last executing test programs: 1.653551434s ago: executing program 1 (id=27254): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00), 0x0, 0x4) r3 = socket$igmp(0x2, 0x3, 0x2) sendmsg$inet(r3, &(0x7f00000002c0)={&(0x7f00000000c0)={0x2, 0x4e24, @multicast1}, 0x10, &(0x7f0000000200)=[{0x0}, {&(0x7f0000000a00)="d32d", 0x2}], 0x2, &(0x7f0000000040)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x34}, @dev={0xac, 0x14, 0x14, 0x30}}}}], 0x20}, 0x0) 1.652470116s ago: executing program 1 (id=27257): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.dequeue\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_sock_size\x00', 0x2, 0x0) syz_io_uring_setup(0x771d, &(0x7f0000000040)={0x0, 0x2d0b, 0x20, 0x2, 0x2ec, 0x0, r4}, &(0x7f00000000c0), 0x0) 1.082969967s ago: executing program 3 (id=27269): rt_sigaction(0xd, 0x0, 0x0, 0x0, 0x0) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) 1.082610246s ago: executing program 1 (id=27270): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = syz_open_dev$dri(&(0x7f0000000300), 0x40100001, 0x189002) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) 988.572545ms ago: executing program 3 (id=27272): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r0, @ANYRES64], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r1, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(0xffffffffffffffff, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = syz_open_dev$dri(&(0x7f0000000300), 0x40100001, 0x189002) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) 861.909113ms ago: executing program 0 (id=27276): rt_sigaction(0xd, 0x0, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, 0x0, 0x24048090) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) socket$inet6_tcp(0xa, 0x1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_user\x00', 0x275a, 0x0) socket(0x1e, 0x1, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$TIPC_NL_NET_SET(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x20, r4, 0x1, 0x70bd27, 0x25dfdbfc, {}, [@TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0xfffffffa}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x0) 861.254385ms ago: executing program 0 (id=27278): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.dequeue\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_sock_size\x00', 0x2, 0x0) syz_io_uring_setup(0x771d, &(0x7f0000000040)={0x0, 0x2d0b, 0x20, 0x2, 0x2ec, 0x0, r3}, &(0x7f00000000c0), 0x0) 792.460292ms ago: executing program 0 (id=27279): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.dequeue\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_sock_size\x00', 0x2, 0x0) 791.33761ms ago: executing program 0 (id=27281): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, 0x0) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) add_key$keyring(&(0x7f0000000080), 0x0, 0x0, 0x0, 0xffffffffffffffff) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x6) ioctl$KVM_RUN(r5, 0xae80, 0x0) 790.10069ms ago: executing program 1 (id=27282): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, 0xffffffffffffffff, 0x0) syz_usb_connect(0x1, 0x24, 0x0, 0x0) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000340)=ANY=[], 0x118) syz_open_procfs(0x0, &(0x7f00000000c0)='net/vlan/vlan0\x00') r4 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r4, 0x8923, &(0x7f0000000040)={'vlan0\x00', 0x40}) 471.830649ms ago: executing program 2 (id=27287): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000440)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) r2 = open(&(0x7f0000000040)='./file0\x00', 0x400, 0x43) mknodat$loop(r2, &(0x7f0000000200)='./file1\x00', 0x40, 0x1) chdir(&(0x7f00000003c0)='./bus\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) 471.436052ms ago: executing program 2 (id=27288): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.dequeue\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_sock_size\x00', 0x2, 0x0) syz_io_uring_setup(0x771d, &(0x7f0000000040)={0x0, 0x2d0b, 0x20, 0x2, 0x2ec, 0x0, r3}, &(0x7f00000000c0), 0x0) 379.312943ms ago: executing program 2 (id=27289): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.dequeue\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_io_uring_setup(0x771d, &(0x7f0000000040)={0x0, 0x2d0b, 0x20, 0x2, 0x2ec}, 0x0, 0x0) 379.08947ms ago: executing program 3 (id=27290): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r1 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r1, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r1, 0x0, 0x0, 0x80, 0x0, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4) connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r2, &(0x7f0000000280)="a6", 0x1, 0x24000041, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000000), 0x4) 378.490677ms ago: executing program 2 (id=27291): rt_sigaction(0xd, &(0x7f0000000180)={0x0, 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, 0x0, 0x24048090) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) socket$inet6_tcp(0xa, 0x1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_user\x00', 0x275a, 0x0) socket(0x1e, 0x1, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$TIPC_NL_NET_SET(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x20, r4, 0x1, 0x70bd27, 0x25dfdbfc, {}, [@TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0xfffffffa}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x0) 301.391116ms ago: executing program 2 (id=27292): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) socket$inet6_tcp(0xa, 0x1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r1 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r1, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r1, 0x0, 0x0, 0x80, 0x0, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x41, &(0x7f0000000100)=0x1b11, 0x4) connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r2, &(0x7f0000000280)="a6", 0x1, 0x24000041, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000000), 0x4) 300.984659ms ago: executing program 2 (id=27293): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r0, @ANYRES64], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r1, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(0xffffffffffffffff, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) r5 = syz_open_dev$dri(&(0x7f0000000300), 0x40100001, 0x189002) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r5, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_GETPLANE(r4, 0xc02064b6, &(0x7f00000002c0)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 231.554713ms ago: executing program 0 (id=27294): sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) capget(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)={0xc, 0xd, 0x174, 0x0, 0x9, 0x6}) ioctl(0xffffffffffffffff, 0xb8, &(0x7f0000000000)="15e0185428227964d1") r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x40300, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000340)={0x1fe, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x40000002, 0x9, 0xfffffffffffffffd, 0x85, 0x2, 0x0, 0x4002004c8, 0x1004, 0x45c2, 0xc595, 0x7, 0x5, 0x4, 0x0, 0x80000004000000, 0x200000000c], 0x100000, 0x2010d3}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 171.4878ms ago: executing program 1 (id=27295): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$igmp(0x2, 0x3, 0x2) sendmsg$inet(r3, 0x0, 0x0) 171.111555ms ago: executing program 1 (id=27296): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r0, @ANYRES64], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r1, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'tunl0\x00', 0x0}) sendto$packet(r5, &(0x7f0000000080)='3', 0x1, 0x40008c1, &(0x7f00000000c0)={0x11, 0x86dd, r6, 0x1, 0x62}, 0x14) 70.744333ms ago: executing program 3 (id=27297): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) r4 = syz_open_dev$dri(0x0, 0x40100001, 0x189002) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_GETPLANE(r3, 0xc02064b6, &(0x7f00000002c0)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_SETCRTC(r3, 0xc06864a2, &(0x7f0000000580)={&(0x7f00000003c0)=[r6], 0x1, r6, r7, 0x9, 0x0, 0xffffffff, 0x808, {0xac7c, 0x1, 0x3, 0x67, 0xf4b, 0x1, 0x2, 0x5, 0x412f, 0xe114, 0x800, 0x7f, 0x6, 0xffffffff, "fe1d00003413000000000020b42717e47f00"}}) 69.478838ms ago: executing program 3 (id=27298): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.dequeue\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_sock_size\x00', 0x2, 0x0) syz_io_uring_setup(0x771d, &(0x7f0000000040)={0x0, 0x2d0b, 0x20, 0x2, 0x2ec, 0x0, r3}, &(0x7f00000000c0), 0x0) 534.211µs ago: executing program 0 (id=27299): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r0, @ANYRES64], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r1, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(0xffffffffffffffff, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = syz_open_dev$dri(&(0x7f0000000300), 0x40100001, 0x189002) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) 0s ago: executing program 3 (id=27300): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) r4 = syz_open_dev$dri(&(0x7f0000000300), 0x40100001, 0x189002) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_GETPLANE(r3, 0xc02064b6, &(0x7f00000002c0)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) kernel console output (not intermixed with test programs): ding to iommu group 9 [ 1227.962807][ T40] audit: type=1400 audit(1763138219.766:948): avc: denied { bind } for pid=26772 comm="syz.1.23435" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 1227.976875][ T40] audit: type=1400 audit(1763138219.766:949): avc: denied { name_bind } for pid=26772 comm="syz.1.23435" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1 [ 1227.987108][ T40] audit: type=1400 audit(1763138219.766:950): avc: denied { node_bind } for pid=26772 comm="syz.1.23435" saddr=224.0.0.2 src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1 [ 1228.032785][T26778] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 1228.195817][T26788] vxfs: WRONG superblock magic 00000000 at 1 [ 1228.199253][T26788] vxfs: WRONG superblock magic 00000000 at 8 [ 1228.201404][T26788] vxfs: can't find superblock. [ 1228.280248][ T869] Bluetooth: hci2: command 0x2016 tx timeout [ 1228.441854][ T869] Bluetooth: hci3: command tx timeout [ 1228.559271][T26821] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 1228.678096][T26830] netdevsim netdevsim1 netdevsim0: entered allmulticast mode [ 1228.687009][T26830] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 1228.842462][T26846] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 1228.853829][T26843] netlink: 104 bytes leftover after parsing attributes in process `syz.1.23468'. [ 1228.866713][ T40] audit: type=1400 audit(1763138220.656:951): avc: denied { nlmsg_read } for pid=26842 comm="syz.1.23468" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 1229.118431][ T40] audit: type=1400 audit(1763138220.916:952): avc: denied { bind } for pid=26859 comm="syz.2.23475" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 1229.200538][T26870] SET target dimension over the limit! [ 1229.519600][ T40] audit: type=1400 audit(1763138221.316:953): avc: denied { create } for pid=26890 comm="syz.0.23489" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 1229.530990][T26892] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 1229.539606][ T40] audit: type=1400 audit(1763138221.336:954): avc: denied { ioctl } for pid=26890 comm="syz.0.23489" path="socket:[396808]" dev="sockfs" ino=396808 ioctlcmd=0x890c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 1229.779523][T26898] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2563 sclass=netlink_route_socket pid=26898 comm=syz.3.23491 [ 1229.960095][ T5947] Bluetooth: hci0: command 0x0406 tx timeout [ 1230.024112][T26909] macsec1: entered promiscuous mode [ 1230.231687][T26915] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 1230.322858][T26922] loop9: detected capacity change from 