last executing test programs: 2.317826007s ago: executing program 3 (id=444): socket$kcm(0x10, 0x2, 0x4) socket$nl_generic(0x10, 0x3, 0x10) socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) memfd_secret(0x0) fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) r1 = syz_io_uring_setup(0x19f2, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000140)=0x0, &(0x7f0000000100)=0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000040)={'syztnl0\x00', &(0x7f0000000180)={'syztnl0\x00', 0x0, 0x14, 0x0, 0x0, 0x0, 0x2b, @empty, @empty}}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='pids.events\x00', 0x275a, 0x0) write$UHID_CREATE2(r5, &(0x7f0000000180)=ANY=[@ANYRES64=r4], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, r5, 0x0, r0}) io_uring_enter(r1, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 2.261974122s ago: executing program 3 (id=446): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TLS_TX(r0, 0x11e, 0x1, &(0x7f0000000180)=@gcm_128={{0x304}, "e85c7fe3263c820d", "b592f2403565485c0403e559f2d2d966", "51346fda", "7a749084e6e48900"}, 0x28) listen(r0, 0x0) 2.188185972s ago: executing program 3 (id=448): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/diskstats\x00', 0x0, 0x0) r1 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) sendfile(r1, r0, 0x0, 0x3fffff) 2.187965846s ago: executing program 3 (id=449): r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000180)={@private2, 0x800, 0x0, 0x2, 0x1}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000040)={@mcast2, 0x800, 0x0, 0x2, 0x0, 0x6109, 0xc2}, 0x20) 2.138069666s ago: executing program 3 (id=450): syz_usb_connect(0x1, 0x3d, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f790209050e0320000980070705ab0b78"], 0x0) r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) writev(r0, &(0x7f0000000480)=[{&(0x7f0000000040)=',', 0x1}, {&(0x7f0000000080)="ecfa69e27e48ea8e96b4f3abb9dc3d9ac49dcf47079d0598373c7640a36a9af6db689726623b3943c8a6b524551cf5edae7e1607334d48790d522604a41c591b4c05f8b2eb822d5b87613510fae9804b3f", 0x51}], 0x2) 1.527689771s ago: executing program 0 (id=461): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000002140)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x40, r1, 0x5, 0x0, 0x2000000, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_MESH_SETUP={0x4}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_MESH_SETUP={0x4}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x9}]}, 0x40}}, 0x0) 1.448328254s ago: executing program 0 (id=463): fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000000)='+c!:x$,}%)\x00', 0x0, 0xffffffffffffffff) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) r0 = socket$inet(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000000)={'wg2\x00', {0x2, 0x4e23, @remote}}) 1.36320284s ago: executing program 0 (id=464): r0 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0x1, @empty, 0x0, 0x3}, 0x20) connect$l2tp6(r0, &(0x7f0000000f40)={0xa, 0x0, 0x4, @empty, 0x0, 0x800000}, 0x20) getsockname$l2tp6(r0, 0x0, &(0x7f0000000280)) 1.363018271s ago: executing program 0 (id=465): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002ac0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc8734c295cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f244a3c307145452ce64dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c65070020d7df0abc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3593], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000600)='rcu_utilization\x00', r0}, 0x18) timerfd_create(0x9, 0x80800) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x8085) r2 = socket$inet_udp(0x2, 0x2, 0x0) sendmmsg$sock(r2, &(0x7f00000011c0)=[{{&(0x7f0000000180)=@in={0x2, 0x4e24, @private=0xa010102}, 0x80, 0x0, 0x0, &(0x7f0000000740)=[@txtime={{0x18, 0x1, 0x25, 0x5}}], 0x18}}], 0x1, 0x4044) bpf$MAP_CREATE(0x0, 0x0, 0x48) gettid() timer_create(0x4, 0x0, &(0x7f0000bbdffc)) r3 = semget$private(0x0, 0x6, 0x0) semop(r3, &(0x7f00000000c0)=[{0x0, 0xc63e}, {0x4, 0x4, 0x1800}], 0x2) semctl$GETZCNT(r3, 0x0, 0xf, 0x0) 907.75216ms ago: executing program 3 (id=466): r0 = syz_usb_connect$printer(0x0, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000000000402505a8a440000102030109021b00010100c00009040000020701010009050102"], 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f00000011c0)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x20, 0x0, 0x1}}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, 0x0) 463.492048ms ago: executing program 2 (id=468): r0 = socket$inet6(0xa, 0x3, 0x5) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800, 0x0, 0x3, 0x9}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000000)=0xffffffc3, 0x4) sendmmsg(r0, &(0x7f0000001a00)=[{{&(0x7f0000000180)=@l2tp6={0xa, 0x500, 0x80000, @remote, 0x0, 0x6}, 0x80, 0x0}, 0x5b4}, {{&(0x7f0000000580)=@l2tp6={0xa, 0x0, 0x7080000, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x6, 0x1}, 0x80, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="10"], 0x10}}], 0x2, 0x0) 463.404048ms ago: executing program 0 (id=469): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10) setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000100)=@assoc_value={r1}, 0x8) 463.329209ms ago: executing program 2 (id=470): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8800, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x14) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000180)=0x7) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) 367.843442ms ago: executing program 0 (id=471): ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000040)={0x0, 0x8000000, 0x0, 'queue0\x00'}) r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0xf8}, 0x1, 0x0, 0x0, 0x814}, 0x0) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x278, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x1a8, 0xffffffff, 0xffffffff, 0x1a8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0xd}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [0xffffff00, 0xff000000, 0xff, 0xff000000], [0xff000000, 0x7f, 0xff000000, 0xff], 'macvtap0\x00', 'vlan1\x00', {0xff}, {}, 0x2e, 0x3, 0x3, 0x4}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [0x0, 0x0, 0x0, 0xff000000], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x2d8) syz_usb_control_io(r0, 0x0, &(0x7f0000000240)={0x84, &(0x7f0000000340)=ANY=[@ANYRES8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @loopback}}, 0x0, 0x2, 0x7, 0x0, "00000000eabb000003a8a40000000000004000e5ffffffffffffff000000000010000000000000000000000000000008000000000000000080010000000048004000"}, 0xd8) bind$inet(r2, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r2, 0x0, 0xffffffffffffff7c, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) creat(&(0x7f0000000040)='./file0\x00', 0x81) r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$FS_IOC_GETVERSION(r3, 0xc0145b0e, &(0x7f0000000040)) dup(0xffffffffffffffff) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]}) close_range(r4, 0xffffffffffffffff, 0x0) bind$xdp(0xffffffffffffffff, 0x0, 0x0) 367.394745ms ago: executing program 1 (id=473): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000200)={0x0, @in6={{0xa, 0x4e23, 0x200, @loopback, 0x7}}, 0x7f, 0x8, 0x8001, 0x0, 0xffffff44}, &(0x7f0000000040)=0x98) 308.329678ms ago: executing program 1 (id=474): mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) open$dir(&(0x7f0000000480)='./file0\x00', 0x103680, 0x20) r0 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) r2 = inotify_init1(0x0) inotify_add_watch(r2, &(0x7f00000000c0)='.\x00', 0x4000000e) ftruncate(r1, 0x2000009) sendfile(r0, r1, 0x0, 0x6) mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x0) r3 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0xa) open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) r4 = creat(&(0x7f0000000000)='./bus\x00', 0x0) tee(r3, r4, 0x3, 0x0) 248.290142ms ago: executing program 2 (id=482): r0 = socket$packet(0x11, 0x2, 0x300) sendmmsg$sock(r0, &(0x7f0000000840)=[{{&(0x7f0000000640)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x43, 0x4, 0x3}}, 0x80, 0x0}}], 0x1, 0x4) 246.554815ms ago: executing program 2 (id=483): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x30, r1, 0x1, 0x70bd2d, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_STA_VLAN={0x8, 0x14, r2}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x0) 169.598084ms ago: executing program 1 (id=475): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r2 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x0, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r1, r3, 0x1, 0x0, @void}, 0x10) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r4, 0x3) setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10) syz_emit_ethernet(0x36, &(0x7f0000000340)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0) syz_emit_ethernet(0x38, &(0x7f0000000580)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2a, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x4}, {"c516"}}}}}}, 0x0) 163.603942ms ago: executing program 1 (id=476): rt_sigprocmask(0x0, &(0x7f0000000000)={[0xffffffff7ffffffd]}, 0x0, 0x8) r0 = gettid() timer_create(0x3, &(0x7f000049efa0)={0x0, 0x14, 0x4, @tid=r0}, &(0x7f0000044000)=0x0) timer_settime(0x0, 0x236bd4336e4642df, &(0x7f0000000300)={{0x0, 0x1}, {0x0, 0xe4c}}, 0x0) r2 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r3, 0x5452, &(0x7f0000b28000)=0x3) timer_delete(r1) fcntl$setsig(r3, 0xa, 0x12) poll(&(0x7f0000b2c000)=[{r4}], 0x2c, 0xffffffffffbffff8) dup2(r3, r4) fcntl$setown(r3, 0x8, r2) tkill(r2, 0x13) 163.277267ms ago: executing program 2 (id=477): write$binfmt_aout(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0xc8) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x15) ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000002c0)=0x7e) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000540)=0x9) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)=0x3) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000300)) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x9) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x7e) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0x541b, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x4, 0x8040000000000000}) close_range(r2, 0xffffffffffffffff, 0x0) 131.635295ms ago: executing program 2 (id=478): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @broadcast}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x13dab808ea1e0d, 0x0) close(r2) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0xa0800, 0x0) close(r3) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r3, 0x8943, &(0x7f0000000100)={'syzkaller0\x00'}) ioctl$SIOCSIFHWADDR(r2, 0x8943, &(0x7f0000002280)={'syzkaller0\x00', @random="110000000002"}) 28.291584ms ago: executing program 1 (id=479): syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0) socket$igmp6(0xa, 0x3, 0x2) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf) ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0) ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, 0x0, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000}) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, 0x0) ioctl$IOMMU_TEST_OP_ACCESS_PAGES(0xffffffffffffffff, 0x3ba0, 