last executing test programs: 32.131138625s ago: executing program 2 (id=108): capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002600)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = socket$inet6(0xa, 0x80003, 0xff) setsockopt$inet6_mreq(r1, 0x29, 0x7, &(0x7f0000000680)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x14) socket$inet6_tcp(0xa, 0x1, 0x0) (async) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_int(r2, 0x29, 0x35, 0x0, &(0x7f0000003240)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) prctl$PR_SET_IO_FLUSHER(0x43, 0x1) syz_open_procfs(0x0, &(0x7f0000000200)='setgroups\x00') (async) syz_open_procfs(0x0, &(0x7f0000000200)='setgroups\x00') 31.839532551s ago: executing program 2 (id=119): io_setup(0x30, &(0x7f0000000600)=0x0) openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002) (async) r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002) io_submit(r0, 0x1, &(0x7f0000000180)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000000c0)="01", 0x24}]) (async) io_submit(r0, 0x1, &(0x7f0000000180)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000000c0)="01", 0x24}]) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0xc0, 0x11cfa, 0x0, 0x8000008, 0x2, 0x4, 0x1, 0x0, 0x2}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r2, 0x40505330, &(0x7f00000001c0)={0x800100, 0xffffffff, 0x1, 0x4000e1d9, 0x5, 0x102}) 24.598819875s ago: executing program 2 (id=119): io_setup(0x30, &(0x7f0000000600)=0x0) openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002) (async) r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002) io_submit(r0, 0x1, &(0x7f0000000180)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000000c0)="01", 0x24}]) (async) io_submit(r0, 0x1, &(0x7f0000000180)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000000c0)="01", 0x24}]) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0xc0, 0x11cfa, 0x0, 0x8000008, 0x2, 0x4, 0x1, 0x0, 0x2}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r2, 0x40505330, &(0x7f00000001c0)={0x800100, 0xffffffff, 0x1, 0x4000e1d9, 0x5, 0x102}) 17.450231522s ago: executing program 2 (id=119): io_setup(0x30, &(0x7f0000000600)=0x0) openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002) (async) r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002) io_submit(r0, 0x1, &(0x7f0000000180)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000000c0)="01", 0x24}]) (async) io_submit(r0, 0x1, &(0x7f0000000180)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000000c0)="01", 0x24}]) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0xc0, 0x11cfa, 0x0, 0x8000008, 0x2, 0x4, 0x1, 0x0, 0x2}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r2, 0x40505330, &(0x7f00000001c0)={0x800100, 0xffffffff, 0x1, 0x4000e1d9, 0x5, 0x102}) 11.95845864s ago: executing program 2 (id=119): io_setup(0x30, &(0x7f0000000600)=0x0) openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002) (async) r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002) io_submit(r0, 0x1, &(0x7f0000000180)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000000c0)="01", 0x24}]) (async) io_submit(r0, 0x1, &(0x7f0000000180)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000000c0)="01", 0x24}]) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0xc0, 0x11cfa, 0x0, 0x8000008, 0x2, 0x4, 0x1, 0x0, 0x2}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r2, 0x40505330, &(0x7f00000001c0)={0x800100, 0xffffffff, 0x1, 0x4000e1d9, 0x5, 0x102}) 5.459354621s ago: executing program 2 (id=119): io_setup(0x30, &(0x7f0000000600)=0x0) openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002) (async) r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002) io_submit(r0, 0x1, &(0x7f0000000180)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000000c0)="01", 0x24}]) (async) io_submit(r0, 0x1, &(0x7f0000000180)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000000c0)="01", 0x24}]) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0xc0, 0x11cfa, 0x0, 0x8000008, 0x2, 0x4, 0x1, 0x0, 0x2}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r2, 0x40505330, &(0x7f00000001c0)={0x800100, 0xffffffff, 0x1, 0x4000e1d9, 0x5, 0x102}) 1.280137545s ago: executing program 0 (id=684): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1a00000007"], 0x50) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f0000001b80)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="8f010000", @ANYRES16=r3, @ANYBLOB="050000000000fbdbdf254400000008000300", @ANYRES32=r4, @ANYBLOB="0000180003030303030300000000270001000000000024001830e06c360230b6e0b69b16640236868924860400000c006400000000005a8000000380000005003b48010000010000010009000100030000000200204c3245274931153f25500ab95039374b4030220d1c2e1b4d412e1f5409391d515749073c450045204d3e1c0c2a2f2404073037052e3b131a5110093033252103185740310000000000060000000000000001000148040b48361b120000008000000400030000000000028000000700020000000000080100000d00ffff000000000d0000000000"], 0x2c}}, 0x4044000) syz_emit_ethernet(0x32, &(0x7f0000000340)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaa63eedee9595e26448000020000000000089907800000000ffffffff01830350070773ac1414aa00"], 0x0) writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000000)='4'}], 0x1) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x2180, 0x0) ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000080)=0xe) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r6 = fsmount(0xffffffffffffffff, 0x1, 0x8f) openat$cgroup_procs(r6, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) ioctl$KVM_CAP_VM_DISABLE_NX_HUGE_PAGES(r6, 0x4068aea3, &(0x7f0000000240)) ioctl$BTRFS_IOC_SPACE_INFO(r5, 0x541b, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYRES32=r0], 0x6) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r7 = openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r7, 0x7a7, 0x0) ioctl$IOCTL_VMCI_INIT_CONTEXT(r7, 0x7a0, &(0x7f0000000000)={@my=0x0}) ioctl$IOCTL_VMCI_NOTIFICATIONS_RECEIVE(r6, 0x7a6, 0x0) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000040), r8) sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[], 0x38}}, 0x40) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$bt_l2cap(r6, 0x0, 0xfe98) write$binfmt_misc(r1, &(0x7f0000000000), 0xd) finit_module(0xffffffffffffffff, &(0x7f0000000040)='!^/}\x00', 0x2) 1.279949414s ago: executing program 0 (id=685): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000002000000140001800500020001"], 0x28}, 0x1, 0x0, 0x0, 0x20044811}, 0x2000c094) sendmsg$MPTCP_PM_CMD_DEL_ADDR(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000140)={&(0x7f0000000040)={0x64, r2, 0x8, 0x70bd25, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x5}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x2}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0xb}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x8}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x1}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x14, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x7}]}, 0x64}, 0x1, 0x0, 0x0, 0x20000004}, 0x1) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x15, 0x301, 0x0, 0x0, {0xb}}, 0x14}}, 0x0) sendmsg$NLBL_UNLABEL_C_STATICADD(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x8, 0x3000000000002}, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000100)={0xc, 0x0, &(0x7f00000002c0)=[@free_buffer={0x40086315}], 0x0, 0x0, 0x0}) 1.209437823s ago: executing program 0 (id=686): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000100000000000000000a20000000000a01020000000000000000010000000900010073797a300000000040000000160a01000000000000000000010000000900010073797a30000000000900020073797a3000000000140003800800014000000000080002400000000050000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000001c00038018000380140001007465616d300000000000000000000000080007"], 0xd8}, 0x1, 0x0, 0x0, 0x4008005}, 0x8d4) 1.208182337s ago: executing program 0 (id=687): bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000200)={0x8001}, 0x8) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='net/netlink\x00') r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$VHOST_SET_VRING_ERR(0xffffffffffffffff, 0x4008af22, &(0x7f00000002c0)={0x1}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=@getchain={0x24, 0x66, 0xfcd66a900070b359, 0x70bd26, 0x25dfdbf7, {0x0, 0x0, 0x0, 0x0, {0xfff1, 0x1}, {}, {0xa, 0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x4040011}, 0x44030) ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000000)=0x1) syz_kvm_setup_cpu$x86(r0, r1, &(0x7f00001b4000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x12, 0x0, 0x0) ioctl$KVM_SET_CPUID2(r1, 0x4048aecb, &(0x7f00000002c0)=ANY=[]) ioctl$KVM_GET_VCPU_EVENTS(r1, 0x4048aecb, &(0x7f0000000000)) 1.16031966s ago: executing program 0 (id=688): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TIOCNOTTY(r0, 0x5422) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) io_setup(0x3ff, &(0x7f0000000500)=0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000000c0)={0x0}, &(0x7f0000000100)=0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={r4, r2, 0x0, 0x4, &(0x7f0000000140)='@$\x8a\x00'}, 0x30) io_submit(r3, 0x2, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f00000001c0)='m', 0x1}]) 1.010016397s ago: executing program 0 (id=689): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000cc0)={'syz1\x00', {}, 0x0, [0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2, 0x0, 0x0, 0x0, 0x3, 0xe, 0x721a2d63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffffc], [0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xc7, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400]}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) readv(r0, &(0x7f0000001900)=[{&(0x7f0000000040)=""/65, 0x41}], 0x1) r1 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) fcntl$setsig(r1, 0xa, 0x13) fcntl$setlease(r1, 0x400, 0x0) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280)) timer_settime(0x0, 0x0, 0x0, 0x0) truncate(&(0x7f0000000140)='./file0\x00', 0x0) 317.931843ms ago: executing program 3 (id=692): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="020000000400000008"], 0x50) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x28}}, 0x10) sendto$inet(r1, &(0x7f00000000c0)="f72bacc3ca1aaadf08e239411cbcf4b2ef918084f500db36e2ef38b56d756f041132", 0x22, 0x0, &(0x7f00000004c0)={0x2, 0x4e20, @multicast1}, 0x10) readv(r0, 0x0, 0x0) 317.293963ms ago: executing program 3 (id=693): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, 0xffffffffffffffff}, 0x4) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x1d, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000a7080000000000007b8a20ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000002b70500000800000085000000b6000000b7080000000000007b8af8ff00000000b7080000060000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000c500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) 316.862405ms ago: executing program 3 (id=694): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) (async) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) (async) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000370400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800900010003000000000000ff010002800800edfffeffffff317d9ba349d9a3e928600ca815ed8a671e995f417f314b3685804c2b1fcc5aa397ebd103d5060415f489e7f2606fd12c72068f62126b05a7ae79087b6780968a9223f47db33fda019b9dd49e6000a403d126f7e8bde53ddd25d999cf"], 0x3c}}, 0x0) (async) chdir(&(0x7f0000000280)='./file0\x00') (async) unlink(&(0x7f0000000000)='./file0\x00') r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$SEG6_CMD_GET_TUNSRC(0xffffffffffffffff, &(0x7f00000011c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001180)={&(0x7f0000001100)=ANY=[@ANYBLOB="f78686d3", @ANYRES16=r1, @ANYBLOB="20002abd7000fcdbdf250400000014000100000000000000000000000000000000000500050003000000080002000200000005000500020000000500050002000000"], 0x48}, 0x1, 0x0, 0x0, 0x4004}, 0x4) (async, rerun: 32) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) (rerun: 32) fstat(r2, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0xffffffffffffffff, r3, 0xffffffffffffffff) (async, rerun: 32) mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0xa00212, &(0x7f0000000200)=ANY=[@ANYBLOB='nr_inodes=g58,huge=alwbys,uid=', @ANYRESHEX=r3, @ANYBLOB=',mpol=interleave=static,appraise_type=imasig,\x00']) (async, rerun: 32) mknod$loop(&(0x7f0000000040)='./file0\x00', 0x0, 0x1) (async) ioctl$NS_GET_PARENT(0xffffffffffffffff, 0x8004b706, 0x0) (async) r4 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_DELLINK(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="18000000131401010000000000000000080001"], 0x18}}, 0x0) (async) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) (async) sendmsg$NL802154_CMD_SET_CHANNEL(r5, 0x0, 0xc004) (async) r6 = syz_open_dev$MSR(0x0, 0x0, 0x0) read$msr(r6, 0x0, 0x0) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r7 = socket$inet_sctp(0x2, 0x800000000000001, 0x84) (async) r8 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_sock_size\x00', 0x2, 0x0) getpid() (async) write$cgroup_int(r8, &(0x7f0000000340)=0x4, 0x12) (async, rerun: 64) setsockopt$IP_VS_SO_SET_STARTDAEMON(r7, 0x0, 0x48b, &(0x7f0000000000)={0x2, 'hsr0\x00', 0x4}, 0x18) (rerun: 64) setreuid(0xee01, 0xee01) (async) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001000)=ANY=[@ANYBLOB="300000003e000701feffffdf00000000017e72eda97c00000600800a00000c00028008001780b14b5ba8bb40d495798ca4cc45457a85107a23cd5355c56460f781129318fd1f48ad635843f802d3e1ba138092186c7b669163e123ac43b43c698c296097f070477b17831a1d14d827bfa06950d7d0305adf234855a88527ad154fb8433a475724f1a3953c6d623178b5ef10f9284a421eb31435b163d37f5b36351679ad2d611394b9b8fc0700ac4c3e1e7cb3d115359fe201125ded1f9fce0158b23ebdbc8d18e6acbf882abbc7dc2714a2a91f656bc1ca8acce1a00742d6548506defbcb8ae7e8be1f05830d00"/252], 0x30}, 0x1, 0x0, 0x0, 0x404c0c0}, 0xc000) 250.997519ms ago: executing program 3 (id=695): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1a00000007"], 0x50) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x10) fcntl$setlease(r1, 0x400, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0) pread64(r2, &(0x7f0000001440)=""/126, 0x7e, 0x41) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r3, 0xffffffffffffffff, 0x0) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) writev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1) write$binfmt_misc(r0, &(0x7f0000000000), 0xd) r4 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff) write$binfmt_misc(r4, &(0x7f0000000140)="b64ef0e692b6268f4e7adfd07807bbb79ac912efbdcfa58e900d7f07a20e3e9ca5a2a6c3756845e5dd2353a8f0a5be84f7f92c89eeccc3fe10c129cc6e6d344bfb5ad20dc881047a4dda65", 0x4b) 199.820497ms ago: executing program 1 (id=697): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000200000000000000000a20000000000a01020000000000000000010000000900010073797a300000000040000000160a01000000000000000000010000000900010073797a30000000000900020073797a3000000000140003800800014000000000080002400000000050000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000001c00038018000380140001007465616d300000000000000000000000080007"], 0xd8}, 0x1, 0x0, 0x0, 0x4008005}, 0x8d4) 198.46219ms ago: executing program 1 (id=698): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$netlink(r0, &(0x7f0000001f80)={0x0, 0x0, &(0x7f0000001f00)=[{&(0x7f0000006480)={0x1c, 0x27, 0x1, 0x0, 0x0, "", [@nested={0xc, 0x0, 0x0, 0x1, [@typed={0x8, 0x23, 0x0, 0x0, @pid}]}]}, 0x1c}], 0x1}, 0x0) chdir(&(0x7f0000000100)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) syz_emit_ethernet(0x42, &(0x7f0000000140)=ANY=[@ANYBLOB="aaaaaaaaaaaa0380c20000000800480000340000000000069078ac141480ac1e00018907d700000000440400200000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="500200e3e2e5912fff7fa63f4b4f3701b34d0490781000"], 0x0) fcntl$lock(r1, 0x25, &(0x7f00000000c0)={0x0, 0x0, 0x7fffffff, 0xa}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="6000000010003b1528bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800900010076657468000100000400028008000300000000000500110001"], 0x60}, 0x1, 0x0, 0x0, 0x1}, 0x0) 130.422047ms ago: executing program 3 (id=699): r0 = syz_open_dev$vivid(&(0x7f0000000000), 0x1, 0x2) ioctl$VIDIOC_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000040)={0x0, @reserved}) ioctl$VIDIOC_G_JPEGCOMP(r0, 0x808c563d, &(0x7f0000000100)) (async) ioctl$F2FS_IOC_START_VOLATILE_WRITE(r0, 0xf503, 0x0) (async) ioctl$VIDIOC_ENUM_DV_TIMINGS(r0, 0xc0945662, &(0x7f00000001c0)={0xc8ab, 0x0, '\x00', {0x0, @bt={0x10, 0x0, 0x0, 0x0, 0x2, 0x1, 0x7, 0x3, 0x2, 0x10, 0x6, 0x3, 0xe, 0x4, 0x2, 0x3, {0x8, 0xff}, 0x3, 0x7}}}) (async) ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r0, 0x4020565b, &(0x7f0000000280)={0x0, 0x4}) (async) fsetxattr$trusted_overlay_upper(r0, &(0x7f00000002c0), &(0x7f0000000300)={0x0, 0xfb, 0xf8, 0x4, 0xe8, "b61825386ee5a1901bf427322dac8502", "acbb095bea2f3a48dcde652a21d208e56dcc37f585a7083fab33e8bcf3a949025ab745d9064127f4f4e5ecece1699fef34bd6133bf24fada05988a3676fae6ba3bfa7e16851c6557cc16ce552271c31521727abfc0f39d9e7a486060d11d7e7b5352bda29cca09a7ceae00f41c5002ab44653fcbeccb16ff5327e15b10dbc6e2cd62a50fee2fcf58adbb07341ed5106cf3c79311bf573e48a855d05ef677bd9c6873d55e301c5052122a449a62d3b70d4b6577944e4ea064d838804321ea994ca550c0948a6dfce20739ccb1ac4186aeb0d6f712673a559f5f68d3f1f566155a475ae2"}, 0xf8, 0x3) (async) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000400)={{0x1, 0x1, 0x18, r0, {0x2}}, './file0\x00'}) (async) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_REG(r1, &(0x7f0000000580)={&(0x7f0000000440), 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x6c, r2, 0x300, 0x70bd2b, 0x25dfdbfd, {}, [@NL80211_ATTR_REG_RULES={0x58, 0x22, 0x0, 0x1, [{0x3c, 0x0, 0x0, 