0 to 7 [ 1230.328520][T26922] Dev loop9: unable to read RDB block 7 [ 1230.331318][T26922] loop9: AHDI p3 p4 [ 1230.332619][T26922] loop9: partition table partially beyond EOD, truncated [ 1230.334881][T26922] loop9: p3 size 4227858431 extends beyond EOD, truncated [ 1230.361860][T26616] Bluetooth: hci2: command 0x2016 tx timeout [ 1230.457643][T26616] Bluetooth: hci1: unexpected event for opcode 0x0407 [ 1230.520170][T26616] Bluetooth: hci3: command 0x0419 tx timeout [ 1230.786925][T26941] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 1231.864137][T27022] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 1232.237760][T27035] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 1232.247290][T27037] iommufd_mock iommufd_mock1: Adding to iommu group 9 [ 1232.600389][ T869] Bluetooth: hci3: command 0x0419 tx timeout [ 1232.607716][T27053] netlink: 8 bytes leftover after parsing attributes in process `syz.0.23557'. [ 1233.094683][T27072] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 1233.744148][T27089] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 1234.286357][T27093] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 1234.436196][T27108] netlink: 'syz.1.23580': attribute type 23 has an invalid length. [ 1234.539359][T27118] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 1234.677394][T27138] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 1234.717599][ T40] audit: type=1400 audit(1763138226.516:955): avc: denied { connect } for pid=27139 comm="syz.2.23596" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 1234.976502][T27158] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 1235.028061][T27164] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 1235.136315][T27175] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 1235.872087][T27216] loop9: detected capacity change from 0 to 7 [ 1235.875930][T27216] Dev loop9: unable to read RDB block 7 [ 1235.878334][T27216] loop9: unable to read partition table [ 1235.882576][T27216] loop9: partition table beyond EOD, truncated [ 1235.885482][T27216] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5) [ 1236.011789][T27225] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 1236.738047][ T869] Bluetooth: hci3: Received unexpected HCI Event 0x00 [ 1236.779065][T27255] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 1236.825378][T27259] syzkaller0: entered promiscuous mode [ 1236.827652][T27259] syzkaller0: entered allmulticast mode [ 1237.167779][ T869] Bluetooth: hci1: Received unexpected HCI Event 0x00 [ 1237.623942][T27297] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 1237.967635][ T40] audit: type=1400 audit(1763138229.766:956): avc: denied { name_bind 0x1000000 } for pid=27313 comm="syz.1.23672" path="socket:[397269]" dev="sockfs" ino=397269 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 1238.081904][T27327] loop9: detected capacity change from 0 to 7 [ 1238.085507][T27327] Dev loop9: unable to read RDB block 7 [ 1238.087847][T27327] loop9: AHDI p1 p2 [ 1238.089545][T27327] loop9: partition table partially beyond EOD, truncated [ 1238.092943][T27327] loop9: p1 size 4227858431 extends beyond EOD, truncated [ 1238.120654][T25480] udevd[25480]: inotify_add_watch(7, /dev/loop9p1, 10) failed: No such file or directory [ 1238.353894][T27339] netlink: 12 bytes leftover after parsing attributes in process `syz.1.23682'. [ 1238.371588][T27335] netlink: 8 bytes leftover after parsing attributes in process `syz.2.23680'. [ 1238.443030][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 1238.445075][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 1239.093292][T27373] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 1239.197111][T27377] loop9: detected capacity change from 0 to 7 [ 1239.201931][T27377] Dev loop9: unable to read RDB block 7 [ 1239.204353][T27377] loop9: AHDI p1 p2 [ 1239.206114][T27377] loop9: partition table partially beyond EOD, truncated [ 1239.210480][T27377] loop9: p1 size 4227858431 extends beyond EOD, truncated [ 1239.233901][T25480] udevd[25480]: inotify_add_watch(7, /dev/loop9p1, 10) failed: No such file or directory [ 1239.755844][T27404] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 1239.908380][T27409] netdevsim netdevsim3 netdevsim0: entered allmulticast mode [ 1240.040717][T27430] Bluetooth: MGMT ver 1.23 [ 1240.088397][T27436] loop9: detected capacity change from 0 to 7 [ 1240.091486][T27436] Dev loop9: unable to read RDB block 7 [ 1240.093899][T27436] loop9: AHDI p1 p2 [ 1240.095630][T27436] loop9: partition table partially beyond EOD, truncated [ 1240.098587][T27436] loop9: p1 size 4227858431 extends beyond EOD, truncated [ 1240.119704][T25480] udevd[25480]: inotify_add_watch(7, /dev/loop9p1, 10) failed: No such file or directory [ 1241.050145][T27506] netdevsim netdevsim2 netdevsim0: entered allmulticast mode [ 1241.223106][T27517] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 1242.440056][ T869] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 1242.440080][T26616] Bluetooth: hci4: command 0x1003 tx timeout [ 1242.538503][T27574] netlink: 'syz.1.23783': attribute type 1 has an invalid length. [ 1242.745893][T27595] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 1243.534249][T27655] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 1244.227393][ T40] audit: type=1400 audit(1763138236.026:957): avc: denied { search } for pid=27659 comm="syz.3.23820" name="/" dev="nfsd" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfsd_fs_t tclass=dir permissive=1 [ 1244.235049][ T40] audit: type=1400 audit(1763138236.026:958): avc: denied { search } for pid=27659 comm="syz.3.23820" name="/" dev="nfsd" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfsd_fs_t tclass=dir permissive=1 [ 1244.243085][ T40] audit: type=1400 audit(1763138236.026:959): avc: denied { read open } for pid=27659 comm="syz.3.23820" path="/" dev="nfsd" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfsd_fs_t tclass=dir permissive=1 [ 1244.483029][ T40] audit: type=1400 audit(1763138236.286:960): avc: denied { write } for pid=27676 comm="syz.1.23827" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 1245.167487][T27706] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 1245.350307][T26616] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1245.366207][T26616] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1245.371188][T26616] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1245.375131][T26616] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1245.377739][T26616] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1245.562741][T27711] chnl_net:caif_netlink_parms(): no params data found [ 1245.647418][T27711] bridge0: port 1(bridge_slave_0) entered blocking state [ 1245.649728][T27711] bridge0: port 1(bridge_slave_0) entered disabled state [ 1245.653353][T27711] bridge_slave_0: entered allmulticast mode [ 1245.657656][T27711] bridge_slave_0: entered promiscuous mode [ 1245.663272][T27711] bridge0: port 2(bridge_slave_1) entered blocking state [ 1245.666445][T27711] bridge0: port 2(bridge_slave_1) entered disabled state [ 1245.670649][T27711] bridge_slave_1: entered allmulticast mode [ 1245.675077][T27711] bridge_slave_1: entered promiscuous mode [ 1245.741644][ T103] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1245.760693][T27711] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1245.767035][T27711] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1245.821870][T27711] team0: Port device team_slave_0 added [ 1245.825586][T27711] team0: Port device team_slave_1 added [ 1245.882961][T27711] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1245.887346][T27711] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1245.906872][T27711] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1245.916932][T27711] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1245.922337][T27711] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1245.938832][T27711] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1246.167536][ T103] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1246.186023][T27711] hsr_slave_0: entered promiscuous mode [ 1246.190872][T27711] hsr_slave_1: entered promiscuous mode [ 1246.195191][T27711] debugfs: 'hsr0' already exists in 'hsr' [ 1246.200193][T27711] Cannot create hsr debugfs directory [ 1246.233273][T27737] loop9: detected capacity change from 0 to 7 [ 1246.248274][T27737] Dev loop9: unable to read RDB block 7 [ 1246.250233][T27737] loop9: AHDI p4 [ 1246.251636][T27737] loop9: partition table partially beyond EOD, truncated [ 1246.295368][ T103] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1246.443458][ T103] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1246.552208][ T103] bridge_slave_1: left allmulticast mode [ 1246.554044][ T103] bridge_slave_1: left promiscuous mode [ 1246.557581][ T103] bridge0: port 2(bridge_slave_1) entered disabled state [ 1246.562738][ T103] bridge_slave_0: left allmulticast mode [ 1246.564950][ T103] bridge_slave_0: left promiscuous mode [ 1246.567203][ T103] bridge0: port 1(bridge_slave_0) entered disabled state [ 1246.822016][ T103] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1246.826495][ T103] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1246.830296][ T103] bond0 (unregistering): Released all slaves [ 1247.198748][ T103] hsr_slave_0: left promiscuous mode [ 1247.202479][ T103] hsr_slave_1: left promiscuous mode [ 1247.204523][ T103] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1247.206871][ T103] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1247.209843][ T103] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1247.216789][ T103] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1247.253694][ T103] veth1_macvtap: left promiscuous mode [ 1247.256028][ T103] veth0_macvtap: left promiscuous mode [ 1247.258607][ T103] veth1_vlan: left promiscuous mode [ 1247.261452][ T103] veth0_vlan: left promiscuous mode [ 1247.402332][ T869] Bluetooth: hci4: command tx timeout [ 1247.949109][ T103] team0 (unregistering): Port device team_slave_1 removed [ 1248.042024][ T103] team0 (unregistering): Port device team_slave_0 removed [ 1248.633409][T27711] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1248.638448][T27711] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1248.646585][T27711] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1248.655135][T27711] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1248.731549][T27711] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1248.751643][T27711] 8021q: adding VLAN 0 to HW filter on device team0 [ 1248.768478][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 1248.771573][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1248.784880][ T1185] bridge0: port 2(bridge_slave_1) entered blocking state [ 1248.787699][ T1185] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1248.954636][T27711] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1248.992031][T27711] veth0_vlan: entered promiscuous mode [ 1248.998376][T27711] veth1_vlan: entered promiscuous mode [ 1249.017965][T27711] veth0_macvtap: entered promiscuous mode [ 1249.027772][T27711] veth1_macvtap: entered promiscuous mode [ 1249.038422][T27711] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1249.049284][T27711] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1249.061871][ T103] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1249.065402][ T103] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1249.068340][ T103] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1249.072339][ T103] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1249.142704][ T1146] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1249.146153][ T1146] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1249.189588][ T103] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1249.194766][ T103] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1249.483607][ T869] Bluetooth: hci4: command tx timeout [ 1249.766520][ T40] audit: type=1400 audit(1763138241.566:961): avc: denied { write } for pid=27859 comm="syz.1.23889" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 1249.904224][ T40] audit: type=1400 audit(1763138241.706:962): avc: denied { getopt } for pid=27868 comm="syz.0.23892" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 1250.319431][T27901] loop9: detected capacity change from 0 to 7 [ 1250.329828][T27901] Dev loop9: unable to read RDB block 7 [ 1250.333046][T27901] loop9: AHDI p2 [ 1250.334651][T27901] loop9: partition table partially beyond EOD, truncated [ 1250.419320][ T869] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201' [ 1250.422543][ T869] CPU: 2 UID: 0 PID: 869 Comm: kworker/u33:0 Not tainted syzkaller #0 PREEMPT(full) [ 1250.422560][ T869] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1250.422568][ T869] Workqueue: hci4 hci_rx_work [ 1250.422590][ T869] Call Trace: [ 1250.422595][ T869] [ 1250.422599][ T869] dump_stack_lvl+0x16c/0x1f0 [ 1250.422632][ T869] sysfs_warn_dup+0x7f/0xa0 [ 1250.422647][ T869] sysfs_create_dir_ns+0x24b/0x2b0 [ 1250.422662][ T869] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 1250.422677][ T869] ? find_held_lock+0x2b/0x80 [ 1250.422694][ T869] ? do_raw_spin_unlock+0x172/0x230 [ 1250.422709][ T869] kobject_add_internal+0x2c4/0x9b0 [ 1250.422745][ T869] kobject_add+0x16e/0x240 [ 1250.422758][ T869] ? __pfx_kobject_add+0x10/0x10 [ 1250.422773][ T869] ? do_raw_spin_unlock+0x172/0x230 [ 1250.422804][ T869] ? kobject_put+0xab/0x5a0 [ 1250.422820][ T869] device_add+0x288/0x1aa0 [ 1250.422855][ T869] ? __pfx_dev_set_name+0x10/0x10 [ 1250.422873][ T869] ? __pfx_device_add+0x10/0x10 [ 1250.422904][ T869] ? mgmt_send_event_skb+0x2fb/0x460 [ 1250.422939][ T869] hci_conn_add_sysfs+0x17e/0x230 [ 1250.422952][ T869] le_conn_complete_evt+0x1260/0x2150 [ 1250.422988][ T869] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 1250.423005][ T869] ? hci_event_packet+0x459/0x11c0 [ 1250.423044][ T869] hci_le_conn_complete_evt+0x23c/0x370 [ 1250.423081][ T869] hci_le_meta_evt+0x357/0x5e0 [ 1250.423100][ T869] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 1250.423137][ T869] hci_event_packet+0x685/0x11c0 [ 1250.423171][ T869] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 1250.423194][ T869] ? __pfx_hci_event_packet+0x10/0x10 [ 1250.423233][ T869] ? kcov_remote_start+0x3c9/0x6d0 [ 1250.423259][ T869] ? lockdep_hardirqs_on+0x7c/0x110 [ 1250.423276][ T869] hci_rx_work+0x2c5/0x16b0 [ 1250.423295][ T869] ? rcu_is_watching+0x12/0xc0 [ 1250.423313][ T869] process_one_work+0x9cf/0x1b70 [ 1250.423333][ T869] ? __pfx_process_one_work+0x10/0x10 [ 1250.423351][ T869] ? assign_work+0x1a0/0x250 [ 1250.423364][ T869] worker_thread+0x6c8/0xf10 [ 1250.423381][ T869] ? __kthread_parkme+0x19e/0x250 [ 1250.423398][ T869] ? __pfx_worker_thread+0x10/0x10 [ 1250.423410][ T869] kthread+0x3c5/0x780 [ 1250.423421][ T869] ? __pfx_kthread+0x10/0x10 [ 1250.423433][ T869] ? rcu_is_watching+0x12/0xc0 [ 1250.423447][ T869] ? __pfx_kthread+0x10/0x10 [ 1250.423458][ T869] ret_from_fork+0x675/0x7d0 [ 1250.423468][ T869] ? __pfx_kthread+0x10/0x10 [ 1250.423480][ T869] ret_from_fork_asm+0x1a/0x30 [ 1250.423503][ T869] [ 1250.424284][ T869] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 1250.534810][ T869] Bluetooth: hci4: failed to register connection device [ 1251.053037][T27966] loop9: detected capacity change from 0 to 7 [ 1251.057193][T25480] Dev loop9: unable to read RDB block 7 [ 1251.059499][T25480] loop9: AHDI p2 [ 1251.061809][T25480] loop9: partition table partially beyond EOD, truncated [ 1251.087263][T27966] Dev loop9: unable to read RDB block 7 [ 1251.089656][T27966] loop9: AHDI p2 [ 1251.091940][T27966] loop9: partition table partially beyond EOD, truncated [ 1251.562366][ T869] Bluetooth: hci4: command tx timeout [ 1251.719112][ T40] audit: type=1400 audit(1763138243.516:963): avc: denied { connect } for pid=27981 comm="syz.3.23938" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 1253.458154][ T40] audit: type=1400 audit(1763138245.256:964): avc: denied { ioctl } for pid=28067 comm="syz.0.23975" path="socket:[401229]" dev="sockfs" ino=401229 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 1253.640172][ T869] Bluetooth: hci4: command tx timeout [ 1253.678497][ T1153] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1253.843976][T28078] netlink: 36 bytes leftover after parsing attributes in process `syz.2.23979'. [ 1254.417155][T28086] netlink: 20 bytes leftover after parsing attributes in process `syz.0.23982'. [ 1254.840157][T28044] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 1255.372648][T28125] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 1256.316648][T29300] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1256.416155][T28188] netlink: 12 bytes leftover after parsing attributes in process `syz.2.24024'. [ 1256.680102][T26616] Bluetooth: hci4: command tx timeout [ 1256.775996][T28218] netlink: 28 bytes leftover after parsing attributes in process `syz.0.24036'. [ 1256.778966][T28218] netlink: 'syz.0.24036': attribute type 7 has an invalid length. [ 1256.782684][T28218] netlink: 'syz.0.24036': attribute type 8 has an invalid length. [ 1256.785304][T28218] netlink: 4 bytes leftover after parsing attributes in process `syz.0.24036'. [ 1256.793536][T28218] ip6gretap0: entered promiscuous mode [ 1256.802750][T28218] syz_tun: entered promiscuous mode [ 1256.806258][T28218] gretap0: entered promiscuous mode [ 1257.081168][ T40] audit: type=1400 audit(1763138248.886:965): avc: denied { read } for pid=28222 comm="syz.1.24038" path="socket:[399223]" dev="sockfs" ino=399223 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 1257.089480][ T40] audit: type=1400 audit(1763138248.886:966): avc: denied { write } for pid=28222 comm="syz.1.24038" name="ptp0" dev="devtmpfs" ino=729 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 1257.302472][ T40] audit: type=1400 audit(1763138249.106:967): avc: denied { write } for pid=28230 comm="syz.3.24041" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 1257.622288][T26616] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection [ 1259.321128][T26616] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201' [ 1259.326350][T26616] CPU: 1 UID: 0 PID: 26616 Comm: kworker/u33:2 Not tainted syzkaller #0 PREEMPT(full) [ 1259.326375][T26616] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1259.326391][T26616] Workqueue: hci3 hci_rx_work [ 1259.326425][T26616] Call Trace: [ 1259.326433][T26616] [ 1259.326442][T26616] dump_stack_lvl+0x16c/0x1f0 [ 1259.326475][T26616] sysfs_warn_dup+0x7f/0xa0 [ 1259.326501][T26616] sysfs_create_dir_ns+0x24b/0x2b0 [ 1259.326541][T26616] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 1259.326567][T26616] ? find_held_lock+0x2b/0x80 [ 1259.326597][T26616] ? do_raw_spin_unlock+0x172/0x230 [ 1259.326622][T26616] kobject_add_internal+0x2c4/0x9b0 [ 1259.326647][T26616] kobject_add+0x16e/0x240 [ 1259.326668][T26616] ? __pfx_kobject_add+0x10/0x10 [ 1259.326691][T26616] ? do_raw_spin_unlock+0x172/0x230 [ 1259.326713][T26616] ? kobject_put+0xab/0x5a0 [ 1259.326740][T26616] device_add+0x288/0x1aa0 [ 1259.326765][T26616] ? __pfx_dev_set_name+0x10/0x10 [ 1259.326791][T26616] ? __pfx_device_add+0x10/0x10 [ 1259.326815][T26616] ? mgmt_send_event_skb+0x2fb/0x460 [ 1259.326848][T26616] hci_conn_add_sysfs+0x17e/0x230 [ 1259.326868][T26616] le_conn_complete_evt+0x1260/0x2150 [ 1259.326903][T26616] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 1259.326930][T26616] ? hci_event_packet+0x459/0x11c0 [ 1259.326965][T26616] hci_le_conn_complete_evt+0x23c/0x370 [ 1259.326999][T26616] hci_le_meta_evt+0x357/0x5e0 [ 1259.327028][T26616] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 1259.327060][T26616] hci_event_packet+0x685/0x11c0 [ 1259.327087][T26616] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 1259.327123][T26616] ? __pfx_hci_event_packet+0x10/0x10 [ 1259.327152][T26616] ? kcov_remote_start+0x3c9/0x6d0 [ 1259.327175][T26616] ? lockdep_hardirqs_on+0x7c/0x110 [ 1259.327199][T26616] hci_rx_work+0x2c5/0x16b0 [ 1259.327228][T26616] ? rcu_is_watching+0x12/0xc0 [ 1259.327256][T26616] process_one_work+0x9cf/0x1b70 [ 1259.327287][T26616] ? __pfx_process_one_work+0x10/0x10 [ 1259.327315][T26616] ? assign_work+0x1a0/0x250 [ 1259.327336][T26616] worker_thread+0x6c8/0xf10 [ 1259.327364][T26616] ? __kthread_parkme+0x19e/0x250 [ 1259.327391][T26616] ? __pfx_worker_thread+0x10/0x10 [ 1259.327411][T26616] kthread+0x3c5/0x780 [ 1259.327430][T26616] ? __pfx_kthread+0x10/0x10 [ 1259.327450][T26616] ? rcu_is_watching+0x12/0xc0 [ 1259.327474][T26616] ? __pfx_kthread+0x10/0x10 [ 1259.327493][T26616] ret_from_fork+0x675/0x7d0 [ 1259.327509][T26616] ? __pfx_kthread+0x10/0x10 [ 1259.327528][T26616] ret_from_fork_asm+0x1a/0x30 [ 1259.327567][T26616] [ 1259.327717][T26616] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 1259.435522][T26616] Bluetooth: hci3: failed to register connection device [ 1259.834390][T26616] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection [ 1260.620038][ T40] audit: type=1400 audit(1763138252.416:968): avc: denied { listen } for pid=28357 comm="syz.0.24093" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1 [ 1260.883925][T28373] netlink: 136 bytes leftover after parsing attributes in process `syz.3.24099'. [ 1260.888903][T28373] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check. [ 1261.222702][T28402] bridge_slave_0: left allmulticast mode [ 1261.224785][T28402] bridge_slave_0: left promiscuous mode [ 1261.226812][T28402] bridge0: port 1(bridge_slave_0) entered disabled state [ 1261.235646][T28402] bridge_slave_1: left allmulticast mode [ 1261.237551][T28402] bridge_slave_1: left promiscuous mode [ 1261.239396][T28402] bridge0: port 2(bridge_slave_1) entered disabled state [ 1261.246527][T28402] bond0: (slave bond_slave_0): Releasing backup interface [ 1261.253356][T28402] bond0: (slave bond_slave_1): Releasing backup interface [ 1261.262316][T28402] team0: Failed to send options change via netlink (err -105) [ 1261.266444][T28402] team0: Failed to send port change of device team_slave_0 via netlink (err -105) [ 1261.273412][T28402] team0: Port device team_slave_0 removed [ 1261.282780][T28402] team0: Failed to send options change via netlink (err -105) [ 1261.285900][T28402] team0: Failed to send port change of device team_slave_1 via netlink (err -105) [ 1261.289362][T28402] team0: Port device team_slave_1 removed [ 1261.296569][T28402] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1261.299736][T28402] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1261.304647][T28402] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1261.307753][T28402] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1261.313357][T28402] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 1261.331183][T28407] team0: Failed to send options change via netlink (err -105) [ 1261.333650][T28407] team0: Mode changed to "activebackup" [ 1261.336114][T28406] netlink: 8 bytes leftover after parsing attributes in process `syz.0.24115'. [ 1261.340760][T28406] netlink: 'syz.0.24115': attribute type 32 has an invalid length. [ 1261.370283][T28411] netlink: 8 bytes leftover after parsing attributes in process `syz.2.24117'. [ 1261.517263][T28428] loop9: detected capacity change from 0 to 7 [ 1261.520346][T28428] Dev loop9: unable to read RDB block 7 [ 1261.522092][T28428] loop9: AHDI p1 p2 [ 1261.523395][T28428] loop9: partition table partially beyond EOD, truncated [ 1261.525899][T28428] loop9: p1 size 4227858431 extends beyond EOD, truncated [ 1261.553284][T25480] udevd[25480]: inotify_add_watch(7, /dev/loop9p1, 10) failed: No such file or directory [ 1261.699019][T28444] netlink: 12 bytes leftover after parsing attributes in process `syz.0.24132'. [ 1261.745480][T28444] bridge1: port 