4008ae8a, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r8, 0x8040ae9f, &(0x7f0000000100)=@arm64) r9 = syz_kvm_add_vcpu$x86(r5, &(0x7f00000000c0)={0x0, 0x0}) ioctl$KVM_SET_CPUID2(r9, 0x4008ae90, &(0x7f0000000440)={0x1, 0x0, [{0xd, 0x2, 0x2, 0x5, 0x7, 0xffff, 0x4}]}) ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0xda0, 0x0, 0x2}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1.668221054s ago: executing program 0 (id=1381): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000bf9000/0x400000)=nil) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000240)={0x1, 0x0, [{0x490, 0x0, 0xfffeffff}]}) syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f0000bfe000/0x400000)=nil) 1.510833868s ago: executing program 0 (id=1382): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x1000000000, 0x5, 0x41, 0x9, 0x0, 0x2004cb, 0xffffffffffffffff, 0xa1d, 0x68ff, 0x4, 0x0, 0x3, 0xa], 0x10000, 0x202}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.330752195s ago: executing program 0 (id=1384): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000005100)={&(0x7f0000000000), 0xc, &(0x7f00000050c0)={&(0x7f0000000300)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_DELTABLE={0x30, 0x2, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0x7}, [@NFTA_TABLE_USERDATA={0x7, 0x6, "cc6340"}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x2}]}, @NFT_MSG_NEWSETELEM={0x14, 0xc, 0xa, 0xaec9267b2a23aff5, 0x0, 0x0, {0x3, 0x0, 0x7}}, @NFT_MSG_DELSET={0x14, 0xb, 0xa, 0x801, 0x0, 0x0, {0x5, 0x0, 0x6}}, @NFT_MSG_DELTABLE={0x34, 0x2, 0xa, 0x5, 0x0, 0x0, {0x5, 0x0, 0x9}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_USERDATA={0x4}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x3}, @NFTA_TABLE_USERDATA={0x4}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0xb4}, 0x1, 0x0, 0x0, 0xd4}, 0x20040014) 1.330410159s ago: executing program 0 (id=1386): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000000106a053103000000000001090224000100008000090400101c0300010009210000000122f80409058103"], 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newqdisc={0x28, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe, 0xd}}, [@TCA_STAB={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0) 1.170699742s ago: executing program 1 (id=1389): bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x2, 0xf, &(0x7f0000000580)=ANY=[@ANYBLOB="8ab800003f0a0000000000000600000000000000fef1e345a13879f799e59a4101de004e32c1df8bab73630ca57b670a574d6fb7374b322028a1c2e61854bd3dd681365fb25d7cd922b415a408c67ebea9f66d11e2936f03e59af6839e8da000d00f68e69aa3de9090a961421100", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x4, 0x18, 0xffffffffffffffff, 0x0, 0x30, '\x00', 0x0, 0x38, 0xffffffffffffffff, 0x8, 0x0, 0x2, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x26) 1.089723379s ago: executing program 1 (id=1390): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000040)=0x4) ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000080)={0x4, 0xbde, 0x0, &(0x7f0000000180)="a1984ec3aec3fc2e025f90eda6dbc903939aac644fd36f1e65174cae030c42cbacc392851a695f247112e91f059460a2c031929dc0515ac7cd20775ff9da9c2b6cb48968dcd6d8d982c492932c572f084d3af58650d207eec0794b3e47c5678c36b99eed61e1dbac68ce8a79aa21a51202018bdc4a51489844f785887083841d65c129992bbe5a51c71b95a9847d2bdede66c6e3184c386faf938fd6db888e73a5c0dcc69c3de7458e68ed33226a8d1c8e17", 0x0, 0xb2}) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x7, 0x8, 0xc5, 0x0, 0x6, 0x9, 0x4, 0x6, 0x1, 0xf8, 0x0, 0x1, 0x0, 0x3, 0xd1, 0x6, 0x9, 0x4, 0xfe, '\x00', 0x4, 0x4}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 980.770461ms ago: executing program 1 (id=1391): r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x645, 0x9, 0xfffffffffffffffd, 0x10000000, 0x10000, 0x3, 0x400004002004c2, 0x7ff, 0x1, 0x0, 0x404, 0x82, 0x3, 0xfffffffffffffff8, 0x8, 0x8d], 0xeeee8000, 0x240046}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 858.842622ms ago: executing program 1 (id=1392): connect$inet(0xffffffffffffffff, 0x0, 0x0) open(&(0x7f00000001c0)='./file0\x00', 0x80ff, 0x88) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x40) inotify_init1(0x80800) fcntl$setlease(r0, 0x400, 0x1) openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0) creat(0x0, 0x20) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) r1 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) keyctl$set_timeout(0xf, r1, 0x4b2) clock_settime(0x0, &(0x7f0000000240)={0x77359400}) keyctl$KEYCTL_MOVE(0x1e, r1, r1, r1, 0x1) keyctl$read(0xb, r1, 0x0, 0x0) 700.554126ms ago: executing program 3 (id=1394): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x1000000000, 0x5, 0x41, 0x9, 0x0, 0x2004cb, 0xffffffffffffffff, 0xa1d, 0x68ff, 0x4, 0x0, 0x3, 0xa], 0x10000, 0x202}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 618.899457ms ago: executing program 3 (id=1395): r0 = syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f00006dd000/0x400000)=nil) r1 = syz_kvm_add_vcpu$x86(r0, &(0x7f0000000200)={0x0, &(0x7f0000000100)=[@wr_crn={0x67, 0x20, {0x3, 0xed00000000000}}], 0x20}) ioctl$KVM_INTERRUPT(r1, 0x4004ae86, &(0x7f0000000000)=0x6) ioctl$KVM_RUN(r1, 0xae80, 0x0) 618.695864ms ago: executing program 3 (id=1396): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x14, 0x3c, 0x301, 0x70bd24, 0xfffffbf8, {0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x448d3}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000000)="89e7ee2c7cdad9b4b47380c988ca", 0xffbf}], 0x1) 550.786822ms ago: executing program 3 (id=1397): r0 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0x1c0) r1 = landlock_create_ruleset(&(0x7f00000000c0)={0x100}, 0x18, 0x0) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0/file0\x00', 0x204b01, 0x0) landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r1, 0x1, &(0x7f0000000140)={0x100, r2}, 0x0) landlock_restrict_self(r1, 0x4) r3 = landlock_create_ruleset(&(0x7f0000000240)={0x20}, 0x18, 0x0) landlock_restrict_self(r3, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000300)='./file0/file0/file0\x00', 0x81c0, 0x0) unlinkat(0xffffffffffffff9c, &(0x7f0000000340)='./file0/file0/file0\x00', 0x0) 550.522624ms ago: executing program 3 (id=1398): ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200}) syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)=[@code={0x1, 0x81, {"0f22e5c744240060420000c744240233d8cecbc7442406000000000f011c24668f38896810c4027958b20000000064449966baf80cb83284af80ef66bafc0c66ed66baf80cb8cc07ff8aef66bafc0cb8d4000000ef48b8f8000000000000000f23c00f2135030009000f23f8450f2244"}}], 0x81}) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]}) r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, 0x0) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, 0x0) ioctl$KVM_GET_MP_STATE(r3, 0x8004ae98, &(0x7f0000000000)) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000200)={[0xe45, 0x9, 0xfffffffffffffffd, 0x10000000, 0x10000, 0x3, 0x4002004c2, 0x7ff, 0x1, 0x0, 0x400, 0x40, 0x88, 0x0, 0x8, 0x8d], 0xfec00000, 0x240046}) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 490.493744ms ago: executing program 3 (id=1399): syz_clone3(0x0, 0x0) syz_usb_connect$printer(0x3, 0x2d, &(0x7f0000000240)=ANY=[@ANYBLOB="12"], 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) 341.001209ms ago: executing program 2 (id=1400): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x1a1740, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000080)={0x0, &(0x7f00000001c0)=[@wrmsr={0x65, 0x20, {0x40000000, 0x3}}, @wrmsr={0x65, 0x20, {0x40000001, 0x3f}}], 0x40}) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000000)={0x1, 0x0, [{0x40000001, 0x4, 0x2, 0x31237648, 0x6, 0x2, 0x80}]}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0xf, 0x7, 0x10013, 0x66, 0x9, 0x1020, 0xcf, 0x1, 0x1, 0x7ffffffffffffffc, 0x1, 0xfffffffffffffff6, 0xd, 0x5, 0xfffffffffffffffd, 0xffffffff], 0x0, 0x1019c4}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 200.919438ms ago: executing program 2 (id=1401): mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x300000e, 0x12, 0xffffffffffffffff, 0x25417000) 200.65206ms ago: executing program 2 (id=1402): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x10) r0 = socket$netlink(0x10, 0x3, 0x0) socket$inet6(0xa, 0x2, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) close(0xffffffffffffffff) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x4d, 0xfffffffb, 0x7fffffff}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084) sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001f80)=@newqdisc={0x58, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdf8, {0x0, 0x0, 0x0, r4, {0x10}, {}, {0xa, 0x3}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x2c, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x3f, 0x0, 0x0, 0x0, 0x97ab, 0x40}, {0x2, 0x0, 0x3, 0x57, 0x8, 0x3}, 0x1, 0x2, 0xa2d}}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x40098}, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 60.593496ms ago: executing program 2 (id=1403): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000040)=0x4) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x5000, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x7, 0x8, 0xc5, 0x0, 0x6, 0x9, 0x4, 0x6, 0x1, 0xf8, 0x0, 0x1, 0x0, 0x3, 0xd1, 0x6, 0x9, 0x4, 0xfe, '\x00', 0x4, 0x4}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 214.962µs ago: executing program 1 (id=1404): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000002340)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4509c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a900d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a3c0db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848022e8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0000000000000000000000000001545f0ec539c3b58facd2f62dc3307a6c91d6b"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48) socketpair$unix(0x1, 0x5, 0x0, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)=ANY=[@ANYRES32=r0, @ANYRES32=r0, @ANYBLOB='/'], 0x20) 0s ago: executing program 1 (id=1405): ioctl$KVM_SET_GUEST_DEBUG_x86(0xffffffffffffffff, 0x4048ae9b, &(0x7f0000000080)={0x80003, 0x0, {[0x94f, 0xfffffffffffffffc, 0x40, 0x389831d1, 0x7, 0x8, 0x40, 0xd]}}) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]}) r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xe45, 0x9, 0xfffffffffffffffd, 0x10000000, 0x10000, 0x3, 0x4002004c2, 0x7ff, 0x1, 0x0, 0x400, 0x80, 0x88, 0x0, 0x8, 0x8d], 0xeeee8000, 0x240046}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 0s ago: executing program 3 (id=1406): bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000fdffffde18000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000400)={'veth0_to_bond\x00', 0x3003}) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1b}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, 0x0) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r0}, 0xc) kernel console output (not intermixed with test programs): 0/0x10 [ 70.999387][ T6790] ? pti_set_user_pgtbl+0x30/0x50 [ 70.999423][ T6790] ____sys_sendmsg+0x9e1/0xb70 [ 70.999444][ T6790] ? __pfx_netlink_sendmsg+0x10/0x10 [ 70.999466][ T6790] ? __pfx_____sys_sendmsg+0x10/0x10 [ 70.999500][ T6790] ___sys_sendmsg+0x190/0x1e0 [ 70.999523][ T6790] ? __pfx____sys_sendmsg+0x10/0x10 [ 70.999576][ T6790] __sys_sendmsg+0x170/0x220 [ 70.999604][ T6790] ? __pfx___sys_sendmsg+0x10/0x10 [ 70.999644][ T6790] ? rcu_is_watching+0x12/0xc0 [ 70.999674][ T6790] do_syscall_64+0x10b/0xf80 [ 70.999694][ T6790] ? clear_bhb_loop+0x40/0x90 [ 70.999716][ T6790] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.999734][ T6790] RIP: 0033:0x7f01a519cdd9 [ 70.999749][ T6790] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 70.999765][ T6790] RSP: 002b:00007f01a5f95028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 70.999781][ T6790] RAX: ffffffffffffffda RBX: 00007f01a5415fa0 RCX: 00007f01a519cdd9 [ 70.999792][ T6790] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 70.999802][ T6790] RBP: 00007f01a5f95090 R08: 0000000000000000 R09: 0000000000000000 [ 70.999812][ T6790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 70.999821][ T6790] R13: 00007f01a5416038 R14: 00007f01a5415fa0 R15: 00007ffc4e3ba9a8 [ 70.999862][ T6790] [ 71.267793][ T6809] xt_CT: No such helper "pptp" [ 71.274314][ T6809] mmap: syz.2.286 (6809) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 71.500555][ T6822] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found [ 71.504621][ T6822] UDF-fs: Scanning with blocksize 512 failed [ 71.508977][ T6822] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found [ 71.511514][ T6822] UDF-fs: Scanning with blocksize 1024 failed [ 71.514187][ T6822] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found [ 71.518237][ T6822] UDF-fs: Scanning with blocksize 2048 failed [ 71.520756][ T6822] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found [ 71.523628][ T6822] UDF-fs: Scanning with blocksize 4096 failed [ 71.719712][ T6833] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5127 sclass=netlink_route_socket pid=6833 comm=syz.2.295 [ 72.813486][ T6859] netlink: 'syz.0.302': attribute type 30 has an invalid length. [ 72.816343][ T6859] FAULT_INJECTION: forcing a failure. [ 72.816343][ T6859] name failslab, interval 1, probability 0, space 0, times 0 [ 72.824035][ T6859] CPU: 3 UID: 0 PID: 6859 Comm: syz.0.302 Tainted: G L syzkaller #0 PREEMPT(full) [ 72.824062][ T6859] Tainted: [L]=SOFTLOCKUP [ 72.824068][ T6859] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 72.824077][ T6859] Call Trace: [ 72.824083][ T6859] [ 72.824090][ T6859] dump_stack_lvl+0x100/0x190 [ 72.824118][ T6859] should_fail_ex.cold+0x5/0xa [ 72.824143][ T6859] should_failslab+0xc2/0x120 [ 72.824162][ T6859] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 72.824187][ T6859] ? alloc_inode+0x68/0x250 [ 72.824205][ T6859] ? simple_start_creating+0xb0/0x110 [ 72.824228][ T6859] ? __pfx_debugfs_alloc_inode+0x10/0x10 [ 72.824257][ T6859] alloc_inode+0x68/0x250 [ 72.824274][ T6859] new_inode+0x22/0x1c0 [ 72.824292][ T6859] __debugfs_create_file+0x105/0x4f0 [ 72.824313][ T6859] debugfs_create_file_full+0x41/0x60 [ 72.824332][ T6859] ref_tracker_dir_debugfs+0x19e/0x2e0 [ 72.824349][ T6859] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 72.824384][ T6859] ? __kvmalloc_node_noprof+0x37b/0xa00 [ 72.824410][ T6859] ? alloc_netdev_mqs+0xd7/0x1560 [ 72.824438][ T6859] ? lockdep_init_map_type+0x5c/0x250 [ 72.824465][ T6859] ? __pfx_vxlan_setup+0x10/0x10 [ 72.824483][ T6859] alloc_netdev_mqs+0x314/0x1560 [ 72.824513][ T6859] rtnl_create_link+0xc13/0xf80 [ 72.824543][ T6859] rtnl_newlink+0x13bd/0x2380 [ 72.824566][ T6859] ? __pfx_rtnl_newlink+0x10/0x10 [ 72.824582][ T6859] ? find_held_lock+0x2b/0x80 [ 72.824605][ T6859] ? avc_has_perm_noaudit+0x11e/0x3b0 [ 72.824631][ T6859] ? avc_has_perm_noaudit+0x11e/0x3b0 [ 72.824661][ T6859] ? avc_has_perm_noaudit+0x145/0x3b0 [ 72.824712][ T6859] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 72.824728][ T6859] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 72.824747][ T6859] ? __pfx_rtnl_newlink+0x10/0x10 [ 72.824765][ T6859] rtnetlink_rcv_msg+0x95e/0xe90 [ 72.824784][ T6859] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 72.824809][ T6859] ? ref_tracker_free+0x37e/0x6c0 [ 72.824829][ T6859] netlink_rcv_skb+0x159/0x420 [ 72.824851][ T6859] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 72.824870][ T6859] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 72.824901][ T6859] ? netlink_deliver_tap+0x1ae/0xcc0 [ 72.824926][ T6859] netlink_unicast+0x585/0x850 [ 72.824952][ T6859] ? __pfx_netlink_unicast+0x10/0x10 [ 72.824981][ T6859] netlink_sendmsg+0x8b0/0xda0 [ 72.825008][ T6859] ? __pfx_netlink_sendmsg+0x10/0x10 [ 72.825028][ T6859] ? pti_set_user_pgtbl+0x30/0x50 [ 72.825065][ T6859] ____sys_sendmsg+0x9e1/0xb70 [ 72.825085][ T6859] ? __pfx_netlink_sendmsg+0x10/0x10 [ 72.825107][ T6859] ? __pfx_____sys_sendmsg+0x10/0x10 [ 72.825142][ T6859] ___sys_sendmsg+0x190/0x1e0 [ 72.825167][ T6859] ? __pfx____sys_sendmsg+0x10/0x10 [ 72.825222][ T6859] __sys_sendmsg+0x170/0x220 [ 72.825251][ T6859] ? __pfx___sys_sendmsg+0x10/0x10 [ 72.825290][ T6859] ? rcu_is_watching+0x12/0xc0 [ 72.825319][ T6859] do_syscall_64+0x10b/0xf80 [ 72.825340][ T6859] ? clear_bhb_loop+0x40/0x90 [ 72.825361][ T6859] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.825378][ T6859] RIP: 0033:0x7f01a519cdd9 [ 72.825394][ T6859] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 72.825410][ T6859] RSP: 002b:00007f01a5f95028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 72.825427][ T6859] RAX: ffffffffffffffda RBX: 00007f01a5415fa0 RCX: 00007f01a519cdd9 [ 72.825438][ T6859] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 72.825448][ T6859] RBP: 00007f01a5f95090 R08: 0000000000000000 R09: 0000000000000000 [ 72.825457][ T6859] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 72.825467][ T6859] R13: 00007f01a5416038 R14: 00007f01a5415fa0 R15: 00007ffc4e3ba9a8 [ 72.825492][ T6859] [ 72.825499][ T6859] debugfs: out of free dentries, can not create file 'netdev@ffff8880580d4658' [ 72.886469][ T62] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 72.886559][ T5092] Bluetooth: hci4: command 0x1003 tx timeout [ 72.923811][ T6864] netlink: 'syz.0.304': attribute type 9 has an invalid length. [ 73.064840][ T6870] netem: change failed [ 73.087253][ T6874] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=6 sclass=netlink_route_socket pid=6874 comm=syz.1.309 [ 73.189198][ T6881] netlink: 'syz.2.312': attribute type 30 has an invalid length. [ 73.192977][ T6881] __nla_validate_parse: 13 callbacks suppressed [ 73.192990][ T6881] netlink: 12 bytes leftover after parsing attributes in process `syz.2.312'. [ 73.200735][ T6881] FAULT_INJECTION: forcing a failure. [ 73.200735][ T6881] name failslab, interval 1, probability 0, space 0, times 0 [ 73.207007][ T6881] CPU: 3 UID: 0 PID: 6881 Comm: syz.2.312 Tainted: G L syzkaller #0 PREEMPT(full) [ 73.207033][ T6881] Tainted: [L]=SOFTLOCKUP [ 73.207041][ T6881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 73.207050][ T6881] Call Trace: [ 73.207056][ T6881] [ 73.207064][ T6881] dump_stack_lvl+0x100/0x190 [ 73.207089][ T6881] should_fail_ex.cold+0x5/0xa [ 73.207112][ T6881] should_failslab+0xc2/0x120 [ 73.207131][ T6881] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 73.207159][ T6881] ? __d_alloc+0x34/0xa40 [ 73.207192][ T6881] __d_alloc+0x34/0xa40 [ 73.207229][ T6881] d_alloc+0x4a/0x1e0 [ 73.207255][ T6881] lookup_one_qstr_excl+0x171/0x250 [ 73.207284][ T6881] start_dirop+0x59/0xb0 [ 73.207303][ T6881] simple_start_creating+0xf9/0x110 [ 73.207327][ T6881] ? __pfx_simple_start_creating+0x10/0x10 [ 73.207351][ T6881] ? mntput+0x70/0xa0 [ 73.207372][ T6881] ? simple_pin_fs+0xa3/0x190 [ 73.207395][ T6881] debugfs_start_creating.part.0+0x82/0x170 [ 73.207432][ T6881] __debugfs_create_file+0xb3/0x4f0 [ 73.207452][ T6881] debugfs_create_file_full+0x41/0x60 [ 73.207473][ T6881] ref_tracker_dir_debugfs+0x19e/0x2e0 [ 73.207494][ T6881] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 73.207534][ T6881] ? __kvmalloc_node_noprof+0x37b/0xa00 [ 73.207559][ T6881] ? alloc_netdev_mqs+0xd7/0x1560 [ 73.207586][ T6881] ? lockdep_init_map_type+0x5c/0x250 [ 73.207609][ T6881] ? __pfx_vxlan_setup+0x10/0x10 [ 73.207627][ T6881] alloc_netdev_mqs+0x314/0x1560 [ 73.207656][ T6881] rtnl_create_link+0xc13/0xf80 [ 73.207684][ T6881] rtnl_newlink+0x13bd/0x2380 [ 73.207711][ T6881] ? __pfx_rtnl_newlink+0x10/0x10 [ 73.207728][ T6881] ? find_held_lock+0x2b/0x80 [ 73.207743][ T6881] ? avc_has_perm_noaudit+0x11e/0x3b0 [ 73.207771][ T6881] ? avc_has_perm_noaudit+0x11e/0x3b0 [ 73.207801][ T6881] ? avc_has_perm_noaudit+0x145/0x3b0 [ 73.207853][ T6881] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 73.207872][ T6881] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 73.207891][ T6881] ? __pfx_rtnl_newlink+0x10/0x10 [ 73.207910][ T6881] rtnetlink_rcv_msg+0x95e/0xe90 [ 73.207932][ T6881] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 73.207958][ T6881] ? ref_tracker_free+0x37e/0x6c0 [ 73.207981][ T6881] netlink_rcv_skb+0x159/0x420 [ 73.208005][ T6881] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 73.208026][ T6881] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 73.208059][ T6881] ? netlink_deliver_tap+0x1ae/0xcc0 [ 73.208085][ T6881] netlink_unicast+0x585/0x850 [ 73.208244][ T6881] ? __pfx_netlink_unicast+0x10/0x10 [ 73.208275][ T6881] netlink_sendmsg+0x8b0/0xda0 [ 73.208302][ T6881] ? __pfx_netlink_sendmsg+0x10/0x10 [ 73.208331][ T6881] ? pti_set_user_pgtbl+0x30/0x50 [ 73.208373][ T6881] ____sys_sendmsg+0x9e1/0xb70 [ 73.208393][ T6881] ? __pfx_netlink_sendmsg+0x10/0x10 [ 73.208418][ T6881] ? __pfx_____sys_sendmsg+0x10/0x10 [ 73.208442][ T6881] ___sys_sendmsg+0x190/0x1e0 [ 73.208456][ T6881] ? __pfx____sys_sendmsg+0x10/0x10 [ 73.208496][ T6881] __sys_sendmsg+0x170/0x220 [ 73.208522][ T6881] ? __pfx___sys_sendmsg+0x10/0x10 [ 73.208561][ T6881] ? rcu_is_watching+0x12/0xc0 [ 73.208593][ T6881] do_syscall_64+0x10b/0xf80 [ 73.208615][ T6881] ? clear_bhb_loop+0x40/0x90 [ 73.208638][ T6881] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 73.208655][ T6881] RIP: 0033:0x7f768e99cdd9 [ 73.208671][ T6881] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 73.208685][ T6881] RSP: 002b:00007f768f781028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 73.208700][ T6881] RAX: ffffffffffffffda RBX: 00007f768ec15fa0 RCX: 00007f768e99cdd9 [ 73.208710][ T6881] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 73.208719][ T6881] RBP: 00007f768f781090 R08: 0000000000000000 R09: 0000000000000000 [ 73.208730][ T6881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 73.208740][ T6881] R13: 00007f768ec16038 R14: 00007f768ec15fa0 R15: 00007ffd9fcdd458 [ 73.208765][ T6881] [ 73.246845][ T6876] Error: Device magic number does not match. [ 73.416952][ T6894] netlink: 48 bytes leftover after parsing attributes in process `syz.1.314'. [ 73.632644][ T6905] netlink: 12 bytes leftover after parsing attributes in process `syz.0.317'. [ 73.632725][ T6912] netlink: 12 bytes leftover after parsing attributes in process `syz.0.317'. [ 73.635808][ T6905] openvswitch: netlink: Flow actions attr not present in new flow. [ 73.642273][ T6912] openvswitch: netlink: Flow actions attr not present in new flow. [ 73.732026][ T40] kauditd_printk_skb: 25 callbacks suppressed [ 73.732042][ T40] audit: type=1400 audit(1778017059.749:950): avc: denied { read } for pid=6920 comm="syz.2.324" name="fb1" dev="devtmpfs" ino=640 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 73.745942][ T40] audit: type=1400 audit(1778017059.749:951): avc: denied { open } for pid=6920 comm="syz.2.324" path="/dev/fb1" dev="devtmpfs" ino=640 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 73.747414][ T6921] netlink: 'syz.2.324': attribute type 1 has an invalid length. [ 73.754556][ T40] audit: type=1400 audit(1778017059.749:952): avc: denied { ioctl } for pid=6920 comm="syz.2.324" path="/dev/fb1" dev="devtmpfs" ino=640 ioctlcmd=0x4601 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 73.848337][ T6921] bridge1: entered promiscuous mode [ 73.848359][ T6921] bridge1: entered allmulticast mode [ 73.875773][ T6927] 9pnet_fd: p9_fd_create_unix (6927): address too long: ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 73.897514][ T6921] tipc: Enabling of bearer rejected, media not registered [ 73.943307][ T40] audit: type=1400 audit(1778017059.959:953): avc: denied { read } for pid=6923 comm="syz.1.325" name="file0" dev="fuse" ino=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 73.953440][ T40] audit: type=1400 audit(1778017059.959:954): avc: denied { open } for pid=6923 comm="syz.1.325" path="/98/file0/file0" dev="fuse" ino=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 73.961886][ T6927] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 73.968198][ T6927] block device autoloading is deprecated and will be removed. [ 73.984441][ T6930] i2c i2c-1: Frontend requested software zigzag, but didn't set the frequency step size [ 73.985387][ T40] audit: type=1400 audit(1778017059.999:955): avc: denied { ioctl } for pid=6923 comm="syz.1.325" path="/98/file0/file0" dev="fuse" ino=64 ioctlcmd=0x923 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 74.057475][ T6925] netlink: 4 bytes leftover after parsing attributes in process `syz.1.325'. [ 74.072802][ T6925] team0: Port device team_slave_0 removed [ 74.258740][ T40] audit: type=1400 audit(1778017060.279:956): avc: denied { unlink } for pid=6937 comm="syz.2.330" name="#9" dev="tmpfs" ino=666 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 74.364111][ T6947] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=6947 comm=syz.2.334 [ 74.368216][ T6948] netlink: 16 bytes leftover after parsing attributes in process `syz.1.335'. [ 74.405452][ T6954] /dev/sg0: Can't lookup blockdev [ 74.412413][ T6954] ieee802154 phy0 wpan0: encryption failed: -22 [ 74.434023][ T40] audit: type=1400 audit(1778017060.449:957): avc: denied { write } for pid=6956 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 74.463061][ T6962] use of bytesused == 0 is deprecated and will be removed in the future, [ 74.466814][ T6962] use the actual size instead. [ 74.492014][ T40] audit: type=1400 audit(1778017060.509:958): avc: denied { write } for pid=6963 comm="rm" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 74.723404][ T6999] netem: change failed [ 74.782933][ T7000] Bluetooth: MGMT ver 1.23 [ 74.967805][ T40] audit: type=1400 audit(1778017060.989:959): avc: denied { write } for pid=7008 comm="syz.2.348" name="hpet" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 75.034520][ T5884] IPVS: starting estimator thread 0... [ 75.156629][ T7013] IPVS: using max 45 ests per chain, 108000 per kthread [ 75.216465][ T7024] team0: Device gtp0 is up. Set it down before adding it as a team port [ 75.485618][ T7036] IPVS: wlc: FWM 3 0x00000003 - no destination available [ 75.544993][ T7045] netem: change failed [ 75.672226][ T7057] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12492 sclass=netlink_route_socket pid=7057 comm=syz.2.364 [ 75.679930][ T7059] netlink: 'syz.0.365': attribute type 10 has an invalid length. [ 75.703078][ T7059] team0: Port device geneve0 added [ 75.728810][ T7068] netlink: 8 bytes leftover after parsing attributes in process `syz.1.368'. [ 75.732616][ T7068] netlink: 12 bytes leftover after parsing attributes in process `syz.1.368'. [ 75.736255][ T7063] bond3: ARP target 9.0.0.0 is already present [ 75.737896][ T7068] netlink: 8 bytes leftover after parsing attributes in process `syz.1.368'. [ 75.740460][ T7063] bond3: option arp_ip_target: invalid value (9) [ 75.742999][ T7068] netlink: 12 bytes leftover after parsing attributes in process `syz.1.368'. [ 75.753226][ T7063] bond3 (unregistering): Released all slaves [ 75.961644][ T7080] sd 0:0:0:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x24 ascq=0x0 [ 76.202093][ T7095] sit1: entered promiscuous mode [ 76.331335][ T1434] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.333484][ T1434] ieee802154 phy1 wpan1: encryption failed: -22 [ 76.410825][ T7128] program syz.2.387 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 76.692133][ T7167] netem: change failed [ 76.773641][ T7165] macvlan2: entered promiscuous mode [ 76.775989][ T7165] bridge0: entered promiscuous mode [ 76.893925][ T7193] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 76.925822][ T7193] netlink: 'syz.2.408': attribute type 11 has an invalid length. [ 76.927137][ T7197] Illegal XDP return value 4294967289 on prog (id 105) dev syz_tun, expect packet loss! [ 76.936465][ T7197] tipc: Started in network mode [ 76.938160][ T7197] tipc: Node identity 040000000000000003, cluster identity 4711 [ 76.956919][ T5839] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 77.109019][ T5839] usb 8-1: Using ep0 maxpacket: 16 [ 77.117622][ T5839] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x8 has invalid maxpacket 512, setting to 64 [ 77.121014][ T7205] netlink: 'syz.0.414': attribute type 3 has an invalid length. [ 77.131451][ T5839] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x9 has invalid maxpacket 1023, setting to 64 [ 77.139675][ T5839] usb 8-1: config 1 interface 0 altsetting 0 has a duplicate endpoint with address 0x9, skipping [ 77.143198][ T5839] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 1024, setting to 64 [ 77.160524][ T5839] usb 8-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 77.167437][ T7211] random: crng reseeded on system resumption [ 77.168814][ T5839] usb 8-1: New USB device found, idVendor=0582, idProduct=0120, bcdDevice= 0.40 [ 77.176439][ T5839] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 77.189263][ T5839] usb 8-1: Product: І [ 77.190901][ T5839] usb 8-1: SerialNumber: љ [ 77.200021][ T7171] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 77.409850][ T7171] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 77.413216][ T7171] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 77.474929][ T5839] snd-usb-audio 8-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 77.481982][ T5839] usb 8-1: USB disconnect, device number 4 [ 77.500472][ T5737] udevd[5737]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 77.781922][ T29] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 77.791510][ T29] hid-generic 0000:0000:0000.0002: hidraw1: HID v0.00 Device [syz1] on syz0 [ 77.877116][ T6989] Bluetooth: hci4: Frame reassembly failed (-84) [ 77.880239][ T7250] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 2 [ 77.889805][ T7241] hid-generic 0003:0627:0001.0001: pid 7241 passed too short report [ 78.059217][ T7261] netlink: 'syz.2.435': attribute type 1 has an invalid length. [ 78.080046][ T7261] bond4: (slave geneve2): making interface the new active one [ 78.083924][ T7261] bond4: (slave geneve2): Enslaving as an active interface with an up link [ 78.087735][ T6987] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20004 - 0 [ 78.091474][ T6987] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20004 - 0 [ 78.091505][ T6987] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20004 - 0 [ 78.091531][ T6987] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20004 - 0 [ 78.109076][ T50] cfg80211: failed to load regulatory.db [ 78.127924][ T7261] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7261 comm=syz.2.435 [ 78.581944][ T7295] FAULT_INJECTION: forcing a failure. [ 78.581944][ T7295] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 78.587441][ T7295] CPU: 0 UID: 0 PID: 7295 Comm: syz.3.445 Tainted: G L syzkaller #0 PREEMPT(full) [ 78.587465][ T7295] Tainted: [L]=SOFTLOCKUP [ 78.587470][ T7295] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 78.587478][ T7295] Call Trace: [ 78.587483][ T7295] [ 78.587489][ T7295] dump_stack_lvl+0x100/0x190 [ 78.587512][ T7295] should_fail_ex.cold+0x5/0xa [ 78.587529][ T7295] ? prepare_alloc_pages+0x16d/0x5f0 [ 78.587549][ T7295] should_fail_alloc_page+0xeb/0x140 [ 78.587565][ T7295] prepare_alloc_pages+0x1f0/0x5f0 [ 78.587585][ T7295] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 78.587618][ T7295] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 78.587637][ T7295] ? is_bpf_text_address+0x8a/0x1a0 [ 78.587655][ T7295] ? bpf_ksym_find+0x128/0x1c0 [ 78.587674][ T7295] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 78.587689][ T7295] ? is_bpf_text_address+0x94/0x1a0 [ 78.587708][ T7295] ? unwind_get_return_address+0x59/0xa0 [ 78.587728][ T7295] ? arch_stack_walk+0xa6/0xf0 [ 78.587749][ T7295] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 78.587766][ T7295] ? policy_nodemask+0xed/0x4f0 [ 78.587782][ T7295] alloc_pages_mpol+0x1fb/0x540 [ 78.587797][ T7295] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 78.587809][ T7295] ? __pfx__kstrtoull+0x10/0x10 [ 78.587827][ T7295] alloc_pages_noprof+0x1a/0x160 [ 78.587844][ T7295] get_free_pages_noprof+0x10/0xb0 [ 78.587856][ T7295] ? copy_iovec_from_user+0x102/0x140 [ 78.587873][ T7295] vcs_read+0xba/0xc00 [ 78.587888][ T7295] ? iovec_from_user+0xda/0x140 [ 78.587908][ T7295] ? __import_iovec+0x1d2/0x640 [ 78.587926][ T7295] ? avc_policy_seqno+0x9/0x20 [ 78.587945][ T7295] ? selinux_file_permission+0x8f/0x6d0 [ 78.587963][ T7295] ? __pfx_vcs_read+0x10/0x10 [ 78.587976][ T7295] ? bpf_lsm_file_permission+0x9/0x10 [ 78.587996][ T7295] ? security_file_permission+0x76/0x210 [ 78.588015][ T7295] ? rw_verify_area+0xce/0x6d0 [ 78.588031][ T7295] ? __pfx_vcs_read+0x10/0x10 [ 78.588044][ T7295] vfs_readv+0x5d8/0x8d0 [ 78.588063][ T7295] ? __pfx_vfs_readv+0x10/0x10 [ 78.588077][ T7295] ? find_held_lock+0x2b/0x80 [ 78.588091][ T7295] ? ksys_write+0x190/0x250 [ 78.588116][ T7295] ? __fget_files+0x21f/0x3d0 [ 78.588139][ T7295] ? do_readv+0x13e/0x340 [ 78.588150][ T7295] do_readv+0x13e/0x340 [ 78.588164][ T7295] ? __pfx_do_readv+0x10/0x10 [ 78.588178][ T7295] ? rcu_is_watching+0x12/0xc0 [ 78.588206][ T7295] do_syscall_64+0x10b/0xf80 [ 78.588227][ T7295] ? clear_bhb_loop+0x40/0x90 [ 78.588245][ T7295] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.588258][ T7295] RIP: 0033:0x7f64f279cdd9 [ 78.588269][ T7295] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 78.588282][ T7295] RSP: 002b:00007f64f36b9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 78.588296][ T7295] RAX: ffffffffffffffda RBX: 00007f64f2a15fa0 RCX: 00007f64f279cdd9 [ 78.588305][ T7295] RDX: 0000000000000003 RSI: 0000200000000240 RDI: 0000000000000003 [ 78.588312][ T7295] RBP: 00007f64f36b9090 R08: 0000000000000000 R09: 0000000000000000 [ 78.588320][ T7295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 78.588327][ T7295] R13: 00007f64f2a16038 R14: 00007f64f2a15fa0 R15: 00007ffe3efa6688 [ 78.588351][ T7295] [ 78.596158][ T7297] vivid-004: disconnect [ 78.718112][ T7297] vivid-004: reconnect [ 78.866547][ T5829] usb 8-1: new full-speed USB device number 5 using dummy_hcd [ 78.904619][ T7308] __nla_validate_parse: 8 callbacks suppressed [ 78.904631][ T7308] netlink: 12 bytes leftover after parsing attributes in process `syz.2.451'. [ 78.920387][ T7308] 8021q: adding VLAN 0 to HW filter on device bond5 [ 79.009379][ T7311] netem: change failed [ 79.038436][ T5829] usb 8-1: config 0 interface 0 altsetting 251 has an endpoint descriptor with address 0x2C, changing to 0xC [ 79.043542][ T5829] usb 8-1: config 0 interface 0 altsetting 251 endpoint 0xC has an invalid bInterval 0, changing to 10 [ 79.048340][ T5829] usb 8-1: config 0 interface 0 altsetting 251 endpoint 0xC has invalid maxpacket 64263, setting to 64 [ 79.053154][ T5829] usb 8-1: config 0 interface 0 has no altsetting 0 [ 79.059263][ T5829] usb 8-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 79.062598][ T5829] usb 8-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 79.065376][ T5829] usb 8-1: Product: syz [ 79.066873][ T5829] usb 8-1: Manufacturer: syz [ 79.068472][ T5829] usb 8-1: SerialNumber: syz [ 79.072259][ T5829] usb 8-1: config 0 descriptor?? [ 79.075084][ T7299] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 79.080638][ T5829] usb 8-1: selecting invalid altsetting 0 [ 79.132993][ T40] kauditd_printk_skb: 31 callbacks suppressed [ 79.133009][ T40] audit: type=1400 audit(1778017065.149:991): avc: denied { mount } for pid=7315 comm="syz.2.454" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1 [ 79.201828][ T7316] bond6: option downdelay: invalid value (18446744073709551615) [ 79.204392][ T7316] bond6: option downdelay: allowed values 0 - 2147483647 [ 79.209740][ T7316] bond6 (unregistering): Released all slaves [ 79.226052][ T7313] netlink: 12 bytes leftover after parsing attributes in process `syz.0.453'. [ 79.230604][ T7313] netlink: 12 bytes leftover after parsing attributes in process `syz.0.453'. [ 79.291377][ T7299] usb 8-1: cannot submit urb 0, error -2: endpoint not enabled [ 79.295579][ T29] usb 8-1: USB disconnect, device number 5 [ 79.415208][ T7332] xt_TCPMSS: Only works on TCP SYN packets [ 79.527633][ T7341] netlink: 12 bytes leftover after parsing attributes in process `syz.2.461'. [ 79.544380][ T7341] 8021q: adding VLAN 0 to HW filter on device bond6 [ 79.579146][ T7346] xfrm0 speed is unknown, defaulting to 1000 [ 79.594196][ T7346] xfrm0 speed is unknown, defaulting to 1000 [ 79.602068][ T7346] xfrm0 speed is unknown, defaulting to 1000 [ 79.608271][ T7346] smbdirect: ib_dev[syz1]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000 [ 79.616500][ T7346] smbdirect: ib_dev[syz1]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6 [ 79.624357][ T7346] smbdirect: ib_dev[syz1]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008 [ 79.635108][ T7346] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 79.648611][ T7346] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 79.682028][ T7346] xfrm0 speed is unknown, defaulting to 1000 [ 79.686588][ T7346] xfrm0 speed is unknown, defaulting to 1000 [ 79.690120][ T7346] xfrm0 speed is unknown, defaulting to 1000 [ 79.693015][ T7346] xfrm0 speed is unknown, defaulting to 1000 [ 79.739605][ T7351] netlink: 108 bytes leftover after parsing attributes in process `syz.2.465'. [ 79.888450][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 79.926539][ T62] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 79.929505][ T5092] Bluetooth: hci4: command 0x1003 tx timeout [ 80.030802][ T40] audit: type=1400 audit(1778017066.049:992): avc: denied { map } for pid=7365 comm="syz.3.469" path="/dev/net/tun" dev="devtmpfs" ino=720 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tun_tap_device_t tclass=chr_file permissive=1 [ 80.051340][ T40] audit: type=1400 audit(1778017066.049:993): avc: denied { execute } for pid=7365 comm="syz.3.469" path="/dev/net/tun" dev="devtmpfs" ino=720 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tun_tap_device_t tclass=chr_file permissive=1 [ 80.059928][ T40] audit: type=1400 audit(1778017066.059:994): avc: denied { load_policy } for pid=7365 comm="syz.3.469" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 80.121858][ T7366] SELinux: failed to load policy [ 80.265945][ T7385] random: crng reseeded on system resumption [ 80.294982][ T40] audit: type=1400 audit(1778017066.309:995): avc: denied { firmware_load } for pid=7384 comm="syz.3.477" path="/lib/firmware/regulatory.db" dev="sda1" ino=448 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1 [ 80.417984][ T7385] syz.3.477 (7385) used greatest stack depth: 18328 bytes left [ 80.463593][ T7401] netlink: 296 bytes leftover after parsing attributes in process `syz.0.479'. [ 80.468930][ T7401] openvswitch: netlink: Flow key attr not present in new flow. [ 80.513706][ T7405] netem: change failed [ 80.763713][ T40] audit: type=1400 audit(1778017066.779:996): avc: denied { shutdown } for pid=7422 comm="syz.3.488" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 80.812928][ T7435] random: crng reseeded on system resumption [ 80.891582][ T7438] netlink: 108 bytes leftover after parsing attributes in process `syz.3.491'. [ 81.100863][ T40] audit: type=1400 audit(1778017067.119:997): avc: denied { read } for pid=7445 comm="syz.1.494" name="loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 81.101439][ T7446] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 81.112592][ T40] audit: type=1400 audit(1778017067.119:998): avc: denied { open } for pid=7445 comm="syz.1.494" path="/dev/loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 81.145724][ T40] audit: type=1400 audit(1778017067.159:999): avc: denied { ioctl } for pid=7450 comm="syz.2.495" path="/dev/nvram" dev="devtmpfs" ino=631 ioctlcmd=0x5606 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 81.182190][ T7455] netlink: 'syz.1.498': attribute type 1 has an invalid length. [ 81.185752][ T7455] netlink: 228 bytes leftover after parsing attributes in process `syz.1.498'. [ 81.210559][ T7457] netlink: 8 bytes leftover after parsing attributes in process `syz.0.497'. [ 81.278773][ T7463] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 81.286998][ T7463] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 81.303756][ T7468] netlink: 12 bytes leftover after parsing attributes in process `syz.2.501'. [ 81.354201][ T7474] FAULT_INJECTION: forcing a failure. [ 81.354201][ T7474] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 81.363965][ T7474] CPU: 2 UID: 0 PID: 7474 Comm: syz.2.503 Tainted: G L syzkaller #0 PREEMPT(full) [ 81.363988][ T7474] Tainted: [L]=SOFTLOCKUP [ 81.363994][ T7474] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 81.364003][ T7474] Call Trace: [ 81.364010][ T7474] [ 81.364017][ T7474] dump_stack_lvl+0x100/0x190 [ 81.364046][ T7474] should_fail_ex.cold+0x5/0xa [ 81.364074][ T7474] _copy_to_user+0x32/0xd0 [ 81.364102][ T7474] simple_read_from_buffer+0xcb/0x170 [ 81.364128][ T7474] proc_fail_nth_read+0x1af/0x230 [ 81.364148][ T7474] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 81.364170][ T7474] ? rw_verify_area+0xce/0x6d0 [ 81.364187][ T7474] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 81.364214][ T7474] vfs_read+0x1e4/0xb30 [ 81.364234][ T7474] ? __pfx_vfs_read+0x10/0x10 [ 81.364249][ T7474] ? __fget_files+0x215/0x3d0 [ 81.364265][ T7474] ? __fget_files+0x21f/0x3d0 [ 81.364281][ T7474] ksys_read+0x12a/0x250 [ 81.364293][ T7474] ? __pfx_ksys_read+0x10/0x10 [ 81.364305][ T7474] ? rcu_is_watching+0x12/0xc0 [ 81.364322][ T7474] do_syscall_64+0x10b/0xf80 [ 81.364336][ T7474] ? clear_bhb_loop+0x40/0x90 [ 81.364355][ T7474] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.364373][ T7474] RIP: 0033:0x7f768e95d60e [ 81.364388][ T7474] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 81.364404][ T7474] RSP: 002b:00007f768f780fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 81.364421][ T7474] RAX: ffffffffffffffda RBX: 00007f768f7816c0 RCX: 00007f768e95d60e [ 81.364432][ T7474] RDX: 000000000000000f RSI: 00007f768f7810a0 RDI: 0000000000000004 [ 81.364442][ T7474] RBP: 00007f768f781090 R08: 0000000000000000 R09: 0000000000000000 [ 81.364451][ T7474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 81.364461][ T7474] R13: 00007f768ec16038 R14: 00007f768ec15fa0 R15: 00007ffd9fcdd458 [ 81.364484][ T7474] [ 81.495954][ T7463] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 81.507153][ T7479] overlayfs: failed to get inode (-116) [ 81.510042][ T7477] iommufd_mock iommufd_mock1: Adding to iommu group 10 [ 81.518020][ T7463] iommufd_mock iommufd_mock2: Adding to iommu group 11 [ 81.543211][ T5829] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 81.635215][ T7486] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=47 sclass=netlink_route_socket pid=7486 comm=syz.2.507 [ 81.661879][ T7488] 8021q: adding VLAN 0 to HW filter on device bond3 [ 81.706679][ T5829] usb 6-1: Using ep0 maxpacket: 32 [ 81.710858][ T5829] usb 6-1: config index 0 descriptor too short (expected 29220, got 36) [ 81.714796][ T5829] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 81.721034][ T5829] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 81.732286][ T5829] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 81.736262][ T5829] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 81.740547][ T5829] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 81.741247][ T40] audit: type=1400 audit(1778017067.759:1000): avc: denied { append } for pid=7490 comm="syz.2.509" name="loop5" dev="devtmpfs" ino=663 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 81.744603][ T7497] loop5: detected capacity change from 0 to 7 [ 81.745495][ T5829] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 81.753430][ T7497] loop5: p1 p3 p4 [ 81.754187][ T7497] loop5: partition table partially beyond EOD, [ 81.756348][ T5829] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 81.763754][ T7497] truncated [ 81.773279][ T7495] bond1: option primary: mode dependency failed, not supported in mode broadcast(3) [ 81.782186][ T5829] usb 6-1: config 0 descriptor?? [ 81.797892][ T7495] bond1 (unregistering): Released all slaves [ 81.798064][ T7497] loop5: p3 size 3645588866 extends beyond EOD, truncated [ 81.877455][ T5737] udevd[5737]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory [ 81.884981][ T5740] udevd[5740]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory [ 81.894490][ T5748] udevd[5748]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory [ 82.014203][ T7512] xfrm0 speed is unknown, defaulting to 1000 [ 82.017132][ T5829] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 4 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 82.025982][ T5829] usb 6-1: USB disconnect, device number 4 [ 82.047309][ T5829] usblp0: removed [ 82.072050][ T7514] xfrm0 speed is unknown, defaulting to 1000 [ 82.346448][ T5880] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 82.498531][ T5880] usb 5-1: config 0 has no interfaces? [ 82.503279][ T5880] usb 5-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 82.507432][ T5880] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 82.510846][ T5880] usb 5-1: Product: syz [ 82.512755][ T5880] usb 5-1: Manufacturer: syz [ 82.514839][ T5880] usb 5-1: SerialNumber: syz [ 82.519023][ T5880] usb 5-1: config 0 descriptor?? [ 82.548219][ T7522] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=123 sclass=netlink_route_socket pid=7522 comm=syz.1.519 [ 82.639256][ T7526] IPVS: wlc: FWM 3 0x00000003 - no destination available [ 82.791800][ T7512] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 82.800336][ T7512] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 82.805959][ T50] usb 5-1: USB disconnect, device number 3 [ 83.037347][ T5885] usb 7-1: new full-speed USB device number 2 using dummy_hcd [ 83.190225][ T5885] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 83.193577][ T5885] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 83.199318][ T5885] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 83.203057][ T5885] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 83.416330][ T5885] usb 7-1: usb_control_msg returned -32 [ 83.419704][ T5885] usbtmc 7-1:16.0: can't read capabilities [ 83.619910][ T7532] netlink: 'syz.2.523': attribute type 12 has an invalid length. [ 83.670031][ T7565] kvm: kvm [7564]: vcpu2, guest rIP: 0x9135 Unhandled WRMSR(0xc1) = 0xfffffc00 [ 83.675635][ T7565] kvm: kvm [7564]: vcpu2, guest rIP: 0x9135 Unhandled WRMSR(0xc2) = 0xfffffc00 [ 83.697394][ T7570] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=15 sclass=netlink_route_socket pid=7570 comm=syz.0.538 [ 83.713627][ T7565] kvm: kvm [7564]: vcpu2, guest rIP: 0x9135 Unhandled WRMSR(0x11e) = 0xfffffc00 [ 83.741883][ T7565] kvm: kvm [7564]: vcpu2, guest rIP: 0x9135 Unhandled WRMSR(0x186) = 0xfffffc00 [ 83.745940][ T7565] kvm: kvm [7564]: vcpu2, guest rIP: 0x9135 Unhandled WRMSR(0x187) = 0xfffffc00 [ 83.780085][ T7574] random: crng reseeded on system resumption [ 83.912359][ T7576] tipc: Trying to set illegal importance in message [ 83.959109][ T7580] netlink: 'syz.3.543': attribute type 20 has an invalid length. [ 83.962220][ T7580] __nla_validate_parse: 6 callbacks suppressed [ 83.962233][ T7580] netlink: 4 bytes leftover after parsing attributes in process `syz.3.543'. [ 83.976051][ T6989] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 