0x0) ioctl$IOMMU_IOAS_UNMAP$ALL(0xffffffffffffffff, 0x3b86, &(0x7f0000000180)={0x18}) ioctl$TCFLSH(r0, 0x400455c8, 0x4) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) 0s ago: executing program 1 (id=480): r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$rds(0x15, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r1, 0x114, 0x8, &(0x7f0000000000)=0x2, 0x4) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="180000000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94) socket$nl_netfilter(0x10, 0x3, 0xc) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000012c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000200)={@fallback=r0, 0xffffffffffffffff, 0x0, 0x0, 0x0, @void, @value=r2}, 0x20) socket$kcm(0x10, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000500)={'tunl0\x00'}) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) connect$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x8ef, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) r4 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4) ioctl$sock_bt_bnep_BNEPCONNADD(r4, 0x400442c8, &(0x7f00000000c0)=ANY=[@ANYRES32=r3]) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', 0x0}) r6 = socket$inet6_udp(0xa, 0x2, 0x0) r7 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) ioctl$SG_GET_PACK_ID(r7, 0x227c, &(0x7f0000000980)) connect$inet6(r6, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback, 0x503}, 0x1c) getsockopt$inet6_mreq(r6, 0x29, 0x10, 0x0, &(0x7f00000000c0)) r8 = openat$hpet(0xffffffffffffff9c, &(0x7f0000002500), 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r8, 0x80186803, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x3, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r5, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) kernel console output (not intermixed with test programs): [ 38.108334][ T40] audit: type=1400 audit(1746319056.106:80): avc: denied { write } for pid=5836 comm="sh" path="pipe:[1863]" dev="pipefs" ino=1863 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 38.117431][ T40] audit: type=1400 audit(1746319056.106:81): avc: denied { rlimitinh } for pid=5836 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 38.124946][ T40] audit: type=1400 audit(1746319056.106:82): avc: denied { siginh } for pid=5836 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 39.266569][ T40] audit: type=1400 audit(1746319057.276:83): avc: denied { read } for pid=5325 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 39.275621][ T40] audit: type=1400 audit(1746319057.276:84): avc: denied { append } for pid=5325 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 39.283641][ T40] audit: type=1400 audit(1746319057.276:85): avc: denied { open } for pid=5325 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 39.290853][ T40] audit: type=1400 audit(1746319057.276:86): avc: denied { getattr } for pid=5325 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 Warning: Permanently added '[localhost]:25954' (ED25519) to the list of known hosts. [ 40.192566][ T40] audit: type=1400 audit(1746319058.196:87): avc: denied { name_bind } for pid=5846 comm="sshd" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 42.107608][ T5848] cgroup: Unknown subsys name 'net' [ 42.256740][ T5848] cgroup: Unknown subsys name 'cpuset' [ 42.261186][ T5848] cgroup: Unknown subsys name 'rlimit' [ 42.437857][ T5912] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 43.115735][ T5848] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 45.912418][ T40] kauditd_printk_skb: 17 callbacks suppressed [ 45.912432][ T40] audit: type=1400 audit(1746319063.916:105): avc: denied { execmem } for pid=5923 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 46.068099][ T40] audit: type=1400 audit(1746319064.066:106): avc: denied { create } for pid=5926 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 46.074394][ T40] audit: type=1400 audit(1746319064.066:107): avc: denied { read write } for pid=5926 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 46.082157][ T40] audit: type=1400 audit(1746319064.066:108): avc: denied { open } for pid=5926 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 46.090074][ T40] audit: type=1400 audit(1746319064.076:109): avc: denied { ioctl } for pid=5928 comm="syz-executor" path="socket:[6331]" dev="sockfs" ino=6331 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 46.104935][ T5932] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 46.110732][ T5938] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 46.113173][ T5938] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 46.114293][ T5935] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 46.115913][ T5938] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 46.117589][ T5935] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 46.119920][ T5938] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 46.122703][ T5942] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 46.125176][ T5938] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 46.127141][ T5942] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 46.129268][ T5938] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 46.129809][ T5940] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 46.131008][ T5942] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 46.132750][ T5938] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 46.134236][ T5935] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 46.134623][ T5935] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 46.144738][ T40] audit: type=1400 audit(1746319064.156:110): avc: denied { read } for pid=5934 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 46.146690][ T5935] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 46.154025][ T40] audit: type=1400 audit(1746319064.156:111): avc: denied { open } for pid=5934 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 46.155570][ T5935] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 46.161739][ T5941] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 46.167950][ T5933] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 46.168956][ T40] audit: type=1400 audit(1746319064.156:112): avc: denied { mounton } for pid=5934 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 46.402223][ T40] audit: type=1400 audit(1746319064.406:113): avc: denied { module_request } for pid=5928 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 46.464316][ T5928] chnl_net:caif_netlink_parms(): no params data found [ 46.471904][ T5934] chnl_net:caif_netlink_parms(): no params data found [ 46.498081][ T5926] chnl_net:caif_netlink_parms(): no params data found [ 46.522635][ T5937] chnl_net:caif_netlink_parms(): no params data found [ 46.788099][ T5934] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.790269][ T5934] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.792471][ T5934] bridge_slave_0: entered allmulticast mode [ 46.795550][ T5934] bridge_slave_0: entered promiscuous mode [ 46.799158][ T5928] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.801976][ T5928] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.804558][ T5928] bridge_slave_0: entered allmulticast mode [ 46.807050][ T5928] bridge_slave_0: entered promiscuous mode [ 46.810000][ T5928] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.812134][ T5928] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.815404][ T5928] bridge_slave_1: entered allmulticast mode [ 46.817876][ T5928] bridge_slave_1: entered promiscuous mode [ 46.820538][ T5937] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.823523][ T5937] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.826829][ T5937] bridge_slave_0: entered allmulticast mode [ 46.830561][ T5937] bridge_slave_0: entered promiscuous mode [ 46.835080][ T5937] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.838000][ T5937] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.840342][ T5937] bridge_slave_1: entered allmulticast mode [ 46.843007][ T5937] bridge_slave_1: entered promiscuous mode [ 46.845444][ T5926] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.847665][ T5926] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.850388][ T5926] bridge_slave_0: entered allmulticast mode [ 46.854227][ T5926] bridge_slave_0: entered promiscuous mode [ 46.857391][ T5934] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.859661][ T5934] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.861834][ T5934] bridge_slave_1: entered allmulticast mode [ 46.865438][ T5934] bridge_slave_1: entered promiscuous mode [ 46.951509][ T5926] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.953843][ T5926] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.956209][ T5926] bridge_slave_1: entered allmulticast mode [ 46.958759][ T5926] bridge_slave_1: entered promiscuous mode [ 46.989361][ T5928] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.993387][ T5937] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 47.017393][ T5934] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 47.021942][ T5928] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.026254][ T5937] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.030418][ T5926] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 47.035898][ T5934] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.087373][ T5926] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.121499][ T5937] team0: Port device team_slave_0 added [ 47.166011][ T5928] team0: Port device team_slave_0 added [ 47.169299][ T5937] team0: Port device team_slave_1 added [ 47.190081][ T5934] team0: Port device team_slave_0 added [ 47.193822][ T5928] team0: Port device team_slave_1 added [ 47.210700][ T5926] team0: Port device team_slave_0 added [ 47.213679][ T5934] team0: Port device team_slave_1 added [ 47.254439][ T5926] team0: Port device team_slave_1 added [ 47.283018][ T5937] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.287437][ T5937] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.296466][ T5937] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.328248][ T5934] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.330612][ T5934] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.339814][ T5934] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.343543][ T5928] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.345808][ T5928] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.353889][ T5928] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.357751][ T5937] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.359859][ T5937] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.367501][ T5937] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.371594][ T5926] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.373688][ T5926] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.381167][ T5926] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.385538][ T5934] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.387674][ T5934] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.396652][ T5934] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.400959][ T5928] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.403199][ T5928] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.411113][ T5928] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.433233][ T5926] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.436246][ T5926] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.443803][ T5926] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.489798][ T5926] hsr_slave_0: entered promiscuous mode [ 47.491957][ T5926] hsr_slave_1: entered promiscuous mode [ 47.585641][ T5934] hsr_slave_0: entered promiscuous mode [ 47.587776][ T5934] hsr_slave_1: entered promiscuous mode [ 47.589794][ T5934] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 47.592166][ T5934] Cannot create hsr debugfs directory [ 47.598026][ T5937] hsr_slave_0: entered promiscuous mode [ 47.601068][ T5937] hsr_slave_1: entered promiscuous mode [ 47.603847][ T5937] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 47.608889][ T5937] Cannot create hsr debugfs directory [ 47.678093][ T5928] hsr_slave_0: entered promiscuous mode [ 47.680391][ T5928] hsr_slave_1: entered promiscuous mode [ 47.682816][ T5928] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 47.685609][ T5928] Cannot create hsr debugfs directory [ 48.003518][ T5926] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 48.009534][ T5926] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 48.014095][ T5926] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 48.022692][ T5926] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 48.049903][ T5928] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 48.054955][ T5928] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 48.058843][ T5928] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 48.063417][ T5928] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 48.098861][ T5934] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 48.103635][ T5934] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 48.108957][ T5934] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 48.121228][ T5934] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 48.161898][ T5937] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 48.172165][ T5937] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 48.177304][ T5937] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 48.180970][ T5937] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 48.195154][ T5926] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.204414][ T5935] Bluetooth: hci2: command tx timeout [ 48.214340][ T5935] Bluetooth: hci0: command tx timeout [ 48.214506][ T67] Bluetooth: hci3: command tx timeout [ 48.214601][ T5933] Bluetooth: hci1: command tx timeout [ 48.232890][ T5926] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.244827][ T5928] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.248995][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.252098][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.263529][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.265715][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.287320][ T5928] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.312038][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.314981][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.324582][ T5934] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.336067][ T1140] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.338927][ T1140] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.375794][ T5934] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.385550][ T5937] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.403401][ T5937] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.406103][ T40] audit: type=1400 audit(1746319066.406:114): avc: denied { sys_module } for pid=5926 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 48.418271][ T93] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.421092][ T93] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.426350][ T93] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.429081][ T93] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.448037][ T1140] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.451005][ T1140] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.467638][ T1140] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.470352][ T1140] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.531139][ T5926] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.567364][ T5926] veth0_vlan: entered promiscuous mode [ 48.573206][ T5926] veth1_vlan: entered promiscuous mode [ 48.593422][ T5926] veth0_macvtap: entered promiscuous mode [ 48.601360][ T5926] veth1_macvtap: entered promiscuous mode [ 48.608839][ T5928] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.626074][ T5926] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.632484][ T5926] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.640520][ T5926] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.643188][ T5926] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.645980][ T5926] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.648859][ T5926] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.655324][ T5937] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.662252][ T5934] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.695067][ T5928] veth0_vlan: entered promiscuous mode [ 48.708802][ T5928] veth1_vlan: entered promiscuous mode [ 48.725585][ T5934] veth0_vlan: entered promiscuous mode [ 48.732298][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.735642][ T5937] veth0_vlan: entered promiscuous mode [ 48.738486][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.744160][ T5934] veth1_vlan: entered promiscuous mode [ 48.757737][ T5937] veth1_vlan: entered promiscuous mode [ 48.761944][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.769091][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.769710][ T5928] veth0_macvtap: entered promiscuous mode [ 48.780736][ T5928] veth1_macvtap: entered promiscuous mode [ 48.795802][ T5928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 48.799873][ T5928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.805661][ T5928] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.811579][ T5934] veth0_macvtap: entered promiscuous mode [ 48.812799][ T5926] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 48.826707][ T5937] veth0_macvtap: entered promiscuous mode [ 48.830847][ T5928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 48.834181][ T5928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.837863][ T5928] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.840922][ T5934] veth1_macvtap: entered promiscuous mode [ 48.849274][ T5937] veth1_macvtap: entered promiscuous mode [ 48.855811][ T5928] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.858596][ T5928] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.861285][ T5928] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.864266][ T5928] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.900126][ T5934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 48.904385][ T5934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.907466][ T5934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 48.910759][ T5934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.915357][ T5934] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.918091][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 48.921649][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.924921][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 48.928042][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.930922][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 48.934092][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.938025][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.953823][ T5934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 48.957205][ T5934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.960296][ T5934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 48.963433][ T5934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.967944][ T5934] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.971449][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 48.975671][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.979462][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 48.983687][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.987303][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 48.990833][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.994922][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.001802][ T5937] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.005144][ T5937] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.007789][ T5937] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.010386][ T5937] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.016828][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.019633][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.022362][ T5934] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.026707][ T5934] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.030146][ T5934] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.033563][ T5934] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.067214][ T1144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.069711][ T1144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.091214][ T1144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.093815][ T1144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.113467][ T93] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.123257][ T93] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.139813][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.142154][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.159172][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.161562][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.203663][ T5999] netlink: 277 bytes leftover after parsing attributes in process `syz.0.1'. [ 49.374117][ T1020] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 49.524461][ T1020] usb 7-1: Using ep0 maxpacket: 16 [ 49.528624][ T1020] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 49.533358][ T1020] usb 7-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 7.79 [ 49.536281][ T1020] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 49.538608][ T1020] usb 7-1: Product: syz [ 49.539850][ T1020] usb 7-1: Manufacturer: syz [ 49.541257][ T1020] usb 7-1: SerialNumber: syz [ 49.544730][ T1020] usb 7-1: config 0 descriptor?? [ 49.654170][ T5995] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 49.807717][ T5994] netlink: 'syz.2.3': attribute type 12 has an invalid length. [ 49.814134][ T5995] usb 6-1: Using ep0 maxpacket: 8 [ 49.817114][ T5995] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 49.820059][ T5995] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 49.824043][ T5995] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 49.827005][ T5995] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 49.831036][ T5995] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 49.833734][ T5995] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 49.905100][ T1020] usb 7-1: Cannot retrieve CPort count: -71 [ 49.908541][ T1020] usb 7-1: Cannot retrieve CPort count: -71 [ 49.910409][ T1020] es2_ap_driver 7-1:0.0: probe with driver es2_ap_driver failed with error -71 [ 49.915518][ T1020] usb 7-1: USB disconnect, device number 2 [ 50.047479][ T5995] usb 6-1: GET_CAPABILITIES returned 0 [ 50.049202][ T5995] usbtmc 6-1:16.0: can't read capabilities [ 50.252122][ C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 50.254954][ C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 50.257659][ C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 50.260315][ C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 50.263619][ C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 50.266396][ C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 50.269038][ C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 50.271720][ C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 50.274417][ C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 50.277084][ C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 50.279752][ C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 50.283215][ C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 50.284229][ T67] Bluetooth: hci3: command tx timeout [ 50.285951][ C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 50.290728][ C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 50.293437][ C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 50.294409][ T67] Bluetooth: hci1: command tx timeout [ 50.296113][ C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 50.296351][ T5935] Bluetooth: hci0: command tx timeout [ 50.307947][ T5987] usb 6-1: USB disconnect, device number 2 [ 50.511823][ T6029] ERROR: device name not specified. [ 51.461943][ T40] kauditd_printk_skb: 55 callbacks suppressed [ 51.461958][ T40] audit: type=1400 audit(1746319069.466:170): avc: denied { perfmon } for pid=6049 comm="syz.3.21" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 51.474459][ T40] audit: type=1400 audit(1746319069.476:171): avc: denied { prog_run } for pid=6049 comm="syz.3.21" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 51.493734][ T40] audit: type=1400 audit(1746319069.496:172): avc: denied { map_read map_write } for pid=6049 comm="syz.3.21" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 51.634049][ T5969] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 51.794139][ T5969] usb 5-1: Using ep0 maxpacket: 32 [ 51.797125][ T5969] usb 5-1: config 0 has an invalid interface number: 199 but max is 0 [ 51.799334][ T40] audit: type=1400 audit(1746319069.806:173): avc: denied { write } for pid=6059 comm="syz.3.25" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 51.799614][ T5969] usb 5-1: config 0 has no interface number 0 [ 51.809569][ T5969] usb 5-1: config 0 interface 199 has no altsetting 0 [ 51.817090][ T5969] usb 5-1: New USB device found, idVendor=1ac7, idProduct=0001, bcdDevice=d2.77 [ 51.819879][ T5969] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 51.822272][ T5969] usb 5-1: Product: syz [ 51.823523][ T5969] usb 5-1: Manufacturer: syz [ 51.825242][ T5969] usb 5-1: SerialNumber: syz [ 51.828102][ T5969] usb 5-1: config 0 descriptor?? [ 51.832588][ T5969] usbtouchscreen 5-1:0.199: probe with driver usbtouchscreen failed with error -32 [ 51.964255][ T9] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 52.025187][ T1119] sr 2:0:0:0: [sr0] tag#5 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 52.028275][ T1119] sr 2:0:0:0: [sr0] tag#5 Sense Key : Illegal Request [current] [ 52.030613][ T1119] sr 2:0:0:0: [sr0] tag#5 Add. Sense: Invalid command operation code [ 52.033190][ T1119] sr 2:0:0:0: [sr0] tag#5 CDB: Write(10) 2a 00 00 00 00 00 00 00 02 00 [ 52.035885][ T1119] critical target error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 52.036984][ T40] audit: type=1400 audit(1746319070.046:174): avc: denied { connect } for pid=6045 comm="syz.0.20" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 52.039124][ T1119] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 52.114204][ T9] usb 6-1: Using ep0 maxpacket: 8 [ 52.121426][ T9] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 52.126035][ T9] usb 6-1: config 0 has no interfaces? [ 52.127964][ T40] audit: type=1400 audit(1746319070.136:175): avc: denied { create } for pid=6066 comm="syz.3.28" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 52.131458][ T9] usb 6-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 52.135922][ T40] audit: type=1400 audit(1746319070.136:176): avc: denied { write } for pid=6066 comm="syz.3.28" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 52.139717][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 52.150186][ T9] usb 6-1: Product: syz [ 52.151804][ T9] usb 6-1: Manufacturer: syz [ 52.153651][ T9] usb 6-1: SerialNumber: syz [ 52.154540][ T40] audit: type=1400 audit(1746319070.166:177): avc: denied { unmount } for pid=5926 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 52.168552][ T9] usb 6-1: config 0 descriptor?? [ 52.206487][ T64] Bluetooth: hci4: Frame reassembly failed (-84) [ 52.374330][ T5933] Bluetooth: hci3: command tx timeout [ 52.375133][ T5941] Bluetooth: hci1: command tx timeout [ 52.375220][ T5932] Bluetooth: hci0: command tx timeout [ 52.484799][ T40] audit: type=1400 audit(1746319070.486:178): avc: denied { read write } for pid=6057 comm="syz.1.24" name="video8" dev="devtmpfs" ino=976 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 52.491900][ T40] audit: type=1400 audit(1746319070.496:179): avc: denied { open } for pid=6057 comm="syz.1.24" path="/dev/video8" dev="devtmpfs" ino=976 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 52.554123][ T5995] usb 5-1: USB disconnect, device number 2 [ 53.325117][ T5935] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 53.329353][ T5935] Bluetooth: hci2: Injecting HCI hardware error event [ 53.333440][ T5935] Bluetooth: hci2: hardware error 0x00 [ 53.619333][ T9] hid-generic 0005:10CF:0009.0002: unknown main item tag 0x0 [ 53.634217][ T9] hid-generic 0005:10CF:0009.0002: hidraw1: BLUETOOTH HID v0.09 Device [syz1] on aa:aa:aa:aa:aa:aa [ 53.687455][ T5941] Bluetooth: hci2: unexpected event for opcode 0x2011 [ 53.844762][ T6090] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue [ 54.294146][ T5941] Bluetooth: hci4: command 0x1003 tx timeout [ 54.294796][ T67] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 54.444475][ T67] Bluetooth: hci0: command tx timeout [ 54.444746][ T5941] Bluetooth: hci1: command 0x0419 tx timeout [ 54.445677][ T5933] Bluetooth: hci3: command tx timeout [ 54.553476][ T6108] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 54.553476][ T6108] The task syz.2.43 (6108) triggered the difference, watch for misbehavior. [ 54.572974][ T6105] syzkaller0: entered promiscuous mode [ 54.575333][ T6105] syzkaller0: entered allmulticast mode [ 55.119574][ T5968] usb 6-1: USB disconnect, device number 3 [ 55.152792][ T6114] Zero length message leads to an empty skb [ 55.159679][ T5941] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 55.404161][ T5935] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 56.151432][ T6181] netlink: 'syz.3.67': attribute type 10 has an invalid length. [ 56.167823][ T6181] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 56.242451][ T5935] Bluetooth: hci0: unexpected subevent 0x06 length: 5 < 10 [ 56.347573][ T5935] Bluetooth: unknown link type 52 [ 56.349666][ T5935] Bluetooth: hci3: connection err: -111 [ 56.524047][ T5935] Bluetooth: hci1: command 0x0419 tx timeout [ 56.634071][ T9] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 56.724213][ T40] kauditd_printk_skb: 32 callbacks suppressed [ 56.724224][ T40] audit: type=1400 audit(1746319074.736:212): avc: denied { append } for pid=6207 comm="syz.2.79" name="v4l-subdev7" dev="devtmpfs" ino=972 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 56.796749][ T9] usb 6-1: config 0 has an invalid interface number: 255 but max is 0 [ 56.801147][ T9] usb 6-1: config 0 has no interface number 0 [ 56.803692][ T9] usb 6-1: config 0 interface 255 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 56.808689][ T9] usb 6-1: config 0 interface 255 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 56.814531][ T9] usb 6-1: New USB device found, idVendor=10cf, idProduct=8065, bcdDevice=91.79 [ 56.817966][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 56.820748][ T9] usb 6-1: Product: syz [ 56.822123][ T9] usb 6-1: Manufacturer: syz [ 56.823610][ T9] usb 6-1: SerialNumber: syz [ 56.827367][ T9] usb 6-1: config 0 descriptor?? [ 56.834931][ T9] vmk80xx 6-1:0.255: driver 'vmk80xx' failed to auto-configure device. [ 56.839637][ T9] vmk80xx 6-1:0.255: probe with driver vmk80xx failed with error -22 [ 57.024078][ T5968] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 57.035930][ T9] usb 6-1: USB disconnect, device number 4 [ 57.184047][ T5968] usb 7-1: Using ep0 maxpacket: 32 [ 57.189662][ T5968] usb 7-1: unable to get BOS descriptor or descriptor too short [ 57.193180][ T5968] usb 7-1: config index 0 descriptor too short (expected 34347, got 43) [ 57.196810][ T5968] usb 7-1: config 31 has too many interfaces: 196, using maximum allowed: 32 [ 57.200351][ T5968] usb 7-1: config 31 has an invalid descriptor of length 0, skipping remainder of the config [ 57.203598][ T5968] usb 7-1: config 31 has 1 interface, different from the descriptor's value: 196 [ 57.206502][ T5968] usb 7-1: config 31 has no interface number 0 [ 57.208592][ T5968] usb 7-1: config 31 interface 81 altsetting 3 has an endpoint descriptor with address 0x93, changing to 0x83 [ 57.212138][ T5968] usb 7-1: config 31 interface 81 altsetting 3 bulk endpoint 0x83 has invalid maxpacket 1 [ 57.215318][ T5968] usb 7-1: config 31 interface 81 has no altsetting 0 [ 57.220082][ T5968] usb 7-1: string descriptor 0 read error: -22 [ 57.222317][ T5968] usb 7-1: New USB device found, idVendor=0dfc, idProduct=0001, bcdDevice=24.ac [ 57.225651][ T5968] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 57.230284][ T6212] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 57.236705][ T5968] input: USB Touchscreen 0dfc:0001 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:31.81/input/input6 [ 57.243682][ T40] audit: type=1400 audit(1746319075.246:213): avc: denied { read } for pid=5328 comm="acpid" name="mouse2" dev="devtmpfs" ino=2799 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 57.253641][ T40] audit: type=1400 audit(1746319075.246:214): avc: denied { open } for pid=5328 comm="acpid" path="/dev/input/mouse2" dev="devtmpfs" ino=2799 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 57.264168][ T40] audit: type=1400 audit(1746319075.256:215): avc: denied { ioctl } for pid=5328 comm="acpid" path="/dev/input/mouse2" dev="devtmpfs" ino=2799 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 57.294429][ T57] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 57.339571][ T6228] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 57.346919][ T40] audit: type=1400 audit(1746319075.356:216): avc: denied { write } for pid=6227 comm="syz.3.88" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 57.411381][ T40] audit: type=1400 audit(1746319075.416:217): avc: denied { create } for pid=6233 comm="syz.3.91" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 