1(veth3) entered blocking state [ 1261.747338][T28444] bridge1: port 1(veth3) entered disabled state [ 1261.749220][T28444] veth3: entered allmulticast mode [ 1261.751997][T28444] veth3: entered promiscuous mode [ 1261.766710][T28444] bridge1: port 2(veth0_to_bond) entered blocking state [ 1261.769294][T28444] bridge1: port 2(veth0_to_bond) entered disabled state [ 1261.771869][T28444] veth0_to_bond: entered allmulticast mode [ 1261.774788][T28444] veth0_to_bond: entered promiscuous mode [ 1261.782909][T28444] vlan3: entered allmulticast mode [ 1261.784790][T28444] veth1: entered allmulticast mode [ 1261.786906][T28444] bridge1: port 3(vlan3) entered blocking state [ 1261.789012][T28444] bridge1: port 3(vlan3) entered disabled state [ 1261.792247][T28444] vlan3: entered promiscuous mode [ 1261.793889][T28444] veth1: entered promiscuous mode [ 1261.918288][ T869] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201' [ 1261.921573][ T869] CPU: 2 UID: 0 PID: 869 Comm: kworker/u33:0 Not tainted syzkaller #0 PREEMPT(full) [ 1261.921589][ T869] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1261.921598][ T869] Workqueue: hci2 hci_rx_work [ 1261.921619][ T869] Call Trace: [ 1261.921624][ T869] [ 1261.921629][ T869] dump_stack_lvl+0x16c/0x1f0 [ 1261.921649][ T869] sysfs_warn_dup+0x7f/0xa0 [ 1261.921665][ T869] sysfs_create_dir_ns+0x24b/0x2b0 [ 1261.921680][ T869] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 1261.921694][ T869] ? find_held_lock+0x2b/0x80 [ 1261.921712][ T869] ? do_raw_spin_unlock+0x172/0x230 [ 1261.921726][ T869] kobject_add_internal+0x2c4/0x9b0 [ 1261.921741][ T869] kobject_add+0x16e/0x240 [ 1261.921753][ T869] ? __pfx_kobject_add+0x10/0x10 [ 1261.921767][ T869] ? do_raw_spin_unlock+0x172/0x230 [ 1261.921781][ T869] ? kobject_put+0xab/0x5a0 [ 1261.921798][ T869] device_add+0x288/0x1aa0 [ 1261.921812][ T869] ? __pfx_dev_set_name+0x10/0x10 [ 1261.921828][ T869] ? __pfx_device_add+0x10/0x10 [ 1261.921841][ T869] ? mgmt_send_event_skb+0x2fb/0x460 [ 1261.921862][ T869] hci_conn_add_sysfs+0x17e/0x230 [ 1261.921873][ T869] le_conn_complete_evt+0x1260/0x2150 [ 1261.921893][ T869] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 1261.921909][ T869] ? hci_event_packet+0x459/0x11c0 [ 1261.921929][ T869] hci_le_conn_complete_evt+0x23c/0x370 [ 1261.921948][ T869] hci_le_meta_evt+0x357/0x5e0 [ 1261.921965][ T869] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 1261.921983][ T869] hci_event_packet+0x685/0x11c0 [ 1261.921999][ T869] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 1261.922017][ T869] ? __pfx_hci_event_packet+0x10/0x10 [ 1261.922034][ T869] ? kcov_remote_start+0x3c9/0x6d0 [ 1261.922049][ T869] ? lockdep_hardirqs_on+0x7c/0x110 [ 1261.922063][ T869] hci_rx_work+0x2c5/0x16b0 [ 1261.922081][ T869] ? rcu_is_watching+0x12/0xc0 [ 1261.922097][ T869] process_one_work+0x9cf/0x1b70 [ 1261.922122][ T869] ? __pfx_process_one_work+0x10/0x10 [ 1261.922140][ T869] ? assign_work+0x1a0/0x250 [ 1261.922153][ T869] worker_thread+0x6c8/0xf10 [ 1261.922171][ T869] ? __kthread_parkme+0x19e/0x250 [ 1261.922189][ T869] ? __pfx_worker_thread+0x10/0x10 [ 1261.922202][ T869] kthread+0x3c5/0x780 [ 1261.922215][ T869] ? __pfx_kthread+0x10/0x10 [ 1261.922228][ T869] ? rcu_is_watching+0x12/0xc0 [ 1261.922242][ T869] ? __pfx_kthread+0x10/0x10 [ 1261.922254][ T869] ret_from_fork+0x675/0x7d0 [ 1261.922265][ T869] ? __pfx_kthread+0x10/0x10 [ 1261.922277][ T869] ret_from_fork_asm+0x1a/0x30 [ 1261.922301][ T869] [ 1261.922314][ T869] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 1262.004842][ T869] Bluetooth: hci2: failed to register connection device [ 1262.974222][ T40] audit: type=1400 audit(1763138254.776:969): avc: denied { read } for pid=28531 comm="syz.1.24172" name="file0" dev="fuse" ino=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1 [ 1262.981896][ T40] audit: type=1400 audit(1763138254.776:970): avc: denied { open } for pid=28531 comm="syz.1.24172" path="/456/file0/file0" dev="fuse" ino=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1 [ 1263.048721][T28537] netlink: 9 bytes leftover after parsing attributes in process `syz.0.24174'. [ 1263.052585][T28537] 0·: renamed from hsr0 (while UP) [ 1263.061530][T28537] 0·: entered allmulticast mode [ 1263.063441][T28537] hsr_slave_0: entered allmulticast mode [ 1263.065814][T28537] hsr_slave_1: entered allmulticast mode [ 1263.068457][T28537] A link change request failed with some changes committed already. Interface 70· may have been left with an inconsistent configuration, please check. [ 1263.262830][T28555] netlink: 8 bytes leftover after parsing attributes in process `syz.2.24182'. [ 1263.305644][ T40] audit: type=1400 audit(1763138255.106:971): avc: denied { read write } for pid=28557 comm="syz.2.24183" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 1263.315283][ T40] audit: type=1400 audit(1763138255.106:972): avc: denied { ioctl open } for pid=28557 comm="syz.2.24183" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 1263.346055][ T869] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 1263.724219][T28605] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0. [ 1263.811594][T28608] netlink: 68 bytes leftover after parsing attributes in process `syz.2.24206'. [ 1264.797952][ T40] audit: type=1400 audit(1763138256.596:973): avc: denied { bind } for pid=28648 comm="syz.2.24223" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 1264.806210][ T40] audit: type=1400 audit(1763138256.596:974): avc: denied { accept } for pid=28648 comm="syz.2.24223" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 1265.217969][T26616] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 1265.560189][T26616] Bluetooth: hci3: command 0x0419 tx timeout [ 1265.921145][T26616] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection [ 1267.658197][T28822] netlink: 12 bytes leftover after parsing attributes in process `syz.0.24297'. [ 1268.130218][T26616] Bluetooth: hci2: command 0x2016 tx timeout [ 1268.821332][T28901] Bluetooth: hci0: unsupported parameter 255 [ 1268.823318][T28901] Bluetooth: hci0: unsupported parameter 255 [ 1269.241638][T28922] Bluetooth: hci0: unsupported parameter 255 [ 1269.244142][T28922] Bluetooth: hci0: unsupported parameter 255 [ 1269.672334][ T40] audit: type=1400 audit(1763138261.476:975): avc: denied { create } for pid=28949 comm="syz.2.24353" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 1270.014924][T28981] netlink: 28 bytes leftover after parsing attributes in process `syz.1.24366'. [ 1270.302390][T29006] Bluetooth: hci0: invalid length 0, exp 2 for type 8 [ 1270.402060][ T40] audit: type=1400 audit(1763138262.206:976): avc: denied { unmount } for pid=24471 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 1271.590022][T29038] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 1271.636046][T29059] netlink: 20 bytes leftover after parsing attributes in process `syz.2.24398'. [ 1271.700129][ T40] audit: type=1400 audit(1763138263.496:977): avc: denied { mount } for pid=29062 comm="syz.1.24400" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 1272.123691][T29102] fuse: Bad value for 'fd' [ 1273.481598][T29164] +$<¶: renamed from bridge0 (while UP) [ 1273.812458][T29076] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 1273.874128][T29182] overlayfs: failed to resolve './file1': -2 [ 1274.068061][T26616] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 1275.251284][T29262] fuse: Bad value for 'fd' [ 1276.192957][ T869] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1276.197784][ T869] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1276.201850][ T869] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1276.206417][ T869] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1276.211510][ T869] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1276.373584][T29312] overlayfs: failed to resolve './file0': -2 [ 1276.392633][T29298] chnl_net:caif_netlink_parms(): no params data found [ 1276.467972][T29298] bridge0: port 1(bridge_slave_0) entered blocking state [ 1276.472493][T29298] bridge0: port 1(bridge_slave_0) entered disabled state [ 1276.475250][T29298] bridge_slave_0: entered allmulticast mode [ 1276.478777][T29298] bridge_slave_0: entered promiscuous mode [ 1276.485110][T29298] bridge0: port 2(bridge_slave_1) entered blocking state [ 1276.487361][T29298] bridge0: port 2(bridge_slave_1) entered disabled state [ 1276.490429][T29298] bridge_slave_1: entered allmulticast mode [ 1276.493542][T29298] bridge_slave_1: entered promiscuous mode [ 1276.540341][T29298] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1276.547134][T29298] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1276.588291][T29298] team0: Port device team_slave_0 added [ 1276.592418][T29298] team0: Port device team_slave_1 added [ 1276.625247][T29298] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1276.627936][T29298] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1276.638723][T29298] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1276.644240][T29298] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1276.646444][T29298] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1276.654475][T29298] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1276.696412][T29298] hsr_slave_0: entered promiscuous mode [ 1276.699071][T29298] hsr_slave_1: entered promiscuous mode [ 1276.701545][T29298] debugfs: 'hsr0' already exists in 'hsr' [ 1276.703477][T29298] Cannot create hsr debugfs directory [ 1276.853906][T29298] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1276.932566][T29298] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1277.008388][T29298] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1277.103793][T29298] batman_adv: batadv0: Removing interface: netdevsim0 [ 1277.107860][T29298] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1277.164059][T29300] bridge_slave_1: left allmulticast mode [ 1277.165994][T29300] bridge_slave_1: left promiscuous mode [ 1277.167877][T29300] bridge0: port 2(bridge_slave_1) entered disabled state [ 1277.172487][T29300] bridge_slave_0: left allmulticast mode [ 1277.174609][T29300] bridge_slave_0: left promiscuous mode [ 1277.176689][T29300] bridge0: port 1(bridge_slave_0) entered disabled state [ 1277.193862][T26616] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 1277.489440][T29300] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1277.495623][T29300] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1277.500893][T29300] bond0 (unregistering): Released all slaves [ 1277.570162][T29298] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1277.577111][T29298] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1277.589426][T29298] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1277.602292][T29298] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1277.689247][T29298] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1277.703357][T29298] 8021q: adding VLAN 0 to HW filter on device team0 [ 1277.718277][ T443] bridge0: port 1(bridge_slave_0) entered blocking state [ 1277.720801][ T443] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1277.749891][ T103] bridge0: port 2(bridge_slave_1) entered blocking state [ 1277.752849][ T103] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1277.907226][T29300] hsr_slave_0: left promiscuous mode [ 1277.910518][T29300] hsr_slave_1: left promiscuous mode [ 1277.913256][T29300] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1277.916359][T29300] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1277.922912][T29300] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1277.925797][T29300] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1277.969218][T29300] veth1_macvtap: left promiscuous mode [ 1277.971443][T29300] veth0_macvtap: left promiscuous mode [ 1277.973364][T29300] veth1_vlan: left promiscuous mode [ 1277.975048][T29300] veth0_vlan: left promiscuous mode [ 1278.012817][T29370] Bluetooth: MGMT ver 1.23 [ 1278.290200][T26616] Bluetooth: hci0: command tx timeout [ 1278.645344][T29300] team0 (unregistering): Port device team_slave_1 removed [ 1278.724944][T29300] team0 (unregistering): Port device team_slave_0 removed [ 1279.323347][T29298] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1279.356037][T29298] veth0_vlan: entered promiscuous mode [ 1279.362145][T29298] veth1_vlan: entered promiscuous mode [ 1279.388612][T29298] veth0_macvtap: entered promiscuous mode [ 1279.394555][T29298] veth1_macvtap: entered promiscuous mode [ 1279.413879][T29298] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1279.421697][T29298] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1279.433209][ T1146] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1279.435950][ T1146] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1279.446832][ T1146] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1279.449647][ T1146] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1279.504649][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1279.508092][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1279.536225][ T103] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1279.539644][ T103] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1279.622686][T29404] overlayfs: failed to resolve './file0': -2 [ 1279.987928][T29422] netlink: 12 bytes leftover after parsing attributes in process `syz.2.24548'. [ 1280.246033][T29430] tipc: Failed to remove unknown binding: 66,1,1/0:3030597438/3030597440 [ 1280.250919][T29430] tipc: Failed to remove unknown binding: 66,1,1/0:3030597438/3030597440 [ 1280.254483][T29430] tipc: Failed to remove unknown binding: 66,1,1/0:3030597438/3030597440 [ 1280.348679][T26616] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 1280.370171][T26616] Bluetooth: hci0: command tx timeout [ 1280.440665][T29437] overlayfs: failed to resolve './file0': -2 [ 1282.393825][T29519] fuse: Bad value for 'group_id' [ 1282.396320][T29519] fuse: Bad value for 'group_id' [ 1282.437787][T29521] tipc: Failed to remove unknown binding: 66,1,1/0:522602772/522602774 [ 1282.441265][T29521] tipc: Failed to remove unknown binding: 66,1,1/0:522602772/522602774 [ 1282.444678][T29521] tipc: Failed to remove unknown binding: 66,1,1/0:522602772/522602774 [ 1282.450048][T26616] Bluetooth: hci0: command tx timeout [ 1282.758741][T26616] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection [ 1283.301018][T29582] tipc: Failed to remove unknown binding: 66,1,1/0:3064834783/3064834785 [ 1283.304710][T29582] tipc: Failed to remove unknown binding: 66,1,1/0:3064834783/3064834785 [ 1284.022165][ T869] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 1284.488107][T29630] netlink: 40 bytes leftover after parsing attributes in process `syz.2.24636'. [ 1284.527806][T26616] Bluetooth: hci0: command tx timeout [ 1284.909067][T29650] tipc: Failed to remove unknown binding: 66,1,1/0:800433600/800433602 [ 1284.912319][T29650] tipc: Failed to remove unknown binding: 66,1,1/0:800433600/800433602 [ 1285.113729][ T869] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1285.117148][ T869] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1285.121639][ T869] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1285.125592][ T869] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1285.128611][ T869] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1285.453621][T29681] fuse: Unknown parameter 'grou00000000000000000000' [ 1285.467829][T29662] chnl_net:caif_netlink_parms(): no params data found [ 1285.549045][T29662] bridge0: port 1(bridge_slave_0) entered blocking state [ 1285.553747][T29662] bridge0: port 1(bridge_slave_0) entered disabled state [ 1285.556428][T29662] bridge_slave_0: entered allmulticast mode [ 1285.559211][T29662] bridge_slave_0: entered promiscuous mode [ 1285.565641][T29662] bridge0: port 2(bridge_slave_1) entered blocking state [ 1285.569231][T29662] bridge0: port 2(bridge_slave_1) entered disabled state [ 1285.572632][T29662] bridge_slave_1: entered allmulticast mode [ 1285.576780][T29662] bridge_slave_1: entered promiscuous mode [ 1285.616707][T29662] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1285.621521][T29662] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1285.673370][T29662] team0: Port device team_slave_0 added [ 1285.677047][T29662] team0: Port device team_slave_1 added [ 1285.712494][ T60] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1285.741593][T29662] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1285.743754][T29662] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1285.751710][T29662] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1285.755964][T29662] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1285.758127][T29662] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1285.766130][T29662] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1285.805894][ T60] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1285.832702][T29662] hsr_slave_0: entered promiscuous mode [ 1285.836214][T29662] hsr_slave_1: entered promiscuous mode [ 1285.839325][T29662] debugfs: 'hsr0' already exists in 'hsr' [ 1285.842025][T29662] Cannot create hsr debugfs directory [ 1285.897912][ T60] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1285.912078][T29704] fuse: Unknown parameter 'grou00000000000000000000' [ 1286.043409][ T60] bridge_slave_1: left allmulticast mode [ 1286.045241][ T60] bridge_slave_1: left promiscuous mode [ 1286.047077][ T60] bridge0: port 2(bridge_slave_1) entered disabled state [ 1286.051705][ T60] bridge_slave_0: left allmulticast mode [ 1286.053687][ T60] bridge0: port 1(bridge_slave_0) entered disabled state [ 1286.161753][ T60] dvmrp8 (unregistering): left allmulticast mode [ 1286.310217][ T60] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1286.315105][ T60] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1286.319720][ T60] bond0 (unregistering): Released all slaves [ 1286.505315][T29733] fuse: Unknown parameter 'group_i00000000000000000000' [ 1286.668563][T29743] netlink: 8 bytes leftover after parsing attributes in process `syz.3.24681'. [ 1286.774007][ T60] hsr_slave_0: left promiscuous mode [ 1286.777343][ T60] hsr_slave_1: left promiscuous mode [ 1286.779402][ T60] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1286.781969][ T60] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1286.788365][ T60] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1286.790760][ T60] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1286.832568][ T60] veth1_macvtap: left promiscuous mode [ 1286.834391][ T60] veth0_macvtap: left promiscuous mode [ 1286.836234][ T60] veth1_vlan: left promiscuous mode [ 1286.837945][ T60] veth0_vlan: left promiscuous mode [ 1287.171535][ T869] Bluetooth: hci1: command tx timeout [ 1287.579342][ T60] team0 (unregistering): Port device team_slave_1 removed [ 1287.671829][ T60] team0 (unregistering): Port device team_slave_0 removed [ 1288.193434][T29764] tmpfs: Bad value for 'mpol' [ 1288.436409][T29771] fuse: Unknown parameter 'group_i00000000000000000000' [ 1288.492743][T29662] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1288.497377][T29662] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1288.503721][T29662] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1288.508101][T29662] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1288.584244][T29662] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1288.596049][T29662] 8021q: adding VLAN 0 to HW filter on device team0 [ 1288.603953][ T103] bridge0: port 1(bridge_slave_0) entered blocking state [ 1288.606217][ T103] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1288.609584][ T103] bridge0: port 2(bridge_slave_1) entered blocking state [ 1288.611865][ T103] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1288.971042][T29662] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1288.994063][T29662] veth0_vlan: entered promiscuous mode [ 1288.999195][T29662] veth1_vlan: entered promiscuous mode [ 1289.018473][T29662] veth0_macvtap: entered promiscuous mode [ 1289.024360][T29662] veth1_macvtap: entered promiscuous mode [ 1289.039042][T29662] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1289.046606][T29662] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1289.056044][ T81] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1289.060677][ T81] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1289.063780][ T81] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1289.069495][ T81] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1289.117040][ T81] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1289.120082][ T81] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1289.145752][ T81] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1289.148668][ T81] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1289.240665][ T869] Bluetooth: hci1: command tx timeout [ 1289.424586][T29807] fuse: Unknown parameter 'group_id00000000000000000000' [ 1290.578962][ T869] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 1290.705612][T29842] fuse: Unknown parameter 'group_id00000000000000000000' [ 1290.984428][T29863] fuse: Unknown parameter 'group_id00000000000000000000' [ 1291.320340][ T869] Bluetooth: hci1: command tx timeout [ 1292.387141][T29897] 9pnet_fd: Insufficient options for proto=fd [ 1292.807334][T29927] fuse: Bad value for 'fd' [ 1293.400515][ T869] Bluetooth: hci1: command tx timeout [ 1293.847119][T29987] fuse: Bad value for 'fd' [ 1294.011544][T29997] tipc: Started in network mode [ 1294.013269][T29997] tipc: Node identity ac14142f, cluster identity 4711 [ 1294.015674][T29997] tipc: New replicast peer: 0.0.0.0 [ 1294.017739][T29997] tipc: Enabled bearer , priority 10 [ 1294.441849][T30015] fuse: Invalid rootmode [ 1295.030085][ T2550] tipc: Node number set to 2886997039 [ 1298.037838][T30214] netlink: 188 bytes leftover after parsing attributes in process `syz.1.24880'. [ 1298.196400][T30224] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1298.199465][T30224] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1299.357214][T30293] fuse: Unknown parameter 'use00000000000000000000' [ 1299.883446][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 1299.886227][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 1300.114706][T30321] fuse: Unknown parameter 'user_i00000000000000000000' [ 1300.127267][T30319] ip6gretap0 (unregistering): left promiscuous mode [ 1300.202261][T30329] netlink: 8 bytes leftover after parsing attributes in process `syz.3.24931'. [ 1300.302248][T30339] fuse: Unknown parameter 'user_i00000000000000000000' [ 1300.638781][T30352] netlink: 8 bytes leftover after parsing attributes in process `syz.1.24941'. [ 1300.962767][T30361] fuse: Unknown parameter 'user_id00000000000000000000' [ 1301.323883][T30382] fuse: Unknown parameter 'user_id00000000000000000000' [ 1301.337369][T30386] netlink: 8 bytes leftover after parsing attributes in process `syz.0.24956'. [ 1301.718701][T30421] fuse: Bad value for 'fd' [ 1301.974251][T30446] fuse: Bad value for 'fd' [ 1301.992171][ T5935] usb 5-1: new high-speed USB device number 46 using dummy_hcd [ 1302.140119][ T5935] usb 5-1: Using ep0 maxpacket: 16 [ 1302.146569][ T5935] usb 5-1: unable to get BOS descriptor or descriptor too short [ 1302.151118][ T5935] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1302.155144][ T5935] usb 5-1: config 0 has no interfaces? [ 1302.159176][ T5935] usb 5-1: New USB device found, idVendor=04b8, idProduct=0202, bcdDevice= 0.40 [ 1302.163059][ T5935] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1302.166313][ T5935] usb 5-1: Product: syz [ 1302.167837][ T5935] usb 5-1: Manufacturer: syz [ 1302.169735][ T5935] usb 5-1: SerialNumber: syz [ 1302.180564][ T5935] usb 5-1: config 0 descriptor?? [ 1302.386675][ T938] usb 5-1: USB disconnect, device number 46 [ 1302.471114][ T40] audit: type=1326 audit(1763138294.276:978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30467 comm="syz.1.24992" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f33d738f6c9 code=0x0 [ 1303.547852][T30500] binder: Unknown parameter ''' [ 1304.293708][T30526] netlink: 48 bytes leftover after parsing attributes in process `syz.3.25018'. [ 1304.339426][T30528] bridge0: entered allmulticast mode [ 1304.342558][T30528] netlink: 4 bytes leftover after parsing attributes in process `syz.3.25019'. [ 1304.355743][T30528] bridge0 (unregistering): left allmulticast mode [ 1304.525251][T30536] fuse: Unknown parameter '0x0000000000000004' [ 1306.156599][ T40] audit: type=1326 audit(1763138297.956:979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30605 comm="syz.2.25053" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f66c2f8f6c9 code=0x0 [ 1308.113124][T30682] tipc: Failed to remove unknown binding: 66,1,1/0:1234489759/1234489761 [ 1308.169399][T30683] tipc: Failed to remove unknown binding: 66,1,1/0:1234489759/1234489761 [ 1308.172962][T30683] tipc: Failed to remove unknown binding: 66,1,1/0:1234489759/1234489761 [ 1309.163371][T30705] syz_tun (unregistering): left promiscuous mode [ 1310.410520][T30754] tipc: Started in network mode [ 1310.412630][T30754] tipc: Node identity 82ec8a56fbd2, cluster identity 4711 [ 1310.415755][T30754] tipc: Enabled bearer , priority 0 [ 1310.424699][T30753] tipc: Disabling bearer [ 1311.206942][T30819] netlink: 8 bytes leftover after parsing attributes in process `syz.2.25143'. [ 1312.282135][T30854] sp0: Synchronizing with TNC [ 1312.289026][T30853] [U] è`` [ 1312.698573][ T40] audit: type=1326 audit(1763138304.496:980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30874 comm="syz.1.25168" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f33d738f6c9 code=0x0 [ 1314.052422][T30910] netlink: 4 bytes leftover after parsing attributes in process `syz.0.25184'. [ 1314.194228][ T40] audit: type=1326 audit(1763138305.996:981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30918 comm="syz.2.25188" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f66c2f8f6c9 code=0x0 [ 1314.658564][T30933] netlink: 4 bytes leftover after parsing attributes in process `syz.3.25194'. [ 1315.007560][T30942] sp0: Synchronizing with TNC [ 1315.013498][T30940] [U] è`` [ 1315.521490][T30961] netlink: 'syz.2.25208': attribute type 4 has an invalid length. [ 1315.738649][ T40] audit: type=1326 audit(1763138307.536:982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30968 comm="syz.1.25207" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f33d738f6c9 code=0x0 [ 1316.211111][T30980] netlink: 20 bytes leftover after parsing attributes in process `syz.0.25215'. [ 1316.571852][T30995] sp0: Synchronizing with TNC [ 1316.576611][T30994] [U] è`` [ 1316.812119][T31004] tipc: Failed to remove unknown binding: 66,1,1/2886997039:1018650429/1018650431 [ 1316.817843][T31004] tipc: Failed to remove unknown binding: 66,1,1/2886997039:1018650429/1018650431 [ 1316.824635][T31004] tipc: Failed to remove unknown binding: 66,1,1/2886997039:1018650429/1018650431 [ 1317.114590][ T40] audit: type=1326 audit(1763138308.916:983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31016 comm="syz.1.25233" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f33d738f6c9 code=0x0 [ 1318.333129][ T40] audit: type=1326 audit(1763138310.136:984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31049 comm="syz.3.25246" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7e8fd8f6c9 code=0x0 [ 1320.242247][T31124] tipc: Failed to remove unknown binding: 66,1,1/2886997039:3386570398/3386570400 [ 1320.298501][T31128] tipc: Failed to remove unknown binding: 66,1,1/2886997039:3386570398/3386570400 [ 1320.302466][T31128] tipc: Failed to remove unknown binding: 66,1,1/2886997039:3386570398/3386570400 [ 1320.563014][T31141] overlayfs: failed to resolve './file0': -2 [ 1321.191829][T31156] netlink: 20 bytes leftover after parsing attributes in process `syz.1.25289'. [ 1321.199040][T31156] team0: entered promiscuous mode [ 1321.202547][T31156] team_slave_0: entered promiscuous mode [ 1321.205858][T31156] team_slave_1: entered promiscuous mode [ 1321.207964][T31156] team0: entered allmulticast mode [ 1321.209727][T31156] team_slave_0: entered allmulticast mode [ 1321.212397][T31156] team_slave_1: entered allmulticast mode [ 1321.424431][T31166] netlink: 12 bytes leftover after parsing attributes in process `syz.2.25294'. [ 1321.430303][T31166] tipc: Started in network mode [ 1321.432331][T31166] tipc: Node identity ac14142f, cluster identity 4711 [ 1321.435067][T31166] tipc: New replicast peer: 0.0.0.0 [ 1321.437937][T31166] tipc: Enabled bearer , priority 10 [ 1322.469219][ T5935] tipc: Node number set to 2886997039 [ 1322.780168][T31212] netlink: 12 bytes leftover after parsing attributes in process `syz.1.25315'. [ 1322.788192][T31212] tipc: Enabling of bearer rejected, already enabled [ 1322.853775][T31218] sp0: Synchronizing with TNC [ 1322.858050][T31216] [U] è` [ 1323.574278][T31246] sp0: Synchronizing with TNC [ 1323.580989][T31245] [U] è` [ 1323.895393][T31263] netlink: 48 bytes leftover after parsing attributes in process `syz.1.25337'. [ 1323.914519][T31267] tipc: Failed to remove unknown binding: 66,1,1/0:3617649757/3617649759 [ 1323.973156][T31270] tipc: Failed to remove unknown binding: 66,1,1/0:3617649757/3617649759 [ 1323.976649][T31270] tipc: Failed to remove unknown binding: 66,1,1/0:3617649757/3617649759 [ 1324.997951][T31297] sp0: Synchronizing with TNC [ 1325.002930][T31296] [U] è`` [ 1325.390198][T31338] overlayfs: failed to resolve './file1': -2 [ 1325.604748][ T40] audit: type=1326 audit(1766284045.315:985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31350 comm="syz.2.25378" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f66c2f8f6c9 code=0x0 [ 1326.346057][T31363] overlayfs: failed to resolve './file1': -2 [ 1327.010941][T31381] netlink: 8 bytes leftover after parsing attributes in process `syz.1.25391'. [ 1327.014055][T31381] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1327.016865][T31381] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1327.020286][T31381] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1327.022979][T31381] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1327.453092][T31390] overlayfs: failed to resolve './file1': -2 [ 1327.527337][T31400] overlayfs: missing 'lowerdir' [ 1327.896431][T31424] overlayfs: missing 'lowerdir' [ 1329.175627][T31492] tipc: Failed to remove unknown binding: 66,1,1/2886997039:968130521/968130523 [ 1329.230944][T31495] tipc: Failed to remove unknown binding: 66,1,1/2886997039:968130521/968130523 [ 1329.233858][T31495] tipc: Failed to remove unknown binding: 66,1,1/2886997039:968130521/968130523 [ 1329.754622][T31522] sp0: Synchronizing with TNC [ 1329.759697][T31521] [U] è` [ 1330.011965][T31533] overlayfs: missing 'lowerdir' [ 1330.513553][T31557] netlink: 188 bytes leftover after parsing attributes in process `syz.3.25470'. [ 1330.570715][T31559] tipc: Failed to remove unknown binding: 66,1,1/0:1484012320/1484012322 [ 1330.628287][T31560] tipc: Failed to remove unknown binding: 66,1,1/0:1484012320/1484012322 [ 1330.631830][T31560] tipc: Failed to remove unknown binding: 66,1,1/0:1484012320/1484012322 [ 1331.148044][T31575] netlink: 'syz.2.25478': attribute type 10 has an invalid length. [ 1331.153176][T31575] bridge0: port 2(bridge_slave_1) entered disabled state [ 1331.156714][T31575] bridge0: port 1(bridge_slave_0) entered disabled state [ 1331.169854][T31575] bridge0: port 2(bridge_slave_1) entered blocking state [ 1331.173074][T31575] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1331.176425][T31575] bridge0: port 1(bridge_slave_0) entered blocking state [ 1331.179492][T31575] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1331.186222][T31575] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 1331.812438][T31601] netlink: 'syz.2.25490': attribute type 10 has an invalid length. [ 1331.815991][T31601] bridge0: port 2(bridge_slave_1) entered disabled state [ 1331.819218][T31601] bridge0: port 1(bridge_slave_0) entered disabled state [ 1331.864306][ T40] audit: type=1326 audit(1767332627.415:986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31602 comm="syz.2.25491" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f66c2f8f6c9 code=0x0 [ 1332.123119][T31606] sp0: Synchronizing with TNC [ 1332.126544][T31605] [U] è` [ 1332.912847][T31639] netlink: 20 bytes leftover after parsing attributes in process `syz.2.25504'. [ 1332.920847][T31639] bond0: entered promiscuous mode [ 1332.923055][T31639] bond_slave_0: entered promiscuous mode [ 1332.925629][T31639] bond_slave_1: entered promiscuous mode [ 1332.928171][T31639] bridge0: entered promiscuous mode [ 1332.931223][T31639] bond0: entered allmulticast mode [ 1332.933691][T31639] bond_slave_0: entered allmulticast mode [ 1332.935844][T31639] bond_slave_1: entered allmulticast mode [ 1332.939785][T31639] bridge0: entered allmulticast mode [ 1332.992834][ T40] audit: type=1400 audit(1767332628.514:987): avc: denied { write } for pid=31640 comm="syz.2.25506" name="file0" dev="tmpfs" ino=1959 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 1333.004381][ T40] audit: type=1400 audit(1767332628.514:988): avc: denied { open } for pid=31640 comm="syz.2.25506" path="/322/file0" dev="tmpfs" ino=1959 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 1333.142777][T31648] overlayfs: missing 'lowerdir' [ 1333.380290][T31663] netlink: 20 bytes leftover after parsing attributes in process `syz.2.25515'. [ 1333.523857][T31674] overlayfs: missing 'lowerdir' [ 1333.620394][T31679] sp0: Synchronizing with TNC [ 1333.624652][T31677] [U] è`` [ 1333.776573][T31685] netlink: 20 bytes leftover after parsing attributes in process `syz.2.25524'. [ 1333.845142][T31691] netlink: 'syz.2.25527': attribute type 4 has an invalid length. [ 1333.898942][T31693] overlayfs: missing 'lowerdir' [ 1333.983820][T31700] tipc: Failed to remove unknown binding: 66,1,1/2886997039:4101493646/4101493648 [ 1333.987782][T31700] tipc: Failed to remove unknown binding: 66,1,1/2886997039:4101493646/4101493648 [ 1333.990783][T31700] tipc: Failed to remove unknown binding: 66,1,1/2886997039:4101493646/4101493648 [ 1334.110771][T31710] sp0: Synchronizing with TNC [ 1334.117270][T31709] [U] è`` [ 1334.256711][T31715] netlink: 20 bytes leftover after parsing attributes in process `syz.2.25537'. [ 1334.294884][T31717] overlayfs: missing 'workdir' [ 1334.337951][T31721] tipc: Failed to remove unknown binding: 66,1,1/0:3689293703/3689293705 [ 1334.393699][T31726] tipc: Failed to remove unknown binding: 66,1,1/0:3689293703/3689293705 [ 1334.396616][T31726] tipc: Failed to remove unknown binding: 66,1,1/0:3689293703/3689293705 [ 1335.056028][T31745] overlayfs: missing 'workdir' [ 1335.087455][T31747] SELinux: security_context_str_to_sid (syste_uÝGй ‰:ÿß) failed with errno=-22 [ 1335.550619][T31765] sp0: Synchronizing with TNC [ 1335.555160][T31764] [U] è` [ 1335.671351][T31774] netlink: 20 bytes leftover after parsing attributes in process `syz.1.25562'. [ 1335.677353][T31774] bond0: entered promiscuous mode [ 1335.678977][T31774] bond_slave_0: entered promiscuous mode [ 1335.681128][T31774] bond_slave_1: entered promiscuous mode [ 1335.683017][T31774] bond0: entered allmulticast mode [ 1335.685233][T31774] bond_slave_0: entered allmulticast mode [ 1335.687139][T31774] bond_slave_1: entered allmulticast mode [ 1335.786074][T31785] sp0: Synchronizing with TNC [ 1335.789455][T31784] [U] è`` [ 1335.930529][T31792] sp0: Synchronizing with TNC [ 1335.933944][T31791] [U] è` [ 1336.013946][T31800] netlink: 20 bytes leftover after parsing attributes in process `syz.2.25575'. [ 1337.603126][T31867] tipc: Failed to remove unknown binding: 66,1,1/2886997039:319940855/319940857 [ 