83.977083][ T7580] netlink: 'syz.3.543': attribute type 20 has an invalid length. [ 83.980796][ T6989] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 83.982812][ T7580] netlink: 4 bytes leftover after parsing attributes in process `syz.3.543'. [ 83.993965][ T6989] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 83.998019][ T6989] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 84.139593][ T50] usb 7-1: USB disconnect, device number 2 [ 84.221895][ T7593] IPVS: wlc: FWM 3 0x00000003 - no destination available [ 84.237956][ T7595] netlink: 12 bytes leftover after parsing attributes in process `syz.2.548'. [ 84.262889][ T7595] 8021q: adding VLAN 0 to HW filter on device bond7 [ 84.292993][ T7584] netlink: 12 bytes leftover after parsing attributes in process `syz.1.544'. [ 84.297317][ T7584] netlink: 12 bytes leftover after parsing attributes in process `syz.1.544'. [ 84.313857][ T7600] xfrm0 speed is unknown, defaulting to 1000 [ 84.332206][ T7602] random: crng reseeded on system resumption [ 84.447757][ T7609] netlink: 24 bytes leftover after parsing attributes in process `syz.0.553'. [ 84.455802][ T7605] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 84.517256][ T7615] program syz.3.554 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 84.571807][ T40] kauditd_printk_skb: 9 callbacks suppressed [ 84.571823][ T40] audit: type=1400 audit(1778017070.589:1010): avc: denied { write } for pid=7614 comm="syz.3.554" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 84.786480][ T5839] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 84.836036][ T7621] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check. [ 84.956540][ T5839] usb 5-1: Using ep0 maxpacket: 8 [ 84.961163][ T5839] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 84.964460][ T5839] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 84.968928][ T5839] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 84.972538][ T5839] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 84.975981][ T5839] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 84.980988][ T5839] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 84.984036][ T5839] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 85.190293][ T5839] usb 5-1: usb_control_msg returned -32 [ 85.196125][ T5839] usbtmc 5-1:16.0: can't read capabilities [ 85.217265][ T7634] vlan2: entered allmulticast mode [ 85.219043][ T7634] bond0: entered allmulticast mode [ 85.220820][ T7634] bond_slave_1: entered allmulticast mode [ 85.309339][ T7640] netlink: 124 bytes leftover after parsing attributes in process `syz.1.562'. [ 85.313684][ T7640] netlink: 8 bytes leftover after parsing attributes in process `syz.1.562'. [ 85.395070][ T7645] netlink: 12 bytes leftover after parsing attributes in process `syz.3.564'. [ 85.414726][ T7645] 8021q: adding VLAN 0 to HW filter on device bond4 [ 85.420386][ T7648] netlink: 32 bytes leftover after parsing attributes in process `syz.2.565'. [ 85.445320][ T40] audit: type=1400 audit(1778017071.459:1011): avc: denied { create } for pid=7649 comm="syz.1.566" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=key permissive=1 [ 85.545245][ T40] audit: type=1400 audit(1778017071.559:1012): avc: denied { ioctl } for pid=7670 comm="syz.2.573" path="socket:[20549]" dev="sockfs" ino=20549 ioctlcmd=0x8919 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 85.574347][ T7671] 9pnet_fd: Insufficient options for proto=fd [ 85.630102][ T7679] 8021q: adding VLAN 0 to HW filter on device bond5 [ 85.781535][ T40] audit: type=1400 audit(1778017071.799:1013): avc: denied { map } for pid=7692 comm="syz.1.582" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 85.861789][ T7697] xfrm0 speed is unknown, defaulting to 1000 [ 85.897961][ T7699] usbtmc 5-1:16.0: usb_control_msg returned -32 [ 86.161251][ T50] usb 5-1: USB disconnect, device number 4 [ 86.537805][ T1041] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 86.658888][ T7731] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 86.689683][ T1041] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 86.692657][ T1041] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 86.698907][ T1041] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 86.706116][ T1041] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 86.716107][ T1041] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 86.721124][ T1041] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 86.726353][ T1041] usb 7-1: Product: syz [ 86.728255][ T1041] usb 7-1: Manufacturer: syz [ 86.733248][ T40] audit: type=1400 audit(1778017072.749:1014): avc: denied { getopt } for pid=7733 comm="syz.1.596" lport=55231 faddr=::ffff:100.1.1.0 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 86.737714][ T1041] cdc_wdm 7-1:1.0: skipping garbage [ 86.748918][ T1041] cdc_wdm 7-1:1.0: skipping garbage [ 86.763611][ T1041] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device [ 86.772736][ T1041] cdc_wdm 7-1:1.0: Unknown control protocol [ 86.901381][ T7746] netlink: 'syz.1.600': attribute type 6 has an invalid length. [ 86.910027][ T7746] netlink: 'syz.1.600': attribute type 6 has an invalid length. [ 86.942390][ T40] audit: type=1400 audit(1778017072.959:1015): avc: denied { read write } for pid=7717 comm="syz.2.590" name="cdc-wdm0" dev="devtmpfs" ino=2936 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:modem_device_t tclass=chr_file permissive=1 [ 86.961334][ T40] audit: type=1400 audit(1778017072.959:1016): avc: denied { open } for pid=7717 comm="syz.2.590" path="/dev/cdc-wdm0" dev="devtmpfs" ino=2936 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:modem_device_t tclass=chr_file permissive=1 [ 86.997259][ T40] audit: type=1400 audit(1778017073.019:1017): avc: denied { read } for pid=7717 comm="syz.2.590" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 87.117550][ T40] audit: type=1400 audit(1778017073.139:1018): avc: denied { create } for pid=7755 comm="syz.3.604" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 87.260299][ T7746] kvm_intel: kvm [7745]: vcpu1, guest rIP: 0x9114 Unhandled WRMSR(0x1d9) = 0x270b [ 87.273708][ T7746] kvm: kvm [7745]: vcpu1, guest rIP: 0x9114 Unhandled WRMSR(0x186) = 0xeb06 [ 87.289253][ T7746] kvm: kvm [7745]: vcpu1, guest rIP: 0x9114 Unhandled WRMSR(0x11e) = 0x332c [ 87.513785][ T7765] random: crng reseeded on system resumption [ 88.169130][ T7794] xt_CT: No such helper "snmp_trap" [ 89.192867][ T7788] __nla_validate_parse: 10 callbacks suppressed [ 89.192881][ T7788] netlink: 36 bytes leftover after parsing attributes in process `syz.0.617'. [ 89.304000][ T40] audit: type=1400 audit(1778017075.319:1019): avc: denied { mounton } for pid=7815 comm="syz.1.624" path="/206/file0" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1 [ 89.329233][ T5885] usb 7-1: USB disconnect, device number 3 [ 89.395242][ T7826] xt_nfacct: accounting object `syz0' does not exist [ 89.412371][ T7824] devpts: Bad value for 'max' [ 89.592738][ T40] kauditd_printk_skb: 9 callbacks suppressed [ 89.592753][ T40] audit: type=1400 audit(1778017075.609:1029): avc: denied { append } for pid=7841 comm="syz.0.634" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 89.594511][ T7845] program syz.0.634 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 89.614658][ T7847] netlink: 16 bytes leftover after parsing attributes in process `syz.2.636'. [ 89.619867][ T7847] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 89.647683][ T7847] netlink: 60 bytes leftover after parsing attributes in process `syz.2.636'. [ 89.654027][ T7847] netlink: 12 bytes leftover after parsing attributes in process `syz.2.636'. [ 89.656140][ T40] audit: type=1400 audit(1778017075.669:1030): avc: denied { unmount } for pid=5738 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 89.657480][ T7847] netlink: 60 bytes leftover after parsing attributes in process `syz.2.636'. [ 89.721396][ T7842] [U] [ 89.723054][ T7842] [U] [ 89.724583][ T7842] [U]  [ 89.725844][ T7842] [U] [ 89.732218][ T7842] [U] [ 89.733347][ T7842] [U] $ [ 89.734953][ T7842] [U] [ 89.736090][ T7842] [U] [ 89.737084][ T7842] [U] [ 89.738235][ T7842] [U] [ 89.739892][ T7842] [U] [ 89.741282][ T7842] [U] [ 89.742502][ T7842] [U] [ 89.743749][ T7842] [U] [ 89.744964][ T7842] [U] [ 89.747548][ T7842] [U] [ 89.748791][ T7842] [U] [ 89.750118][ T7842] [U] [ 89.751728][ T7842] [U] [ 89.780885][ T40] audit: type=1400 audit(1778017075.799:1031): avc: denied { connect } for pid=7860 comm="syz.2.642" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 89.815613][ T40] audit: type=1400 audit(1778017075.829:1032): avc: denied { relabelfrom } for pid=7851 comm="syz.3.638" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 89.823584][ T40] audit: type=1400 audit(1778017075.829:1033): avc: denied { relabelto } for pid=7851 comm="syz.3.638" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 89.857886][ T7841] [U] [ 89.892359][ T7871] netem: change failed [ 89.965200][ T40] audit: type=1400 audit(1778017075.979:1034): avc: denied { ioctl } for pid=7874 comm="syz.1.645" path="socket:[22989]" dev="sockfs" ino=22989 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 89.972772][ T7875] xt_l2tp: v2 sid > 0xffff: 4294967294 [ 89.983213][ T7875] netlink: 36 bytes leftover after parsing attributes in process `syz.1.645'. [ 90.045259][ T40] audit: type=1326 audit(1778017076.059:1035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7887 comm="syz.0.649" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f01a519cdd9 code=0x0 [ 90.098506][ T7886] netlink: 108 bytes leftover after parsing attributes in process `syz.3.650'. [ 90.280464][ T40] audit: type=1400 audit(1778017076.299:1036): avc: denied { unmount } for pid=5743 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 90.449102][ T7915] netlink: 108 bytes leftover after parsing attributes in process `syz.2.658'. [ 90.805578][ T40] audit: type=1400 audit(1778017076.819:1037): avc: denied { write } for pid=7937 comm="syz.3.670" name="/" dev="9p" ino=72876321 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 90.815147][ T40] audit: type=1400 audit(1778017076.829:1038): avc: denied { write } for pid=7937 comm="syz.3.670" name="/" dev="9p" ino=72876321 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 90.833161][ T7938] netlink: 24 bytes leftover after parsing attributes in process `syz.3.670'. [ 90.971496][ T7950] random: crng reseeded on system resumption [ 91.086517][ T5884] usb 7-1: new full-speed USB device number 4 using dummy_hcd [ 91.218987][ T5884] usb 7-1: device descriptor read/64, error -71 [ 91.227398][ T7968] netem: change failed [ 91.246528][ T7971] netlink: 108 bytes leftover after parsing attributes in process `syz.0.683'. [ 91.440941][ T7992] kvm: kvm [7991]: vcpu2, guest rIP: 0xfff0 Unhandled RDMSR(0x4000001f) [ 91.457765][ T5884] usb 7-1: new full-speed USB device number 5 using dummy_hcd [ 91.553502][ T7999] 8021q: adding VLAN 0 to HW filter on device bond1 [ 91.598708][ T5884] usb 7-1: device descriptor read/64, error -71 [ 91.611384][ T8005] xt_nfacct: accounting object `syz0' does not exist [ 91.691886][ T8008] netlink: 'syz.0.694': attribute type 3 has an invalid length. [ 91.707354][ T5884] usb usb7-port1: attempt power cycle [ 92.066754][ T5884] usb 7-1: new full-speed USB device number 6 using dummy_hcd [ 92.087131][ T5884] usb 7-1: device descriptor read/8, error -71 [ 92.121799][ T8036] 8021q: adding VLAN 0 to HW filter on device bond6 [ 92.346482][ T5884] usb 7-1: new full-speed USB device number 7 using dummy_hcd [ 92.372335][ T5884] usb 7-1: device descriptor read/8, error -71 [ 92.426676][ T5839] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 92.477749][ T5884] usb usb7-port1: unable to enumerate USB device [ 92.568693][ T8062] "syz.0.713" (8062) uses obsolete ecb(arc4) skcipher [ 92.578754][ T5839] usb 8-1: Using ep0 maxpacket: 16 [ 92.584454][ T5839] usb 8-1: config index 0 descriptor too short (expected 8192, got 27) [ 92.585510][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 92.587656][ T5839] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 92.587670][ T5839] usb 8-1: config 0 has no interfaces? [ 92.589269][ T5839] usb 8-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 92.612361][ T5839] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 92.615507][ T5839] usb 8-1: Product: syz [ 92.617041][ T5839] usb 8-1: Manufacturer: syz [ 92.618988][ T5839] usb 8-1: SerialNumber: syz [ 92.624612][ T5839] usb 8-1: config 0 descriptor?? [ 92.640042][ T8069] netlink: 'syz.0.715': attribute type 5 has an invalid length. [ 92.756689][ T1041] usb 7-1: new full-speed USB device number 8 using dummy_hcd [ 92.766487][ T8075] tmpfs: Unknown parameter 'smackfshat' [ 92.770761][ T8075] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks [ 92.896453][ T1041] usb 7-1: device descriptor read/64, error -71 [ 93.035710][ T8039] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 93.039860][ T8039] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 93.146542][ T1041] usb 7-1: new full-speed USB device number 9 using dummy_hcd [ 93.161904][ T5839] usb 8-1: USB disconnect, device number 6 [ 93.276703][ T1041] usb 7-1: device descriptor read/64, error -71 [ 93.386872][ T1041] usb usb7-port1: attempt power cycle [ 93.736471][ T1041] usb 7-1: new full-speed USB device number 10 using dummy_hcd [ 93.756976][ T1041] usb 7-1: device descriptor read/8, error -71 [ 93.852146][ T8098] No buffer was provided with the request [ 93.957519][ T8104] 9pnet: Found fid 0 not clunked [ 93.996536][ T10] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 94.146442][ T10] usb 8-1: Using ep0 maxpacket: 16 [ 94.152550][ T10] usb 8-1: config 1 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 94.160114][ T10] usb 8-1: config 1 interface 0 altsetting 6 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 94.165285][ T10] usb 8-1: config 1 interface 0 has no altsetting 0 [ 94.170233][ T10] usb 8-1: New USB device found, idVendor=056a, idProduct=0116, bcdDevice= 0.40 [ 94.173956][ T10] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 94.178500][ T10] usb 8-1: Product: ⬞ᾶᝒ䜼쯔謔哃ӵ䃓輕륿팂噄䯳얒╣⤞鰷藍䡃᛬承陂뛊㣦灁⼈ﶮ쾫ꙃ缥罹䰤专땤䅌ൊ춿⚧ᛰ㟦ࠣ頬鳟︒︔ēꋯ᫆轝푁창瓼霽☀ᣛ㙠깗넖䵗ꄈ傪ᗢ삟嗝翞뮶絆罛望刈栞減큅麁랃鋔蔽벎킖ᷩȻ㠍廨 [ 94.188103][ T10] usb 8-1: Manufacturer: 峭༛蚇뫼璑䠬몭劻ꆒ힃䕾燠퐯ᅅ஦ꋗ덆땈ꡋ뀱扬펗 [ 94.192362][ T10] usb 8-1: SerialNumber: 록ⷕ䧟杫⊫펓赶㑗䡫ꛯ醦⠳鑎㽣얋쎌璙啙࿉㓍♟럶㶒呄顼誙쥦ꥳ䃞裉ﭴ忥삅麸᪍렇冀ﺤ抆苌屈ꑘ祗Ѓ魦듍郱鞔捵뇿禜⧛룚讃㥦䄸 [ 94.298060][ T8122] xfrm0 speed is unknown, defaulting to 1000 [ 94.388921][ T8127] syzkaller1: entered promiscuous mode [ 94.390849][ T8127] syzkaller1: entered allmulticast mode [ 94.397220][ T8127] nbd: couldn't find a device at index -2146435068 [ 94.418147][ T10] usbhid 8-1:1.0: can't add hid device: -71 [ 94.422390][ T10] usbhid 8-1:1.0: probe with driver usbhid failed with error -71 [ 94.427097][ T10] usb 8-1: USB disconnect, device number 7 [ 94.515470][ T8129] capability: warning: `syz.2.736' uses deprecated v2 capabilities in a way that may be insecure [ 94.537622][ T8129] xfrm0 speed is unknown, defaulting to 1000 [ 94.650620][ T40] kauditd_printk_skb: 23 callbacks suppressed [ 94.650638][ T40] audit: type=1400 audit(1778017080.669:1062): avc: denied { execute } for pid=8132 comm="syz.2.737" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 94.836163][ T8141] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0) [ 94.840107][ T8141] SELinux: failed to load policy [ 95.037299][ T8150] overlayfs: failed to resolve './file0': -2 [ 95.334180][ T8156] netem: change failed [ 95.375056][ T40] audit: type=1400 audit(1778017081.389:1063): avc: denied { create } for pid=8157 comm="syz.1.747" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 95.393736][ T40] audit: type=1400 audit(1778017081.409:1064): avc: denied { unlink } for pid=5738 comm="syz-executor" name="file0" dev="tmpfs" ino=1251 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 95.447403][ T8165] __nla_validate_parse: 10 callbacks suppressed [ 95.447423][ T8165] netlink: 108 bytes leftover after parsing attributes in process `syz.1.749'. [ 95.531674][ T8172] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=61456 sclass=netlink_route_socket pid=8172 comm=syz.1.751 [ 95.569798][ T8174] program syz.1.752 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 95.670194][ T8180] netlink: 'syz.1.755': attribute type 21 has an invalid length. [ 95.675721][ T8180] program syz.1.755 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 95.753132][ T8187] netlink: 108 bytes leftover after parsing attributes in process `syz.1.758'. [ 95.822428][ T8194] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 95.833497][ T8195] netlink: 4 bytes leftover after parsing attributes in process `syz.1.761'. [ 95.839101][ T8194] netlink: 12 bytes leftover after parsing attributes in process `syz.1.761'. [ 95.839156][ T8195] netlink: 12 bytes leftover after parsing attributes in process `syz.1.761'. [ 96.008877][ T40] audit: type=1400 audit(1778017082.029:1065): avc: denied { map } for pid=8210 comm="syz.1.767" path="socket:[23389]" dev="sockfs" ino=23389 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 96.018825][ T40] audit: type=1400 audit(1778017082.029:1066): avc: denied { read accept } for pid=8210 comm="syz.1.767" path="socket:[23389]" dev="sockfs" ino=23389 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 96.031823][ T40] audit: type=1400 audit(1778017082.029:1067): avc: denied { ioctl } for pid=8210 comm="syz.1.767" path="socket:[23389]" dev="sockfs" ino=23389 ioctlcmd=0x89ff scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 96.061586][ T8220] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 96.323817][ T8242] netlink: 12 bytes leftover after parsing attributes in process `syz.1.777'. [ 96.329448][ T40] audit: type=1400 audit(1778017082.349:1068): avc: denied { ioctl } for pid=8243 comm="syz.0.779" path="/dev/loop-control" dev="devtmpfs" ino=657 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 96.335244][ T8242] vcan0: tx drop: invalid sa for name 0x0000000000000002 [ 96.418848][ T8252] overlayfs: upper fs does not support file handles, falling back to index=off. [ 96.511331][ T8266] openvswitch: netlink: IP tunnel dst address not specified [ 96.570785][ T40] audit: type=1400 audit(1778017082.589:1069): avc: denied { ioctl } for pid=8276 comm="syz.1.791" path="/dev/nullb0" dev="devtmpfs" ino=707 ioctlcmd=0x943d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 96.609973][ T8280] netlink: 12 bytes leftover after parsing attributes in process `syz.1.792'. [ 96.630405][ T8280] 8021q: adding VLAN 0 to HW filter on device bond5 [ 96.824450][ T8290] xt_hashlimit: max too large, truncated to 1048576 [ 96.846665][ T8290] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 97.316991][ T8312] Invalid ELF header magic: != ELF [ 97.319341][ T40] audit: type=1400 audit(1778017083.339:1070): avc: denied { module_load } for pid=8311 comm="syz.0.802" path="/159/bus" dev="tmpfs" ino=827 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=system permissive=1 [ 97.363133][ T8316] CIFS: iocharset name too long [ 97.456014][ T8322] netlink: 12 bytes leftover after parsing attributes in process `syz.0.806'. [ 97.471760][ T8322] 8021q: adding VLAN 0 to HW filter on device bond2 [ 97.593403][ C0] IPv4: Oversized IP packet from 127.0.0.1 [ 97.699180][ T40] audit: type=1400 audit(1778017083.719:1071): avc: denied { ioctl } for pid=8335 comm="syz.0.810" path="/dev/autofs" dev="devtmpfs" ino=104 ioctlcmd=0x937e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 97.773972][ T8346] netlink: 8 bytes leftover after parsing attributes in process `syz.3.813'. [ 97.872185][ T8346] kvm: kvm [8345]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc2) = 0x9d00 [ 97.877498][ T8346] kvm: kvm [8345]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x9d00 [ 97.974244][ T8370] netlink: 408 bytes leftover after parsing attributes in process `syz.0.819'. [ 97.983476][ T8346] kvm: vcpu 0: requested 14336 ns lapic timer period limited to 200000 ns [ 98.115749][ T8378] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 98.131587][ T843] bond_slave_0: entered promiscuous mode [ 98.134278][ T843] bond_slave_1: entered promiscuous mode [ 98.137455][ T6989] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.139846][ T6989] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.206516][ T8385] ntfs3(sr0): Primary boot signature is not NTFS. [ 98.210015][ T8385] ntfs3(sr0): try to read out of volume at offset 0xf800 [ 99.199326][ T8459] 8021q: adding VLAN 0 to HW filter on device bond7 [ 99.205224][ T8462] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8462 comm=syz.1.850 [ 99.245582][ T8462] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=8462 comm=syz.1.850 [ 99.279778][ T8466] netlink: 'syz.3.852': attribute type 30 has an invalid length. [ 99.453763][ T8478] F2FS-fs (nbd1): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 99.457802][ T8478] F2FS-fs (nbd1): Can't find valid F2FS filesystem in 1th superblock [ 99.461376][ T8478] F2FS-fs (nbd1): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 99.464341][ T8478] F2FS-fs (nbd1): Can't find valid F2FS filesystem in 2th superblock [ 99.879071][ C2] IPv4: Oversized IP packet from 127.0.0.1 [ 100.002225][ T40] kauditd_printk_skb: 12 callbacks suppressed [ 100.002245][ T40] audit: type=1326 audit(1778017086.019:1084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8503 comm="syz.1.865" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f29eff9cdd9 code=0x0 [ 100.170438][ T40] audit: type=1400 audit(1778017086.189:1085): avc: denied { map } for pid=8510 comm="syz.0.867" path="/dev/dri/card1" dev="devtmpfs" ino=636 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 100.179395][ T40] audit: type=1400 audit(1778017086.189:1086): avc: denied { execute } for pid=8510 comm="syz.0.867" path="/dev/dri/card1" dev="devtmpfs" ino=636 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 100.639972][ T40] audit: type=1400 audit(1778017086.659:1087): avc: denied { mount } for pid=8525 comm="syz.2.872" name="/" dev="nfsd" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfsd_fs_t tclass=filesystem permissive=1 [ 100.793594][ T8544] vivid-007: ================= START STATUS ================= [ 100.800443][ T8544] vivid-007: Generate PTS: true [ 100.804330][ T8544] vivid-007: Generate SCR: true [ 100.806279][ T8544] tpg source WxH: 320x240 (Y'CbCr) [ 100.808544][ T8544] tpg field: 1 [ 100.809795][ T8544] tpg crop: (0,0)/320x240 [ 100.811334][ T8544] tpg compose: (0,0)/320x240 [ 100.812992][ T8544] tpg colorspace: 8 [ 100.814412][ T8544] tpg transfer function: 0/0 [ 100.816091][ T8544] tpg Y'CbCr encoding: 0/0 [ 100.818753][ T8544] tpg quantization: 0/0 [ 100.820236][ T8544] tpg RGB range: 0/2 [ 100.821579][ T8544] vivid-007: ================== END STATUS ================== [ 101.104852][ T40] audit: type=1400 audit(1778017087.119:1088): avc: denied { ioctl } for pid=8562 comm="syz.3.887" path="socket:[28041]" dev="sockfs" ino=28041 ioctlcmd=0x583f scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 101.110470][ T8564] Unsupported ieee802154 address type: 0 [ 101.113157][ T40] audit: type=1400 audit(1778017087.129:1089): avc: denied { bind } for pid=8560 comm="syz.1.886" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 101.162164][ T8568] netlink: 'syz.1.889': attribute type 30 has an invalid length. [ 101.165670][ T8568] __nla_validate_parse: 6 callbacks suppressed [ 101.165687][ T8568] netlink: 12 bytes leftover after parsing attributes in process `syz.1.889'. [ 101.189759][ T8570] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 101.299454][ T8580] netlink: 12 bytes leftover after parsing attributes in process `syz.3.895'. [ 101.311412][ T8583] cgroup: noprefix used incorrectly [ 101.317484][ T8580] 8021q: adding VLAN 0 to HW filter on device bond8 [ 101.529213][ T10] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 101.529674][ T40] audit: type=1400 audit(1778017087.549:1090): avc: denied { watch_reads } for pid=8595 comm="syz.3.901" path="/181" dev="tmpfs" ino=966 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 101.539404][ T40] audit: type=1400 audit(1778017087.559:1091): avc: denied { getopt } for pid=8595 comm="syz.3.901" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 101.676599][ T10] usb 6-1: Using ep0 maxpacket: 16 [ 101.680612][ T10] usb 6-1: config index 0 descriptor too short (expected 65, got 36) [ 101.684355][ T10] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 101.690391][ T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 101.695068][ T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 101.699737][ T10] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 101.704353][ T10] usb 6-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00 [ 101.707404][ T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 101.712627][ T10] usb 6-1: config 0 descriptor?? [ 101.719768][ T10] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input7 [ 101.732051][ T40] audit: type=1400 audit(1778017087.749:1092): avc: denied { read } for pid=5126 comm="acpid" name="js0" dev="devtmpfs" ino=2951 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 101.732227][ T5126] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 101.746955][ T40] audit: type=1400 audit(1778017087.749:1093): avc: denied { open } for pid=5126 comm="acpid" path="/dev/input/js0" dev="devtmpfs" ino=2951 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 101.790723][ T5126] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 101.814228][ T5737] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 101.822152][ T5126] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 101.825647][ T5126] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 101.833238][ T5126] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 101.840120][ T5126] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 101.916591][ T8578] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 101.920191][ T1041] usb 6-1: USB disconnect, device number 5 [ 102.045629][ T8631] IPVS: wlc: FWM 3 0x00000003 - no destination available [ 102.077304][ T8633] Bluetooth: hci0: Opcode 0x0c1a failed: -22 [ 102.103339][ T8633] kvm: emulating exchange as write [ 102.211677][ T8648] CIFS: bad ip= option (.RHe'ˠ/1C~1WexEAeSb{~R) [ 102.316186][ T8655] netlink: 12 bytes leftover after parsing attributes in process `syz.0.920'. [ 102.338271][ T8660] FAULT_INJECTION: forcing a failure. [ 102.338271][ T8660] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 102.348499][ T8655] 8021q: adding VLAN 0 to HW filter on device bond3 [ 102.351379][ T8660] CPU: 0 UID: 0 PID: 8660 Comm: syz.3.922 Tainted: G L syzkaller #0 PREEMPT(full) [ 102.351406][ T8660] Tainted: [L]=SOFTLOCKUP [ 102.351411][ T8660] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 102.351420][ T8660] Call Trace: [ 102.351427][ T8660] [ 102.351434][ T8660] dump_stack_lvl+0x100/0x190 [ 102.351468][ T8660] should_fail_ex.cold+0x5/0xa [ 102.351492][ T8660] _copy_from_user+0x2e/0xd0 [ 102.351527][ T8660] copy_msghdr_from_user+0x9f/0x4f0 [ 102.351558][ T8660] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 102.351591][ T8660] ___sys_sendmsg+0x106/0x1e0 [ 102.351613][ T8660] ? __pfx____sys_sendmsg+0x10/0x10 [ 102.351661][ T8660] __sys_sendmsg+0x170/0x220 [ 102.351687][ T8660] ? __pfx___sys_sendmsg+0x10/0x10 [ 102.351722][ T8660] ? rcu_is_watching+0x12/0xc0 [ 102.351749][ T8660] do_syscall_64+0x10b/0xf80 [ 102.351777][ T8660] ? clear_bhb_loop+0x40/0x90 [ 102.351798][ T8660] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.351815][ T8660] RIP: 0033:0x7f64f279cdd9 [ 102.351831][ T8660] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 102.351847][ T8660] RSP: 002b:00007f64f36b9028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 102.351865][ T8660] RAX: ffffffffffffffda RBX: 00007f64f2a15fa0 RCX: 00007f64f279cdd9 [ 102.351876][ T8660] RDX: 0000000020000080 RSI: 0000200000000200 RDI: 0000000000000003 [ 102.351885][ T8660] RBP: 00007f64f36b9090 R08: 0000000000000000 R09: 0000000000000000 [ 102.351897][ T8660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 102.351906][ T8660] R13: 00007f64f2a16038 R14: 00007f64f2a15fa0 R15: 00007ffe3efa6688 [ 102.351930][ T8660] [ 102.473479][ T8679] netlink: 27 bytes leftover after parsing attributes in process `syz.3.930'. [ 102.497500][ T8680] tipc: Enabling of bearer rejected, failed to enable media [ 102.529622][ T8688] netlink: 'syz.1.933': attribute type 30 has an invalid length. [ 102.532924][ T8688] netlink: 12 bytes leftover after parsing attributes in process `syz.1.933'. [ 102.534911][ T8679] ip6t_srh: unknown srh match flags 4000 [ 102.550229][ T8691] netlink: 12 bytes leftover after parsing attributes in process `syz.2.934'. [ 102.554864][ T8691] workqueue: Failed to create a rescuer kthread for wq "bond8": -EINTR [ 102.575729][ T8684] cdrom: dropping to single frame dma [ 102.609156][ T8701] IPVS: wlc: FWM 3 0x00000003 - no destination available [ 102.699265][ T8710] netem: change failed [ 102.759736][ T8714] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 102.764241][ T8714] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 102.769747][ T8714] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0 [ 102.838795][ T8721] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 102.847239][ T8721] iommufd_mock iommufd_mock1: Adding to iommu group 10 [ 102.876025][ T8714] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 102.880632][ T8714] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 102.885000][ T8714] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0 [ 102.986831][ T8714] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 102.990255][ T8714] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 102.993581][ T8714] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0 [ 103.110013][ T8714] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 103.113458][ T8714] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 103.118808][ T8714] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0 [ 103.155388][ T8734] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 103.163691][ T8734] overlayfs: missing 'lowerdir' [ 103.239030][ T6984] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 103.241892][ T6984] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 20004 - 0 [ 103.244885][ T6984] netdevsim netdevsim1 eth0: set [1, 1] type 2 family 0 port 6081 - 0 [ 103.264022][ T6984] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 103.270566][ T6984] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 20004 - 0 [ 103.275879][ T6984] netdevsim netdevsim1 eth1: set [1, 1] type 2 family 0 port 6081 - 0 [ 103.298842][ T8737] netlink: 68 bytes leftover after parsing attributes in process `syz.0.947'. [ 103.308818][ T6985] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 103.311666][ T6985] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 20004 - 0 [ 103.314525][ T6985] netdevsim netdevsim1 eth2: set [1, 1] type 2 family 0 port 6081 - 0 [ 103.323113][ T6984] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 103.328303][ T6984] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 20004 - 0 [ 103.331555][ T6984] netdevsim netdevsim1 eth3: set [1, 1] type 2 family 0 port 6081 - 0 [ 103.338234][ T8705] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 103.342378][ T8705] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0 [ 103.347896][ T8705] netdevsim