0x1, [@NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x707}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x7fffffff}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x401}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x9}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x800}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x81}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x5}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x5}]}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x1}, 0x24040881) (async) ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r1, 0xc0305616, &(0x7f00000005c0)={0x0, {0x8, 0xfffffffc}}) (async) write$cgroup_pressure(r1, &(0x7f0000000600)={'some', 0x20, 0x2, 0x20, 0x5}, 0x2f) (async) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r1, 0xc0189372, &(0x7f0000000640)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) (async) r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) fcntl$setstatus(r5, 0x4, 0x42000) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async) ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r1, 0xc0305616, &(0x7f0000000680)={0x0, {0x4, 0x400}}) (async) r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000006c0), 0x2, 0x0) (async) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000700)={r3}) (async) r8 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) r9 = accept$unix(r1, 0x0, &(0x7f0000000740)) ioctl$FIDEDUPERANGE(r4, 0xc0189436, &(0x7f0000000780)={0x3, 0x6c89, 0x9, 0x0, 0x0, [{{r6}, 0xbe}, {{r0}, 0x8001}, {{r7}, 0x1}, {{r8}, 0x1}, {{r5}, 0x7}, {{r0}, 0x70b4}, {{r5}, 0x7}, {{r4}, 0x1}, {{r9}, 0x4}]}) r10 = openat$selinux_status(0xffffffffffffff9c, &(0x7f00000008c0), 0x0, 0x0) write$cgroup_pressure(r10, &(0x7f0000000900)={'full', 0x20, 0x80, 0x20, 0x5751}, 0x2f) (async) sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(r10, &(0x7f0000000a00)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000980)={0x3c, 0x2, 0x8, 0x207, 0x0, 0x0, {0x2, 0x0, 0x8}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x88b5}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x2f}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) ioctl$VIDIOC_QUERYBUF_DMABUF(r3, 0xc0585609, &(0x7f0000000a40)={0xffffffff, 0x4, 0x4, 0x4004, 0xffff6d04, {0x0, 0x2710}, {0x1, 0x8, 0x8, 0x0, 0x5, 0x0, "8f20b406"}, 0x4, 0x4, {}, 0x4, 0x0, r3}) (async) r11 = syz_genetlink_get_family_id$tipc(&(0x7f0000000b00), r7) sendmsg$TIPC_CMD_GET_REMOTE_MNG(r1, &(0x7f0000000bc0)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000b80)={&(0x7f0000000b40)={0x1c, r11, 0x4, 0x70bd27, 0x25dfdbfc, {}, ["", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20008801}, 0x20000000) (async) mq_open(&(0x7f0000000c00)='\x00', 0x40, 0x9, &(0x7f0000000c40)={0x7, 0x8, 0x7, 0x4}) 130.248292ms ago: executing program 1 (id=700): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x4, &(0x7f0000000140)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x1e}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='netlink_extack\x00', r1}, 0x10) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x20, 0x18, 0x229, 0x0, 0x0, {0x2}, [@nested={0xc, 0x8, 0x0, 0x1, [@typed={0x8, 0x10, 0x0, 0x0, @ipv4=@broadcast}]}]}, 0x20}}, 0x0) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000040)={'vcan0\x00', &(0x7f0000000200)=@ethtool_rx_ntuple={0x35, {0x11, @sctp_ip4_spec={@multicast2, @rand_addr=0x64010101, 0x4e23, 0x4e20, 0x5}, @udp_ip4_spec={@multicast1, @multicast1, 0x4e20, 0x4e22, 0x6}, 0x6, 0x2, 0x8, 0x40f, 0xfffffffffffffffe}}}) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x4, &(0x7f0000000140)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x1e}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='netlink_extack\x00', r1}, 0x10) (async) socket$netlink(0x10, 0x3, 0x0) (async) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x20, 0x18, 0x229, 0x0, 0x0, {0x2}, [@nested={0xc, 0x8, 0x0, 0x1, [@typed={0x8, 0x10, 0x0, 0x0, @ipv4=@broadcast}]}]}, 0x20}}, 0x0) (async) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000040)={'vcan0\x00', &(0x7f0000000200)=@ethtool_rx_ntuple={0x35, {0x11, @sctp_ip4_spec={@multicast2, @rand_addr=0x64010101, 0x4e23, 0x4e20, 0x5}, @udp_ip4_spec={@multicast1, @multicast1, 0x4e20, 0x4e22, 0x6}, 0x6, 0x2, 0x8, 0x40f, 0xfffffffffffffffe}}}) (async) 130.139676ms ago: executing program 3 (id=701): r0 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64) r1 = socket$inet6_udp(0xa, 0x2, 0x0) (rerun: 64) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0xd}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_MAX_RATE={0x8, 0x7, 0x9}]}}]}, 0x38}}, 0x0) (async) syz_usb_connect(0x0, 0x0, 0x0, 0x0) r3 = socket$inet_smc(0x2b, 0x1, 0x0) bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e21, @multicast2}, 0x10) (async) mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) r4 = open$dir(&(0x7f0000000180)='./file0\x00', 0x7e, 0x8a) fcntl$setstatus(r4, 0x4, 0x42400) (async) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) fcntl$setstatus(r5, 0x4, 0x2400) (async) r6 = open$dir(&(0x7f0000000180)='./file0\x00', 0x7e, 0x8a) fcntl$setstatus(r6, 0x4, 0x42400) open$dir(&(0x7f0000000380)='./file0\x00', 0xe340, 0x32) (async, rerun: 64) connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @empty}, 0x10) (async, rerun: 64) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x7, 0x1, 0x201, 0x0, 0x0, {0xa, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x20040000}, 0x4040800) (async, rerun: 32) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1) (rerun: 32) ioctl$KVM_RUN(r9, 0xae80, 0x0) (async) ioctl$KVM_SET_CPUID2(r9, 0x4048aecb, &(0x7f00000000c0)=ANY=[@ANYBLOB="070000000000000007000000ffffffff"]) (async) shutdown(r3, 0x1) 783.48µs ago: executing program 1 (id=702): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="020000000400000008"], 0x50) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x28}}, 0x10) sendto$inet(r1, &(0x7f00000000c0)="f72bacc3ca1aaadf08e239411cbcf4b2ef918084f500db36e2ef38b56d756f041132", 0x22, 0x0, &(0x7f00000004c0)={0x2, 0x4e20, @multicast1}, 0x10) readv(r0, 0x0, 0x0) 442.195µs ago: executing program 1 (id=703): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, 0xffffffffffffffff}, 0x4) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x1d, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000a7080000000000007b8a20ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000003b70500000800000085000000b6000000b7080000000000007b8af8ff00000000b7080000060000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000c500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) 0s ago: executing program 1 (id=704): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x1) mount(&(0x7f0000000100)=@nullb, &(0x7f0000000000)='./file0\x00', 0x0, 0x6800, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0182101, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000003c0)) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000080)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000240)={r2, 0x0, r1}) kernel console output (not intermixed with test programs): 053][ T5933] chnl_net:caif_netlink_parms(): no params data found [ 51.851883][ T5935] chnl_net:caif_netlink_parms(): no params data found [ 52.010369][ T5933] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.013144][ T5933] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.015655][ T5933] bridge_slave_0: entered allmulticast mode [ 52.018364][ T5933] bridge_slave_0: entered promiscuous mode [ 52.029558][ T5940] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.031824][ T5940] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.034197][ T5940] bridge_slave_0: entered allmulticast mode [ 52.037162][ T5940] bridge_slave_0: entered promiscuous mode [ 52.045091][ T5940] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.047401][ T5940] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.050354][ T5940] bridge_slave_1: entered allmulticast mode [ 52.052989][ T5940] bridge_slave_1: entered promiscuous mode [ 52.074104][ T5933] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.077589][ T5933] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.080605][ T5933] bridge_slave_1: entered allmulticast mode [ 52.084499][ T5933] bridge_slave_1: entered promiscuous mode [ 52.163396][ T5945] chnl_net:caif_netlink_parms(): no params data found [ 52.212651][ T5933] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 52.216132][ T5935] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.218433][ T5935] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.220714][ T5935] bridge_slave_0: entered allmulticast mode [ 52.223476][ T5935] bridge_slave_0: entered promiscuous mode [ 52.237647][ T5940] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 52.242495][ T5933] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 52.245484][ T5935] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.247758][ T5935] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.250004][ T5935] bridge_slave_1: entered allmulticast mode [ 52.252721][ T5935] bridge_slave_1: entered promiscuous mode [ 52.291495][ T5940] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 52.376541][ T5933] team0: Port device team_slave_0 added [ 52.380698][ T5935] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 52.392318][ T5940] team0: Port device team_slave_0 added [ 52.397001][ T5933] team0: Port device team_slave_1 added [ 52.400159][ T5935] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 52.408256][ T5940] team0: Port device team_slave_1 added [ 52.513775][ T5935] team0: Port device team_slave_0 added [ 52.529470][ T5940] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 52.531686][ T5940] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 52.541988][ T5940] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 52.549201][ T5940] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 52.551411][ T5940] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 52.560151][ T5940] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 52.564724][ T5933] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 52.567777][ T5933] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 52.578302][ T5933] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 52.584069][ T5935] team0: Port device team_slave_1 added [ 52.600144][ T5945] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.602923][ T5945] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.605828][ T5945] bridge_slave_0: entered allmulticast mode [ 52.608561][ T5945] bridge_slave_0: entered promiscuous mode [ 52.615283][ T5933] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 52.618239][ T5933] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 52.627171][ T5933] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 52.650239][ T5945] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.653301][ T5945] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.656806][ T5945] bridge_slave_1: entered allmulticast mode [ 52.660634][ T5945] bridge_slave_1: entered promiscuous mode [ 52.701105][ T5935] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 52.703306][ T5935] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 52.713084][ T5935] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 52.748414][ T5945] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 52.752869][ T5935] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 52.755870][ T5935] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 52.767120][ T5935] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 52.786668][ T5945] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 52.838188][ T5933] hsr_slave_0: entered promiscuous mode [ 52.841251][ T5933] hsr_slave_1: entered promiscuous mode [ 52.849132][ T5940] hsr_slave_0: entered promiscuous mode [ 52.852329][ T5940] hsr_slave_1: entered promiscuous mode [ 52.855482][ T5940] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 52.858999][ T5940] Cannot create hsr debugfs directory [ 52.896517][ T5945] team0: Port device team_slave_0 added [ 52.900683][ T5945] team0: Port device team_slave_1 added [ 53.021246][ T5935] hsr_slave_0: entered promiscuous mode [ 53.024346][ T5935] hsr_slave_1: entered promiscuous mode [ 53.027624][ T5935] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 53.030754][ T5935] Cannot create hsr debugfs directory [ 53.033653][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.036219][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.044402][ T5945] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.097101][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.099279][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.107550][ T5945] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.272417][ T5945] hsr_slave_0: entered promiscuous mode [ 53.275201][ T5945] hsr_slave_1: entered promiscuous mode [ 53.277289][ T5945] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 53.279786][ T5945] Cannot create hsr debugfs directory [ 53.505467][ T5936] Bluetooth: hci0: command tx timeout [ 53.505474][ T5947] Bluetooth: hci2: command tx timeout [ 53.506407][ T5947] Bluetooth: hci3: command tx timeout [ 53.506704][ T5298] Bluetooth: hci1: command tx timeout [ 53.522750][ T5940] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 53.532170][ T5940] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 53.552238][ T5940] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 53.566696][ T5940] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 53.606758][ T5933] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 53.613497][ T5933] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 53.626914][ T5933] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 53.634026][ T5933] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 53.686111][ T5945] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 53.694182][ T5945] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 53.728315][ T5945] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 53.732733][ T5945] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 53.787608][ T5940] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.791923][ T5935] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 53.799500][ T5935] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 53.807009][ T5935] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 53.817831][ T5935] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 53.839491][ T5940] 8021q: adding VLAN 0 to HW filter on device team0 [ 53.865110][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.868309][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.882689][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.885766][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.910813][ T5933] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.957307][ T5933] 8021q: adding VLAN 0 to HW filter on device team0 [ 53.973089][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.976185][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.990917][ T5945] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.010553][ T93] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.012894][ T93] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.019568][ T5935] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.032485][ T5945] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.038568][ T40] audit: type=1400 audit(1748558944.444:89): avc: denied { sys_module } for pid=5940 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 54.048002][ T93] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.051357][ T93] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.094450][ T5935] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.099748][ T89] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.102019][ T89] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.110033][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.113073][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.141609][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.144648][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.208532][ T5940] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.241300][ T5940] veth0_vlan: entered promiscuous mode [ 54.246559][ T5940] veth1_vlan: entered promiscuous mode [ 54.265833][ T5933] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.273613][ T5940] veth0_macvtap: entered promiscuous mode [ 54.294293][ T5940] veth1_macvtap: entered promiscuous mode [ 54.307945][ T5933] veth0_vlan: entered promiscuous mode [ 54.319083][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.328823][ T5933] veth1_vlan: entered promiscuous mode [ 54.333156][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.339467][ T5940] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.342493][ T5940] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.346502][ T5940] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.349230][ T5940] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.359349][ T5935] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.388252][ T5945] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.419550][ T5933] veth0_macvtap: entered promiscuous mode [ 54.436948][ T5933] veth1_macvtap: entered promiscuous mode [ 54.447988][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.451305][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.455405][ T5935] veth0_vlan: entered promiscuous mode [ 54.485507][ T5933] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.489370][ T5935] veth1_vlan: entered promiscuous mode [ 54.489501][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.494021][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.497105][ T5933] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.509366][ T5933] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.512536][ T5933] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.515817][ T5933] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.518520][ T5933] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.522806][ T5945] veth0_vlan: entered promiscuous mode [ 54.530906][ T5945] veth1_vlan: entered promiscuous mode [ 54.547788][ T5935] veth0_macvtap: entered promiscuous mode [ 54.561781][ T5935] veth1_macvtap: entered promiscuous mode [ 54.570454][ T5940] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 54.598047][ T5935] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.604641][ T5945] veth0_macvtap: entered promiscuous mode [ 54.607524][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.608692][ T5945] veth1_macvtap: entered promiscuous mode [ 54.610678][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.615136][ T5935] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.622128][ T5935] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.624853][ T5935] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.628212][ T5935] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.631077][ T5935] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.662954][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.666029][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.678153][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.697846][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.703585][ T5945] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.710440][ T5945] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.714041][ T5945] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.718077][ T5945] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.750107][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.753465][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.807214][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.810448][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.811338][ T6008] ======================================================= [ 54.811338][ T6008] WARNING: The mand mount option has been deprecated and [ 54.811338][ T6008] and is ignored by this kernel. Remove the mand [ 54.811338][ T6008] option from the mount to silence this warning. [ 54.811338][ T6008] ======================================================= [ 54.844093][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.849922][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.893369][ T93] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.897100][ T93] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.899306][ T6011] syzkaller1: entered promiscuous mode [ 54.901354][ T6011] syzkaller1: entered allmulticast mode [ 54.957965][ T6014] pimreg3: entered allmulticast mode [ 55.093741][ T6018] loop6: detected capacity change from 0 to 524287999 [ 55.105786][ T6020] netlink: 32 bytes leftover after parsing attributes in process `syz.0.9'. [ 55.113492][ T6020] Zero length message leads to an empty skb [ 55.139957][ T6020] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9'. [ 55.162734][ T6020] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.178973][ T6023] program syz.3.10 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 55.245719][ T6020] bridge_slave_1 (unregistering): left allmulticast mode [ 55.248874][ T6020] bridge_slave_1 (unregistering): left promiscuous mode [ 55.251960][ T6020] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.334092][ T6028] netlink: 'syz.3.12': attribute type 178 has an invalid length. [ 55.396406][ T6032] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 55.466755][ T6032] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 55.469302][ T6032] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 55.474614][ T6032] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 55.478885][ T6032] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 55.481337][ T6032] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 55.483983][ T6032] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 55.491654][ T6032] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 55.493621][ T6032] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 55.495330][ T34] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 55.501147][ T6032] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 55.507313][ T6032] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 55.509285][ T6032] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 55.512212][ T6032] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 55.552122][ T6041] warning: `syz.1.17' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 55.626098][ T6047] input: syz1 as /devices/virtual/input/input5 [ 55.642370][ T6048] evm: overlay not supported [ 55.662411][ T34] usb 7-1: config 5 has no interfaces? [ 55.667540][ T34] usb 7-1: New USB device found, idVendor=16d8, idProduct=8001, bcdDevice=87.11 [ 55.671481][ T34] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 56.487786][ T40] kauditd_printk_skb: 76 callbacks suppressed [ 56.487798][ T40] audit: type=1400 audit(1748558946.894:166): avc: denied { create } for pid=6050 comm="syz.0.20" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 56.495959][ T40] audit: type=1400 audit(1748558946.894:167): avc: denied { kexec_image_load } for pid=6050 comm="syz.0.20" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1 [ 56.502704][ T40] audit: type=1400 audit(1748558946.894:168): avc: denied { connect } for pid=6050 comm="syz.0.20" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 56.508951][ T40] audit: type=1400 audit(1748558946.894:169): avc: denied { write } for pid=6050 comm="syz.0.20" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 56.514739][ T40] audit: type=1400 audit(1748558946.894:170): avc: denied { ioctl } for pid=6050 comm="syz.0.20" path="socket:[8729]" dev="sockfs" ino=8729 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 56.545500][ T40] audit: type=1400 audit(1748558946.954:171): avc: denied { read write } for pid=6052 comm="syz.0.21" name="fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 56.553881][ T40] audit: type=1400 audit(1748558946.954:172): avc: denied { open } for pid=6052 comm="syz.0.21" path="/dev/fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 56.561805][ T40] audit: type=1400 audit(1748558946.954:173): avc: denied { mounton } for pid=6052 comm="syz.0.21" path="/7/file0" dev="tmpfs" ino=55 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 57.459358][ T6056] loop6: detected capacity change from 0 to 524287999 [ 57.495047][ T5947] Bluetooth: hci1: command 0x040f tx timeout [ 57.496118][ T5936] Bluetooth: hci2: command 0x040f tx timeout [ 57.497120][ T5944] Bluetooth: hci0: command 0x040f tx timeout [ 57.536718][ T0] NOHZ tick-stop error: local softirq work is pending, handler #2ca!!! [ 57.546610][ T40] audit: type=1400 audit(1748558947.954:174): avc: denied { create } for pid=6057 comm="syz.3.23" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 57.553107][ T40] audit: type=1400 audit(1748558947.954:175): avc: denied { create } for pid=6057 comm="syz.3.23" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 57.575367][ T5936] Bluetooth: hci3: command 0x040f tx timeout [ 57.809140][ T34] usb 7-1: string descriptor 0 read error: -71 [ 57.818290][ T34] usb 7-1: USB disconnect, device number 2 [ 57.968740][ T61] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 58.337386][ T6098] loop6: detected capacity change from 0 to 524287999 [ 58.340893][ T6098] Buffer I/O error on dev loop6, logical block 0, async page read [ 58.344755][ T6098] Buffer I/O error on dev loop6, logical block 0, async page read [ 58.348157][ T6098] Buffer I/O error on dev loop6, logical block 0, async page read [ 58.351358][ T6098] Buffer I/O error on dev loop6, logical block 0, async page read [ 58.354468][ T6098] Buffer I/O error on dev loop6, logical block 0, async page read [ 58.357716][ T6098] Buffer I/O error on dev loop6, logical block 0, async page read [ 58.360815][ T6098] Buffer I/O error on dev loop6, logical block 0, async page read [ 58.364005][ T6098] Buffer I/O error on dev loop6, logical block 0, async page read [ 58.367417][ T6098] ldm_validate_partition_table(): Disk read failed. [ 58.370240][ T6098] Buffer I/O error on dev loop6, logical block 0, async page read [ 58.373098][ T6098] Buffer I/O error on dev loop6, logical block 0, async page read [ 58.376411][ T6098] Dev loop6: unable to read RDB block 0 [ 58.378824][ T6098] loop6: unable to read partition table [ 58.381211][ T6098] loop_reread_partitions: partition scan of loop6 (3 xC) failed (rc=-5) [ 58.419171][ T6100] MTD: Attempt to mount non-MTD device "/dev/nullb0" [ 58.422461][ T6100] cramfs: wrong magic [ 58.448468][ T6104] netlink: 12 bytes leftover after parsing attributes in process `syz.2.35'. [ 58.524219][ T6113] mmap: syz.3.37 (6113) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 58.666948][ T6119] 8021q: adding VLAN 0 to HW filter on device bond1 [ 58.717522][ T6119] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6119 comm=syz.2.39 [ 58.869463][ T6167] input: syz0 as /devices/virtual/input/input6 [ 58.874677][ T6168] macsec0: entered promiscuous mode [ 58.878890][ T6168] macsec0: entered allmulticast mode [ 58.880689][ T6168] veth1_macvtap: entered allmulticast mode [ 58.907869][ T6170] netlink: 'syz.2.53': attribute type 1 has an invalid length. [ 58.910262][ T6170] netlink: 56 bytes leftover after parsing attributes in process `syz.2.53'. [ 58.952523][ T6175] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.55'. [ 59.008531][ T6179] program syz.2.57 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 59.165006][ T24] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 59.307633][ T6188] trusted_key: syz.2.60 sent an empty control message without MSG_MORE. [ 59.314989][ T24] usb 8-1: Using ep0 maxpacket: 8 [ 59.318836][ T24] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 59.322532][ T24] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 59.326368][ T24] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 59.329410][ T24] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 59.334035][ T24] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 59.339158][ T24] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 59.549321][ T24] usb 8-1: GET_CAPABILITIES returned 0 [ 59.551240][ T24] usbtmc 8-1:16.0: can't read capabilities [ 59.575096][ T5947] Bluetooth: hci2: command 0x040f tx timeout [ 59.585200][ T5947] Bluetooth: hci1: command 0x040f tx timeout [ 59.585222][ T5944] Bluetooth: hci0: command 0x040f tx timeout [ 59.655944][ T5944] Bluetooth: hci3: command 0x040f tx timeout [ 59.685270][ T6192] netlink: 12 bytes leftover after parsing attributes in process `syz.0.61'. [ 59.689008][ T6192] program syz.0.61 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 59.754372][ T6172] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 59.758582][ T6172] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 59.764828][ C2] usbtmc 8-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 59.769270][ T6172] usbtmc 8-1:16.0: Unable to send data, error -71 [ 59.825135][ T1331] usb 8-1: USB disconnect, device number 2 [ 59.915488][ T6201] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 59.966133][ T6218] rdma_rxe: rxe_newlink: rxe creation allowed on top of a real device only [ 60.137856][ T6228] cgroup: none used incorrectly [ 60.148732][ T6228] netlink: 4 bytes leftover after parsing attributes in process `syz.2.71'. [ 60.201007][ T6229] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 60.212768][ T6228] team0: Port device team_slave_0 removed [ 60.258896][ T6234] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 60.261431][ T6234] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 1th superblock [ 60.264504][ T6234] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 60.267825][ T6234] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 2th superblock [ 60.295270][ T1331] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 60.348159][ T6248] sp0: Synchronizing with TNC [ 60.457541][ T1331] usb 8-1: Using ep0 maxpacket: 16 [ 60.464429][ T1331] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 60.469031][ T1331] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 60.469815][ T6264] trusted_key: encrypted_key: insufficient parameters specified [ 60.471984][ T1331] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 60.472009][ T1331] usb 8-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 60.482831][ T1331] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 60.487739][ T1331] usb 8-1: config 0 descriptor?? [ 60.557415][ T1143] nci: nci_rsp_packet: unknown rsp opcode 0x116 [ 60.560332][ T6279] netlink: 24 bytes leftover after parsing attributes in process `syz.0.84'. [ 60.618006][ T6291] netlink: 172 bytes leftover after parsing attributes in process `syz.1.91'. [ 60.621200][ T6291] netlink: 56 bytes leftover after parsing attributes in process `syz.1.91'. [ 60.828738][ T6307] ubi31: attaching mtd0 [ 60.831528][ T6307] ubi31: scanning is finished [ 60.833150][ T6307] ubi31: empty MTD device detected [ 60.897868][ T1331] usbhid 8-1:0.0: can't add hid device: -71 [ 60.900096][ T1331] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 60.904495][ T1331] usb 8-1: USB disconnect, device number 3 [ 60.916593][ T6307] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 60.918974][ T6307] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 60.921235][ T6307] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 60.923428][ T6307] ubi31: VID header offset: 64 (aligned 64), data offset: 128 [ 60.926483][ T6307] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 60.928634][ T6307] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 60.931153][ T6307] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3684664689 [ 60.934349][ T6307] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 60.937805][ T6309] ubi31: background thread "ubi_bgt31d" started, PID 6309 [ 61.612395][ T6330] netlink: 28 bytes leftover after parsing attributes in process `syz.1.99'. [ 61.655013][ T5944] Bluetooth: hci0: command 0x040f tx timeout [ 61.657156][ T5936] Bluetooth: hci1: command 0x040f tx timeout [ 61.657183][ T5947] Bluetooth: hci2: command 0x040f tx timeout [ 61.745050][ C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 61.745106][ T5947] Bluetooth: hci3: command 0x040f tx timeout [ 61.985018][ T6324] sp0: Synchronizing with TNC [ 61.986329][ T6329] netlink: 28 bytes leftover after parsing attributes in process `syz.1.99'. [ 61.988639][ T6323] [U] [ 61.990714][ T6329] netlink: 28 bytes leftover after parsing attributes in process `syz.1.99'. [ 62.082688][ T40] kauditd_printk_skb: 76 callbacks suppressed [ 62.082698][ T40] audit: type=1400 audit(1748558952.484:252): avc: denied { create } for pid=6346 comm="syz.2.105" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1 [ 62.095589][ T6350] ip6gretap1: entered promiscuous mode [ 62.097416][ T6350] ip6gretap1: entered allmulticast mode [ 62.099917][ T40] audit: type=1400 audit(1748558952.504:253): avc: denied { sys_admin } for pid=6346 comm="syz.2.105" capability=21 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1 [ 62.103069][ T6350] openvswitch: netlink: VXLAN extension message has 4 unknown bytes. [ 62.108320][ T40] audit: type=1400 audit(1748558952.514:254): avc: denied { unmount } for pid=6346 comm="syz.2.105" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 62.130314][ T40] audit: type=1400 audit(1748558952.534:255): avc: denied { append } for pid=6355 comm="syz.0.107" name="hidraw0" dev="devtmpfs" ino=1299 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 62.159106][ T40] audit: type=1400 audit(1748558952.564:256): avc: denied { setopt } for pid=6357 comm="syz.3.109" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 62.187012][ T6359] kernel profiling enabled (shift: 63) [ 62.188896][ T6359] profiling shift: 63 too large [ 62.232038][ T40] audit: type=1400 audit(1748558952.634:257): avc: denied { map } for pid=6362 comm="syz.1.110" path="/dev/binderfs/binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 62.233332][ T6364] binder: BINDER_SET_CONTEXT_MGR already set [ 62.242073][ T6364] binder: 6362:6364 ioctl 4018620d 200000000040 returned -16 [ 62.247946][ T40] audit: type=1400 audit(1748558952.654:258): avc: denied { sqpoll } for pid=6362 comm="syz.1.110" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 62.298577][ T6372] program syz.3.112 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 62.334260][ T6365] netlink: 'syz.0.111': attribute type 10 has an invalid length. [ 62.361413][ T6365] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 62.373932][ T6378] capability: warning: `syz.1.115' uses deprecated v2 capabilities in a way that may be insecure [ 62.382922][ T6378] capability: warning: `syz.1.115' uses 32-bit capabilities (legacy support in use) [ 62.387971][ T40] audit: type=1804 audit(1748558952.794:259): pid=6378 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.1.115" name="/newroot/31/file0" dev="tmpfs" ino=178 res=1 errno=0 [ 62.388554][ T6380] binder: 6379:6380 ioctl c0046209 0 returned -22 [ 62.460677][ T93] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 62.544141][ T40] audit: type=1400 audit(1748558952.944:260): avc: denied { map } for pid=6394 comm="syz.3.120" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=9024 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 62.551849][ T40] audit: type=1400 audit(1748558952.944:261): avc: denied { read write } for pid=6394 comm="syz.3.120" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=9024 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 62.556281][ T93] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 62.636885][ T93] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 62.652655][ T5936] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 62.656151][ T5936] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 