1337.628119][T31871] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1337.633961][T31871] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1337.660704][T31874] tipc: Failed to remove unknown binding: 66,1,1/2886997039:319940855/319940857 [ 1337.664509][T31874] tipc: Failed to remove unknown binding: 66,1,1/2886997039:319940855/319940857 [ 1338.143847][ T40] audit: type=1326 audit(1770478361.560:989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31887 comm="syz.3.25615" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7e8fd8f6c9 code=0x0 [ 1338.537995][T31894] netlink: 'syz.1.25618': attribute type 10 has an invalid length. [ 1338.541801][T31894] bridge0: port 2(bridge_slave_1) entered disabled state [ 1338.545195][T31894] bridge0: port 1(bridge_slave_0) entered disabled state [ 1338.557639][T31894] bridge0: port 2(bridge_slave_1) entered blocking state [ 1338.559956][T31894] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1338.562400][T31894] bridge0: port 1(bridge_slave_0) entered blocking state [ 1338.564675][T31894] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1338.567324][T31896] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1338.568481][T31894] bridge0: entered promiscuous mode [ 1338.570772][T31896] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1338.572335][T31894] bridge0: entered allmulticast mode [ 1338.576637][T31894] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 1338.745773][T31912] tipc: Failed to remove unknown binding: 66,1,1/0:2562508300/2562508302 [ 1338.802336][T31913] tipc: Failed to remove unknown binding: 66,1,1/0:2562508300/2562508302 [ 1338.807635][T31913] tipc: Failed to remove unknown binding: 66,1,1/0:2562508300/2562508302 [ 1339.677433][T31927] overlayfs: missing 'lowerdir' [ 1339.812051][ T40] audit: type=1326 audit(1770478363.179:990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31932 comm="syz.1.25634" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f33d738f6c9 code=0x0 [ 1340.178245][T31941] tipc: Failed to remove unknown binding: 66,1,1/0:1332435283/1332435285 [ 1340.236295][T31942] tipc: Failed to remove unknown binding: 66,1,1/0:1332435283/1332435285 [ 1340.239165][T31942] tipc: Failed to remove unknown binding: 66,1,1/0:1332435283/1332435285 [ 1340.663749][T31949] sp0: Synchronizing with TNC [ 1340.668241][T31947] [U] è` [ 1340.684187][T31952] overlayfs: missing 'lowerdir' [ 1341.729600][T31972] overlayfs: missing 'lowerdir' [ 1341.775844][ T40] audit: type=1326 audit(1770478365.096:991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31969 comm="syz.1.25651" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f33d738f6c9 code=0x0 [ 1342.826655][T32032] tipc: Failed to remove unknown binding: 66,1,1/0:925499125/925499127 [ 1342.884576][T32038] tipc: Failed to remove unknown binding: 66,1,1/0:925499125/925499127 [ 1342.887655][T32038] tipc: Failed to remove unknown binding: 66,1,1/0:925499125/925499127 [ 1344.200749][T32084] tipc: Failed to remove unknown binding: 66,1,1/0:3372656459/3372656461 [ 1344.256860][T32085] tipc: Failed to remove unknown binding: 66,1,1/0:3372656459/3372656461 [ 1344.259685][T32085] tipc: Failed to remove unknown binding: 66,1,1/0:3372656459/3372656461 [ 1345.089116][T32107] overlayfs: missing 'workdir' [ 1345.870650][ T40] audit: type=1326 audit(1770478369.095:992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32131 comm="syz.1.25720" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f33d738f6c9 code=0x0 [ 1345.890544][T32134] netlink: 20 bytes leftover after parsing attributes in process `syz.0.25718'. [ 1345.895659][T32134] vcan0: entered promiscuous mode [ 1345.897651][T32134] vcan0: entered allmulticast mode [ 1347.132740][T32169] tipc: Failed to remove unknown binding: 66,1,1/2886997039:1902834033/1902834035 [ 1347.190131][T32170] tipc: Failed to remove unknown binding: 66,1,1/2886997039:1902834033/1902834035 [ 1347.193057][T32170] tipc: Failed to remove unknown binding: 66,1,1/2886997039:1902834033/1902834035 [ 1348.894724][ T40] audit: type=1326 audit(1770478372.061:993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32195 comm="syz.3.25744" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7e8fd8f6c9 code=0x0 [ 1349.032430][T32205] netlink: 20 bytes leftover after parsing attributes in process `syz.0.25747'. [ 1349.040256][T32205] bond0: entered promiscuous mode [ 1349.042012][T32205] bond_slave_0: entered promiscuous mode [ 1349.044007][T32205] bond_slave_1: entered promiscuous mode [ 1349.046089][T32205] bond0: entered allmulticast mode [ 1349.049085][T32205] bond_slave_0: entered allmulticast mode [ 1349.051626][T32205] bond_slave_1: entered allmulticast mode [ 1349.179473][ T40] audit: type=1400 audit(1770478372.346:994): avc: denied { ioctl } for pid=32215 comm="syz.0.25752" path="mnt:[4026533052]" dev="nsfs" ino=4026533052 ioctlcmd=0x940b scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 1350.098284][T32232] netlink: 20 bytes leftover after parsing attributes in process `syz.0.25758'. [ 1350.132749][T32234] tipc: Failed to remove unknown binding: 66,1,1/2886997039:3428437807/3428437809 [ 1350.190892][T32239] tipc: Failed to remove unknown binding: 66,1,1/2886997039:3428437807/3428437809 [ 1350.194790][T32239] tipc: Failed to remove unknown binding: 66,1,1/2886997039:3428437807/3428437809 [ 1350.328833][ T40] audit: type=1326 audit(1770478373.478:995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32244 comm="syz.0.25764" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9bce38f6c9 code=0x0 [ 1351.168338][T32264] netlink: 20 bytes leftover after parsing attributes in process `syz.2.25772'. [ 1351.268748][T32270] tipc: Failed to remove unknown binding: 66,1,1/0:4214892626/4214892628 [ 1351.303147][T32274] netlink: 'syz.2.25777': attribute type 10 has an invalid length. [ 1351.325237][T32275] tipc: Failed to remove unknown binding: 66,1,1/0:4214892626/4214892628 [ 1351.327854][T32275] tipc: Failed to remove unknown binding: 66,1,1/0:4214892626/4214892628 [ 1351.385313][T32279] sp0: Synchronizing with TNC [ 1351.388303][T32278] [U] è` [ 1351.591575][T32285] netlink: 20 bytes leftover after parsing attributes in process `syz.2.25782'. [ 1351.597283][T32285] team0: entered promiscuous mode [ 1351.598990][T32285] team_slave_0: entered promiscuous mode [ 1351.601066][T32285] team_slave_1: entered promiscuous mode [ 1351.603059][T32285] team0: entered allmulticast mode [ 1351.604813][T32285] team_slave_0: entered allmulticast mode [ 1351.607515][T32285] team_slave_1: entered allmulticast mode [ 1351.991588][T26616] Bluetooth: hci2: command 0x2016 tx timeout [ 1352.158652][T32301] sp0: Synchronizing with TNC [ 1352.161457][T32300] [U] è` [ 1352.283615][T32303] netlink: 20 bytes leftover after parsing attributes in process `syz.0.25791'. [ 1352.290248][T32303] team0: entered promiscuous mode [ 1352.294125][T32303] team_slave_0: entered promiscuous mode [ 1352.296954][T32303] team_slave_1: entered promiscuous mode [ 1352.299659][T32303] team0: entered allmulticast mode [ 1352.301913][T32303] team_slave_0: entered allmulticast mode [ 1352.304394][T32303] team_slave_1: entered allmulticast mode [ 1352.859686][T32319] tipc: Failed to remove unknown binding: 66,1,1/2886997039:1410885243/1410885245 [ 1352.916822][T32320] tipc: Failed to remove unknown binding: 66,1,1/2886997039:1410885243/1410885245 [ 1352.920980][T32320] tipc: Failed to remove unknown binding: 66,1,1/2886997039:1410885243/1410885245 [ 1353.329646][T32322] sp0: Synchronizing with TNC [ 1353.334024][T32321] [U] è` [ 1353.438266][T32324] netlink: 20 bytes leftover after parsing attributes in process `syz.0.25800'. [ 1354.018053][T32351] tipc: Failed to remove unknown binding: 66,1,1/0:195568733/195568735 [ 1354.074972][T32352] tipc: Failed to remove unknown binding: 66,1,1/0:195568733/195568735 [ 1354.079382][T32352] tipc: Failed to remove unknown binding: 66,1,1/0:195568733/195568735 [ 1354.587704][T32361] sp0: Synchronizing with TNC [ 1354.590556][T32360] [U] è` [ 1357.223629][T32425] netlink: 'syz.3.25846': attribute type 6 has an invalid length. [ 1357.234384][T32425] netlink: 'syz.3.25846': attribute type 4 has an invalid length. [ 1357.237581][T32425] netlink: 17 bytes leftover after parsing attributes in process `syz.3.25846'. [ 1357.681046][T32455] netlink: 20 bytes leftover after parsing attributes in process `syz.2.25862'. [ 1357.872708][T32461] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1358.012304][T32473] netlink: 44 bytes leftover after parsing attributes in process `syz.1.25869'. [ 1358.122538][T32479] tipc: Failed to remove unknown binding: 66,1,1/2886997039:3575865362/3575865364 [ 1358.178473][T32480] tipc: Failed to remove unknown binding: 66,1,1/2886997039:3575865362/3575865364 [ 1358.181852][T32480] tipc: Failed to remove unknown binding: 66,1,1/2886997039:3575865362/3575865364 [ 1358.677708][T32494] trusted_key: encrypted_key: insufficient parameters specified [ 1359.777163][T32511] netlink: 20 bytes leftover after parsing attributes in process `syz.2.25886'. [ 1359.871771][T32515] netlink: 'syz.1.25888': attribute type 10 has an invalid length. [ 1359.874852][T32515] bridge0: port 2(bridge_slave_1) entered disabled state [ 1359.877426][T32515] bridge0: port 1(bridge_slave_0) entered disabled state [ 1359.912247][ T40] audit: type=1326 audit(1770478382.950:996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32516 comm="syz.2.25889" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f66c2f8f6c9 code=0x0 [ 1361.002041][ T40] audit: type=1400 audit(1770478384.031:997): avc: denied { mounton } for pid=32539 comm="syz.2.25899" path="/469/file0" dev="tmpfs" ino=2924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 1361.002095][T32540] fuse: Bad value for 'user_id' [ 1361.012501][T32540] fuse: Bad value for 'user_id' [ 1361.018564][ T40] audit: type=1400 audit(1770478384.051:998): avc: denied { read append } for pid=32539 comm="syz.2.25899" name="file0" dev="tmpfs" ino=2924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 1361.320926][T32559] netlink: 8 bytes leftover after parsing attributes in process `syz.3.25908'. [ 1361.532506][T32579] tipc: Failed to remove unknown binding: 66,1,1/0:1289199459/1289199461 [ 1361.588260][T32580] tipc: Failed to remove unknown binding: 66,1,1/0:1289199459/1289199461 [ 1361.590978][T32580] tipc: Failed to remove unknown binding: 66,1,1/0:1289199459/1289199461 [ 1362.029074][T32598] netlink: 'syz.1.25927': attribute type 10 has an invalid length. [ 1362.098545][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 1362.101318][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 1362.439462][T32617] netlink: 20 bytes leftover after parsing attributes in process `syz.0.25929'. [ 1362.534984][ T5932] IPVS: starting estimator thread 0... [ 1362.571059][T32633] tipc: Failed to remove unknown binding: 66,1,1/0:2599631597/2599631599 [ 1362.625998][T32638] tipc: Failed to remove unknown binding: 66,1,1/0:2599631597/2599631599 [ 1362.628766][T32638] tipc: Failed to remove unknown binding: 66,1,1/0:2599631597/2599631599 [ 1362.636897][T32630] IPVS: using max 44 ests per chain, 105600 per kthread [ 1362.714274][T32642] netlink: 20 bytes leftover after parsing attributes in process `syz.0.25947'. [ 1362.996060][T32662] netlink: 20 bytes leftover after parsing attributes in process `syz.0.25957'. [ 1363.104940][T32672] netlink: 'syz.0.25962': attribute type 4 has an invalid length. [ 1363.190468][T32682] netlink: 20 bytes leftover after parsing attributes in process `syz.2.25967'. [ 1363.703436][T32716] tipc: Failed to remove unknown binding: 66,1,1/0:2411456389/2411456391 [ 1363.761360][T32717] tipc: Failed to remove unknown binding: 66,1,1/0:2411456389/2411456391 [ 1363.764016][T32717] tipc: Failed to remove unknown binding: 66,1,1/0:2411456389/2411456391 [ 1364.384181][T32731] sp0: Synchronizing with TNC [ 1364.390244][T32730] [U] è` [ 1364.542375][T32738] netlink: 4 bytes leftover after