57.418522][ T40] audit: type=1400 audit(1746319075.426:218): avc: denied { bind } for pid=6233 comm="syz.3.91" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 57.436439][ T40] audit: type=1400 audit(1746319075.446:219): avc: denied { read write } for pid=6211 comm="syz.2.81" name="mice" dev="devtmpfs" ino=939 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1 [ 57.437819][ T6236] IPv6: NLM_F_REPLACE set, but no existing node found! [ 57.444037][ T40] audit: type=1400 audit(1746319075.446:220): avc: denied { open } for pid=6211 comm="syz.2.81" path="/dev/input/mice" dev="devtmpfs" ino=939 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1 [ 57.464685][ T57] usb 5-1: Using ep0 maxpacket: 16 [ 57.467522][ T57] usb 5-1: config 0 has an invalid interface number: 145 but max is 0 [ 57.470373][ T57] usb 5-1: config 0 has no interface number 0 [ 57.474436][ T57] usb 5-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25 [ 57.477465][ T57] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 57.480076][ T57] usb 5-1: Product: syz [ 57.481487][ T57] usb 5-1: Manufacturer: syz [ 57.483269][ T57] usb 5-1: SerialNumber: syz [ 57.487040][ T57] usb 5-1: config 0 descriptor?? [ 57.490230][ T57] hub 5-1:0.145: bad descriptor, ignoring hub [ 57.492256][ T57] hub 5-1:0.145: probe with driver hub failed with error -5 [ 57.496686][ T57] input: bcm5974 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.145/input/input7 [ 57.501390][ T29] usb 7-1: USB disconnect, device number 3 [ 57.730060][ T40] audit: type=1400 audit(1746319075.736:221): avc: denied { create } for pid=6261 comm="syz.1.105" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 57.916758][ T5935] Bluetooth: Wrong link type (-71) [ 58.114011][ T57] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 58.160465][ T6298] geneve2: entered promiscuous mode [ 58.259257][ T6306] binder: 6305:6306 ioctl c0306201 2000000003c0 returned -14 [ 58.264195][ T57] usb 8-1: Using ep0 maxpacket: 8 [ 58.267665][ T57] usb 8-1: config 179 has an invalid interface number: 65 but max is 0 [ 58.271050][ T57] usb 8-1: config 179 has no interface number 0 [ 58.273754][ T57] usb 8-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 64, changing to 10 [ 58.281734][ T57] usb 8-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 1029, setting to 1024 [ 58.286868][ T57] usb 8-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 55, changing to 9 [ 58.295219][ T57] usb 8-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 8496, setting to 1024 [ 58.299866][ T57] usb 8-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 58.305562][ T57] usb 8-1: config 179 interface 65 has no altsetting 0 [ 58.308227][ T57] usb 8-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 58.311577][ T57] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 58.316763][ T6280] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 58.328955][ T57] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:179.65/input/input8 [ 58.404366][ T6222] input input8: unable to receive magic message: -110 [ 58.522732][ T6280] input input8: unable to receive magic message: -32 [ 58.530577][ T6335] netlink: 12 bytes leftover after parsing attributes in process `syz.2.136'. [ 58.531520][ T1020] usb 8-1: USB disconnect, device number 2 [ 58.531541][ C2] xpad 8-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 58.533767][ T6335] netlink: 12 bytes leftover after parsing attributes in process `syz.2.136'. [ 58.555980][ T1020] xpad 8-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 58.657824][ T6350] virtio-pci 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 58.714823][ T6354] Bluetooth: MGMT ver 1.23 [ 59.233237][ T6416] netlink: 'syz.1.168': attribute type 16 has an invalid length. [ 59.236943][ T6416] netlink: 48 bytes leftover after parsing attributes in process `syz.1.168'. [ 59.240776][ T6416] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.294117][ T29] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 59.451364][ T29] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 59.457926][ T29] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 59.461895][ T29] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 59.465137][ T29] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 59.471325][ T6392] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 59.479888][ T29] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 59.678435][ T65] usb 7-1: USB disconnect, device number 4 [ 59.751180][ T6459] netlink: 12 bytes leftover after parsing attributes in process `syz.1.186'. [ 59.802870][ T6463] netlink: 'syz.0.188': attribute type 1 has an invalid length. [ 60.051100][ T6495] usb 1-1: USB disconnect, device number 2 [ 60.257872][ T6528] xt_hashlimit: size too large, truncated to 1048576 [ 60.386142][ T6546] smc: net device bond0 applied user defined pnetid SYZ2 [ 60.395971][ T6550] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 60.398559][ T6550] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 60.411717][ T6550] vhci_hcd vhci_hcd.0: Device attached [ 60.412435][ T6551] usbip_core: unknown command [ 60.412442][ T6551] vhci_hcd: unknown pdu 0 [ 60.412447][ T6551] usbip_core: unknown command [ 60.420256][ T13] vhci_hcd: stop threads [ 60.432481][ T13] vhci_hcd: release socket [ 60.444663][ T13] vhci_hcd: disconnect device [ 60.664068][ T58] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 60.734035][ T5969] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 60.816815][ T58] usb 8-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 60.819616][ T58] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 60.822102][ T58] usb 8-1: Product: syz [ 60.823368][ T58] usb 8-1: Manufacturer: syz [ 60.824966][ T58] usb 8-1: SerialNumber: syz [ 60.828780][ T58] usb 8-1: config 0 descriptor?? [ 60.894081][ T5969] usb 7-1: Using ep0 maxpacket: 8 [ 60.898422][ T5969] usb 7-1: config 179 has an invalid interface number: 65 but max is 0 [ 60.901613][ T5969] usb 7-1: config 179 has no interface number 0 [ 60.904497][ T5969] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 64, changing to 10 [ 60.908842][ T5969] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 1029, setting to 1024 [ 60.913163][ T5969] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 95, changing to 10 [ 60.917893][ T5969] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 17115, setting to 1024 [ 60.922290][ T5969] usb 7-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 60.927712][ T5969] usb 7-1: config 179 interface 65 has no altsetting 0 [ 60.930387][ T5969] usb 7-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 60.933880][ T5969] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 60.940010][ T6565] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 60.950257][ T5969] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:179.65/input/input9 [ 60.987073][ T5968] usb 5-1: USB disconnect, device number 3 [ 61.015199][ T6222] input input9: unable to receive magic message: -110 [ 61.035315][ T5328] input input9: unable to receive magic message: -32 [ 61.036494][ T58] usb 8-1: USB disconnect, device number 3 [ 61.045856][ T5328] input input9: unable to receive magic message: -32 [ 61.053524][ T5328] input input9: unable to receive magic message: -32 [ 61.058667][ T5328] input input9: unable to receive magic message: -32 [ 61.063069][ T5328] input input9: unable to receive magic message: -32 [ 61.071967][ T5328] input input9: unable to receive magic message: -32 [ 61.080602][ T5328] input input9: unable to receive magic message: -32 [ 61.088539][ T5328] input input9: unable to receive magic message: -32 [ 61.096648][ T5328] input input9: unable to receive magic message: -32 [ 61.145651][ T1020] usb 7-1: USB disconnect, device number 5 [ 61.145660][ C2] xpad 7-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 61.152048][ T1020] xpad 7-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 61.681266][ T6600] warning: `syz.2.243' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 61.795424][ T40] kauditd_printk_skb: 82 callbacks suppressed [ 61.795434][ T40] audit: type=1400 audit(1746319079.806:304): avc: denied { sys_chroot } for pid=6614 comm="dhcpcd" capability=18 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1 [ 61.803635][ T40] audit: type=1400 audit(1746319079.806:305): avc: denied { setgid } for pid=6614 comm="dhcpcd" capability=6 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1 [ 61.811468][ T40] audit: type=1400 audit(1746319079.806:306): avc: denied { setuid } for pid=6614 comm="dhcpcd" capability=7 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1 [ 61.817918][ T40] audit: type=1400 audit(1746319079.806:307): avc: denied { setrlimit } for pid=6614 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=process permissive=1 [ 61.823758][ T40] audit: type=1400 audit(1746319079.806:308): avc: denied { map_create } for pid=6615 comm="syz.0.248" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 61.830166][ T40] audit: type=1400 audit(1746319079.806:309): avc: denied { map_read map_write } for pid=6615 comm="syz.0.248" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 61.855123][ T5969] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 61.902998][ T40] audit: type=1400 audit(1746319079.906:310): avc: denied { read } for pid=6624 comm="syz.0.252" name="hpet" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 61.910756][ T40] audit: type=1400 audit(1746319079.906:311): avc: denied { open } for pid=6624 comm="syz.0.252" path="/dev/hpet" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 61.918726][ T40] audit: type=1400 audit(1746319079.916:312): avc: denied { ioctl } for pid=6624 comm="syz.0.252" path="/dev/hpet" dev="devtmpfs" ino=630 ioctlcmd=0x6804 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 61.931942][ T40] audit: type=1400 audit(1746319079.936:313): avc: denied { append } for pid=6626 comm="syz.0.253" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 61.932216][ T6627] random: crng reseeded on system resumption [ 62.014831][ T5969] usb 8-1: too many configurations: 9, using maximum allowed: 8 [ 62.018990][ T5969] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 62.022660][ T5969] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 62.027191][ T5969] usb 8-1: config 0 interface 0 has no altsetting 0 [ 62.030719][ T5969] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 62.034460][ T5969] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 62.038801][ T5969] usb 8-1: config 0 interface 0 has no altsetting 0 [ 62.042264][ T5969] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 62.046028][ T5969] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 62.050248][ T5969] usb 8-1: config 0 interface 0 has no altsetting 0 [ 62.055118][ T5969] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 62.058777][ T5969] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 62.063155][ T5969] usb 8-1: config 0 interface 0 has no altsetting 0 [ 62.067075][ T5969] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 62.070475][ T5969] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 62.073815][ T5969] usb 8-1: config 0 interface 0 has no altsetting 0 [ 