62.659405][ T5936] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 62.662673][ T5936] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 62.668993][ T5936] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 62.682365][ T6400] Failed to initialize the IGMP autojoin socket (err -2) [ 62.736611][ T93] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 62.876194][ T93] bridge_slave_1: left allmulticast mode [ 62.878157][ T93] bridge_slave_1: left promiscuous mode [ 62.880562][ T93] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.886948][ T93] bridge_slave_0: left allmulticast mode [ 62.888812][ T93] bridge_slave_0: left promiscuous mode [ 62.890668][ T93] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.092248][ T6409] loop6: detected capacity change from 0 to 524287999 [ 63.233329][ T6413] netlink: 8 bytes leftover after parsing attributes in process `syz.3.125'. [ 63.257806][ T93] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 63.268287][ T93] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 63.276886][ T93] bond0 (unregistering): Released all slaves [ 63.295739][ T5936] Bluetooth: hci3: SCO packet for unknown connection handle 201 [ 63.382934][ T93] bond1 (unregistering): Released all slaves [ 63.404690][ T6400] chnl_net:caif_netlink_parms(): no params data found [ 63.484959][ T24] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 63.561039][ T6449] netlink: 4 bytes leftover after parsing attributes in process `syz.1.130'. [ 63.565266][ T6453] netlink: 4 bytes leftover after parsing attributes in process `syz.1.130'. [ 63.595600][ T6400] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.598529][ T6400] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.601693][ T6400] bridge_slave_0: entered allmulticast mode [ 63.606273][ T6400] bridge_slave_0: entered promiscuous mode [ 63.610074][ T6400] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.612193][ T6400] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.616286][ T6400] bridge_slave_1: entered allmulticast mode [ 63.622098][ T6400] bridge_slave_1: entered promiscuous mode [ 63.634952][ T24] usb 8-1: Using ep0 maxpacket: 8 [ 63.637739][ T24] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 63.641649][ T24] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 63.648168][ T24] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 800 [ 63.651886][ T24] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 63.658706][ T24] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 63.661557][ T24] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 63.735120][ T5936] Bluetooth: hci1: command 0x040f tx timeout [ 63.750791][ T5936] Bluetooth: hci2: command 0x040f tx timeout [ 63.763525][ T6467] sg_write: data in/out 440207358/4056 bytes for SCSI command 0x45-- guessing data in; [ 63.763525][ T6467] program syz.1.135 not setting count and/or reply_len properly [ 63.769935][ T6400] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.810055][ T6400] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 63.815096][ T5936] Bluetooth: hci3: command 0x040f tx timeout [ 63.965779][ T6474] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6474 comm=syz.0.138 [ 63.974420][ T6400] team0: Port device team_slave_0 added [ 63.981171][ T24] usb 8-1: GET_CAPABILITIES returned 0 [ 63.982929][ T24] usbtmc 8-1:16.0: can't read capabilities [ 63.996172][ T6400] team0: Port device team_slave_1 added [ 64.080730][ T6400] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 64.082853][ T6400] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.091597][ T6400] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 64.103615][ T93] hsr_slave_0: left promiscuous mode [ 64.106651][ T93] hsr_slave_1: left promiscuous mode [ 64.108628][ T93] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 64.110893][ T93] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 64.123473][ T93] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 64.130115][ T93] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 64.157320][ T93] veth1_macvtap: left allmulticast mode [ 64.159216][ T93] veth1_macvtap: left promiscuous mode [ 64.161189][ T93] veth0_macvtap: left promiscuous mode [ 64.162982][ T93] veth1_vlan: left promiscuous mode [ 64.164840][ T93] veth0_vlan: left promiscuous mode [ 64.230255][ C0] usbtmc 8-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 64.233187][ T6473] usbtmc 8-1:16.0: Unable to send data, error -71 [ 64.627801][ T93] team0 (unregistering): Port device team_slave_1 removed [ 64.696181][ T5936] Bluetooth: hci0: command tx timeout [ 65.007853][ T6400] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 65.010134][ T6400] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 65.018445][ T6400] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 65.034384][ T9] usb 8-1: USB disconnect, device number 4 [ 65.129637][ T6400] hsr_slave_0: entered promiscuous mode [ 65.132034][ T6400] hsr_slave_1: entered promiscuous mode [ 65.724100][ T6400] netdevsim netdevsim2 netdevsim0: renamed from eth2 [ 65.735234][ T6400] netdevsim netdevsim2 netdevsim1: renamed from eth3 [ 65.751818][ T6400] netdevsim netdevsim2 netdevsim2: renamed from eth4 [ 65.768536][ T6400] netdevsim netdevsim2 netdevsim3: renamed from eth5 [ 65.825987][ T5936] Bluetooth: hci2: command 0x040f tx timeout [ 65.826004][ T5947] Bluetooth: hci1: command 0x040f tx timeout [ 65.898644][ T6400] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.905011][ T5947] Bluetooth: hci3: command 0x040f tx timeout [ 65.921309][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.923603][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.936435][ T6518] netlink: 'syz.1.155': attribute type 21 has an invalid length. [ 65.940807][ T6518] __nla_validate_parse: 2 callbacks suppressed [ 65.940817][ T6518] netlink: 156 bytes leftover after parsing attributes in process `syz.1.155'. [ 65.948435][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.950683][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.984803][ T6520] input: syz1 as /devices/virtual/input/input7 [ 66.178634][ T6400] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 66.280067][ T6400] veth0_vlan: entered promiscuous mode [ 66.300481][ T6400] veth1_vlan: entered promiscuous mode [ 66.363022][ T6400] veth0_macvtap: entered promiscuous mode [ 66.379898][ T6400] veth1_macvtap: entered promiscuous mode [ 66.433858][ T6400] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.458138][ T6400] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.468881][ T6400] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 66.480016][ T6400] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check. [ 66.487901][ T6400] wireguard: wg0: Could not create IPv4 socket [ 66.491529][ T6400] wireguard: wg1: Could not create IPv4 socket [ 66.495554][ T6400] wireguard: wg2: Could not create IPv4 socket [ 66.637092][ T6566] overlay: ./file1 is not a directory [ 67.078151][ T6619] netlink: 24 bytes leftover after parsing attributes in process `syz.1.186'. [ 67.109149][ T6624] Failed to initialize the IGMP autojoin socket (err -2) [ 67.116790][ T40] kauditd_printk_skb: 39 callbacks suppressed [ 67.116800][ T40] audit: type=1400 audit(1748558957.524:301): avc: denied { ioctl } for pid=6625 comm="syz.3.188" path="/dev/autofs" dev="devtmpfs" ino=104 ioctlcmd=0x9379 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 67.138953][ T6629] syz.3.189 uses obsolete (PF_INET,SOCK_PACKET) [ 67.142300][ T6629] binder: BINDER_SET_CONTEXT_MGR already set [ 67.144287][ T6629] binder: 6628:6629 ioctl 4018620d 200000000040 returned -16 [ 67.172503][ T6635] FAULT_INJECTION: forcing a failure. [ 67.172503][ T6635] name failslab, interval 1, probability 0, space 0, times 1 [ 67.176687][ T6635] CPU: 2 UID: 0 PID: 6635 Comm: syz.3.190 Not tainted 6.15.0-syzkaller-08297-ge0797d3b91de #0 PREEMPT(full) [ 67.176703][ T6635] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 67.176709][ T6635] Call Trace: [ 67.176713][ T6635] [ 67.176730][ T6635] dump_stack_lvl+0x16c/0x1f0 [ 67.176767][ T6635] should_fail_ex+0x512/0x640 [ 67.176785][ T6635] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 67.176804][ T6635] should_failslab+0xc2/0x120 [ 67.176816][ T6635] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 67.176833][ T6635] ? __lock_acquire+0x622/0x1c90 [ 67.176846][ T6635] ? getname_flags.part.0+0x4c/0x550 [ 67.176862][ T6635] getname_flags.part.0+0x4c/0x550 [ 67.176877][ T6635] getname_flags+0x93/0xf0 [ 67.176893][ T6635] do_sys_openat2+0xb8/0x1d0 [ 67.176906][ T6635] ? __pfx_do_sys_openat2+0x10/0x10 [ 67.176924][ T6635] __x64_sys_openat+0x174/0x210 [ 67.176937][ T6635] ? __pfx___x64_sys_openat+0x10/0x10 [ 67.176951][ T6635] ? do_user_addr_fault+0x843/0x1370 [ 67.176967][ T6635] do_syscall_64+0xcd/0x4c0 [ 67.176981][ T6635] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 67.176992][ T6635] RIP: 0033:0x7fdb21d8d2d0 [ 67.177001][ T6635] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 67.177011][ T6635] RSP: 002b:00007fdb22b15b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 67.177022][ T6635] RAX: ffffffffffffffda RBX: 0000000000122c42 RCX: 00007fdb21d8d2d0 [ 67.177028][ T6635] RDX: 0000000000122c42 RSI: 00007fdb22b15c10 RDI: 00000000ffffff9c [ 67.177034][ T6635] RBP: 00007fdb22b15c10 R08: 0000000000000000 R09: 0023706f6f6c2f76 [ 67.177041][ T6635] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 67.177047][ T6635] R13: 0000000000000001 R14: 00007fdb21fb5fa0 R15: 00007fff7de4de48 [ 67.177060][ T6635] [ 67.242171][ C2] vkms_vblank_simulate: vblank timer overrun [ 67.267540][ T6641] vlan0: entered promiscuous mode [ 67.303924][ T6645] netlink: 8 bytes leftover after parsing attributes in process `syz.3.193'. [ 67.309292][ T6645] netlink: 8 bytes leftover after parsing attributes in process `syz.3.193'. [ 67.350836][ T6651] SELinux: Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 67.363348][ T40] audit: type=1400 audit(1748558957.764:302): avc: denied { create } for pid=6650 comm="syz.0.195" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon=2321202E2F6367726F75702F66696C6530616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616 [ 67.391944][ T40] audit: type=1400 audit(1748558957.764:303): avc: denied { associate } for pid=6650 comm="syz.0.195" name="file1" scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon=2321202E2F6367726F75702F66696C653061616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161 [ 67.395226][ T839] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 67.419377][ C2] vkms_vblank_simulate: vblank timer overrun [ 67.420988][ T40] audit: type=1400 audit(1748558957.764:304): avc: denied { create } for pid=6650 comm="syz.0.195" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon=2321202E2F6367726F75702F66696C653061616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616 [ 67.447535][ C2] vkms_vblank_simulate: vblank timer overrun [ 67.480839][ T40] audit: type=1400 audit(1748558957.764:305): avc: denied { mounton } for pid=6650 comm="syz.0.195" path="/42/bus" dev="tmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon=2321202E2F6367726F75702F66696C65306161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161 [ 67.481098][ T40] audit: type=1400 audit(1748558957.764:306): avc: denied { add_name } for pid=6650 comm="syz.0.195" name="work" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon=2321202E2F6367726F75702F66696C653061616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161 [ 67.509199][ T40] audit: type=1400 audit(1748558957.764:307): avc: denied { setattr } for pid=6650 comm="syz.0.195" name="work" dev="tmpfs" ino=243 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon=2321202E2F6367726F75702F66696C65306161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616 [ 67.536855][ C2] vkms_vblank_simulate: vblank timer overrun [ 67.563997][ C2] vkms_vblank_simulate: vblank timer overrun [ 67.567910][ T40] audit: type=1400 audit(1748558957.764:308): avc: denied { write open } for pid=6650 comm="syz.0.195" path=2F202864656C6574656429 dev="tmpfs" ino=244 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon=2321202E2F6367726F75702F66696C653061616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616 [ 67.568192][ T40] audit: type=1400 audit(1748558957.764:309): avc: denied { create } for pid=6650 comm="syz.0.195" name="#5" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon=2321202E2F6367726F75702F66696C653061616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616 [ 67.595890][ T40] audit: type=1400 audit(1748558957.764:310): avc: denied { remove_name } for pid=6650 comm="syz.0.195" name="#5" dev="tmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon=2321202E2F6367726F75702F66696C653061616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616 [ 67.622473][ C2] vkms_vblank_simulate: vblank timer overrun [ 67.623784][ T839] usb 6-1: Using ep0 maxpacket: 32 [ 67.648917][ C2] vkms_vblank_simulate: vblank timer overrun [ 67.656132][ T839] usb 6-1: config 0 has an invalid interface number: 51 but max is 0 [ 67.658665][ T839] usb 6-1: config 0 has no interface number 0 [ 67.662463][ T839] usb 6-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 67.666322][ T839] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 67.668849][ T839] usb 6-1: Product: syz [ 67.670205][ T839] usb 6-1: Manufacturer: syz [ 67.671681][ T839] usb 6-1: SerialNumber: syz [ 67.674374][ T839] usb 6-1: config 0 descriptor?? [ 67.678485][ T839] quatech2 6-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 67.880594][ T839] usb 6-1: qt2_attach - failed to power on unit: -71 [ 67.882708][ T839] quatech2 6-1:0.51: probe with driver quatech2 failed with error -71 [ 67.886977][ T839] usb 6-1: USB disconnect, device number 2 [ 67.976258][ T5947] Bluetooth: hci3: command 0x040f tx timeout [ 68.286659][ T6734] 9pnet_fd: Insufficient options for proto=fd [ 68.341271][ T6743] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 68.372168][ T6753] netlink: 596 bytes leftover after parsing attributes in process `syz.3.215'. [ 68.424355][ T6759] netlink: 8 bytes leftover after parsing attributes in process `syz.1.216'. [ 68.427820][ T6759] netlink: 8 bytes leftover after parsing attributes in process `syz.1.216'. [ 68.522862][ T6775] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6775 comm=syz.1.222 [ 68.597246][ T6775] bond1 (unregistering): Released all slaves [ 68.807621][ T6810] program syz.3.230 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 68.812916][ T6812] program syz.3.230 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 68.889167][ T6824] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 68.909597][ T6824] netlink: 108 bytes leftover after parsing attributes in process `syz.1.234'. [ 68.912636][ T6824] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 68.915265][ T6824] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 68.918553][ T6824] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 68.920952][ T6824] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 69.219329][ T6870] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 69.671794][ T6926] netlink: 96 bytes leftover after parsing attributes in process `syz.1.262'. [ 69.903457][ T5936] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 69.906931][ T5936] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 69.909633][ T5936] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 69.913846][ T5936] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 69.916414][ T5936] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 69.927848][ T6955] Failed to initialize the IGMP autojoin socket (err -2) [ 69.957768][ T6963] Bluetooth: MGMT ver 1.23 [ 70.054808][ T6979] netlink: 8 bytes leftover after parsing attributes in process `syz.1.275'. [ 70.058988][ T6979] netlink: 'syz.1.275': attribute type 20 has an invalid length. [ 70.309286][ T7011] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 70.431644][ T7025] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2560 sclass=netlink_route_socket pid=7025 comm=syz.3.288 [ 70.438301][ T7025] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2563 sclass=netlink_route_socket pid=7025 comm=syz.3.288 [ 70.442281][ T7025] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2566 sclass=netlink_route_socket pid=7025 comm=syz.3.288 [ 70.447151][ T7025] binder: 7023:7025 ioctl c0286405 2000000000c0 returned -22 [ 71.190449][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.192553][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.308938][ T7084] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 71.475103][ T5969] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 71.527409][ T7112] __nla_validate_parse: 1 callbacks suppressed [ 71.527420][ T7112] netlink: 36 bytes leftover after parsing attributes in process `syz.1.301'. [ 71.531987][ T6955] netdevsim netdevsim2 netdevsim0: renamed from eth2 [ 71.546104][ T6955] netdevsim netdevsim2 netdevsim1: renamed from eth3 [ 71.573416][ T6955] netdevsim netdevsim2 netdevsim2: renamed from eth4 [ 71.587647][ T6955] netdevsim netdevsim2 netdevsim3: renamed from eth5 [ 71.626701][ T5969] usb 8-1: Using ep0 maxpacket: 8 [ 71.630841][ T5969] usb 8-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 71.633990][ T5969] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 71.639825][ T5969] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 71.642725][ T5969] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 71.645488][ T5969] usb 8-1: Product: ᯂሜ졮삛䐰ࡱ뤅ﱷ䙛-圗粶躞赏痎⛨앾虓怒㓔詊⽯䴪嶩쌿饏䡯㕋ᅇꦘⰻᘶ솇ㅐꦴߣ칀䭹ꀕ邑免㝋뼂⹘쨢鷧廬䥾댠浓㍜䋨誫竰蔙䘆⧫䲬氐褨็芬⛘苄冰쒌⽟堬혇킾䰁뛐߽독滭녺熃 [ 71.653175][ T5969] usb 8-1: Manufacturer: 㕔訑㰠힖쏜㝸ꭌ学ၕ㆚뙈䔑攱빝ꅈꝏ莹耿㤶腭꽢ᩑ삀៍騕뿰냻贕൧㎱咞Eࡣ뜔㝏関轵갡캹ڏ믳襔痆턝夛ꗣ䌸Ⱃ汁ӽ밷仏歳⛂䶿작罺焥풄ᾀ涽ꗯ䵕肄䤄胆꣌쳨蝗䥶缫搲ဌ⏔類炄ిᄌ [ 71.662576][ T5969] usb 8-1: SerialNumber: ུ蓂鈼꭛䁱홉蟿풁腍癩Λ枿㍂巨诲ꉋ꒣ꨔﲟ런♏龺娞鬮ꐥિ徴곀愖㢀咡덣嚧瓳䎵楌倫䩂쁮ⶖ㙟蜮襼ƍ緍䘼엻鳶辶歑녰˪찳ᖙ㞼蓐X썻⮅ﰁ툰⏟﯏빞ꟗ塬䁦ᷴ๪㊃㸴풟裮砍夗詻푙䑘钂ผ鞍좥ⱼ㣡閣 [ 71.753164][ T6955] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 71.765136][ T6955] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check. [ 71.772436][ T6955] wireguard: wg0: Could not create IPv4 socket [ 71.776211][ T6955] wireguard: wg1: Could not create IPv4 socket [ 71.779633][ T6955] wireguard: wg2: Could not create IPv4 socket [ 71.845066][ T60] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 71.995569][ T60] usb 6-1: too many configurations: 13, using maximum allowed: 8 [ 72.006400][ T60] usb 6-1: config 0 has no interfaces? [ 72.011702][ T60] usb 6-1: config 0 has no interfaces? [ 72.014785][ T60] usb 6-1: config 0 has no interfaces? [ 72.017930][ T60] usb 6-1: config 0 has no interfaces? [ 72.020443][ T60] usb 6-1: config 0 has no interfaces? [ 72.022864][ T60] usb 6-1: config 0 has no interfaces? [ 72.027235][ T60] usb 6-1: config 0 has no interfaces? [ 72.029657][ T60] usb 6-1: config 0 has no interfaces? [ 72.032842][ T60] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 72.035761][ T60] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 72.038232][ T60] usb 6-1: Product: syz [ 72.039553][ T60] usb 6-1: Manufacturer: syz [ 72.041003][ T60] usb 6-1: SerialNumber: syz [ 72.043764][ T60] usb 6-1: config 0 descriptor?? [ 72.126934][ T7161] /dev/sg0: Can't lookup blockdev [ 72.173567][ T5969] usb 8-1: 0:2 : does not exist [ 72.187475][ T5969] usb 8-1: USB disconnect, device number 5 [ 72.204129][ T6452] udevd[6452]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 72.248063][ T839] usb 6-1: USB disconnect, device number 3 [ 72.819902][ T7206] Failed to initialize the IGMP autojoin socket (err -2) [ 72.895121][ T839] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 72.920654][ T40] kauditd_printk_skb: 37 callbacks suppressed [ 72.920665][ T40] audit: type=1400 audit(1748558963.324:348): avc: denied { open } for pid=7215 comm="syz.3.315" path="/dev/ptyqa" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 72.957411][ T7220] netlink: 36 bytes leftover after parsing attributes in process `syz.3.316'. [ 73.046178][ T839] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 73.049797][ T839] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 73.050259][ T40] audit: type=1400 audit(1748558963.454:349): avc: denied { write } for pid=7228 comm="syz.0.318" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 73.052820][ T839] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 73.063522][ T839] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 73.070606][ T839] usb 6-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13 [ 73.073498][ T839] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 73.077043][ T839] usb 6-1: Product: syz [ 73.079304][ T839] usb 6-1: Manufacturer: syz [ 73.080778][ T839] usb 6-1: SerialNumber: syz [ 73.086235][ T839] usb 6-1: config 0 descriptor?? [ 73.138395][ T7239] netlink: 8 bytes leftover after parsing attributes in process `syz.0.321'. [ 73.210195][ T7254] netlink: 32 bytes leftover after parsing attributes in process `syz.0.325'. [ 73.216428][ T7254] netlink: 32 bytes leftover after parsing attributes in process `syz.0.325'. [ 73.259148][ T7258] bridge_slave_1: left allmulticast mode [ 73.260938][ T7258] bridge_slave_1: left promiscuous mode [ 73.263317][ T7258] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.268988][ T7258] bridge_slave_0: left allmulticast mode [ 73.270820][ T7258] bridge_slave_0: left promiscuous mode [ 73.272653][ T7258] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.291755][ T839] adutux 6-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0 [ 73.508322][ T40] audit: type=1400 audit(1748558963.914:350): avc: denied { bind } for pid=7294 comm="syz.0.336" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 73.515512][ T40] audit: type=1400 audit(1748558963.924:351): avc: denied { setopt } for pid=7294 comm="syz.0.336" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 73.540083][ T7295] team0: Failed to send port change of device team_slave_1 via netlink (err -105) [ 73.608119][ T7295] team0: Failed to send options change via netlink (err -105) [ 73.610569][ T7295] team0: Failed to send port change of device team_slave_1 via netlink (err -105) [ 73.613632][ T7295] team0: Port device team_slave_1 removed [ 73.698315][ T40] audit: type=1400 audit(1748558964.104:352): avc: denied { connect } for pid=7315 comm="syz.0.339" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 73.705065][ T40] audit: type=1400 audit(1748558964.104:353): avc: denied { shutdown } for pid=7315 comm="syz.0.339" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 73.711564][ T40] audit: type=1400 audit(1748558964.104:354): avc: denied { read } for pid=7315 comm="syz.0.339" name="ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 73.719466][ T40] audit: type=1400 audit(1748558964.104:355): avc: denied { open } for pid=7315 comm="syz.0.339" path="/dev/ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 73.740350][ T7118] pim6reg1: entered promiscuous mode [ 73.742516][ T7118] pim6reg1: entered allmulticast mode [ 73.777409][ T5947] Bluetooth: hci2: unexpected event for opcode 0x2012 [ 73.790634][ T7331] netlink: 4 bytes leftover after parsing attributes in process `syz.3.343'. [ 73.799268][ T5969] usb 6-1: USB disconnect, device number 4 [ 73.840444][ T40] audit: type=1400 audit(1748558964.244:356): avc: denied { mount } for pid=7339 comm="syz.0.345" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 73.840928][ T7341] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 73.850036][ T7341] overlayfs: conflicting options: userxattr,redirect_dir=on [ 73.854149][ T7340] netlink: 12 bytes leftover after parsing attributes in process `syz.0.345'. [ 73.857807][ T7341] netlink: 12 bytes leftover after parsing attributes in process `syz.0.345'. [ 73.876672][ T40] audit: type=1400 audit(1748558964.284:357): avc: denied { unmount } for pid=5940 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 74.090318][ T7372] process 'syz.3.350' launched './file1' with NULL argv: empty string added [ 74.097427][ T7372] tmpfs: User quota inode hardlimit too large. [ 74.128204][ T7381] netlink: 48 bytes leftover after parsing attributes in process `syz.0.355'. [ 74.128218][ T7382] netlink: 48 bytes leftover after parsing attributes in process `syz.0.355'. [ 74.209366][ T7395] i801_smbus 0000:00:1f.3: Illegal SMBus block read size 0 [ 74.418358][ T7424] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized [ 74.422054][ T7424] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 74.466269][ T7424] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 74.484934][ T1331] usb 5-1: new full-speed USB device number 2 using dummy_hcd [ 74.501810][ T7432] CUSE: unknown device info "" [ 74.503590][ T7432] CUSE: zero length info key specified [ 74.522974][ T7430] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 74.538928][ T7430] kvm: pic: level sensitive irq not supported [ 74.539277][ T7430] kvm: pic: non byte read [ 74.543748][ T7430] kvm: pic: level sensitive irq not supported [ 74.544068][ T7430] kvm: pic: non byte read [ 74.549118][ T7430] kvm: pic: level sensitive irq not supported [ 74.549369][ T7430] kvm: pic: non byte read [ 74.553632][ T7430] kvm: pic: level sensitive irq not supported [ 74.553863][ T7430] kvm: pic: non byte read [ 74.558760][ T7430] kvm: pic: level sensitive irq not supported [ 74.558987][ T7430] kvm: pic: non byte read [ 74.563567][ T7430] kvm: pic: level sensitive irq not supported [ 74.563863][ T7430] kvm: pic: non byte read [ 74.568999][ T7430] kvm: pic: level sensitive irq not supported [ 74.569227][ T7430] kvm: pic: non byte read [ 74.573502][ T7430] kvm: pic: level sensitive irq not supported [ 74.573732][ T7430] kvm: pic: non byte read [ 74.578639][ T7430] kvm: pic: level sensitive irq not supported [ 74.578869][ T7430] kvm: pic: non byte read [ 74.615080][ T1331] usb 5-1: device descriptor read/64, error -71 [ 74.687679][ T7449] netlink: 'syz.1.372': attribute type 1 has an invalid length. [ 74.694580][ T7449] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 74.800134][ T7467] unsupported nla_type 14345 [ 74.802169][ T7467] netlink: 'syz.3.377': attribute type 4 has an invalid length. [ 74.855884][ T1331] usb 5-1: new full-speed USB device number 3 using dummy_hcd [ 74.994957][ T1331] usb 5-1: device descriptor read/64, error -71 [ 75.035067][ T60] usb 6-1: new full-speed USB device number 5 using dummy_hcd [ 75.107458][ T1331] usb usb5-port1: attempt power cycle [ 75.196161][ T60] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 75.199688][ T60] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 75.202697][ T60] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 75.205753][ T60] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 75.210543][ T60] usb 6-1: config 0 descriptor?? [ 75.445046][ T1331] usb 5-1: new full-speed USB device number 4 using dummy_hcd [ 75.466188][ T1331] usb 5-1: device descriptor read/8, error -71 [ 75.623346][ T60] savu 0003:1E7D:2D5A.0002: hiddev0,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0 [ 75.706511][ T1331] usb 5-1: new full-speed USB device number 5 using dummy_hcd [ 75.725400][ T1331] usb 5-1: device descriptor read/8, error -71 [ 75.835170][ T1331] usb usb5-port1: unable to enumerate USB device [ 76.396257][ T1331] usb 6-1: USB disconnect, device number 5 [ 76.924134][ T7588] lo speed is unknown, defaulting to 1000 [ 76.926803][ T7588] lo speed is unknown, defaulting to 1000 [ 76.929526][ T7588] lo speed is unknown, defaulting to 1000 [ 76.934039][ T7588] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 76.938296][ T7588] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -2 [ 76.951670][ T7588] lo speed is unknown, defaulting to 1000 [ 76.955848][ T7588] lo speed is unknown, defaulting to 1000 [ 76.958961][ T7588] lo speed is unknown, defaulting to 1000 [ 77.081680][ T5936] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 77.084746][ T5936] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 77.087756][ T5936] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 77.093084][ T5936] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 77.096372][ T5936] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 77.114491][ T7604] Failed to initialize the IGMP autojoin socket (err -2) [ 77.149832][ T7613] netlink: 'syz.1.403': attribute type 3 has an invalid length. [ 77.152394][ T7613] __nla_validate_parse: 5 callbacks suppressed [ 77.152401][ T7613] netlink: 228 bytes leftover after parsing attributes in process `syz.1.403'. [ 77.157239][ T7613] NCSI netlink: No device for ifindex 0 [ 77.216421][ T7618] loop6: detected capacity change from 0 to 524287999 [ 77.414983][ T1331] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 77.577390][ T1331] usb 6-1: Using ep0 maxpacket: 16 [ 77.581739][ T1331] usb 6-1: config 4 has an invalid interface number: 84 but max is 2 [ 77.584193][ T1331] usb 6-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 77.588601][ T1331] usb 6-1: config 4 has 1 interface, different from the descriptor's value: 3 [ 77.591387][ T1331] usb 6-1: config 4 has no interface number 0 [ 77.593280][ T1331] usb 6-1: config 4 interface 84 altsetting 64 endpoint 0x2 has invalid maxpacket 29682, setting to 64 [ 77.601732][ T1331] usb 6-1: config 4 interface 84 altsetting 64 has 1 endpoint descriptor, different from the interface descriptor's value: 6 [ 77.607056][ T1331] usb 6-1: config 4 interface 84 has no altsetting 0 [ 77.614190][ T1331] usb 6-1: New USB device found, idVendor=1199, idProduct=6820, bcdDevice=e4.f5 [ 77.622410][ T1331] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 77.624930][ T1331] usb 6-1: Product: syz [ 77.626200][ T1331] usb 6-1: Manufacturer: 〔ࡕ쁭ŵᄁ詢ȏ蠱얌悗ꂮ蟦掮蠬洸ऴ몽┪崓⨒鶅쥦팭⯞嵢ꓗ旋뷮㨏ⵟ챷੽쏖ဲ辖됨垢꾘梏푹ꉜꫭ쨯灹硶䐺ศˁ筈涣찖ⴶ낙▋ꞵ뱡폡버鹐襂㤟╔ꄈ꬘锈鵃∲ﺶ叐龪줵籵빽ᄜ莝篅锱㨮䕆墊菜ὯỸꉂ힏❶ᵀ턬샦‗瞊⌨ῧ⍕᷀ [ 77.635628][ T1331] usb 6-1: SerialNumber: syz [ 77.645905][ T24] usb 5-1: new low-speed USB device number 6 using dummy_hcd [ 77.688848][ T7604] netdevsim netdevsim2 netdevsim0: renamed from eth2 [ 77.690062][ T7649] netlink: 8 bytes leftover after parsing attributes in process `syz.3.410'. [ 77.709278][ T7604] netdevsim netdevsim2 netdevsim1: renamed from eth3 [ 77.719162][ T7649] netlink: 4 bytes leftover after parsing attributes in process `syz.3.410'. [ 77.731361][ T7604] netdevsim netdevsim2 netdevsim2: renamed from eth4 [ 77.743112][ T7604] netdevsim netdevsim2 netdevsim3: renamed from eth5 [ 77.808140][ T7658] netlink: 276 bytes leftover after parsing attributes in process `syz.3.411'. [ 77.808745][ T24] usb 5-1: config 0 has an invalid interface number: 55 but max is 0 [ 77.813619][ T24] usb 5-1: config 0 has no interface number 0 [ 77.816107][ T24] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 77.819338][ T24] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8 [ 77.822498][ T24] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 77.826606][ T24] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 77.829952][ T24] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8 [ 77.833124][ T24] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 77.855210][ T24] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 77.857975][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 77.859827][ T1331] sierra 6-1:4.84: Sierra USB modem converter detected [ 77.861884][ T24] usb 5-1: config 0 descriptor?? [ 77.864651][ T7633] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 77.867199][ T1331] usb 6-1: Sierra USB modem converter now attached to ttyUSB0 [ 77.867457][ T7633] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 77.873276][ T24] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 77.876919][ T1331] usb 6-1: USB disconnect, device number 6 [ 77.915555][ T1331] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0 [ 77.918679][ T1331] sierra 6-1:4.84: device disconnected [ 77.941813][ T7604] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 77.962008][ T7604] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check. [ 77.968727][ T7604] wireguard: wg0: Could not create IPv4 socket [ 77.971749][ T7604] wireguard: wg1: Could not create IPv4 socket [ 77.974679][ T7604] wireguard: wg2: Could not create IPv4 socket [ 78.077592][ T838] usb 5-1: USB disconnect, device number 6 [ 78.080930][ T838] ldusb 5-1:0.55: LD USB Device #0 now disconnected [ 78.187877][ T7702] FAULT_INJECTION: forcing a failure. [ 78.187877][ T7702] name failslab, interval 1, probability 0, space 0, times 0 [ 78.191639][ T7702] CPU: 1 UID: 0 PID: 7702 Comm: syz.3.422 Not tainted 6.15.0-syzkaller-08297-ge0797d3b91de #0 PREEMPT(full) [ 78.191653][ T7702] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 78.191659][ T7702] Call Trace: [ 78.191663][ T7702] [ 78.191667][ T7702] dump_stack_lvl+0x16c/0x1f0 [ 78.191683][ T7702] should_fail_ex+0x512/0x640 [ 78.191697][ T7702] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 78.191716][ T7702] should_failslab+0xc2/0x120 [ 78.191729][ T7702] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 78.191746][ T7702] ? __alloc_skb+0x2b2/0x380 [ 78.191759][ T7702] __alloc_skb+0x2b2/0x380 [ 78.191769][ T7702] ? __pfx___alloc_skb+0x10/0x10 [ 78.191779][ T7702] ? find_held_lock+0x2b/0x80 [ 78.191801][ T7702] alloc_skb_with_frags+0xe0/0x860 [ 78.191817][ T7702] sock_alloc_send_pskb+0x7fb/0x990 [ 78.191828][ T7702] ? avc_has_perm+0x11a/0x1c0 [ 78.191845][ T7702] ? __pfx_avc_has_perm+0x10/0x10 [ 78.191863][ T7702] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 78.191872][ T7702] ? avc_has_perm_noaudit+0x149/0x3b0 [ 78.191903][ T7702] ? sock_has_perm+0x259/0x2f0 [ 78.191914][ T7702] ? __pfx_sock_has_perm+0x10/0x10 [ 78.191927][ T7702] hci_sock_sendmsg+0x1c7/0x25f0 [ 78.191943][ T7702] ? __pfx_hci_sock_sendmsg+0x10/0x10 [ 78.191959][ T7702] sock_write_iter+0x4fc/0x5b0 [ 78.191974][ T7702] ? __pfx_sock_write_iter+0x10/0x10 [ 78.191994][ T7702] ? bpf_lsm_file_permission+0x9/0x10 [ 78.192007][ T7702] ? security_file_permission+0x71/0x210 [ 78.192022][ T7702] ? rw_verify_area+0xcf/0x680 [ 78.192038][ T7702] vfs_write+0x6c7/0x1150 [ 78.192054][ T7702] ? __pfx_sock_write_iter+0x10/0x10 [ 78.192070][ T7702] ? __pfx_vfs_write+0x10/0x10 [ 78.192085][ T7702] ? find_held_lock+0x2b/0x80 [ 78.192109][ T7702] ksys_write+0x1f8/0x250 [ 78.192125][ T7702] ? __pfx_ksys_write+0x10/0x10 [ 78.192144][ T7702] do_syscall_64+0xcd/0x4c0 [ 78.192158][ T7702] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.192169][ T7702] RIP: 0033:0x7fdb21d8e969 [ 78.192178][ T7702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 78.192188][ T7702] RSP: 002b:00007fdb22b16038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 78.192202][ T7702] RAX: ffffffffffffffda RBX: 00007fdb21fb5fa0 RCX: 00007fdb21d8e969 [ 78.192209][ T7702] RDX: 000000000000000d RSI: 0000200000000000 RDI: 0000000000000004 [ 78.192215][ T7702] RBP: 00007fdb22b16090 R08: 0000000000000000 R09: 0000000000000000 [ 78.192221][ T7702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 78.192227][ T7702] R13: 0000000000000000 R14: 00007fdb21fb5fa0 R15: 00007fff7de4de48 [ 78.192240][ T7702] [ 78.273344][ C1] vkms_vblank_simulate: vblank timer overrun [ 78.429986][ T7728] netlink: 14528 bytes leftover after parsing attributes in process `syz.1.428'. [ 78.483003][ T7736] sp0: Synchronizing with TNC [ 78.487937][ T7737] team0: No ports can be present during mode change [ 78.527213][ T7744] netlink: 48 bytes leftover after parsing attributes in process `syz.1.432'. [ 78.674450][ T7763] netlink: 28 bytes leftover after parsing attributes in process `syz.1.438'. [ 78.677969][ T7763] netlink: 'syz.1.438': attribute type 7 has an invalid length. [ 78.679690][ T7765] netlink: 'syz.0.439': attribute type 23 has an invalid length. [ 78.680383][ T7763] netlink: 'syz.1.438': attribute type 8 has an invalid length. [ 78.688847][ T7763] netlink: 4 