netdevsim1 eth3 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0 [ 103.409743][ T8705] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 103.413053][ T8705] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0 [ 103.416431][ T8705] netdevsim netdevsim1 eth2 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0 [ 103.482105][ T8705] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 103.486463][ T8705] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0 [ 103.490729][ T8705] netdevsim netdevsim1 eth1 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0 [ 103.536469][ T8482] usb 8-1: new low-speed USB device number 8 using dummy_hcd [ 103.542590][ T8705] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 103.546336][ T8705] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0 [ 103.550033][ T8705] netdevsim netdevsim1 eth0 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0 [ 103.718981][ T8482] usb 8-1: unable to get BOS descriptor or descriptor too short [ 103.723427][ T8482] usb 8-1: config 8 has an invalid interface number: 198 but max is 0 [ 103.726732][ T8482] usb 8-1: config 8 has no interface number 0 [ 103.728879][ T8482] usb 8-1: config 8 interface 198 altsetting 0 endpoint 0xA has invalid maxpacket 1023, setting to 8 [ 103.734879][ T8482] usb 8-1: string descriptor 0 read error: -22 [ 103.737031][ T8482] usb 8-1: New USB device found, idVendor=1430, idProduct=6cdc, bcdDevice=85.cc [ 103.740656][ T8482] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 103.745652][ T8746] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 103.953991][ T8482] usb 8-1: USB disconnect, device number 8 [ 103.995320][ T8750] (syz.0.954,8750,3):dlmfs_mkdir:421 ERROR: invalid domain name for directory. [ 104.002612][ T8750] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 104.021930][ T8750] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 104.417491][ T8764] sock: sock_set_timeout: `syz.0.958' (pid 8764) tries to set negative timeout [ 104.421526][ T8764] Attempt to restore checkpoint with obsolete wellknown handles [ 104.686247][ T8776] netlink: 'syz.3.962': attribute type 21 has an invalid length. [ 104.689650][ T8776] netlink: 128 bytes leftover after parsing attributes in process `syz.3.962'. [ 104.693485][ T8776] netlink: 'syz.3.962': attribute type 4 has an invalid length. [ 104.697156][ T8776] netlink: 'syz.3.962': attribute type 5 has an invalid length. [ 104.700541][ T8776] netlink: 3 bytes leftover after parsing attributes in process `syz.3.962'. [ 104.837296][ T8780] netlink: 220 bytes leftover after parsing attributes in process `syz.0.964'. [ 104.840384][ T8780] tipc: Enabling of bearer rejected, failed to enable media [ 105.012203][ T40] kauditd_printk_skb: 28 callbacks suppressed [ 105.012216][ T40] audit: type=1400 audit(1778017091.029:1122): avc: denied { read } for pid=8781 comm="syz.0.965" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 105.024801][ T40] audit: type=1400 audit(1778017091.029:1123): avc: denied { open } for pid=8781 comm="syz.0.965" path="/dev/snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 105.281275][ T40] audit: type=1400 audit(1778017091.299:1124): avc: denied { create } for pid=8791 comm="syz.0.968" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 105.408356][ T40] audit: type=1400 audit(1778017091.429:1125): avc: denied { ioctl } for pid=8791 comm="syz.0.968" path="socket:[28458]" dev="sockfs" ino=28458 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 105.414180][ T8792] sctp: [Deprecated]: syz.0.968 (pid 8792) Use of int in max_burst socket option deprecated. [ 105.414180][ T8792] Use struct sctp_assoc_value instead [ 105.419519][ T40] audit: type=1400 audit(1778017091.429:1126): avc: denied { create } for pid=8791 comm="syz.0.968" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 105.434121][ T40] audit: type=1400 audit(1778017091.429:1127): avc: denied { setopt } for pid=8791 comm="syz.0.968" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 105.481039][ T8798] netlink: 'syz.3.970': attribute type 4 has an invalid length. [ 105.484805][ T8799] netlink: 'syz.3.970': attribute type 4 has an invalid length. [ 105.518916][ T40] audit: type=1400 audit(1778017091.539:1128): avc: denied { getopt } for pid=8802 comm="syz.0.971" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 105.545652][ T40] audit: type=1400 audit(1778017091.559:1129): avc: denied { create } for pid=8804 comm="syz.3.972" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 105.554136][ T40] audit: type=1400 audit(1778017091.569:1130): avc: denied { setopt } for pid=8804 comm="syz.3.972" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 105.560802][ T40] audit: type=1400 audit(1778017091.569:1131): avc: denied { ioctl } for pid=8804 comm="syz.3.972" path="socket:[25566]" dev="sockfs" ino=25566 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 105.588263][ C2] IPv4: Oversized IP packet from 127.0.0.1 [ 105.652349][ T8811] netlink: 'syz.2.974': attribute type 1 has an invalid length. [ 105.660967][ T8809] x_tables: ip6_tables: sctp match: only valid for protocol 132 [ 105.681099][ T8811] 8021q: adding VLAN 0 to HW filter on device bond8 [ 105.695477][ T8811] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined [ 105.781212][ T8825] 8021q: adding VLAN 0 to HW filter on device bond9 usb_generic_handle_packet: ctrl buffer too small (16384 > 4096) [ 106.215403][ T8847] ip6gretap0: entered promiscuous mode [ 106.483271][ T8858] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 106.642306][ T8864] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 106.718822][ T8873] batadv_slave_1: entered promiscuous mode [ 106.723705][ T8870] batadv_slave_1: left promiscuous mode [ 106.804316][ T6985] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 106.807792][ T6985] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 20004 - 0 [ 106.811771][ T6985] netdevsim netdevsim1 eth0: set [1, 1] type 2 family 0 port 6081 - 0 [ 106.823671][ T6989] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 106.827762][ T6989] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 20004 - 0 [ 106.830858][ T6989] netdevsim netdevsim1 eth1: set [1, 1] type 2 family 0 port 6081 - 0 [ 106.840037][ T6989] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 106.843222][ T6989] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 20004 - 0 [ 106.846066][ T6989] netdevsim netdevsim1 eth2: set [1, 1] type 2 family 0 port 6081 - 0 [ 106.860770][ T6985] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 106.864466][ T6985] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 20004 - 0 [ 106.868172][ T6985] netdevsim netdevsim1 eth3: set [1, 1] type 2 family 0 port 6081 - 0 [ 106.929074][ T8891] IPv4: Oversized IP packet from 127.202.26.0 [ 107.071050][ T8894] overlayfs: unescaped trailing colons in lowerdir mount option. [ 107.158814][ T1041] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 107.188806][ T8902] netlink: 'syz.0.1004': attribute type 30 has an invalid length. [ 107.192205][ T8902] __nla_validate_parse: 3 callbacks suppressed [ 107.192219][ T8902] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1004'. [ 107.213685][ T8904] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1005'. [ 107.219952][ T8904] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1005'. [ 107.223870][ T8904] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1005'. [ 107.234250][ T8906] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1005'. [ 107.316580][ T1041] usb 6-1: Using ep0 maxpacket: 8 [ 107.319603][ T1041] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 107.324151][ T1041] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 107.328351][ T1041] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 107.329961][ T8912] netlink: 100 bytes leftover after parsing attributes in process `syz.3.1007'. [ 107.332174][ T1041] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 107.339671][ T1041] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 107.344948][ T1041] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 107.348773][ T1041] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 107.556764][ T1041] usb 6-1: usb_control_msg returned -32 [ 107.558937][ T1041] usbtmc 6-1:16.0: can't read capabilities [ 107.574714][ T5884] usb 6-1: USB disconnect, device number 6 [ 107.602609][ T8915] loop7: detected capacity change from 0 to 7 [ 107.610277][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 107.615111][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 107.622730][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 107.626631][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 107.634256][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 107.638053][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 107.640886][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 107.644016][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 107.647022][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 107.650062][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 107.654986][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 107.655901][ T8916] netlink: 'syz.1.1008': attribute type 4 has an invalid length. [ 107.658021][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 107.658946][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 107.661206][ T8916] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1008'. [ 107.664393][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 107.668238][ T5837] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 107.672047][ T8915] ldm_validate_partition_table(): Disk read failed. [ 107.675650][ T8916] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 107.679206][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 107.690556][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 107.694086][ C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 107.698224][ C2] Buffer I/O error on dev loop7, logical block 0, async page read [ 107.701949][ C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 107.705928][ C2] Buffer I/O error on dev loop7, logical block 0, async page read [ 107.709576][ T8915] Dev loop7: unable to read RDB block 0 [ 107.712651][ T8915] loop7: unable to read partition table [ 107.714725][ T8915] loop7: partition table beyond EOD, truncated [ 107.716987][ T8915] loop_reread_partitions: partition scan of loop7 (Cj̖P=ý?}X %֐ȵ4FLQk݊5) failed (rc=-5) [ 107.728661][ T8916] ldm_validate_partition_table(): Disk read failed. [ 107.732435][ T8916] Dev loop7: unable to read RDB block 0 [ 107.735787][ T8916] loop7: unable to read partition table [ 107.738723][ T8916] loop7: partition table beyond EOD, truncated [ 107.838964][ T5837] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 107.847506][ T5837] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 107.851097][ T5837] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 107.854734][ T5837] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 107.860003][ T5837] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 107.863088][ T5837] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 107.865852][ T5837] usb 5-1: Manufacturer: syz [ 107.870328][ T5837] usb 5-1: config 0 descriptor?? [ 107.875288][ T8922] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1011'. [ 107.878731][ T8922] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1011'. [ 108.186488][ T1041] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 108.280912][ T8932] SELinux: Context system_u:object_r:auditd_unit_file_t:s0 is not valid (left unmapped). [ 108.282525][ T5837] appleir 0003:05AC:8243.0003: unknown main item tag 0x0 [ 108.300107][ T5837] appleir 0003:05AC:8243.0003: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0 [ 108.359563][ T1041] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 108.364676][ T1041] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 108.369124][ T1041] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 108.375260][ T1041] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 108.382626][ T1041] usb 6-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13 [ 108.387449][ T1041] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 108.391496][ T1041] usb 6-1: Product: syz [ 108.393219][ T1041] usb 6-1: Manufacturer: syz [ 108.395283][ T1041] usb 6-1: SerialNumber: syz [ 108.410737][ T1041] usb 6-1: config 0 descriptor?? [ 108.500722][ T8938] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1018'. [ 108.622364][ T1041] adutux 6-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux1 [ 108.810114][ T8907] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 108.813451][ T8942] binder: 8941:8942 ioctl c0306201 0 returned -14 [ 108.820298][ T8907] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 108.836583][ T1041] usb 5-1: USB disconnect, device number 5 [ 108.861372][ T5884] usb 6-1: USB disconnect, device number 7 [ 108.970190][ T8949] binder: 8948:8949 ioctl c0306201 200000000080 returned -14 [ 108.977566][ T8949] binder: 8948:8949 ioctl c0306201 2000000003c0 returned -14 [ 109.427389][ T8971] netlink: 'syz.1.1029': attribute type 1 has an invalid length. [ 109.538484][ C3] IPv4: Oversized IP packet from 127.0.0.1 [ 110.044017][ T9014] 8021q: adding VLAN 0 to HW filter on device bond10 [ 110.151930][ T40] kauditd_printk_skb: 113 callbacks suppressed [ 110.151945][ T40] audit: type=1400 audit(1778017096.169:1245): avc: denied { name_bind } for pid=9023 comm="syz.0.1046" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 110.275261][ T40] audit: type=1400 audit(1778017096.289:1246): avc: denied { append } for pid=9037 comm="syz.3.1050" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 trawcon="system_u:object_r:auditd_unit_file_t:s0" [ 110.350995][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 110.424450][ T40] audit: type=1400 audit(1778017096.439:1247): avc: denied { ioctl } for pid=9045 comm="syz.1.1051" path="socket:[30929]" dev="sockfs" ino=30929 ioctlcmd=0x42d4 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 111.095727][ T40] audit: type=1400 audit(1778017097.109:1248): avc: denied { write } for pid=9051 comm="syz.0.1053" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 111.144018][ T40] audit: type=1400 audit(1778017097.159:1249): avc: denied { map } for pid=9058 comm="syz.0.1055" path="/dev/zero" dev="devtmpfs" ino=6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1 [ 111.205085][ T9064] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9064 comm=syz.0.1057 [ 111.274545][ T40] audit: type=1400 audit(1778017097.289:1250): avc: denied { ioctl } for pid=9071 comm="syz.3.1062" path="socket:[29146]" dev="sockfs" ino=29146 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 111.305423][ T40] audit: type=1400 audit(1778017097.319:1251): avc: denied { sqpoll } for pid=9076 comm="syz.1.1063" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 111.323845][ T40] audit: type=1400 audit(1778017097.319:1252): avc: denied { map } for pid=9076 comm="syz.1.1063" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=31840 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 111.346570][ T40] audit: type=1400 audit(1778017097.319:1253): avc: denied { read write } for pid=9076 comm="syz.1.1063" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=31840 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 111.366116][ T40] audit: type=1400 audit(1778017097.349:1254): avc: denied { sys_module } for pid=9071 comm="syz.3.1062" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 111.445707][ T9093] FAULT_INJECTION: forcing a failure. [ 111.445707][ T9093] name failslab, interval 1, probability 0, space 0, times 0 [ 111.447293][ T9093] CPU: 1 