62.074623][ T5969] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 62.079882][ T5969] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 62.080479][ T6627] Unrecognized hibernate image header format! [ 62.083859][ T5969] usb 8-1: config 0 interface 0 has no altsetting 0 [ 62.086455][ T6627] PM: hibernation: Image mismatch: architecture specific data [ 62.090037][ T5969] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 62.095159][ T5969] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 62.099468][ T5969] usb 8-1: config 0 interface 0 has no altsetting 0 [ 62.103014][ T5969] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 62.106650][ T5969] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 62.110843][ T5969] usb 8-1: config 0 interface 0 has no altsetting 0 [ 62.115673][ T5969] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 62.119310][ T5969] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 62.122923][ T5969] usb 8-1: Product: syz [ 62.130550][ T5969] usb 8-1: Manufacturer: syz [ 62.132496][ T5969] usb 8-1: SerialNumber: syz [ 62.138124][ T5969] usb 8-1: config 0 descriptor?? [ 62.145252][ T5969] yurex 8-1:0.0: USB YUREX device now attached to Yurex #0 [ 62.346028][ T65] usb 8-1: USB disconnect, device number 4 [ 62.350444][ T65] yurex 8-1:0.0: USB YUREX #0 now disconnected [ 62.560534][ T6635] ipt_rpfilter: only valid in 'raw' or 'mangle' table, not '' [ 62.608233][ T6641] tipc: Enabling not permitted [ 62.610139][ T6641] tipc: Enabling of bearer rejected, failed to enable media [ 62.908412][ T6682] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1538 sclass=netlink_route_socket pid=6682 comm=syz.3.275 [ 63.135796][ T6717] pimreg3: entered allmulticast mode [ 63.227453][ T5935] Bluetooth: hci3: unexpected event for opcode 0x2011 [ 63.296845][ T6746] pimreg: entered allmulticast mode [ 63.448331][ T6766] IPVS: ip_vs_edit_dest(): lower threshold is higher than upper threshold [ 63.448519][ T833] IPVS: starting estimator thread 0... [ 63.556836][ T6767] IPVS: using max 33 ests per chain, 79200 per kthread [ 64.029471][ T6829] macvlan1: entered promiscuous mode [ 64.034728][ T6829] macvlan1: entered allmulticast mode [ 64.111485][ T6839] process 'syz.1.345' launched '/dev/fd/3' with NULL argv: empty string added [ 64.422637][ T6894] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 64.424958][ T6894] IPv6: NLM_F_CREATE should be set when creating new route [ 64.427467][ T6894] IPv6: NLM_F_CREATE should be set when creating new route [ 64.627473][ T6931] IPVS: Error connecting to the multicast addr [ 64.747901][ T6943] xt_hashlimit: size too large, truncated to 1048576 [ 64.760548][ T6945] dvmrp5: entered allmulticast mode [ 64.763780][ T6945] pimreg: left allmulticast mode [ 64.765547][ T6945] dvmrp5: left allmulticast mode [ 65.034159][ T6983] raw_sendmsg: syz.1.405 forgot to set AF_INET. Fix it! [ 65.091703][ T6989] tipc: Started in network mode [ 65.097055][ T6989] tipc: Node identity , cluster identity 4711 [ 65.099547][ T6989] tipc: Failed to set node id, please configure manually [ 65.102571][ T6989] tipc: Enabling of bearer rejected, failed to enable media [ 65.244546][ T7003] ieee802154 phy0 wpan0: encryption failed: -22 [ 65.434715][ T7011] use of bytesused == 0 is deprecated and will be removed in the future, [ 65.438292][ T7011] use the actual size instead. [ 65.738498][ T7028] Bluetooth: MGMT ver 1.23 [ 65.905344][ T7034] xt_CT: You must specify a L4 protocol and not use inversions on it [ 65.942013][ T29] hid-generic 0005:10CF:0009.0003: unknown main item tag 0x0 [ 65.947245][ T29] hid-generic 0005:10CF:0009.0003: hidraw0: BLUETOOTH HID v0.09 Device [syz1] on aa:aa:aa:aa:aa:aa [ 66.539280][ T29] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 66.542192][ T5968] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 66.557377][ T7030] syz.1.424 (7030): drop_caches: 1 [ 66.642243][ T7065] xt_hashlimit: size too large, truncated to 1048576 [ 66.694158][ T29] usb 7-1: Using ep0 maxpacket: 8 [ 66.696264][ T5968] usb 5-1: Using ep0 maxpacket: 16 [ 66.697147][ T29] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 66.700847][ T29] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 66.702760][ T5968] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 66.705155][ T29] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 66.708785][ T5968] usb 5-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 7.79 [ 66.710227][ T29] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 66.713005][ T5968] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 66.717170][ T29] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 66.719352][ T5968] usb 5-1: Product: syz [ 66.722048][ T29] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 66.723307][ T5968] usb 5-1: Manufacturer: syz [ 66.727322][ T5968] usb 5-1: SerialNumber: syz [ 66.731816][ T5968] usb 5-1: config 0 descriptor?? [ 66.809444][ T40] kauditd_printk_skb: 79 callbacks suppressed [ 66.809455][ T40] audit: type=1400 audit(1746319084.816:393): avc: denied { read } for pid=7071 comm="syz.3.447" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 66.848857][ T5935] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 66.933266][ T29] usb 7-1: GET_CAPABILITIES returned 0 [ 66.935058][ T29] usbtmc 7-1:16.0: can't read capabilities [ 66.938044][ T40] audit: type=1400 audit(1746319084.936:394): avc: denied { create } for pid=7081 comm="syz.3.444" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 66.945364][ T40] audit: type=1400 audit(1746319084.946:395): avc: denied { create } for pid=7046 comm="syz.0.429" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 67.002785][ T7048] netlink: 'syz.0.429': attribute type 12 has an invalid length. [ 67.087810][ T5968] usb 5-1: Cannot retrieve CPort count: -71 [ 67.089866][ T5968] usb 5-1: Cannot retrieve CPort count: -71 [ 67.091678][ T5968] es2_ap_driver 5-1:0.0: probe with driver es2_ap_driver failed with error -71 [ 67.098995][ T5968] usb 5-1: USB disconnect, device number 4 [ 67.137635][ C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 67.141261][ C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 67.145046][ C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 67.148697][ C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 67.152346][ C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 67.155938][ C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 67.159579][ C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 67.163295][ C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 67.171518][ C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 67.174526][ C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 67.177271][ C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 67.180028][ C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 67.182842][ C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 67.186156][ C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 67.188884][ C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 67.191626][ C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 67.197692][ T5987] usb 7-1: USB disconnect, device number 6 [ 67.245228][ T5935] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 67.247987][ T5935] Bluetooth: hci3: Injecting HCI hardware error event [ 67.251440][ T5935] Bluetooth: hci3: hardware error 0x00 [ 67.299884][ T7109] netlink: 72 bytes leftover after parsing attributes in process `syz.1.453'. [ 67.308759][ T7109] netlink: 8 bytes leftover after parsing attributes in process `syz.1.453'. [ 67.334287][ T29] usb 8-1: new low-speed USB device number 5 using dummy_hcd [ 67.365016][ T40] audit: type=1400 audit(1746319085.376:396): avc: denied { name_bind } for pid=7115 comm="syz.1.455" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 67.496761][ T29] usb 8-1: config 0 has an invalid interface number: 55 but max is 0 [ 67.499485][ T29] usb 8-1: config 0 has no interface number 0 [ 67.501756][ T29] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 67.505268][ T29] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8 [ 67.509188][ T29] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 67.513277][ T29] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 67.519664][ T29] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8 [ 67.522829][ T29] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 67.526623][ T29] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 67.529302][ T29] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 67.533773][ T29] usb 8-1: config 0 descriptor?? [ 67.537517][ T7098] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22 [ 67.539662][ T7098] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22 [ 67.543487][ T29] ldusb 8-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 67.624469][ T58] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 67.748151][ T7098] ldusb 8-1:0.55: Write buffer overflow, 1 bytes dropped [ 67.750293][ T40] audit: type=1400 audit(1746319085.756:397): avc: denied { relabelfrom } for pid=7149 comm="syz.2.462" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 67.758278][ T29] usb 8-1: USB disconnect, device number 5 [ 67.761039][ T40] audit: type=1400 audit(1746319085.766:398): avc: denied { relabelto } for pid=7149 comm="syz.2.462" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 67.765828][ T29] ldusb 8-1:0.55: LD USB Device #0 now disconnected [ 67.767288][ T7150] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue [ 67.784059][ T58] usb 6-1: Using ep0 maxpacket: 8 [ 67.788739][ T58] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 67.791323][ T58] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 67.796158][ T58] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 67.799422][ T58] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 67.802968][ T58] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 67.808698][ T58] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 67.811901][ T58] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 67.898977][ T40] audit: type=1400 audit(1746319085.906:399): avc: denied { wake_alarm } for pid=7162 comm="syz.0.465" capability=35 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 68.027196][ T58] usb 6-1: GET_CAPABILITIES returned 0 [ 68.028983][ T58] usbtmc 6-1:16.0: can't read capabilities [ 68.231810][ T24] usb 6-1: USB disconnect, device number 5 [ 68.554158][ T58] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 68.705681][ T58] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 68.708819][ T58] usb 8-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 68.712418][ T58] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 68.719219][ T58] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 68.722849][ T58] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 68.725728][ T58] usb 8-1: Product: syz [ 68.727105][ T58] usb 8-1: Manufacturer: syz [ 68.728642][ T58] usb 8-1: SerialNumber: syz [ 68.840613][ T7182] sp0: Synchronizing with TNC [ 68.878854][ T40] audit: type=1400 audit(1746319086.886:400): avc: denied { bind } for pid=7189 comm="syz.1.473" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 68.936074][ T58] usblp 8-1:1.0: usblp0: USB Unidirectional printer