bytes leftover after parsing attributes in process `syz.1.438'. [ 78.720609][ T7771] omfs: Invalid superblock (0) [ 78.723894][ T7763] netlink: 8 bytes leftover after parsing attributes in process `syz.1.438'. [ 78.785245][ T7780] FAULT_INJECTION: forcing a failure. [ 78.785245][ T7780] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 78.789272][ T7780] CPU: 1 UID: 0 PID: 7780 Comm: syz.0.444 Not tainted 6.15.0-syzkaller-08297-ge0797d3b91de #0 PREEMPT(full) [ 78.789286][ T7780] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 78.789293][ T7780] Call Trace: [ 78.789297][ T7780] [ 78.789301][ T7780] dump_stack_lvl+0x16c/0x1f0 [ 78.789318][ T7780] should_fail_ex+0x512/0x640 [ 78.789335][ T7780] _copy_from_iter+0x29f/0x16f0 [ 78.789350][ T7780] ? __pfx_avc_has_perm+0x10/0x10 [ 78.789368][ T7780] ? __pfx__copy_from_iter+0x10/0x10 [ 78.789382][ T7780] ? avc_has_perm_noaudit+0x149/0x3b0 [ 78.789400][ T7780] ? sock_has_perm+0x259/0x2f0 [ 78.789410][ T7780] ? __pfx_sock_has_perm+0x10/0x10 [ 78.789423][ T7780] hci_sock_sendmsg+0x46d/0x25f0 [ 78.789439][ T7780] ? __pfx_hci_sock_sendmsg+0x10/0x10 [ 78.789455][ T7780] sock_write_iter+0x4fc/0x5b0 [ 78.789475][ T7780] ? __pfx_sock_write_iter+0x10/0x10 [ 78.789494][ T7780] ? bpf_lsm_file_permission+0x9/0x10 [ 78.789508][ T7780] ? security_file_permission+0x71/0x210 [ 78.789523][ T7780] ? rw_verify_area+0xcf/0x680 [ 78.789539][ T7780] vfs_write+0x6c7/0x1150 [ 78.789555][ T7780] ? __pfx_sock_write_iter+0x10/0x10 [ 78.789570][ T7780] ? __pfx_vfs_write+0x10/0x10 [ 78.789585][ T7780] ? find_held_lock+0x2b/0x80 [ 78.789610][ T7780] ksys_write+0x1f8/0x250 [ 78.789626][ T7780] ? __pfx_ksys_write+0x10/0x10 [ 78.789645][ T7780] do_syscall_64+0xcd/0x4c0 [ 78.789658][ T7780] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.789670][ T7780] RIP: 0033:0x7f64f378e969 [ 78.789679][ T7780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 78.789689][ T7780] RSP: 002b:00007f64f45d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 78.789699][ T7780] RAX: ffffffffffffffda RBX: 00007f64f39b5fa0 RCX: 00007f64f378e969 [ 78.789706][ T7780] RDX: 000000000000000d RSI: 0000200000000000 RDI: 0000000000000004 [ 78.789712][ T7780] RBP: 00007f64f45d5090 R08: 0000000000000000 R09: 0000000000000000 [ 78.789718][ T7780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 78.789724][ T7780] R13: 0000000000000000 R14: 00007f64f39b5fa0 R15: 00007fff979496d8 [ 78.789736][ T7780] [ 78.861920][ C1] vkms_vblank_simulate: vblank timer overrun [ 78.913275][ T40] kauditd_printk_skb: 15 callbacks suppressed [ 78.913285][ T40] audit: type=1400 audit(1748558969.314:373): avc: denied { bind } for pid=7790 comm="syz.0.446" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 78.921513][ T40] audit: type=1400 audit(1748558969.324:374): avc: denied { listen } for pid=7790 comm="syz.0.446" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 78.930723][ T40] audit: type=1400 audit(1748558969.334:375): avc: denied { write } for pid=7790 comm="syz.0.446" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 78.948568][ T40] audit: type=1326 audit(1748558969.354:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7804 comm="syz.1.449" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8335f8e969 code=0x0 [ 78.987613][ T7811] FAULT_INJECTION: forcing a failure. [ 78.987613][ T7811] name failslab, interval 1, probability 0, space 0, times 0 [ 78.991526][ T7811] CPU: 3 UID: 0 PID: 7811 Comm: syz.0.452 Not tainted 6.15.0-syzkaller-08297-ge0797d3b91de #0 PREEMPT(full) [ 78.991541][ T7811] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 78.991548][ T7811] Call Trace: [ 78.991552][ T7811] [ 78.991557][ T7811] dump_stack_lvl+0x16c/0x1f0 [ 78.991573][ T7811] should_fail_ex+0x512/0x640 [ 78.991587][ T7811] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 78.991607][ T7811] should_failslab+0xc2/0x120 [ 78.991619][ T7811] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 78.991636][ T7811] ? alloc_empty_file+0x55/0x1e0 [ 78.991651][ T7811] alloc_empty_file+0x55/0x1e0 [ 78.991664][ T7811] path_openat+0xda/0x2cb0 [ 78.991674][ T7811] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.991691][ T7811] ? __pfx_path_openat+0x10/0x10 [ 78.991701][ T7811] ? __lock_acquire+0xb8a/0x1c90 [ 78.991717][ T7811] do_filp_open+0x20b/0x470 [ 78.991727][ T7811] ? __pfx_do_filp_open+0x10/0x10 [ 78.991746][ T7811] ? alloc_fd+0x471/0x7d0 [ 78.991759][ T7811] do_sys_openat2+0x11b/0x1d0 [ 78.991772][ T7811] ? __pfx_do_sys_openat2+0x10/0x10 [ 78.991789][ T7811] __x64_sys_openat+0x174/0x210 [ 78.991802][ T7811] ? __pfx___x64_sys_openat+0x10/0x10 [ 78.991816][ T7811] ? do_user_addr_fault+0x843/0x1370 [ 78.991832][ T7811] do_syscall_64+0xcd/0x4c0 [ 78.991845][ T7811] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.991856][ T7811] RIP: 0033:0x7f64f378d2d0 [ 78.991865][ T7811] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 78.991875][ T7811] RSP: 002b:00007f64f45d4b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 78.991885][ T7811] RAX: ffffffffffffffda RBX: 0000000000122c42 RCX: 00007f64f378d2d0 [ 78.991891][ T7811] RDX: 0000000000122c42 RSI: 00007f64f45d4c10 RDI: 00000000ffffff9c [ 78.991898][ T7811] RBP: 00007f64f45d4c10 R08: 0000000000000000 R09: 0023706f6f6c2f76 [ 78.991904][ T7811] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 78.991910][ T7811] R13: 0000000000000001 R14: 00007f64f39b5fa0 R15: 00007fff979496d8 [ 78.991923][ T7811] [ 79.206902][ T7829] input: syz1 as /devices/virtual/input/input9 [ 79.295126][ T1331] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 79.455000][ T1331] usb 8-1: Using ep0 maxpacket: 32 [ 79.457910][ T1331] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 79.462550][ T1331] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 79.465605][ T1331] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 79.468075][ T1331] usb 8-1: Product: syz [ 79.469351][ T1331] usb 8-1: Manufacturer: syz [ 79.470767][ T1331] usb 8-1: SerialNumber: syz [ 79.476886][ T1331] usb 8-1: config 0 descriptor?? [ 79.479279][ T7817] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 79.482114][ T1331] hub 8-1:0.0: bad descriptor, ignoring hub [ 79.483956][ T1331] hub 8-1:0.0: probe with driver hub failed with error -5 [ 80.100312][ T7889] FAULT_INJECTION: forcing a failure. [ 80.100312][ T7889] name failslab, interval 1, probability 0, space 0, times 0 [ 80.104177][ T7889] CPU: 2 UID: 0 PID: 7889 Comm: syz.1.463 Not tainted 6.15.0-syzkaller-08297-ge0797d3b91de #0 PREEMPT(full) [ 80.104192][ T7889] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 80.104198][ T7889] Call Trace: [ 80.104203][ T7889] [ 80.104207][ T7889] dump_stack_lvl+0x16c/0x1f0 [ 80.104222][ T7889] should_fail_ex+0x512/0x640 [ 80.104236][ T7889] ? trace_contention_end+0xdd/0x130 [ 80.104252][ T7889] should_failslab+0xc2/0x120 [ 80.104264][ T7889] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 80.104285][ T7889] ? hci_sock_sendmsg+0xde2/0x25f0 [ 80.104298][ T7889] ? __alloc_skb+0x2b2/0x380 [ 80.104309][ T7889] ? __pfx___mutex_lock+0x10/0x10 [ 80.104323][ T7889] __alloc_skb+0x2b2/0x380 [ 80.104333][ T7889] ? __pfx___alloc_skb+0x10/0x10 [ 80.104349][ T7889] hci_sock_sendmsg+0x1a6f/0x25f0 [ 80.104364][ T7889] ? __pfx_hci_sock_sendmsg+0x10/0x10 [ 80.104380][ T7889] sock_write_iter+0x4fc/0x5b0 [ 80.104396][ T7889] ? __pfx_sock_write_iter+0x10/0x10 [ 80.104415][ T7889] ? bpf_lsm_file_permission+0x9/0x10 [ 80.104429][ T7889] ? security_file_permission+0x71/0x210 [ 80.104444][ T7889] ? rw_verify_area+0xcf/0x680 [ 80.104460][ T7889] vfs_write+0x6c7/0x1150 [ 80.104476][ T7889] ? __pfx_sock_write_iter+0x10/0x10 [ 80.104492][ T7889] ? __pfx_vfs_write+0x10/0x10 [ 80.104507][ T7889] ? find_held_lock+0x2b/0x80 [ 80.104532][ T7889] ksys_write+0x1f8/0x250 [ 80.104547][ T7889] ? __pfx_ksys_write+0x10/0x10 [ 80.104567][ T7889] do_syscall_64+0xcd/0x4c0 [ 80.104580][ T7889] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 80.104592][ T7889] RIP: 0033:0x7f8335f8e969 [ 80.104600][ T7889] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 80.104610][ T7889] RSP: 002b:00007f8336d21038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 80.104620][ T7889] RAX: ffffffffffffffda RBX: 00007f83361b5fa0 RCX: 00007f8335f8e969 [ 80.104627][ T7889] RDX: 000000000000000d RSI: 0000200000000000 RDI: 0000000000000004 [ 80.104633][ T7889] RBP: 00007f8336d21090 R08: 0000000000000000 R09: 0000000000000000 [ 80.104639][ T7889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 80.104645][ T7889] R13: 0000000000000000 R14: 00007f83361b5fa0 R15: 00007ffc704638d8 [ 80.104658][ T7889] [ 80.376653][ T7817] usb 8-1: reset high-speed USB device number 6 using dummy_hcd [ 80.553471][ T7817] usb 8-1: device firmware changed [ 80.562698][ T24] usb 8-1: USB disconnect, device number 6 [ 80.704967][ T24] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 80.865139][ T24] usb 8-1: Using ep0 maxpacket: 32 [ 80.868037][ T24] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 80.873368][ T24] usb 8-1: string descriptor 0 read error: -22 [ 80.875597][ T24] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 80.878322][ T24] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 80.882671][ T24] usb 8-1: config 0 descriptor?? [ 80.884733][ T7854] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 80.887595][ T24] hub 8-1:0.0: bad descriptor, ignoring hub [ 80.889397][ T24] hub 8-1:0.0: probe with driver hub failed with error -5 [ 81.196187][ T838] usb 8-1: USB disconnect, device number 7 [ 81.427284][ T10] cfg80211: failed to load regulatory.db [ 81.557476][ T7975] FAULT_INJECTION: forcing a failure. [ 81.557476][ T7975] name failslab, interval 1, probability 0, space 0, times 0 [ 81.561362][ T7975] CPU: 0 UID: 0 PID: 7975 Comm: syz.1.475 Not tainted 6.15.0-syzkaller-08297-ge0797d3b91de #0 PREEMPT(full) [ 81.561377][ T7975] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 81.561385][ T7975] Call Trace: [ 81.561389][ T7975] [ 81.561392][ T7975] dump_stack_lvl+0x16c/0x1f0 [ 81.561409][ T7975] should_fail_ex+0x512/0x640 [ 81.561423][ T7975] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 81.561443][ T7975] should_failslab+0xc2/0x120 [ 81.561455][ T7975] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 81.561472][ T7975] ? security_file_alloc+0x34/0x2b0 [ 81.561489][ T7975] security_file_alloc+0x34/0x2b0 [ 81.561508][ T7975] init_file+0x93/0x4c0 [ 81.561521][ T7975] alloc_empty_file+0x73/0x1e0 [ 81.561534][ T7975] path_openat+0xda/0x2cb0 [ 81.561543][ T7975] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.561560][ T7975] ? __pfx_path_openat+0x10/0x10 [ 81.561570][ T7975] ? __lock_acquire+0xb8a/0x1c90 [ 81.561585][ T7975] do_filp_open+0x20b/0x470 [ 81.561596][ T7975] ? __pfx_do_filp_open+0x10/0x10 [ 81.561615][ T7975] ? alloc_fd+0x471/0x7d0 [ 81.561628][ T7975] do_sys_openat2+0x11b/0x1d0 [ 81.561641][ T7975] ? __pfx_do_sys_openat2+0x10/0x10 [ 81.561658][ T7975] __x64_sys_openat+0x174/0x210 [ 81.561671][ T7975] ? __pfx___x64_sys_openat+0x10/0x10 [ 81.561685][ T7975] ? do_user_addr_fault+0x843/0x1370 [ 81.561702][ T7975] do_syscall_64+0xcd/0x4c0 [ 81.561715][ T7975] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.561726][ T7975] RIP: 0033:0x7f8335f8d2d0 [ 81.561734][ T7975] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 81.561745][ T7975] RSP: 002b:00007f8336d20b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 81.561755][ T7975] RAX: ffffffffffffffda RBX: 0000000000122c42 RCX: 00007f8335f8d2d0 [ 81.561762][ T7975] RDX: 0000000000122c42 RSI: 00007f8336d20c10 RDI: 00000000ffffff9c [ 81.561768][ T7975] RBP: 00007f8336d20c10 R08: 0000000000000000 R09: 0023706f6f6c2f76 [ 81.561775][ T7975] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 81.561781][ T7975] R13: 0000000000000001 R14: 00007f83361b5fa0 R15: 00007ffc704638d8 [ 81.561794][ T7975] [ 81.894697][ T8018] FAULT_INJECTION: forcing a failure. [ 81.894697][ T8018] name failslab, interval 1, probability 0, space 0, times 0 [ 81.898800][ T8018] CPU: 3 UID: 0 PID: 8018 Comm: syz.3.487 Not tainted 6.15.0-syzkaller-08297-ge0797d3b91de #0 PREEMPT(full) [ 81.898817][ T8018] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 81.898824][ T8018] Call Trace: [ 81.898828][ T8018] [ 81.898832][ T8018] dump_stack_lvl+0x16c/0x1f0 [ 81.898848][ T8018] should_fail_ex+0x512/0x640 [ 81.898862][ T8018] ? fs_reclaim_acquire+0xae/0x150 [ 81.898878][ T8018] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 81.898892][ T8018] should_failslab+0xc2/0x120 [ 81.898904][ T8018] __kmalloc_noprof+0xd2/0x510 [ 81.898918][ T8018] tomoyo_realpath_from_path+0xc2/0x6e0 [ 81.898936][ T8018] tomoyo_check_open_permission+0x2ab/0x3c0 [ 81.898948][ T8018] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 81.898974][ T8018] ? do_raw_spin_lock+0x12c/0x2b0 [ 81.899022][ T8018] tomoyo_file_open+0x6b/0x90 [ 81.899042][ T8018] security_file_open+0x84/0x1e0 [ 81.899057][ T8018] do_dentry_open+0x596/0x1c10 [ 81.899077][ T8018] vfs_open+0x82/0x3f0 [ 81.899091][ T8018] path_openat+0x1de4/0x2cb0 [ 81.899106][ T8018] ? __pfx_path_openat+0x10/0x10 [ 81.899117][ T8018] ? __lock_acquire+0xb8a/0x1c90 [ 81.899131][ T8018] do_filp_open+0x20b/0x470 [ 81.899141][ T8018] ? __pfx_do_filp_open+0x10/0x10 [ 81.899161][ T8018] ? alloc_fd+0x471/0x7d0 [ 81.899178][ T8018] do_sys_openat2+0x11b/0x1d0 [ 81.899197][ T8018] ? __pfx_do_sys_openat2+0x10/0x10 [ 81.899227][ T8018] __x64_sys_openat+0x174/0x210 [ 81.899248][ T8018] ? __pfx___x64_sys_openat+0x10/0x10 [ 81.899274][ T8018] ? do_user_addr_fault+0x843/0x1370 [ 81.899296][ T8018] do_syscall_64+0xcd/0x4c0 [ 81.899315][ T8018] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.899332][ T8018] RIP: 0033:0x7fdb21d8d2d0 [ 81.899346][ T8018] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 81.899363][ T8018] RSP: 002b:00007fdb22b15b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 81.899381][ T8018] RAX: ffffffffffffffda RBX: 0000000000122c42 RCX: 00007fdb21d8d2d0 [ 81.899393][ T8018] RDX: 0000000000122c42 RSI: 00007fdb22b15c10 RDI: 00000000ffffff9c [ 81.899403][ T8018] RBP: 00007fdb22b15c10 R08: 0000000000000000 R09: 0023706f6f6c2f76 [ 81.899414][ T8018] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 81.899424][ T8018] R13: 0000000000000001 R14: 00007fdb21fb5fa0 R15: 00007fff7de4de48 [ 81.899448][ T8018] [ 81.899455][ T8018] ERROR: Out of memory at tomoyo_realpath_from_path. [ 82.074623][ T8038] FAULT_INJECTION: forcing a failure. [ 82.074623][ T8038] name failslab, interval 1, probability 0, space 0, times 0 [ 82.079327][ T8038] CPU: 1 UID: 0 PID: 8038 Comm: syz.3.492 Not tainted 6.15.0-syzkaller-08297-ge0797d3b91de #0 PREEMPT(full) [ 82.079343][ T8038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 82.079350][ T8038] Call Trace: [ 82.079355][ T8038] [ 82.079359][ T8038] dump_stack_lvl+0x16c/0x1f0 [ 82.079375][ T8038] should_fail_ex+0x512/0x640 [ 82.079389][ T8038] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 82.079409][ T8038] should_failslab+0xc2/0x120 [ 82.079421][ T8038] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 82.079439][ T8038] ? __alloc_skb+0x2b2/0x380 [ 82.079452][ T8038] __alloc_skb+0x2b2/0x380 [ 82.079463][ T8038] ? __pfx___alloc_skb+0x10/0x10 [ 82.079474][ T8038] ? find_held_lock+0x2b/0x80 [ 82.079492][ T8038] ? hci_dev_get+0xf0/0x1e0 [ 82.079508][ T8038] mgmt_cmd_status+0x42/0x510 [ 82.079522][ T8038] hci_sock_sendmsg+0x21f8/0x25f0 [ 82.079539][ T8038] ? __pfx_hci_sock_sendmsg+0x10/0x10 [ 82.079555][ T8038] sock_write_iter+0x4fc/0x5b0 [ 82.079571][ T8038] ? __pfx_sock_write_iter+0x10/0x10 [ 82.079591][ T8038] ? bpf_lsm_file_permission+0x9/0x10 [ 82.079605][ T8038] ? security_file_permission+0x71/0x210 [ 82.079620][ T8038] ? rw_verify_area+0xcf/0x680 [ 82.079636][ T8038] vfs_write+0x6c7/0x1150 [ 82.079653][ T8038] ? __pfx_sock_write_iter+0x10/0x10 [ 82.079669][ T8038] ? __pfx_vfs_write+0x10/0x10 [ 82.079684][ T8038] ? find_held_lock+0x2b/0x80 [ 82.079709][ T8038] ksys_write+0x1f8/0x250 [ 82.079725][ T8038] ? __pfx_ksys_write+0x10/0x10 [ 82.079745][ T8038] do_syscall_64+0xcd/0x4c0 [ 82.079759][ T8038] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.079770][ T8038] RIP: 0033:0x7fdb21d8e969 [ 82.079779][ T8038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 82.079790][ T8038] RSP: 002b:00007fdb22b16038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 82.079800][ T8038] RAX: ffffffffffffffda RBX: 00007fdb21fb5fa0 RCX: 00007fdb21d8e969 [ 82.079807][ T8038] RDX: 000000000000000d RSI: 0000200000000000 RDI: 0000000000000004 [ 82.079813][ T8038] RBP: 00007fdb22b16090 R08: 0000000000000000 R09: 0000000000000000 [ 82.079820][ T8038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 82.079826][ T8038] R13: 0000000000000000 R14: 00007fdb21fb5fa0 R15: 00007fff7de4de48 [ 82.079839][ T8038] [ 82.156009][ C1] vkms_vblank_simulate: vblank timer overrun [ 82.307294][ T40] audit: type=1400 audit(1748558972.714:377): avc: denied { write } for pid=8061 comm="syz.0.499" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 82.336830][ T8068] FAULT_INJECTION: forcing a failure. [ 82.336830][ T8068] name failslab, interval 1, probability 0, space 0, times 0 [ 82.343951][ T8068] CPU: 1 UID: 0 PID: 8068 Comm: syz.1.501 Not tainted 6.15.0-syzkaller-08297-ge0797d3b91de #0 PREEMPT(full) [ 82.343969][ T8068] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 82.343976][ T8068] Call Trace: [ 82.343986][ T8068] [ 82.343990][ T8068] dump_stack_lvl+0x16c/0x1f0 [ 82.344021][ T8068] should_fail_ex+0x512/0x640 [ 82.344039][ T8068] ? fs_reclaim_acquire+0xae/0x150 [ 82.344056][ T8068] ? tomoyo_encode2+0x100/0x3e0 [ 82.344069][ T8068] should_failslab+0xc2/0x120 [ 82.344081][ T8068] __kmalloc_noprof+0xd2/0x510 [ 82.344091][ T8068] ? d_absolute_path+0x136/0x1a0 [ 82.344108][ T8068] tomoyo_encode2+0x100/0x3e0 [ 82.344124][ T8068] tomoyo_encode+0x29/0x50 [ 82.344137][ T8068] tomoyo_realpath_from_path+0x18f/0x6e0 [ 82.344155][ T8068] tomoyo_check_open_permission+0x2ab/0x3c0 [ 82.344168][ T8068] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 82.344200][ T8068] ? do_raw_spin_lock+0x12c/0x2b0 [ 82.344220][ T8068] tomoyo_file_open+0x6b/0x90 [ 82.344236][ T8068] security_file_open+0x84/0x1e0 [ 82.344252][ T8068] do_dentry_open+0x596/0x1c10 [ 82.344272][ T8068] vfs_open+0x82/0x3f0 [ 82.344287][ T8068] path_openat+0x1de4/0x2cb0 [ 82.344302][ T8068] ? __pfx_path_openat+0x10/0x10 [ 82.344313][ T8068] ? __lock_acquire+0xb8a/0x1c90 [ 82.344328][ T8068] do_filp_open+0x20b/0x470 [ 82.344338][ T8068] ? __pfx_do_filp_open+0x10/0x10 [ 82.344358][ T8068] ? alloc_fd+0x471/0x7d0 [ 82.344373][ T8068] do_sys_openat2+0x11b/0x1d0 [ 82.344385][ T8068] ? __pfx_do_sys_openat2+0x10/0x10 [ 82.344404][ T8068] __x64_sys_openat+0x174/0x210 [ 82.344417][ T8068] ? __pfx___x64_sys_openat+0x10/0x10 [ 82.344431][ T8068] ? do_user_addr_fault+0x843/0x1370 [ 82.344449][ T8068] do_syscall_64+0xcd/0x4c0 [ 82.344463][ T8068] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.344474][ T8068] RIP: 0033:0x7f8335f8d2d0 [ 82.344483][ T8068] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 82.344493][ T8068] RSP: 002b:00007f8336d20b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 82.344504][ T8068] RAX: ffffffffffffffda RBX: 0000000000122c42 RCX: 00007f8335f8d2d0 [ 82.344510][ T8068] RDX: 0000000000122c42 RSI: 00007f8336d20c10 RDI: 00000000ffffff9c [ 82.344517][ T8068] RBP: 00007f8336d20c10 R08: 0000000000000000 R09: 0023706f6f6c2f76 [ 82.344523][ T8068] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 82.344529][ T8068] R13: 0000000000000001 R14: 00007f83361b5fa0 R15: 00007ffc704638d8 [ 82.344543][ T8068] [ 82.344554][ T8068] ERROR: Out of memory at tomoyo_realpath_from_path. [ 82.866874][ T8100] input: syz1 as /devices/virtual/input/input11 [ 82.984590][ T5936] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 82.988923][ T5936] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 82.991892][ T5936] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 82.993526][ T8120] netlink: 9 bytes leftover after parsing attributes in process `syz.0.511'. [ 82.994642][ T5936] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 82.998591][ T8120] 0: renamed from hsr0 (while UP) [ 83.000339][ T5936] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 83.004129][ T8120] 0: entered allmulticast mode [ 83.005968][ T8120] hsr_slave_0: entered allmulticast mode [ 83.007769][ T8120] hsr_slave_1: entered allmulticast mode [ 83.009858][ T8120] A link change request failed with some changes committed already. Interface 70 may have been left with an inconsistent configuration, please check. [ 83.017276][ T8117] Failed to initialize the IGMP autojoin socket (err -2) [ 83.052869][ T8127] Bluetooth: MGMT ver 1.23 [ 83.055751][ T8127] FAULT_INJECTION: forcing a failure. [ 83.055751][ T8127] name failslab, interval 1, probability 0, space 0, times 0 [ 83.059579][ T8127] CPU: 0 UID: 0 PID: 8127 Comm: syz.1.513 Not tainted 6.15.0-syzkaller-08297-ge0797d3b91de #0 PREEMPT(full) [ 83.059594][ T8127] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 83.059601][ T8127] Call Trace: [ 83.059605][ T8127] [ 83.059609][ T8127] dump_stack_lvl+0x16c/0x1f0 [ 83.059626][ T8127] should_fail_ex+0x512/0x640 [ 83.059640][ T8127] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 83.059660][ T8127] should_failslab+0xc2/0x120 [ 83.059672][ T8127] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 83.059689][ T8127] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 83.059702][ T8127] ? __alloc_skb+0x2b2/0x380 [ 83.059715][ T8127] __alloc_skb+0x2b2/0x380 [ 83.059726][ T8127] ? __pfx___alloc_skb+0x10/0x10 [ 83.059736][ T8127] ? queue_work_on+0x120/0x1f0 [ 83.059756][ T8127] mgmt_cmd_complete+0x4f/0x550 [ 83.059772][ T8127] remove_device+0x6bf/0xbf0 [ 83.059788][ T8127] ? __pfx_remove_device+0x10/0x10 [ 83.059801][ T8127] ? lockdep_init_map_type+0x5c/0x280 [ 83.059816][ T8127] ? do_init_timer+0xc9/0x110 [ 83.059827][ T8127] ? __pfx_mgmt_init_hdev+0x10/0x10 [ 83.059842][ T8127] hci_sock_sendmsg+0x1522/0x25f0 [ 83.059858][ T8127] ? __pfx_hci_sock_sendmsg+0x10/0x10 [ 83.059874][ T8127] sock_write_iter+0x4fc/0x5b0 [ 83.059890][ T8127] ? __pfx_sock_write_iter+0x10/0x10 [ 83.059910][ T8127] ? bpf_lsm_file_permission+0x9/0x10 [ 83.059924][ T8127] ? security_file_permission+0x71/0x210 [ 83.059939][ T8127] ? rw_verify_area+0xcf/0x680 [ 83.059955][ T8127] vfs_write+0x6c7/0x1150 [ 83.059971][ T8127] ? __pfx_sock_write_iter+0x10/0x10 [ 83.059988][ T8127] ? __pfx_vfs_write+0x10/0x10 [ 83.060002][ T8127] ? find_held_lock+0x2b/0x80 [ 83.060031][ T8127] ksys_write+0x1f8/0x250 [ 83.060053][ T8127] ? __pfx_ksys_write+0x10/0x10 [ 83.060081][ T8127] do_syscall_64+0xcd/0x4c0 [ 83.060099][ T8127] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.060115][ T8127] RIP: 0033:0x7f8335f8e969 [ 83.060129][ T8127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 83.060146][ T8127] RSP: 002b:00007f8336d21038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 83.060161][ T8127] RAX: ffffffffffffffda RBX: 00007f83361b5fa0 RCX: 00007f8335f8e969 [ 83.060171][ T8127] RDX: 000000000000000d RSI: 0000200000000000 RDI: 0000000000000004 [ 83.060180][ T8127] RBP: 00007f8336d21090 R08: 0000000000000000 R09: 0000000000000000 [ 83.060189][ T8127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 83.060200][ T8127] R13: 0000000000000000 R14: 00007f83361b5fa0 R15: 00007ffc704638d8 [ 83.060224][ T8127] [ 83.167092][ T8136] FAULT_INJECTION: forcing a failure. [ 83.167092][ T8136] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 83.171216][ T8136] CPU: 1 UID: 0 PID: 8136 Comm: syz.1.515 Not tainted 6.15.0-syzkaller-08297-ge0797d3b91de #0 PREEMPT(full) [ 83.171233][ T8136] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 83.171241][ T8136] Call Trace: [ 83.171245][ T8136] [ 83.171249][ T8136] dump_stack_lvl+0x16c/0x1f0 [ 83.171270][ T8136] should_fail_ex+0x512/0x640 [ 83.171287][ T8136] _copy_to_user+0x32/0xd0 [ 83.171303][ T8136] simple_read_from_buffer+0xcb/0x170 [ 83.171322][ T8136] proc_fail_nth_read+0x197/0x270 [ 83.171340][ T8136] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 83.171358][ T8136] ? rw_verify_area+0xcf/0x680 [ 83.171372][ T8136] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 83.171389][ T8136] vfs_read+0x1e4/0xc60 [ 83.171407][ T8136] ? __pfx___mutex_lock+0x10/0x10 [ 83.171419][ T8136] ? __pfx_vfs_read+0x10/0x10 [ 83.171438][ T8136] ? __fget_files+0x20e/0x3c0 [ 83.171452][ T8136] ksys_read+0x12a/0x250 [ 83.171468][ T8136] ? __pfx_ksys_read+0x10/0x10 [ 83.171487][ T8136] do_syscall_64+0xcd/0x4c0 [ 83.171501][ T8136] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.171512][ T8136] RIP: 0033:0x7f8335f8d37c [ 83.171522][ T8136] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 83.171533][ T8136] RSP: 002b:00007f8336d21030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 83.171543][ T8136] RAX: ffffffffffffffda RBX: 00007f83361b5fa0 RCX: 00007f8335f8d37c [ 83.171550][ T8136] RDX: 000000000000000f RSI: 00007f8336d210a0 RDI: 0000000000000003 [ 83.171556][ T8136] RBP: 00007f8336d21090 R08: 0000000000000000 R09: 0023706f6f6c2f76 [ 83.171563][ T8136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 83.171569][ T8136] R13: 0000000000000001 R14: 00007f83361b5fa0 R15: 00007ffc704638d8 [ 83.171582][ T8136] [ 83.229536][ C1] vkms_vblank_simulate: vblank timer overrun [ 83.343179][ T8153] fuse: Unknown parameter 'fs0x0000000000000006' [ 83.668561][ T40] audit: type=1400 audit(1748558974.074:378): avc: denied { map } for pid=8211 comm="syz.0.529" path="/dev/bus/usb/003/001" dev="devtmpfs" ino=748 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 83.677035][ T40] audit: type=1400 audit(1748558974.074:379): avc: denied { create } for pid=8211 comm="syz.0.529" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 83.683410][ T40] audit: type=1400 audit(1748558974.084:380): avc: denied { write } for pid=8211 comm="syz.0.529" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 83.775375][ T8117] netdevsim netdevsim2 netdevsim0: renamed from eth2 [ 83.789323][ T8117] netdevsim netdevsim2 netdevsim1: renamed from eth3 [ 83.801885][ T8117] netdevsim netdevsim2 netdevsim2: renamed from eth4 [ 83.818695][ T8117] netdevsim netdevsim2 netdevsim3: renamed from eth5 [ 83.839908][ T8234] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 83.876757][ T40] audit: type=1400 audit(1748558974.284:381): avc: denied { connect } for pid=8235 comm="syz.0.534" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 83.990745][ T8117] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 84.000713][ T8117] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check. [ 84.007629][ T8117] wireguard: wg0: Could not create IPv4 socket [ 84.010735][ T8117] wireguard: wg1: Could not create IPv4 socket [ 84.013730][ T8117] wireguard: wg2: Could not create IPv4 socket [ 84.025578][ T40] audit: type=1400 audit(1748558974.424:382): avc: denied { ioctl } for pid=8252 comm="syz.0.539" path="/dev/fuse" dev="devtmpfs" ino=105 ioctlcmd=0xe502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 84.087747][ T8257] FAULT_INJECTION: forcing a failure. [ 84.087747][ T8257] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 84.091804][ T8257] CPU: 1 UID: 0 PID: 8257 Comm: syz.0.541 Not tainted 6.15.0-syzkaller-08297-ge0797d3b91de #0 PREEMPT(full) [ 84.091820][ T8257] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 84.091827][ T8257] Call Trace: [ 84.091831][ T8257] [ 84.091836][ T8257] dump_stack_lvl+0x16c/0x1f0 [ 84.091852][ T8257] should_fail_ex+0x512/0x640 [ 84.091869][ T8257] _copy_to_user+0x32/0xd0 [ 84.091885][ T8257] simple_read_from_buffer+0xcb/0x170 [ 84.091904][ T8257] proc_fail_nth_read+0x197/0x270 [ 84.091921][ T8257] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 84.091939][ T8257] ? rw_verify_area+0xcf/0x680 [ 84.091953][ T8257] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 84.091970][ T8257] vfs_read+0x1e4/0xc60 [ 84.091988][ T8257] ? __pfx___mutex_lock+0x10/0x10 [ 84.092001][ T8257] ? __pfx_vfs_read+0x10/0x10 [ 84.092020][ T8257] ? __fget_files+0x20e/0x3c0 [ 84.092034][ T8257] ksys_read+0x12a/0x250 [ 84.092050][ T8257] ? __pfx_ksys_read+0x10/0x10 [ 84.092069][ T8257] do_syscall_64+0xcd/0x4c0 [ 84.092083][ T8257] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.092094][ T8257] RIP: 0033:0x7f64f378d37c [ 84.092104][ T8257] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 84.092114][ T8257] RSP: 002b:00007f64f45d5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 84.092126][ T8257] RAX: ffffffffffffffda RBX: 00007f64f39b5fa0 RCX: 00007f64f378d37c [ 84.092132][ T8257] RDX: 000000000000000f RSI: 00007f64f45d50a0 RDI: 0000000000000003 [ 84.092138][ T8257] RBP: 00007f64f45d5090 R08: 0000000000000000 R09: 0000000000000000 [ 84.092145][ T8257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 84.092151][ T8257] R13: 0000000000000000 R14: 00007f64f39b5fa0 R15: 00007fff979496d8 [ 84.092164][ T8257] [ 84.383797][ T8271] Failed to initialize the IGMP autojoin socket (err -2) [ 84.660372][ T40] audit: type=1400 audit(1748558975.064:383): avc: denied { append } for pid=8286 comm="syz.1.549" name="iommu" dev="devtmpfs" ino=632 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 84.695092][ T5969] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 84.856896][ T5969] usb 5-1: config 0 has no interfaces? [ 84.860457][ T5969] usb 5-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 84.863289][ T5969] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 84.866382][ T5969] usb 5-1: Product: syz [ 84.867681][ T5969] usb 5-1: Manufacturer: syz [ 84.869074][ T5969] usb 5-1: SerialNumber: syz [ 84.872194][ T5969] usb 5-1: config 0 descriptor?? [ 85.080107][ T53] usb 5-1: USB disconnect, device number 7 [ 85.686356][ T40] audit: type=1400 audit(1748558976.094:384): avc: denied { map } for pid=8354 comm="syz.0.558" path="/dev/dri/card0" dev="devtmpfs" ino=635 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 85.693534][ T40] audit: type=1400 audit(1748558976.094:385): avc: denied { execute } for pid=8354 comm="syz.0.558" path="/dev/dri/card0" dev="devtmpfs" ino=635 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 85.707825][ T8357] configfs: Unknown parameter '/dev/hpet' [ 85.993545][ T8392] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=8392 comm=syz.1.569 [ 86.066690][ T53] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 86.237895][ T53] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 86.240537][ T53] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 86.243581][ T53] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 86.246460][ T53] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 86.249747][ T53] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 86.254310][ T53] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 86.258874][ T53] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 86.261353][ T53] usb 5-1: Product: syz [ 86.262700][ T53] usb 5-1: Manufacturer: syz [ 86.274545][ T53] cdc_wdm 5-1:1.0: skipping garbage [ 86.276491][ T53] cdc_wdm 5-1:1.0: skipping garbage [ 86.281207][ T53] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 86.283148][ T53] cdc_wdm 5-1:1.0: Unknown control protocol [ 86.312202][ T8413] input: syz1 as /devices/virtual/input/input12 [ 86.472276][ T40] audit: type=1400 audit(1748558976.874:386): avc: denied { read write } for pid=8372 comm="syz.0.564" name="cdc-wdm0" dev="devtmpfs" ino=3038 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:modem_device_t tclass=chr_file permissive=1 [ 86.475397][ T8373] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 86.479511][ T40] audit: type=1400 audit(1748558976.874:387): avc: denied { open } for pid=8372 comm="syz.0.564" path="/dev/cdc-wdm0" dev="devtmpfs" ino=3038 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:modem_device_t tclass=chr_file permissive=1 [ 86.482931][ T8373] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 86.497408][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 86.499623][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 86.502103][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 86.504224][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 86.506253][ T5969] usb 5-1: USB disconnect, device number 8 [ 87.368968][ T8453] netlink: 4 bytes leftover after parsing attributes in process `syz.0.581'. [ 87.372343][ T8453] bridge_slave_0: left allmulticast mode [ 87.374193][ T8453] bridge_slave_0: left promiscuous mode [ 87.379317][ T8453] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.420437][ T8456] tmpfs: Unknown parameter 'nr_inodTOA3e#' [ 87.442978][ T8456] netlink: 8 bytes leftover after parsing attributes in process `syz.0.581'. [ 87.445862][ T8456] netlink: 'syz.0.581': attribute type 30 has an invalid length. [ 87.865946][ T8486] batadv_slave_1: entered promiscuous mode [ 87.868610][ T8484] batadv_slave_1: left promiscuous mode [ 88.014945][ T40] audit: type=1400 audit(1748558978.414:388): avc: denied { connect } for pid=8489 comm="syz.0.590" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 88.267434][ T40] audit: type=1400 audit(1748558978.674:389): avc: denied { create } for pid=8495 comm="syz.0.593" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 88.290141][ T8498] program syz.0.594 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 88.412754][ T40] audit: type=1400 audit(1748558978.814:390): avc: denied { read } for pid=8505 comm="syz.0.598" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 88.415556][ T8506] netlink: 4 bytes leftover after parsing attributes in process `syz.0.598'. [ 88.421729][ T40] audit: type=1400 audit(1748558978.814:391): avc: denied { open } for pid=8505 comm="syz.0.598" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 88.950472][ T8386] uprobe: syz.3.568:8386 failed to unregister, leaking uprobe [ 89.479904][ T8551] overlayfs: failed to resolve './file0': -2 [ 89.627882][ T5947] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 89.634012][ T5947] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 89.637479][ T5947] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 89.640557][ T5947] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 89.643029][ T5947] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 89.653153][ T8565] Failed to initialize the IGMP autojoin socket (err -2) [ 89.664352][ T40] audit: type=1400 audit(1748558980.064:392): avc: denied { module_request } for pid=8567 comm="syz.3.607" kmod="netdev-batadv_slave_1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 89.722312][ T40] audit: type=1400 audit(1748558980.124:393): avc: denied { read } for pid=8567 comm="syz.3.607" name="usbmon8" dev="devtmpfs" ino=762 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 89.723267][ T8568] netlink: 28 bytes leftover after parsing attributes in process `syz.3.607'. [ 89.733493][ T40] audit: type=1400 audit(1748558980.124:394): avc: denied { open } for pid=8567 comm="syz.3.607" path="/dev/usbmon8" dev="devtmpfs" ino=762 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 89.735653][ T8568] netlink: 'syz.3.607': attribute type 7 has an invalid length. [ 89.744037][ T8568] netlink: 'syz.3.607': attribute type 8 has an invalid length. [ 89.748618][ T8568] netlink: 4 bytes leftover after parsing attributes in process `syz.3.607'. [ 89.771604][ T8578] input: syz1 as /devices/virtual/input/input13 [ 90.214644][ T8606] netlink: 8 bytes leftover after parsing attributes in process `syz.1.620'. [ 90.274147][ T40] audit: type=1400 audit(1748558980.674:395): avc: denied { write } for pid=8613 comm="syz.1.624" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 90.310022][ T8623] Bluetooth: MGMT ver 1.23 [ 90.325773][ T8565] netdevsim netdevsim2 netdevsim0: renamed from eth2 [ 90.339622][ T8627] netlink: 