UID: 0 PID: 9093 Comm: syz.0.1065 Tainted: G L syzkaller #0 PREEMPT(full) [ 111.447322][ T9093] Tainted: [L]=SOFTLOCKUP [ 111.447329][ T9093] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 111.447338][ T9093] Call Trace: [ 111.447344][ T9093] [ 111.447351][ T9093] dump_stack_lvl+0x100/0x190 [ 111.447386][ T9093] should_fail_ex.cold+0x5/0xa [ 111.447413][ T9093] should_failslab+0xc2/0x120 [ 111.447435][ T9093] __kmalloc_cache_noprof+0x7a/0x6f0 [ 111.447459][ T9093] ? drm_atomic_state_alloc+0xb8/0x120 [ 111.447494][ T9093] drm_atomic_state_alloc+0xb8/0x120 [ 111.447516][ T9093] drm_client_modeset_commit_atomic+0xcc/0x7e0 [ 111.447543][ T9093] ? trace_contention_end+0x122/0x170 [ 111.447573][ T9093] ? drm_client_modeset_commit_locked+0x4c/0x580 [ 111.447598][ T9093] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 111.447622][ T9093] ? drm_master_internal_acquire+0x21/0x80 [ 111.447643][ T9093] ? __mutex_lock+0x8ff/0x1b10 [ 111.447695][ T9093] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 111.447727][ T9093] drm_client_modeset_commit_locked+0x14d/0x580 [ 111.447760][ T9093] drm_fb_helper_pan_display+0x32d/0xa40 [ 111.447804][ T9093] fb_pan_display+0x195/0x820 [ 111.447832][ T9093] ? __pfx_drm_fb_helper_pan_display+0x10/0x10 [ 111.447855][ T9093] ? queue_delayed_work_on+0x122/0x1e0 [ 111.447884][ T9093] bit_update_start+0x48/0x1f0 [ 111.447905][ T9093] fbcon_switch+0x1119/0x19f0 [ 111.447942][ T9093] ? __pfx_fbcon_switch+0x10/0x10 [ 111.447986][ T9093] ? __pfx_bit_cursor+0x10/0x10 [ 111.448003][ T9093] ? fbcon_cursor+0x24c/0x5e0 [ 111.448032][ T9093] ? is_console_locked+0x9/0x20 [ 111.448052][ T9093] ? con_is_visible+0x65/0x150 [ 111.448074][ T9093] redraw_screen+0x2c1/0x760 [ 111.448098][ T9093] ? __pfx_redraw_screen+0x10/0x10 [ 111.448128][ T9093] fbcon_do_set_font+0x57f/0x7d0 [ 111.448167][ T9093] fbcon_set_def_font+0x188/0x2b0 [ 111.448198][ T9093] con_font_op+0x541/0x1040 [ 111.448231][ T9093] ? __pfx_con_font_op+0x10/0x10 [ 111.448257][ T9093] ? __might_fault+0xc5/0x140 [ 111.448283][ T9093] ? __might_fault+0xc5/0x140 [ 111.448321][ T9093] vt_ioctl+0xde8/0x31a0 [ 111.448342][ T9093] ? __pfx_vt_ioctl+0x10/0x10 [ 111.448361][ T9093] ? find_held_lock+0x2b/0x80 [ 111.448402][ T9093] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 111.448430][ T9093] ? __pfx_vt_ioctl+0x10/0x10 [ 111.448447][ T9093] tty_ioctl+0x26a/0x1640 [ 111.448473][ T9093] ? __pfx_tty_ioctl+0x10/0x10 [ 111.448497][ T9093] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 111.448531][ T9093] ? __fget_files+0x215/0x3d0 [ 111.448552][ T9093] ? hook_file_ioctl_common+0x149/0x410 [ 111.448598][ T9093] ? selinux_file_ioctl+0x13b/0x290 [ 111.448621][ T9093] ? selinux_file_ioctl+0xb6/0x290 [ 111.448645][ T9093] ? __pfx_tty_ioctl+0x10/0x10 [ 111.448670][ T9093] __x64_sys_ioctl+0x18e/0x210 [ 111.448692][ T9093] do_syscall_64+0x10b/0xf80 [ 111.448713][ T9093] ? clear_bhb_loop+0x40/0x90 [ 111.448737][ T9093] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.448755][ T9093] RIP: 0033:0x7f01a519cdd9 [ 111.448777][ T9093] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 111.448795][ T9093] RSP: 002b:00007f01a5f95028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 111.448813][ T9093] RAX: ffffffffffffffda RBX: 00007f01a5415fa0 RCX: 00007f01a519cdd9 [ 111.448825][ T9093] RDX: 0000200000000640 RSI: 0000000000004b72 RDI: 0000000000000003 [ 111.448835][ T9093] RBP: 00007f01a5f95090 R08: 0000000000000000 R09: 0000000000000000 [ 111.448845][ T9093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 111.448855][ T9093] R13: 00007f01a5416038 R14: 00007f01a5415fa0 R15: 00007ffc4e3ba9a8 [ 111.448882][ T9093] [ 111.627921][ T9099] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported [ 111.805825][ T9115] program syz.0.1074 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 112.203032][ T9141] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 112.203032][ T9141] The task syz.1.1084 (9141) triggered the difference, watch for misbehavior. [ 112.215020][ T9143] __nla_validate_parse: 4 callbacks suppressed [ 112.215032][ T9143] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1086'. [ 112.348459][ T9150] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 112.411208][ T9150] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 112.470341][ T9150] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 112.879842][ T9171] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1095'. [ 113.229448][ T9199] random: crng reseeded on system resumption [ 113.440366][ T9203] tmpfs: Unknown parameter '.' [ 114.296552][ T10] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 114.447955][ T10] usb 8-1: config 1 has an invalid interface number: 7 but max is 0 [ 114.451118][ T10] usb 8-1: config 1 has no interface number 0 [ 114.453608][ T10] usb 8-1: config 1 interface 7 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B [ 114.457728][ T10] usb 8-1: config 1 interface 7 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 114.460354][ T9211] IPv4: Oversized IP packet from 127.202.26.0 [ 114.461100][ T10] usb 8-1: config 1 interface 7 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 114.469455][ T10] usb 8-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00 [ 114.473005][ T10] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 114.475766][ T10] usb 8-1: Product: syz [ 114.477464][ T10] usb 8-1: Manufacturer: syz [ 114.479351][ T10] usb 8-1: SerialNumber: syz [ 114.486877][ T9209] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 114.511494][ T9213] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1110'. [ 114.523243][ T9215] macsec0: entered promiscuous mode [ 114.525260][ T9215] macsec0: entered allmulticast mode [ 114.527334][ T9215] veth1_macvtap: entered allmulticast mode [ 114.558520][ T9217] netlink: 'syz.1.1112': attribute type 30 has an invalid length. [ 114.564587][ T9217] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1112'. [ 114.643210][ T9224] netlink: 'syz.1.1115': attribute type 49 has an invalid length. [ 114.784740][ T9229] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 114.790646][ T9229] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 114.794501][ T9229] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 114.797486][ T9229] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 115.049708][ T9233] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 115.420996][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 115.638298][ T40] kauditd_printk_skb: 36 callbacks suppressed [ 115.638310][ T40] audit: type=1400 audit(1778017101.659:1291): avc: denied { ioctl } for pid=9241 comm="syz.0.1120" path="socket:[32817]" dev="sockfs" ino=32817 ioctlcmd=0x8903 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 115.671068][ T40] audit: type=1400 audit(1778017101.689:1292): avc: denied { ioctl } for pid=9248 comm="syz.0.1121" path="socket:[32006]" dev="sockfs" ino=32006 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 116.017376][ T9262] (syz.2.1123,9262,2):ocfs2_get_sector:1714 ERROR: status = -5 [ 116.021720][ T9262] (syz.2.1123,9262,2):ocfs2_sb_probe:753 ERROR: status = -5 [ 116.024978][ T9262] (syz.2.1123,9262,2):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 116.028921][ T9262] (syz.2.1123,9262,2):ocfs2_fill_super:1177 ERROR: status = -5 [ 116.118974][ T40] audit: type=1400 audit(1778017102.139:1293): avc: denied { mount } for pid=9261 comm="syz.2.1123" name="/" dev="9p" ino=72876321 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 116.129731][ T40] audit: type=1400 audit(1778017102.139:1294): avc: denied { write } for pid=9261 comm="syz.2.1123" name="/" dev="9p" ino=72876321 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 116.139225][ T40] audit: type=1400 audit(1778017102.139:1295): avc: denied { add_name } for pid=9261 comm="syz.2.1123" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 116.147626][ T40] audit: type=1400 audit(1778017102.139:1296): avc: denied { create } for pid=9261 comm="syz.2.1123" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 116.155608][ T40] audit: type=1400 audit(1778017102.139:1297): avc: denied { associate } for pid=9261 comm="syz.2.1123" name="file0" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 116.164299][ T40] audit: type=1400 audit(1778017102.139:1298): avc: denied { append } for pid=9261 comm="syz.2.1123" name="file0" dev="9p" ino=72876373 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 116.173556][ T40] audit: type=1400 audit(1778017102.139:1299): avc: denied { open } for pid=9261 comm="syz.2.1123" path="/280/file0/file0" dev="9p" ino=72876373 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 116.183192][ T40] audit: type=1400 audit(1778017102.149:1300): avc: denied { write } for pid=9261 comm="syz.2.1123" name="file0" dev="9p" ino=72876373 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 116.515444][ T9267] fuse: Bad value for 'fd' [ 116.681371][ T9275] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1107 sclass=netlink_route_socket pid=9275 comm=syz.1.1127 [ 116.764457][ T9284] netlink: 124 bytes leftover after parsing attributes in process `syz.2.1130'. [ 116.806083][ T9284] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=9284 comm=syz.2.1130 [ 116.901726][ T9284] 8021q: adding VLAN 0 to HW filter on device bond3 [ 116.908458][ T9284] 8021q: adding VLAN 0 to HW filter on device bond4 [ 116.914782][ T9284] A link change request failed with some changes committed already. Interface vxlan1 may have been left with an inconsistent configuration, please check. [ 116.922136][ T1041] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 116.927994][ T50] xfrm0 speed is unknown, defaulting to 1000 [ 116.928689][ T6988] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 116.937713][ T6988] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 116.948477][ T6988] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 116.951788][ T6988] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 116.967861][ T9296] tipc: Started in network mode [ 116.969552][ T9296] tipc: Node identity , cluster identity 4711 [ 116.971652][ T9296] tipc: Failed to set node id, please configure manually [ 116.974070][ T9296] tipc: Enabling of bearer rejected, failed to enable media [ 117.057561][ T10] usb 8-1: Incompatible driver and firmware versions [ 117.066314][ T10] usb 8-1: USB disconnect, device number 9 [ 117.081596][ T9299] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1135'. [ 117.109206][ T9301] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1136'. [ 117.122761][ T9304] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1137'. [ 117.143286][ T9301] 8021q: adding VLAN 0 to HW filter on device bond11 [ 117.157199][ T9306] MTD: Attempt to mount non-MTD device "/dev/nullb0" [ 117.163838][ T9306] VFS: Can't find a romfs filesystem on dev nullb0. [ 117.163838][ T9306] [ 117.297891][ C3] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 117.476900][ T1041] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 120.486690][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 121.924325][ T40] kauditd_printk_skb: 10 callbacks suppressed [ 121.924341][ T40] audit: type=1400 audit(1778017107.939:1311): avc: denied { unlink } for pid=9307 comm="syz.0.1139" name="#10" dev="tmpfs" ino=1330 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 121.936813][ T40] audit: type=1400 audit(1778017107.939:1312): avc: denied { read } for pid=9311 comm="syz.2.1141" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 121.945016][ T40] audit: type=1400 audit(1778017107.949:1313): avc: denied { read write } for pid=9309 comm="syz.1.1140" name="event1" dev="devtmpfs" ino=942 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 121.955214][ T40] audit: type=1400 audit(1778017107.949:1314): avc: denied { open } for pid=9309 comm="syz.1.1140" path="/dev/input/event1" dev="devtmpfs" ino=942 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 121.965800][ T40] audit: type=1400 audit(1778017107.949:1315): avc: denied { mount } for pid=9307 comm="syz.0.1139" name="/" dev="overlay" ino=1325 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 122.046007][ T40] audit: type=1400 audit(1778017108.059:1316): avc: denied { setopt } for pid=9309 comm="syz.1.1140" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 122.102892][ T40] audit: type=1400 audit(1778017108.119:1317): avc: denied { name_bind } for pid=9307 comm="syz.0.1139" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 123.249016][ T9323] netlink: 220 bytes leftover after parsing attributes in process `syz.2.1143'. [ 123.254024][ T9323] netlink: 212348 bytes leftover after parsing attributes in process `syz.2.1143'. [ 123.273100][ T40] audit: type=1400 audit(1778017109.289:1318): avc: denied { unmount } for pid=5731 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 123.317940][ T40] audit: type=1400 audit(1778017109.339:1319): avc: denied { search } for pid=9327 comm="syz.2.1146" name="/" dev="nfsd" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfsd_fs_t tclass=dir permissive=1 [ 123.325905][ T9329] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1146'. [ 123.333785][ T40] audit: type=1400 audit(1778017109.349:1320): avc: denied { search } for pid=9327 comm="syz.2.1146" name="/" dev="nfsd" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfsd_fs_t tclass=dir permissive=1 [ 123.341174][ T9330] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=272 sclass=netlink_xfrm_socket pid=9330 comm=syz.0.1145 [ 123.397681][ T9340] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1151'. [ 123.439121][ T9344] tmpfs: Bad value for 'mpol' [ 123.593258][ T9354] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1155'. [ 123.630229][ T9354] 8021q: adding VLAN 0 to HW filter on device bond4 [ 123.725499][ T9365] erspan1: entered promiscuous mode [ 123.976112][ T9381] /dev/sg0: Can't lookup blockdev [ 124.001437][ T9383] gfs2: error -5 reading superblock [ 124.010543][ T9384] gfs2: error -5 reading superblock [ 124.109014][ T9390] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1166'. [ 124.122192][ T9390] 8021q: adding VLAN 0 to HW filter on device bond5 [ 124.281629][ T9404] netlink: 'syz.0.1171': attribute type 30 has an invalid length. [ 124.285026][ T9404] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1171'. [ 124.512853][ T9416] dv_s: renamed from bridge_slave_1 (while UP) [ 124.582568][ C3] IPv4: Oversized IP packet from 127.0.0.1 [ 124.630467][ T9427] netlink: 'syz.1.1180': attribute type 30 has an invalid length. [ 124.633649][ T9427] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1180'. [ 124.732227][ T9436] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1184'. [ 124.831810][ T9444] netlink: 108 bytes leftover after parsing attributes in process `syz.1.1188'. [ 124.914667][ T9454] netdevsim netdevsim0 netdevsim0: entered allmulticast mode [ 124.919164][ T9455] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 125.474021][ T9504] netlink: 'syz.0.1206': attribute type 5 has an invalid length. [ 125.485847][ T9504] geneve2: entered promiscuous mode [ 125.488897][ T9504] geneve2: entered allmulticast mode [ 125.493057][ T6981] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0 [ 125.493083][ T6981] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0 [ 125.493101][ T6981] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0 [ 125.493118][ T6981] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0 [ 125.619755][ T9519] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined [ 125.697288][ T9517] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9517 comm=syz.0.1211 [ 125.718967][ T9532] ADFS-fs (nbd1): error: unable to read block 3, try 0 [ 125.729759][ T9532] ADFS-fs (nbd1): error: unable to read block 3, try 0 [ 125.734637][ T9532] ADFS-fs (nbd1): error: unable to read block 3, try 0 [ 125.780660][ T9538] netlink: 'syz.1.1216': attribute type 30 has an invalid length. [ 125.961363][ T9554] ip6tnl2: entered promiscuous mode [ 126.081016][ T9569] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9569 comm=syz.0.1226 [ 126.104550][ T9571] netlink: 'syz.1.1227': attribute type 30 has an invalid length. [ 126.214712][ T9583] 8021q: adding VLAN 0 to HW filter on device bond7 [ 126.273321][ T9586] openvswitch: netlink: Duplicate or invalid key (type 0). [ 126.276976][ T9586] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 126.286058][ T9595] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=65296 sclass=netlink_xfrm_socket pid=9595 comm=syz.1.1235 [ 126.353628][ T9601] netlink: 'syz.1.1237': attribute type 30 has an invalid length. [ 126.509287][ T9623] loop9: detected capacity change from 0 to 7 [ 126.571422][ C3] blk_print_req_error: 25 callbacks suppressed [ 126.571433][ C3] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 126.576657][ C3] buffer_io_error: 25 callbacks suppressed [ 126.576666][ C3] Buffer I/O error on dev loop9, logical block 0, async page read [ 126.584165][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 126.588232][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 126.592616][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 126.596718][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 126.601895][ C3] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 126.604958][ C3] Buffer I/O error on dev loop9, logical block 0, async page read [ 126.610602][ C3] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 126.613643][ C3] Buffer I/O error on dev loop9, logical block 0, async page read [ 126.617764][ C3] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 126.620675][ T9639] netlink: 'syz.2.1249': attribute type 30 has an invalid length. [ 126.620790][ C3] Buffer I/O error on dev loop9, logical block 0, async page read [ 126.634275][ T9623] ldm_validate_partition_table(): Disk read failed. [ 126.634337][ C2] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 126.639953][ C2] Buffer I/O error on dev loop9, logical block 0, async page read [ 126.644011][ C2] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 126.647439][ C2] Buffer I/O error on dev loop9, logical block 0, async page read [ 126.650192][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 126.654341][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 126.659231][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 126.663265][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 126.668893][ T9623] Dev loop9: unable to read RDB block 0 [ 126.671814][ T9623] loop9: unable to read partition table [ 126.674272][ T9623] loop9: partition table beyond EOD, truncated [ 126.678185][ T9623] loop_reread_partitions: partition scan of loop9 () failed (rc=-5) [ 126.859742][ T9662] can: request_module (can-proto-0) failed. [ 127.129172][ T9684] 8021q: adding VLAN 0 to HW filter on device bond8 [ 127.138692][ C2] IPv4: Oversized IP packet from 127.0.0.1 [ 127.447428][ T9705] netlink: 'syz.2.1268': attribute type 30 has an invalid length. [ 127.489042][ T40] kauditd_printk_skb: 49 callbacks suppressed [ 127.489058][ T40] audit: type=1400 audit(1778017113.509:1370): avc: denied { mounton } for pid=9706 comm="syz.2.1269" path="/syzcgroup/unified/syz2" dev="nfsd" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfsd_fs_t tclass=dir permissive=1 [ 127.501029][ T9707] MTD: Attempt to mount non-MTD device "/dev/sr0" [ 127.512865][ T9707] romfs: unable to set blocksize [ 127.512865][ T9707] [ 127.546647][ T5884] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 127.673402][ T40] audit: type=1400 audit(1778017113.689:1371): avc: denied { create } for pid=9712 comm="syz.0.1270" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 127.686286][ T40] audit: type=1400 audit(1778017113.689:1372): avc: denied { ioctl } for pid=9712 comm="syz.0.1270" path="socket:[32461]" dev="sockfs" ino=32461 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 127.717977][ T5884] usb 6-1: Using ep0 maxpacket: 8 [ 127.723945][ T5884] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 127.736764][ T5884] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 127.742179][ T5884] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 127.748537][ T5884] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 127.754359][ T5884] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 127.759863][ T5884] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 127.763537][ T5884] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 127.764225][ T9720] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9720 comm=syz.0.1271 [ 127.802668][ T9720] netlink: 'syz.0.1271': attribute type 4 has an invalid length. [ 127.807798][ T9720] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 127.958137][ T40] audit: type=1400 audit(1778017113.979:1373): avc: denied { read write } for pid=9721 comm="syz.0.1272" name="uhid" dev="devtmpfs" ino=1295 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 127.966163][ T40] audit: type=1400 audit(1778017113.979:1374): avc: denied { open } for pid=9721 comm="syz.0.1272" path="/dev/uhid" dev="devtmpfs" ino=1295 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 127.974754][ T5884] usb 6-1: usb_control_msg returned -32 [ 127.976913][ T5884] usbtmc 6-1:16.0: can't read capabilities [ 128.061996][ T9727] netlink: 'syz.3.1274': attribute type 10 has an invalid length. [ 128.064815][ T9727] bridge0: port 2(bridge_slave_1) entered disabled state [ 128.067717][ T9727] bridge0: port 1(bridge_slave_0) entered disabled state [ 128.073215][ T9727] bridge0: port 2(bridge_slave_1) entered blocking state [ 128.075665][ T9727] bridge0: port 2(bridge_slave_1) entered forwarding state [ 128.079117][ T9727] bridge0: port 1(bridge_slave_0) entered blocking state [ 128.081488][ T9727] bridge0: port 1(bridge_slave_0) entered forwarding state [ 128.087814][ T9727] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 128.094828][ T9727] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 128.098731][ T9727] bridge_slave_1: left allmulticast mode [ 128.100661][ T9727] bridge_slave_1: left promiscuous mode [ 128.104676][ T9727] bridge0: port 2(bridge_slave_1) entered disabled state [ 128.109785][ T9727] bridge_slave_0: left allmulticast mode [ 128.111691][ T9727] bridge_slave_0: left promiscuous mode [ 128.113635][ T9727] bridge0: port 1(bridge_slave_0) entered disabled state [ 128.125059][ T9727] bond0: (slave bridge0): Releasing backup interface [ 128.343830][ T5839] usb 6-1: USB disconnect, device number 8 [ 128.373418][ T9737] __nla_validate_parse: 20 callbacks suppressed [ 128.373458][ T9737] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1277'. [ 128.381213][ T9737] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1277'. [ 128.381354][ T9737] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1277'. [ 128.522891][ T9757] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1285'. [ 128.527816][ T9757] nbd: error processing sock list [ 128.553299][ T9759] Can't find a SQUASHFS superblock on nullb0 [ 128.601019][ T40] audit: type=1400 audit(1778017114.619:1375): avc: denied { getopt } for pid=9760 comm="syz.1.1287" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 128.605075][ T9763] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1288'. [ 128.780520][ T9783] virtio-fs: tag not found [ 128.783879][ T9783] f2fs: Unknown parameter '/dev/sg0' [ 128.878821][ T40] audit: type=1400 audit(1778017114.899:1376): avc: denied { read } for pid=9788 comm="syz.1.1297" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 128.889179][ T40] audit: type=1400 audit(1778017114.899:1377): avc: denied { open } for pid=9788 comm="syz.1.1297" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 128.897555][ T40] audit: type=1400 audit(1778017114.899:1378): avc: denied { ioctl } for pid=9788 comm="syz.1.1297" path="/dev/fb0" dev="devtmpfs" ino=637 ioctlcmd=0x4620 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 128.933828][ T9794] The dccp option matching is deprecated and scheduled to be removed in 2027. [ 128.933828][ T9794] Please contact the netfilter-devel mailing list or update your nftables rules. [ 129.138966][ T6981] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 129.142931][ T6981] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 129.150410][ T6981] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 129.154268][ T6981] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 129.220435][ T40] audit: type=1400 audit(1778017115.239:1379): avc: denied { accept } for pid=9804 comm="syz.0.1303" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 129.307760][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 129.323764][ T9821] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1308'. [ 129.351232][ T9821] 8021q: adding VLAN 0 to HW filter on device bond12 [ 129.451267][ T9835] overlayfs: failed to resolve './bus': -2 [ 129.454197][ T9835] validate_nla: 1 callbacks suppressed [ 129.454207][ T9835] netlink: 'syz.3.1312': attribute type 7 has an invalid length. [ 129.460603][ T9835] netlink: 'syz.3.1312': attribute type 8 has an invalid length. [ 129.463542][ T9835] netlink: 'syz.3.1312': attribute type 7 has an invalid length. [ 129.466211][ T9835] netlink: 'syz.3.1312': attribute type 8 has an invalid length. [ 129.470047][ T9835] netlink: 'syz.3.1312': attribute type 7 has an invalid length. [ 129.472808][ T9835] netlink: 'syz.3.1312': attribute type 8 has an invalid length. [ 129.475665][ T9835] netlink: 'syz.3.1312': attribute type 7 has an invalid length. [ 129.478741][ T9835] netlink: 'syz.3.1312': attribute type 8 has an invalid length. [ 129.481450][ T9835] netlink: 'syz.3.1312': attribute type 7 has an invalid length. [ 129.484056][ T9835] netlink: 'syz.3.1312': attribute type 8 has an invalid length. [ 129.553652][ T9846] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1315'. [ 129.558603][ T9846] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1315'. [ 129.561802][ T9846] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1315'. [ 129.570978][ T62] Bluetooth: hci4: sending frame failed (-49) [ 129.579016][ T5092] Bluetooth: hci4: Opcode 0x1003 failed: -49 [ 129.624205][ T9850] bond13: option primary: mode dependency failed, not supported in mode balance-rr(0) [ 129.631709][ T9850] bond13 (unregistering): Released all slaves [ 131.797981][ T9949] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1352'. [ 132.032349][ T9957] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 133.465885][ T40] kauditd_printk_skb: 4 callbacks suppressed [ 133.465900][ T40] audit: type=1400 audit(1778017119.479:1384): avc: denied { map } for pid=10016 comm="syz.1.1377" path="/dev/comedi4" dev="devtmpfs" ino=1305 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 133.477851][ T40] audit: type=1400 audit(1778017119.489:1385): avc: denied { execute } for pid=10016 comm="syz.1.1377" path="/dev/comedi4" dev="devtmpfs" ino=1305 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 133.514557][ T40] audit: type=1400 audit(1778017119.529:1386): avc: denied { shutdown } for pid=10018 comm="syz.1.1378" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 133.536622][ T40] audit: type=1400 audit(1778017119.539:1387): avc: denied { read } for pid=10018 comm="syz.1.1378" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 134.566685][ T8482] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 134.726570][ T8482] usb 5-1: Using ep0 maxpacket: 16 [ 134.730432][ T8482] usb 5-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 134.735140][ T8482] usb 5-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0 [ 134.740474][ T8482] usb 5-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 28 [ 134.745948][ T8482] usb 5-1: config 0 interface 0 has no altsetting 0 [ 134.748947][ T8482] usb 5-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 134.752850][ T8482] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 134.760229][ T8482] usb 5-1: config 0 descriptor?? [ 135.003052][T10061] tipc: Enabling of bearer rejected, failed to enable media [ 135.370863][ T8482] usb 5-1: USB disconnect, device number 6 [ 135.664880][T10083] [ 135.666210][T10083] ============================= [ 135.669027][T10083] WARNING: suspicious RCU usage [ 135.671245][T10083] syzkaller #0 Tainted: G L [ 135.674314][T10083] ----------------------------- [ 135.676810][T10083] kernel/events/callchain.c:163 suspicious rcu_dereference_check() usage! [ 135.680304][T10083] [ 135.680304][T10083] other info that might help us debug this: [ 135.680304][T10083] [ 135.687077][T10083] [ 135.687077][T10083] rcu_scheduler_active = 2, debug_locks = 1 [ 135.690501][T10083] 1 lock held by syz.3.1406/10083: [ 135.693538][T10083] #0: ffffffff8e7e46d8 (rcu_tasks_trace_srcu_struct){....}-{0:0}, at: bpf_prog_test_run_syscall+0x301/0xad0 [ 135.698605][T10083] [ 135.698605][T10083] stack backtrace: [ 135.701111][T10083] CPU: 1 UID: 0 PID: 10083 Comm: syz.3.1406 Tainted: G L syzkaller #0 PREEMPT(full) [ 135.701137][T10083] Tainted: [L]=SOFTLOCKUP [ 135.701143][T10083] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 135.701155][T10083] Call Trace: [ 135.701162][T10083] [ 135.701168][T10083] dump_stack_lvl+0x100/0x190 [ 135.701194][T10083] lockdep_rcu_suspicious.cold+0x4f/0xb1 [ 135.701228][T10083] get_callchain_entry+0x278/0x3f0 [ 135.701255][T10083] get_perf_callchain+0x2d6/0x9c0 [ 135.701273][T10083] ? rcu_is_watching+0x11/0xc0 [ 135.701301][T10083] ? __pfx_get_perf_callchain+0x10/0x10 [ 135.701327][T10083] ? __lock_acquire+0x4a5/0x2630 [ 135.701375][T10083] __bpf_get_stack+0x531/0xa90 [ 135.701403][T10083] ? __pfx___bpf_get_stack+0x10/0x10 [ 135.701430][T10083] bpf_get_stack+0x32/0x40 [ 135.701451][T10083] bpf_get_stack_raw_tp+0x1dd/0x280 [ 135.701478][T10083] bpf_prog_42db8cfdf50901c9+0x46/0x4e [ 135.701500][T10083] bpf_prog_test_run_syscall+0x4b1/0xad0 [ 135.701526][T10083] ? __pfx_bpf_prog_test_run_syscall+0x10/0x10 [ 135.701549][T10083] ? fput+0x79/0x100 [ 135.701572][T10083] ? __bpf_prog_get+0x97/0x2a0 [ 135.701596][T10083] ? __pfx_bpf_prog_test_run_syscall+0x10/0x10 [ 135.701619][T10083] __sys_bpf+0x1725/0x4b90 [ 135.701638][T10083] ? __pfx___sys_bpf+0x10/0x10 [ 135.701664][T10083] ? __pfx_futex_wait+0x10/0x10 [ 135.701696][T10083] ? do_futex+0x192/0x350 [ 135.701735][T10083] ? __pfx___x64_sys_futex+0x10/0x10 [ 135.701760][T10083] ? exit_to_user_mode_loop+0xdd/0x4a0 [ 135.701783][T10083] ? rcu_is_watching+0x12/0xc0 [ 135.701812][T10083] __x64_sys_bpf+0x7b/0xc0 [ 135.701827][T10083] ? lockdep_hardirqs_on+0x78/0x100 [ 135.701858][T10083] do_syscall_64+0x10b/0xf80 [ 135.701880][T10083] ? clear_bhb_loop+0x40/0x90 [ 135.701902][T10083] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 135.701923][T10083] RIP: 0033:0x7f64f279cdd9 [ 135.701939][T10083] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 135.701957][T10083] RSP: 002b:00007f64f36b9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 135.701973][T10083] RAX: ffffffffffffffda RBX: 00007f64f2a15fa0 RCX: 00007f64f279cdd9 [ 135.701986][T10083] RDX: 000000000000000c RSI: 00002000000004c0 RDI: 000000000000000a [ 135.701996][T10083] RBP: 00007f64f2832d69 R08: 0000000000000000 R09: 0000000000000000 [ 135.702006][T10083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 135.702017][T10083] R13: 00007f64f2a16038 R14: 00007f64f2a15fa0 R15: 00007ffe3efa6688 [ 135.702040][T10083] [ 137.769936][ T1434] ieee802154 phy0 wpan0: encryption failed: -22 [ 137.772787][ T1434] ieee802154 phy1 wpan1: encryption failed: -22