dev 6 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 68.960061][ T40] audit: type=1400 audit(1746319086.966:401): avc: denied { watch } for pid=7191 comm="syz.1.474" path="/121" dev="tmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 69.040881][ T40] audit: type=1400 audit(1746319087.046:402): avc: denied { mount } for pid=7198 comm="syz.1.475" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 69.105779][ T9] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 69.137222][ T24] usb 8-1: USB disconnect, device number 6 [ 69.140948][ T24] usblp0: removed [ 69.141537][ T7205] syzkaller0: entered promiscuous mode [ 69.144860][ T7205] syzkaller0: entered allmulticast mode [ 69.183847][ T5933] Bluetooth: hci4: sending frame failed (-49) [ 69.186760][ T5941] Bluetooth: hci4: Opcode 0x1003 failed: -49 [ 69.254073][ T9] usb 5-1: Using ep0 maxpacket: 8 [ 69.262918][ T9] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 69.266928][ T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 69.270530][ T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 69.274419][ T9] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 69.279174][ T9] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 69.282542][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 69.326063][ T5935] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 69.497555][ T9] usb 5-1: GET_CAPABILITIES returned 0 [ 69.499332][ T9] usbtmc 5-1:16.0: can't read capabilities [ 69.703522][ C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 69.706281][ C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 69.708925][ C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 69.711548][ C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 69.714226][ C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 69.716953][ C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 69.719677][ C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 69.722392][ C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 69.725102][ C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 69.728856][ C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 69.731618][ C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 69.734318][ C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 69.736987][ C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 69.739721][ C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 69.742459][ C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 69.745159][ C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 69.749745][ T24] usb 5-1: USB disconnect, device number 5 [ 69.804535][ T5935] Bluetooth: hci1: command 0x0419 tx timeout [ 70.035098][ T7210] ================================================================== [ 70.038167][ T7210] BUG: KASAN: slab-use-after-free in cfusbl_device_notify+0x883/0x900 [ 70.040968][ T7210] Read of size 8 at addr ffff888030d70c50 by task syz.1.480/7210 [ 70.044863][ T7210] [ 70.045636][ T7210] CPU: 2 UID: 0 PID: 7210 Comm: syz.1.480 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) [ 70.045652][ T7210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 70.045659][ T7210] Call Trace: [ 70.045664][ T7210] [ 70.045669][ T7210] dump_stack_lvl+0x116/0x1f0 [ 70.045686][ T7210] print_report+0xc3/0x670 [ 70.045697][ T7210] ? __virt_addr_valid+0x5e/0x590 [ 70.045712][ T7210] ? __phys_addr+0xc6/0x150 [ 70.045726][ T7210] ? cfusbl_device_notify+0x883/0x900 [ 70.045739][ T7210] kasan_report+0xe0/0x110 [ 70.045749][ T7210] ? cfusbl_device_notify+0x883/0x900 [ 70.045763][ T7210] cfusbl_device_notify+0x883/0x900 [ 70.045775][ T7210] ? net_generic+0xf4/0x2a0 [ 70.045786][ T7210] ? __pfx_cfusbl_device_notify+0x10/0x10 [ 70.045798][ T7210] ? caif_device_notify+0x21b/0x12c0 [ 70.045812][ T7210] ? smc_pnet_netdev_event+0x8a/0x7c0 [ 70.045825][ T7210] ? lockdep_rtnl_is_held+0x26/0x40 [ 70.045841][ T7210] notifier_call_chain+0xb9/0x410 [ 70.045855][ T7210] ? __pfx_cfusbl_device_notify+0x10/0x10 [ 70.045869][ T7210] call_netdevice_notifiers_info+0xbe/0x140 [ 70.045883][ T7210] register_netdevice+0xe02/0x2270 [ 70.045896][ T7210] ? __pfx_register_netdevice+0x10/0x10 [ 70.045909][ T7210] register_netdev+0x34/0x50 [ 70.045919][ T7210] bnep_add_connection+0x71c/0xd20 [ 70.045931][ T7210] ? __pfx_bnep_add_connection+0x10/0x10 [ 70.045942][ T7210] ? __fget_files+0x20e/0x3c0 [ 70.045959][ T7210] do_bnep_sock_ioctl.constprop.0+0x496/0x590 [ 70.045971][ T7210] ? __pfx_do_bnep_sock_ioctl.constprop.0+0x10/0x10 [ 70.045983][ T7210] ? find_held_lock+0x2b/0x80 [ 70.045998][ T7210] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 70.046015][ T7210] sock_do_ioctl+0x115/0x280 [ 70.046028][ T7210] ? __pfx_sock_do_ioctl+0x10/0x10 [ 70.046042][ T7210] ? ioctl_has_perm.constprop.0.isra.0+0x2f4/0x450 [ 70.046067][ T7210] ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450 [ 70.046084][ T7210] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 70.046103][ T7210] sock_ioctl+0x227/0x6b0 [ 70.046116][ T7210] ? __pfx_sock_ioctl+0x10/0x10 [ 70.046130][ T7210] ? hook_file_ioctl_common+0x145/0x410 [ 70.046142][ T7210] ? selinux_file_ioctl+0x180/0x270 [ 70.046158][ T7210] ? selinux_file_ioctl+0xb4/0x270 [ 70.046173][ T7210] ? __pfx_sock_ioctl+0x10/0x10 [ 70.046187][ T7210] __x64_sys_ioctl+0x190/0x200 [ 70.046200][ T7210] do_syscall_64+0xcd/0x260 [ 70.046214][ T7210] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.046225][ T7210] RIP: 0033:0x7fafd3d8e969 [ 70.046233][ T7210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 70.046243][ T7210] RSP: 002b:00007fafd1bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 70.046253][ T7210] RAX: ffffffffffffffda RBX: 00007fafd3fb5fa0 RCX: 00007fafd3d8e969 [ 70.046260][ T7210] RDX: 00002000000000c0 RSI: 00000000400442c8 RDI: 000000000000000e [ 70.046266][ T7210] RBP: 00007fafd3e10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 70.046272][ T7210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 70.046278][ T7210] R13: 0000000000000000 R14: 00007fafd3fb5fa0 R15: 00007ffed034e9a8 [ 70.046287][ T7210] [ 70.046291][ T7210] [ 70.144590][ T7210] Allocated by task 5941: [ 70.145942][ T7210] kasan_save_stack+0x33/0x60 [ 70.147404][ T7210] kasan_save_track+0x14/0x30 [ 70.148879][ T7210] __kasan_kmalloc+0xaa/0xb0 [ 70.150300][ T7210] __hci_conn_add+0x130/0x1b70 [ 70.151771][ T7210] hci_conn_add_unset+0x6d/0x100 [ 70.153324][ T7210] hci_conn_request_evt+0x888/0xae0 [ 70.154909][ T7210] hci_event_packet+0x9ee/0x1190 [ 70.156418][ T7210] hci_rx_work+0x2c5/0x16b0 [ 70.157786][ T7210] process_one_work+0x9cc/0x1b70 [ 70.159261][ T7210] worker_thread+0x6c8/0xf10 [ 70.160680][ T7210] kthread+0x3c2/0x780 [ 70.161920][ T7210] ret_from_fork+0x45/0x80 [ 70.163290][ T7210] ret_from_fork_asm+0x1a/0x30 [ 70.164933][ T7210] [ 70.165685][ T7210] Freed by task 67: [ 70.166863][ T7210] kasan_save_stack+0x33/0x60 [ 70.168327][ T7210] kasan_save_track+0x14/0x30 [ 70.169772][ T7210] kasan_save_free_info+0x3b/0x60 [ 70.171327][ T7210] __kasan_slab_free+0x51/0x70 [ 70.172816][ T7210] kfree+0x2b6/0x4d0 [ 70.174041][ T7210] device_release+0xa1/0x240 [ 70.175447][ T7210] kobject_put+0x1e4/0x5a0 [ 70.176830][ T7210] device_unregister+0x2f/0xc0 [ 70.178280][ T7210] hci_conn_del_sysfs+0xb4/0x180 [ 70.179810][ T7210] hci_conn_del+0x55f/0xdc0 [ 70.181166][ T7210] hci_abort_conn_sync+0x740/0xb40 [ 70.182727][ T7210] abort_conn_sync+0x197/0x360 [ 70.184175][ T7210] hci_cmd_sync_work+0x1a8/0x430 [ 70.185683][ T7210] process_one_work+0x9cc/0x1b70 [ 70.187175][ T7210] worker_thread+0x6c8/0xf10 [ 70.188595][ T7210] kthread+0x3c2/0x780 [ 70.189845][ T7210] ret_from_fork+0x45/0x80 [ 70.191242][ T7210] ret_from_fork_asm+0x1a/0x30 [ 70.192727][ T7210] [ 70.193470][ T7210] Last potentially related work creation: [ 70.195275][ T7210] kasan_save_stack+0x33/0x60 [ 70.196750][ T7210] kasan_record_aux_stack+0xb8/0xd0 [ 70.198347][ T7210] insert_work+0x36/0x230 [ 70.199688][ T7210] __queue_work+0x3f8/0x10f0 [ 70.201138][ T7210] __queue_delayed_work+0x35b/0x460 [ 70.202735][ T7210] queue_delayed_work_on+0x1b5/0x200 [ 70.204415][ T7210] l2cap_chan_del+0x5a0/0x8f0 [ 70.205848][ T7210] l2cap_conn_del+0x37a/0x730 [ 70.207288][ T7210] l2cap_connect_cfm+0x9e1/0xf80 [ 70.208775][ T7210] hci_conn_failed+0x1ba/0x330 [ 70.210205][ T7210] hci_abort_conn_sync+0x740/0xb40 [ 70.211777][ T7210] abort_conn_sync+0x197/0x360 [ 70.213254][ T7210] hci_cmd_sync_work+0x1a8/0x430 [ 70.214725][ T7210] process_one_work+0x9cc/0x1b70 [ 70.216227][ T7210] worker_thread+0x6c8/0xf10 [ 70.217654][ T7210] kthread+0x3c2/0x780 [ 70.218888][ T7210] ret_from_fork+0x45/0x80 [ 70.220290][ T7210] ret_from_fork_asm+0x1a/0x30 [ 70.221773][ T7210] [ 70.222518][ T7210] Second to last potentially related work creation: [ 70.224524][ T7210] kasan_save_stack+0x33/0x60 [ 70.225962][ T7210] kasan_record_aux_stack+0xb8/0xd0 [ 70.227520][ T7210] insert_work+0x36/0x230 [ 70.228840][ T7210] __queue_work+0x97e/0x10f0 [ 70.230256][ T7210] call_timer_fn+0x197/0x620 [ 70.231675][ T7210] __run_timers+0x569/0x960 [ 70.233075][ T7210] run_timer_base+0x114/0x190 [ 70.234531][ T7210] run_timer_softirq+0x1a/0x40 [ 70.235990][ T7210] handle_softirqs+0x216/0x8e0 [ 70.237472][ T7210] __irq_exit_rcu+0x109/0x170 [ 70.238911][ T7210] irq_exit_rcu+0x9/0x30 [ 70.240210][ T7210] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 70.241921][ T7210] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 70.243735][ T7210] [ 70.244486][ T7210] The buggy address belongs to the object at ffff888030d70000 [ 70.244486][ T7210] which belongs to the cache kmalloc-8k of size 8192 [ 70.248578][ T7210] The buggy address is located 3152 bytes inside of [ 70.248578][ T7210] freed 8192-byte region [ffff888030d70000, ffff888030d72000) [ 70.252637][ T7210] [ 70.253364][ T7210] The buggy address belongs to the physical page: [ 70.255293][ T7210] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x30d70 [ 70.257910][ T7210] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 70.260479][ T7210] ksm flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 70.262820][ T7210] page_type: f5(slab) [ 70.264038][ T7210] raw: 00fff00000000040 ffff88801b443180 ffffea0000968400 dead000000000003 [ 70.266678][ T7210] raw: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000 [ 70.269271][ T7210] head: 00fff00000000040 ffff88801b443180 ffffea0000968400 dead000000000003 [ 70.271887][ T7210] head: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000 [ 70.274484][ T7210] head: 00fff00000000003 ffffea0000c35c01 00000000ffffffff 00000000ffffffff [ 70.277070][ T7210] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 70.279578][ T7210] page dumped because: kasan: bad access detected [ 70.281517][ T7210] page_owner tracks the page as allocated [ 70.283204][ T7210] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5652, tgid 5652 (dhcpcd-run-hook), ts 27655758785, free_ts 27634184624 [ 70.289346][ T7210] post_alloc_hook+0x181/0x1b0 [ 70.290829][ T7210] get_page_from_freelist+0x135c/0x3920 [ 70.292532][ T7210] __alloc_frozen_pages_noprof+0x263/0x23a0 [ 70.294337][ T7210] alloc_pages_mpol+0x1fb/0x550 [ 70.295812][ T7210] new_slab+0x244/0x340 [ 70.297066][ T7210] ___slab_alloc+0xd9c/0x1940 [ 70.298493][ T7210] __slab_alloc.constprop.0+0x56/0xb0 [ 