'syz.3.628': attribute type 1 has an invalid length. [ 90.339691][ T8565] netdevsim netdevsim2 netdevsim1: renamed from eth3 [ 90.341999][ T8627] netlink: 'syz.3.628': attribute type 2 has an invalid length. [ 90.384339][ T8565] netdevsim netdevsim2 netdevsim2: renamed from eth4 [ 90.397420][ T8565] netdevsim netdevsim2 netdevsim3: renamed from eth5 [ 90.397794][ T8630] netlink: 'syz.3.628': attribute type 1 has an invalid length. [ 90.402044][ T8630] netlink: 'syz.3.628': attribute type 2 has an invalid length. [ 90.436252][ T40] audit: type=1400 audit(1748558980.844:396): avc: denied { write } for pid=8631 comm="syz.3.631" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 90.469233][ T40] audit: type=1400 audit(1748558980.874:397): avc: denied { append } for pid=8637 comm="syz.3.632" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 90.469282][ T8641] random: crng reseeded on system resumption [ 90.567559][ T8565] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 90.577964][ T8565] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check. [ 90.583897][ T8565] wireguard: wg0: Could not create IPv4 socket [ 90.587293][ T8565] wireguard: wg1: Could not create IPv4 socket [ 90.590264][ T8565] wireguard: wg2: Could not create IPv4 socket [ 90.896645][ T8676] netlink: 28 bytes leftover after parsing attributes in process `syz.3.646'. [ 90.996396][ T8689] binder: 8688:8689 ioctl c0306201 200000000540 returned -22 [ 91.075593][ T40] audit: type=1400 audit(1748558981.484:398): avc: denied { getopt } for pid=8691 comm="syz.1.652" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 91.301904][ T40] audit: type=1400 audit(1748558981.704:399): avc: denied { mounton } for pid=8703 comm="syz.1.658" path="/221/file0" dev="tmpfs" ino=1161 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1 [ 91.746484][ T8708] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8708 comm=syz.3.659 [ 91.751427][ T8708] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8 sclass=netlink_route_socket pid=8708 comm=syz.3.659 [ 91.756241][ T40] audit: type=1400 audit(1748558982.164:400): avc: denied { create } for pid=8707 comm="syz.3.659" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 91.764102][ T40] audit: type=1400 audit(1748558982.164:401): avc: denied { ioctl } for pid=8707 comm="syz.3.659" path="socket:[24621]" dev="sockfs" ino=24621 ioctlcmd=0x89e3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 91.957896][ T8717] dlm: non-version read from control device 0 [ 92.154118][ T5936] Bluetooth: hci3: unexpected event for opcode 0x2005 [ 92.156404][ T8732] IPv6: Can't replace route, no match found [ 92.160392][ T8730] netlink: 96 bytes leftover after parsing attributes in process `syz.1.669'. [ 92.573034][ T8755] netlink: 'syz.1.680': attribute type 21 has an invalid length. [ 92.586052][ T8755] KVM: debugfs: duplicate directory 8755-5 [ 92.591358][ T8755] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 92.594700][ T8755] overlayfs: maximum fs stacking depth exceeded [ 93.029258][ T8768] netlink: 8 bytes leftover after parsing attributes in process `syz.0.685'. [ 93.031942][ T8768] netlink: 8 bytes leftover after parsing attributes in process `syz.0.685'. [ 93.039359][ T8768] binder: 8767:8768 ioctl c0306201 200000000100 returned -22 [ 93.280808][ T8776] input: syz1 as /devices/virtual/input/input14 [ 93.610326][ T8779] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 93.894671][ T8782] Failed to initialize the IGMP autojoin socket (err -2) [ 94.005905][ T8789] netlink: 12 bytes leftover after parsing attributes in process `syz.3.694'. [ 94.251970][ T8813] netlink: 4 bytes leftover after parsing attributes in process `syz.1.700'. [ 94.325802][ C2] [ 94.326631][ C2] ============================= [ 94.328167][ C2] [ BUG: Invalid wait context ] [ 94.329674][ C2] 6.15.0-syzkaller-08297-ge0797d3b91de #0 Not tainted [ 94.332691][ C2] ----------------------------- [ 94.334763][ C2] swapper/2/0 is trying to lock: [ 94.336305][ C2] ffffc900039b2410 (&gpc->lock){....}-{3:3}, at: kvm_xen_set_evtchn_fast+0x254/0xeb0 [ 94.339333][ C2] other info that might help us debug this: [ 94.341170][ C2] context-{2:2} [ 94.342264][ C2] 1 lock held by swapper/2/0: [ 94.343774][ C2] #0: ffffc900039b2960 (&kvm->srcu){.?.+}-{0:0}, at: kvm_xen_set_evtchn_fast+0x23a/0xeb0 [ 94.347037][ C2] stack backtrace: [ 94.348476][ C2] CPU: 2 UID: 0 PID: 0 Comm: swapper/2 Not tainted 6.15.0-syzkaller-08297-ge0797d3b91de #0 PREEMPT(full) [ 94.348489][ C2] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 94.348495][ C2] Call Trace: [ 94.348499][ C2] [ 94.348504][ C2] dump_stack_lvl+0x116/0x1f0 [ 94.348526][ C2] __lock_acquire+0xa12/0x1c90 [ 94.348538][ C2] ? __lock_acquire+0xb8a/0x1c90 [ 94.348551][ C2] lock_acquire+0x179/0x350 [ 94.348562][ C2] ? kvm_xen_set_evtchn_fast+0x254/0xeb0 [ 94.348576][ C2] _raw_read_lock_irqsave+0x46/0x90 [ 94.348586][ C2] ? kvm_xen_set_evtchn_fast+0x254/0xeb0 [ 94.348598][ C2] kvm_xen_set_evtchn_fast+0x254/0xeb0 [ 94.348610][ C2] ? kvm_xen_set_evtchn_fast+0x23a/0xeb0 [ 94.348622][ C2] ? __pfx_kvm_xen_set_evtchn_fast+0x10/0x10 [ 94.348635][ C2] ? do_raw_spin_unlock+0x172/0x230 [ 94.348648][ C2] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 94.348657][ C2] ? debug_object_deactivate+0x1ec/0x3a0 [ 94.348679][ C2] ? __pfx_xen_timer_callback+0x10/0x10 [ 94.348690][ C2] xen_timer_callback+0x1db/0x2a0 [ 94.348702][ C2] ? __pfx_xen_timer_callback+0x10/0x10 [ 94.348714][ C2] ? do_raw_spin_unlock+0x172/0x230 [ 94.348728][ C2] __hrtimer_run_queues+0x5ed/0xad0 [ 94.348744][ C2] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 94.348758][ C2] ? read_tsc+0x9/0x20 [ 94.348773][ C2] hrtimer_interrupt+0x397/0x8e0 [ 94.348790][ C2] __sysvec_apic_timer_interrupt+0x108/0x3f0 [ 94.348804][ C2] sysvec_apic_timer_interrupt+0x9f/0xc0 [ 94.348814][ C2] [ 94.348817][ C2] [ 94.348820][ C2] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 94.348831][ C2] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 94.348841][ C2] Code: 93 55 02 e9 53 fb 02 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d f3 50 0e 00 fb f4 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 94.348851][ C2] RSP: 0018:ffffc90000187df8 EFLAGS: 00000286 [ 94.348860][ C2] RAX: 00000000000aa8c9 RBX: 0000000000000002 RCX: ffffffff8b7bb449 [ 94.348866][ C2] RDX: 0000000000000000 RSI: ffffffff8dc0590b RDI: ffffffff8bf52e80 [ 94.348872][ C2] RBP: ffffed1003b51910 R08: 0000000000000001 R09: ffffed100d4c663d [ 94.348878][ C2] R10: ffff88806a6331eb R11: 0000000000000001 R12: 0000000000000002 [ 94.348884][ C2] R13: ffff88801da8c880 R14: ffffffff90878750 R15: 0000000000000000 [ 94.348891][ C2] ? ct_kernel_exit+0x139/0x190 [ 94.348903][ C2] default_idle+0x13/0x20 [ 94.348914][ C2] default_idle_call+0x6d/0xb0 [ 94.348925][ C2] do_idle+0x391/0x510 [ 94.348935][ C2] ? __pfx_do_idle+0x10/0x10 [ 94.348943][ C2] ? trace_sched_exit_tp+0x31/0x130 [ 94.348955][ C2] cpu_startup_entry+0x4f/0x60 [ 94.348963][ C2] start_secondary+0x21d/0x2b0 [ 94.348973][ C2] ? __pfx_start_secondary+0x10/0x10 [ 94.348983][ C2] common_startup_64+0x13e/0x148 [ 94.348999][ C2] [ 94.437886][ C2] vkms_vblank_simulate: vblank timer overrun SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 94.741281][ T13] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.807304][ T13] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.860615][ T13] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.919883][ T13] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 95.009825][ T13] bridge_slave_1: left allmulticast mode [ 95.011652][ T13] bridge_slave_1: left promiscuous mode [ 95.013486][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.017019][ T13] bridge_slave_0: left allmulticast mode [ 95.018744][ T13] bridge_slave_0: left promiscuous mode [ 95.020465][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.168810][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 95.172465][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 95.175877][ T13] bond0 (unregistering): Released all slaves [ 95.451816][ T13] hsr_slave_0: left promiscuous mode [ 95.454574][ T13] hsr_slave_1: left promiscuous mode [ 95.459832][ T13] veth1_macvtap: left promiscuous mode [ 95.462130][ T13] veth0_macvtap: left promiscuous mode [ 95.464489][ T13] veth1_vlan: left promiscuous mode [ 95.466978][ T13] veth0_vlan: left promiscuous mode [ 95.620795][ T13] team0 (unregistering): Port device team_slave_1 removed [ 95.648041][ T13] team0 (unregistering): Port device team_slave_0 removed [ 96.050879][ T13] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.088117][ T13] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.177706][ T13] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.259030][ T13] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.323833][ T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.388599][ T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.440291][ T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.539909][ T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.660353][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 96.663876][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 96.668491][ T13] bond0 (unregistering): Released all slaves [ 96.890185][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 96.895323][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 96.900033][ T13] bond0 (unregistering): (slave wlan1): Releasing backup interface [ 96.906031][ T13] bond0 (unregistering): Released all slaves [ 97.381662][ T13] hsr_slave_0: left promiscuous mode [ 97.383569][ T13] hsr_slave_1: left promiscuous mode [ 97.385570][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 97.387860][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 97.391747][ T13] hsr_slave_0: left promiscuous mode [ 97.394345][ T13] hsr_slave_1: left promiscuous mode [ 97.396837][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 97.399725][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 97.403062][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 97.406061][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 97.413372][ T13] veth1_macvtap: left promiscuous mode [ 97.415748][ T13] veth0_macvtap: left promiscuous mode [ 97.417951][ T13] veth1_vlan: left promiscuous mode [ 97.420694][ T13] veth1_macvtap: left promiscuous mode [ 97.422875][ T13] veth0_macvtap: left promiscuous mode [ 97.425169][ T13] veth1_vlan: left promiscuous mode [ 97.427289][ T13] veth0_vlan: left promiscuous mode [ 97.587704][ T13] team0 (unregistering): Port device team_slave_1 removed [ 97.616197][ T13] team0 (unregistering): Port device team_slave_0 removed [ 97.720763][ T13] pimreg3 (unregistering): left allmulticast mode [ 97.812335][ T13] team0 (unregistering): Port device team_slave_0 removed [ 97.915867][ T10] lo speed is unknown, defaulting to 1000 [ 97.917714][ T10] infiniband syz0: ib_query_port failed (-19) VM DIAGNOSIS: 22:49:44 Registers: info registers vcpu 0 CPU#0 RAX=0000000000053ee4 RBX=0000000000000000 RCX=ffffffff8b7bb449 RDX=ffffed100d48663e RSI=ffffffff8bf52e00 RDI=ffffffff8191b6d1 RBP=fffffbfff1c12ee8 RSP=ffffffff8e007e08 R8 =0000000000000000 R9 =ffffed100d48663d R10=ffff88806a4331eb R11=0000000000000000 R12=0000000000000000 R13=ffffffff8e097740 R14=ffffffff90878750 R15=0000000000000000 RIP=ffffffff8b7b9faf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6970000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f8336d20f98 CR3=000000004d1b0000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000080040001 Opmask01=0000000002fefce0 Opmask02=0000000002fefcfe Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff97949a60 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f64f3811a8a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f64f3811a97 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f64f3811a91 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f64f3811aa5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f64f3811b2b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f64f3811c09 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0063696e61703d73 726f727265006f72 2d746e756f6d6572 3d73726f72726500 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00464c4b44551856 574a575740004a57 08514b504a484057 1856574a57574000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000055ed4 RBX=0000000000000001 RCX=ffffffff8b7bb449 RDX=ffffed100d4a663e RSI=ffffffff8bf52e00 RDI=ffffffff8191b6d1 RBP=ffffed1003b51488 RSP=ffffc90000177df8 R8 =0000000000000000 R9 =ffffed100d4a663d R10=ffff88806a5331eb R11=0000000000000000 R12=0000000000000001 R13=ffff88801da8a440 R14=ffffffff90878750 R15=0000000000000000 RIP=ffffffff8b7b9faf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6a70000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fdb22ae56c0 CR3=0000000028e97000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000010000000 Opmask04=0000000000000000 Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a 0000003000000012 0004000000080024 0000000000280034 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000002c7 0000001400000000 0000000000000000 0000000000000015 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0408000380030008 0006100020100006 006ff42c00000420 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 06080606011fd260 a082100000208080 8090000fffffffff ffff040606748000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 08000a1000501000 06046fa000040004 080013800401c710 000802498e006d63 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5f616d64722f646e 6162696e69666e69 2f7665642f01ffff ffffffffffffcf08 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1380030480040380 040e080004860800 0100000008060a01 0d8c080800048003 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4139e208dfaa1aca c3ac2bf744080380 0320100002800401 0000020806060101 ZMM25=2c28507b2c28507b 2c28507b2c28507b 2c28507b2c28507b 2c28507b2c28507b 2c28507b2c28507b 2c28507b2c28507b 2c28507b2c28507b 2c28507b2c28507b ZMM26=84b9b72d84b9b72d 84b9b72d84b9b72d 84b9b72d84b9b72d 84b9b72d84b9b72d 84b9b72d84b9b72d 84b9b72d84b9b72d 84b9b72d84b9b72d 84b9b72d84b9b72d ZMM27=7ad4aadb7ad4aadb 7ad4aadb7ad4aadb 7ad4aadb7ad4aadb 7ad4aadb7ad4aadb 7ad4aadb7ad4aadb 7ad4aadb7ad4aadb 7ad4aadb7ad4aadb 7ad4aadb7ad4aadb ZMM28=000000200000001f 0000001e0000001d 0000001c0000001b 0000001a00000019 0000001800000017 0000001600000015 0000001400000013 0000001200000011 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0404000004040000 0404000004040000 0404000004040000 0404000004040000 0404000004040000 0404000004040000 0404000004040000 0404000004040000 info registers vcpu 2 CPU#2 RAX=0000000000000039 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85582e05 RDI=ffffffff9ae6b6a0 RBP=ffffffff9ae6b660 RSP=ffffc900006486a0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d R12=0000000000000000 R13=0000000000000039 R14=ffffffff9ae6b660 R15=ffffffff85582da0 RIP=ffffffff85582e2f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6b70000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00005555715d7808 CR3=0000000024c7c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000c0fffc00 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000015 000000000001df8a ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555694fae90 00005555694fa8f0 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555694eb4b3 00005555694eb3b0 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555694f88d4 00005555694f88d0 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ba0fffffffffffff 041881c184820800 0100000008060601 21bc0fffffffffff ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0210000610003e10 00060272d00f8004 1885818480080001 0000000806060121 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0004100609800310 0280040502800418 8581848008000100 00000806060121ba ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0121b600080009a8 0300080009a00301 0000020806099803 0008000990030000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 010980040881c184 8608000100000008 06060121b6000800 09a80300080009a0 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0301000002080609 9803000800099003 0000000410060980 0310028004050280 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0418858184800800 0100000008060601 21ba021000061000 3e1000060272d00f ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8004188581848008 0001000000080606 0121ba0fffffffff ffff041881c18482 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=00000000000e0dff RBX=0000000000000003 RCX=ffffffff8b7bb449 RDX=0000000000000000 RSI=ffffffff8dc0590b RDI=ffffffff8bf52e80 RBP=ffffed1003bdc000 RSP=ffffc90000197df8 R8 =0000000000000001 R9 =ffffed100d4e663d R10=ffff88806a7331eb R11=0000000000000001 R12=0000000000000003 R13=ffff88801dee0000 R14=ffffffff90878750 R15=0000000000000000 RIP=ffffffff8b7b9faf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6c70000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f83361b7bac CR3=000000004bebd000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000080040001 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff7de4e1d0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdb21e11a8a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdb21e11a97 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdb21e11a91 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdb21e11aa5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdb21e11b2b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdb21e11c09 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0063696e61703d73 726f727265006f72 2d746e756f6d6572 3d73726f72726500 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00464c4b44551856 574a575740004a57 08514b504a484057 1856574a57574000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000060 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000