70.300122][ T7210] __kmalloc_cache_noprof+0xfb/0x3e0 [ 70.301776][ T7210] tomoyo_init_log+0xc8a/0x2140 [ 70.303264][ T7210] tomoyo_supervisor+0x302/0x13b0 [ 70.304795][ T7210] tomoyo_env_perm+0x191/0x200 [ 70.306269][ T7210] tomoyo_find_next_domain+0xec2/0x20b0 [ 70.307951][ T7210] tomoyo_bprm_check_security+0x12e/0x1d0 [ 70.309694][ T7210] security_bprm_check+0x1b9/0x1e0 [ 70.311237][ T7210] bprm_execve+0x810/0x1650 [ 70.312665][ T7210] do_execveat_common.isra.0+0x4a5/0x610 [ 70.314363][ T7210] page last free pid 5651 tgid 5651 stack trace: [ 70.316265][ T7210] __free_frozen_pages+0x69d/0xff0 [ 70.317837][ T7210] __put_partials+0x16d/0x1c0 [ 70.319325][ T7210] qlist_free_all+0x4e/0x120 [ 70.320799][ T7210] kasan_quarantine_reduce+0x195/0x1e0 [ 70.322452][ T7210] __kasan_slab_alloc+0x69/0x90 [ 70.323948][ T7210] __kmalloc_noprof+0x1d4/0x510 [ 70.325459][ T7210] tomoyo_supervisor+0x45b/0x13b0 [ 70.327010][ T7210] tomoyo_env_perm+0x191/0x200 [ 70.328450][ T7210] tomoyo_find_next_domain+0xec2/0x20b0 [ 70.330125][ T7210] tomoyo_bprm_check_security+0x12e/0x1d0 [ 70.331844][ T7210] security_bprm_check+0x1b9/0x1e0 [ 70.333442][ T7210] bprm_execve+0x810/0x1650 [ 70.334825][ T7210] do_execveat_common.isra.0+0x4a5/0x610 [ 70.336536][ T7210] __x64_sys_execve+0x8e/0xb0 [ 70.337998][ T7210] do_syscall_64+0xcd/0x260 [ 70.339390][ T7210] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.341182][ T7210] [ 70.341926][ T7210] Memory state around the buggy address: [ 70.343636][ T7210] ffff888030d70b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 70.346067][ T7210] ffff888030d70b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 70.348483][ T7210] >ffff888030d70c00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 70.350883][ T7210] ^ [ 70.352918][ T7210] ffff888030d70c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 70.355319][ T7210] ffff888030d70d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 70.357724][ T7210] ================================================================== [ 70.361300][ T7210] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 70.363527][ T7210] CPU: 2 UID: 0 PID: 7210 Comm: syz.1.480 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) [ 70.367084][ T7210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 70.370338][ T7210] Call Trace: [ 70.371359][ T7210] [ 70.372273][ T7210] dump_stack_lvl+0x3d/0x1f0 [ 70.373715][ T7210] panic+0x71c/0x800 [ 70.374938][ T7210] ? __pfx_panic+0x10/0x10 [ 70.376321][ T7210] ? irqentry_exit+0x3b/0x90 [ 70.377760][ T7210] ? lockdep_hardirqs_on+0x7c/0x110 [ 70.379448][ T7210] ? preempt_schedule_thunk+0x16/0x30 [ 70.382226][ T7210] ? cfusbl_device_notify+0x883/0x900 [ 70.384899][ T7210] ? preempt_schedule_common+0x44/0xc0 [ 70.386963][ T7210] ? cfusbl_device_notify+0x883/0x900 [ 70.388904][ T7210] check_panic_on_warn+0xab/0xb0 [ 70.391031][ T7210] end_report+0x107/0x170 [ 70.392907][ T7210] kasan_report+0xee/0x110 [ 70.394665][ T7210] ? cfusbl_device_notify+0x883/0x900 [ 70.396922][ T7210] cfusbl_device_notify+0x883/0x900 [ 70.399134][ T7210] ? net_generic+0xf4/0x2a0 [ 70.400866][ T7210] ? __pfx_cfusbl_device_notify+0x10/0x10 [ 70.402611][ T7210] ? caif_device_notify+0x21b/0x12c0 [ 70.404190][ T7210] ? smc_pnet_netdev_event+0x8a/0x7c0 [ 70.406047][ T7210] ? lockdep_rtnl_is_held+0x26/0x40 [ 70.408222][ T7210] notifier_call_chain+0xb9/0x410 [ 70.409830][ T7210] ? __pfx_cfusbl_device_notify+0x10/0x10 [ 70.411719][ T7210] call_netdevice_notifiers_info+0xbe/0x140 [ 70.414181][ T7210] register_netdevice+0xe02/0x2270 [ 70.415997][ T7210] ? __pfx_register_netdevice+0x10/0x10 [ 70.417821][ T7210] register_netdev+0x34/0x50 [ 70.419251][ T7210] bnep_add_connection+0x71c/0xd20 [ 70.420875][ T7210] ? __pfx_bnep_add_connection+0x10/0x10 [ 70.422656][ T7210] ? __fget_files+0x20e/0x3c0 [ 70.424124][ T7210] do_bnep_sock_ioctl.constprop.0+0x496/0x590 [ 70.426128][ T7210] ? __pfx_do_bnep_sock_ioctl.constprop.0+0x10/0x10 [ 70.428567][ T7210] ? find_held_lock+0x2b/0x80 [ 70.430007][ T7210] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 70.431826][ T7210] sock_do_ioctl+0x115/0x280 [ 70.433268][ T7210] ? __pfx_sock_do_ioctl+0x10/0x10 [ 70.434868][ T7210] ? ioctl_has_perm.constprop.0.isra.0+0x2f4/0x450 [ 70.437327][ T7210] ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450 [ 70.439337][ T7210] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 70.441436][ T7210] sock_ioctl+0x227/0x6b0 [ 70.442766][ T7210] ? __pfx_sock_ioctl+0x10/0x10 [ 70.444272][ T7210] ? hook_file_ioctl_common+0x145/0x410 [ 70.446119][ T7210] ? selinux_file_ioctl+0x180/0x270 [ 70.447844][ T7210] ? selinux_file_ioctl+0xb4/0x270 [ 70.449426][ T7210] ? __pfx_sock_ioctl+0x10/0x10 [ 70.450961][ T7210] __x64_sys_ioctl+0x190/0x200 [ 70.452438][ T7210] do_syscall_64+0xcd/0x260 [ 70.453848][ T7210] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.455676][ T7210] RIP: 0033:0x7fafd3d8e969 [ 70.457292][ T7210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 70.462961][ T7210] RSP: 002b:00007fafd1bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 70.465420][ T7210] RAX: ffffffffffffffda RBX: 00007fafd3fb5fa0 RCX: 00007fafd3d8e969 [ 70.468106][ T7210] RDX: 00002000000000c0 RSI: 00000000400442c8 RDI: 000000000000000e [ 70.470435][ T7210] RBP: 00007fafd3e10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 70.472805][ T7210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 70.475108][ T7210] R13: 0000000000000000 R14: 00007fafd3fb5fa0 R15: 00007ffed034e9a8 [ 70.477800][ T7210] [ 70.479464][ T7210] Kernel Offset: disabled [ 70.480771][ T7210] Rebooting in 86400 seconds.. VM DIAGNOSIS: 00:38:08 Registers: info registers vcpu 0 CPU#0 RAX=00000000000ed4a9 RBX=0000000000000000 RCX=ffffffff8b6cd419 RDX=0000000000000000 RSI=ffffffff8dbe1239 RDI=ffffffff8bf482e0 RBP=fffffbfff1c12ee8 RSP=ffffffff8e007e10 R8 =0000000000000001 R9 =ffffed100d4865bd R10=ffff88806a432deb R11=0000000000000000 R12=0000000000000000 R13=ffffffff8e097740 R14=ffffffff90850510 R15=0000000000000000 RIP=ffffffff8b6cbcaf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d69df000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c2b4b47 CR3=0000000032132000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff812c2443 ffffffff812c2443 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff812c2443 ffffffff812c2443 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 ffffffff812c2443 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fafd3e11a8a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fafd3e11a97 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fafd3e11a91 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fafd3e11aa5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fafd3e11b2b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fafd3e11c09 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff815fb4c5 ffffffff812c2488 ffffffff812c2488 ffffffff812c245f ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fafd4aed100 00007fafd3f83440 00007faf00040008 0000000f0010000c ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fafd3f83498 00007fafd3f83490 00007fafd3f83488 00007fafd3f83480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=ffff88806a6415c0 RCX=ffffffff81af1bb9 RDX=ffff88801cfb4880 RSI=ffffffff81af1b93 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90000a3f938 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=ffffed100d4c82b9 R13=0000000000000001 R14=dffffc0000000000 R15=ffff88806a53b040 RIP=ffffffff81af1b95 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6adf000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f01607e2dc8 CR3=000000000e180000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff812c2443 ffffffff812c2443 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff812c2443 ffffffff812c2443 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 ffffffff812c2443 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fafd3e11a8a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fafd3e11a97 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fafd3e11a91 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fafd3e11aa5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fafd3e11b2b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fafd3e11c09 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff815fb4c5 ffffffff812c2488 ffffffff812c2488 ffffffff812c245f ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fafd4aed100 00007fafd3f83440 00007faf00040008 0000000f0010000c ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fafd3f83498 00007fafd3f83490 00007fafd3f83488 00007fafd3f83480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000038 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff854f56b5 RDI=ffffffff9adf94e0 RBP=ffffffff9adf94a0 RSP=ffffc9000330f2b8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552 R12=0000000000000000 R13=0000000000000038 R14=ffffffff9adf94a0 R15=ffffffff854f5650 RIP=ffffffff854f56df RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fafd1bf66c0 ffffffff 00c00000 GS =0000 ffff8880d6bdf000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000001b2e407ff8 CR3=0000000032132000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff812c2443 ffffffff812c2443 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff812c2443 ffffffff812c2443 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 ffffffff812c2443 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fafd3e11a8a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fafd3e11a97 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fafd3e11a91 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fafd3e11aa5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fafd3e11b2b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fafd3e11c09 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff815fb4c5 ffffffff812c2488 ffffffff812c2488 ffffffff812c245f ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fafd4aed100 00007fafd3f83440 00007faf00040008 0000000f0010000c ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fafd3f83498 00007fafd3f83490 00007fafd3f83488 00007fafd3f83480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=00000000000761f1 RBX=0000000000000003 RCX=ffffffff8b6cd419 RDX=0000000000000000 RSI=ffffffff8dbe1239 RDI=ffffffff8bf482e0 RBP=ffffed1003b53000 RSP=ffffc90000197df8 R8 =0000000000000001 R9 =ffffed100d4e65bd R10=ffff88806a732deb R11=0000000000000000 R12=0000000000000003 R13=ffff88801da98000 R14=ffffffff90850510 R15=0000000000000000 RIP=ffffffff8b6cbcaf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6cdf000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000001b2e3fbff8 CR3=000000004c8ed000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000040000400 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffed034ed30 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fafd3e11a8a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fafd3e11a97 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fafd3e11a91 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fafd3e11aa5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fafd3e11b2b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fafd3e11c09 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000