parsing attributes in process `syz.2.25992'. [ 1364.545382][T32738] bridge_slave_1: left allmulticast mode [ 1364.547243][T32738] bridge_slave_1: left promiscuous mode [ 1364.549211][T32738] bridge0: port 2(bridge_slave_1) entered disabled state [ 1364.554384][T32738] bridge_slave_0: left allmulticast mode [ 1364.556308][T32738] bridge_slave_0: left promiscuous mode [ 1364.558333][T32738] bridge0: port 1(bridge_slave_0) entered disabled state [ 1364.574580][T32738] bond0: (slave bridge0): Releasing backup interface [ 1364.577391][T32738] bridge0 (unregistering): left promiscuous mode [ 1364.579734][T32738] bridge0 (unregistering): left allmulticast mode [ 1365.124009][T26616] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1365.127833][T26616] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1365.131435][T26616] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1365.137233][T26616] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1365.140073][T26616] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1365.358865][ T1153] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1365.371473][T32766] chnl_net:caif_netlink_parms(): no params data found [ 1365.433750][ T1153] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1365.490422][T32766] bridge0: port 1(bridge_slave_0) entered blocking state [ 1365.493438][T32766] bridge0: port 1(bridge_slave_0) entered disabled state [ 1365.495852][T32766] bridge_slave_0: entered allmulticast mode [ 1365.498536][T32766] bridge_slave_0: entered promiscuous mode [ 1365.516574][ T1153] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1365.523989][T32766] bridge0: port 2(bridge_slave_1) entered blocking state [ 1365.527370][T32766] bridge0: port 2(bridge_slave_1) entered disabled state [ 1365.529702][T32766] bridge_slave_1: entered allmulticast mode [ 1365.533534][T32766] bridge_slave_1: entered promiscuous mode [ 1365.568615][T32766] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1365.573239][T32766] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1365.612729][ T313] netlink: 'syz.3.26009': attribute type 10 has an invalid length. [ 1365.629363][T32766] team0: Port device team_slave_0 added [ 1365.635592][T32766] team0: Port device team_slave_1 added [ 1365.691865][T32766] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1365.694890][T32766] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1365.706766][T32766] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1365.712593][T32766] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1365.715418][T32766] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1365.727561][T32766] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1365.806031][T32766] hsr_slave_0: entered promiscuous mode [ 1365.809548][T32766] hsr_slave_1: entered promiscuous mode [ 1365.812519][T32766] debugfs: 'hsr0' already exists in 'hsr' [ 1365.814914][T32766] Cannot create hsr debugfs directory [ 1365.932962][ T1153] bridge_slave_1: left allmulticast mode [ 1365.935418][ T1153] bridge_slave_1: left promiscuous mode [ 1365.938115][ T1153] +$<¶: port 2(bridge_slave_1) entered disabled state [ 1365.944121][ T1153] bridge_slave_0: left allmulticast mode [ 1365.946511][ T1153] bridge_slave_0: left promiscuous mode [ 1365.949273][ T1153] +$<¶: port 1(bridge_slave_0) entered disabled state [ 1365.956157][ T1153] vlan3: left promiscuous mode [ 1365.959354][ T1153] veth1: left promiscuous mode [ 1365.961727][ T1153] bridge1: port 3(vlan3) entered disabled state [ 1365.966586][ T1153] veth0_to_bond: left allmulticast mode [ 1365.969541][ T1153] veth0_to_bond: left promiscuous mode [ 1365.971950][ T1153] bridge1: port 2(veth0_to_bond) entered disabled state [ 1365.981495][ T1153] veth3: left allmulticast mode [ 1365.983599][ T1153] veth3: left promiscuous mode [ 1365.985802][ T1153] bridge1: port 1(veth3) entered disabled state [ 1366.019167][ T333] netlink: 20 bytes leftover after parsing attributes in process `syz.2.26015'. [ 1366.111532][ T1153] gretap0 (unregistering): left promiscuous mode [ 1366.300007][ T339] netlink: 'syz.1.26017': attribute type 10 has an invalid length. [ 1366.403467][ T1153] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1366.407403][ T1153] bond_slave_0: left promiscuous mode [ 1366.409824][ T1153] bond_slave_0: left allmulticast mode [ 1366.415940][ T1153] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1366.420097][ T1153] bond_slave_1: left promiscuous mode [ 1366.422683][ T1153] bond_slave_1: left allmulticast mode [ 1366.426328][ T1153] bond0 (unregistering): Released all slaves [ 1366.759536][ T363] netlink: 'syz.2.26025': attribute type 10 has an invalid length. [ 1366.882192][ T371] netlink: 20 bytes leftover after parsing attributes in process `syz.2.26027'. [ 1366.993241][ T1153] hsr_slave_0: left promiscuous mode [ 1366.996614][ T1153] hsr_slave_1: left promiscuous mode [ 1366.998702][ T1153] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1367.001013][ T1153] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1367.003747][ T1153] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1367.006335][ T1153] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1367.045135][ T1153] veth1_macvtap: left promiscuous mode [ 1367.047420][ T1153] veth0_macvtap: left promiscuous mode [ 1367.049468][ T1153] veth1_vlan: left promiscuous mode [ 1367.051704][ T1153] veth0_vlan: left promiscuous mode [ 1367.168968][ T869] Bluetooth: hci3: command tx timeout [ 1367.904482][ T1153] team_slave_1 (unregistering): left promiscuous mode [ 1367.907261][ T1153] team_slave_1 (unregistering): left allmulticast mode [ 1367.911225][ T1153] team0 (unregistering): Port device team_slave_1 removed [ 1368.025501][ T1153] team_slave_0 (unregistering): left promiscuous mode [ 1368.028309][ T1153] team_slave_0 (unregistering): left allmulticast mode [ 1368.032827][ T1153] team0 (unregistering): Port device team_slave_0 removed [ 1368.275953][ T391] netlink: 20 bytes leftover after parsing attributes in process `syz.1.26035'. [ 1368.855987][T32766] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1368.867864][T32766] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1368.886986][T32766] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1368.908265][T32766] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1368.952046][ T416] netlink: 'syz.2.26041': attribute type 10 has an invalid length. [ 1368.989011][T32766] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1369.009357][T32766] 8021q: adding VLAN 0 to HW filter on device team0 [ 1369.017197][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 1369.020226][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1369.032670][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 1369.035784][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1369.170412][ T427] netlink: 80 bytes leftover after parsing attributes in process `syz.2.26045'. [ 1369.181985][ T1153] IPVS: stop unused estimator thread 0... [ 1369.229842][T32766] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1369.255768][T26616] Bluetooth: hci3: command tx timeout [ 1369.273436][T32766] veth0_vlan: entered promiscuous mode [ 1369.280911][ T431] [U] ù [ 1369.281024][T32766] veth1_vlan: entered promiscuous mode [ 1369.298283][T32766] veth0_macvtap: entered promiscuous mode [ 1369.302283][T32766] veth1_macvtap: entered promiscuous mode [ 1369.316735][T32766] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1369.323196][T32766] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1369.333186][T28009] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1369.336838][T26616] Bluetooth: hci4: command 0x0406 tx timeout [ 1369.338830][T28009] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1369.347471][T28009] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1369.355989][T28009] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1369.389427][T28009] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1369.391906][T28009] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1369.422629][T28009] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1369.425295][T28009] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1370.400682][ T473] netlink: 20 bytes leftover after parsing attributes in process `syz.0.26063'. [ 1370.407834][ T473] team0: entered promiscuous mode [ 1370.409503][ T473] team_slave_0: entered promiscuous mode [ 1370.411448][ T473] team_slave_1: entered promiscuous mode [ 1370.413435][ T473] team0: entered allmulticast mode [ 1370.415110][ T473] team_slave_0: entered allmulticast mode [ 1370.416944][ T473] team_slave_1: entered allmulticast mode [ 1370.455815][ T40] audit: type=1400 audit(1770478393.423:999): avc: denied { remount } for pid=474 comm="syz.0.26064" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 1370.639805][ T489] sp0: Synchronizing with TNC [ 1370.646964][ T488] [U] è [ 1370.693295][ T493] netlink: 'syz.3.26073': attribute type 10 has an invalid length. [ 1371.033629][ T518] netlink: 'syz.3.26084': attribute type 10 has an invalid length. [ 1371.117904][ T525] tipc: Cannot configure node identity twice [ 1371.361302][T13970] usb 7-1: new high-speed USB device number 63 using dummy_hcd [ 1371.382097][ T869] Bluetooth: hci3: command tx timeout [ 1371.519536][T13970] usb 7-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 1371.523363][T13970] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1371.526939][T13970] usb 7-1: Product: syz [ 1371.528348][T13970] usb 7-1: Manufacturer: syz [ 1371.530695][T13970] usb 7-1: SerialNumber: syz [ 1371.756070][ T526] @: renamed from vlan0 (while UP) [ 1371.764073][T13970] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO [ 1371.769252][T13970] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): lan78xx_setup_irq_domain() failed : -71 [ 1371.773775][T13970] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 1371.779368][T13970] lan78xx 7-1:1.0: probe with driver lan78xx failed with error -71 [ 1371.792442][T13970] usb 7-1: USB disconnect, device number 63 [ 1371.900353][ T547] netlink: 'syz.0.26099': attribute type 10 has an invalid length. [ 1371.903625][ T547] bridge0: port 2(bridge_slave_1) entered disabled state [ 1371.906330][ T547] bridge0: port 1(bridge_slave_0) entered disabled state [ 1371.913009][ T547] bridge0: port 2(bridge_slave_1) entered blocking state [ 1371.915563][ T547] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1371.919075][ T547] bridge0: port 1(bridge_slave_0) entered blocking state [ 1371.922270][ T547] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1371.927937][ T547] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 1371.974083][ T550] netlink: 20 bytes leftover after parsing attributes in process `syz.0.26100'. [ 1372.014995][ T554] netlink: 4 bytes leftover after parsing attributes in process `syz.0.26101'. [ 1372.956141][ T569] netlink: 'syz.1.26108': attribute type 10 has an invalid length. [ 1373.205830][ T584] netlink: 'syz.1.26115': attribute type 4 has an invalid length. [ 1373.209256][ T584] netlink: 17 bytes leftover after parsing attributes in process `syz.1.26115'. [ 1373.319224][ T592] netlink: 'syz.2.26119': attribute type 10 has an invalid length. [ 1373.533360][ T869] Bluetooth: hci3: command tx timeout [ 1373.585252][ T602] netlink: 20 bytes leftover after parsing attributes in process `syz.0.26123'. [ 1373.591367][ T602] bond0: entered promiscuous mode [ 1373.593106][ T602] bond_slave_0: entered promiscuous mode [ 1373.595628][ T602] bond_slave_1: entered promiscuous mode [ 1373.597510][ T602] bridge0: entered promiscuous mode [ 1373.599314][ T602] bond0: entered allmulticast mode [ 1373.601482][ T602] bond_slave_0: entered allmulticast mode [ 1373.603894][ T602] bond_slave_1: entered allmulticast mode [ 1373.606363][ T602] bridge0: entered allmulticast mode [ 1374.040687][ T622] netlink: 20 bytes leftover after parsing attributes in process `syz.3.26132'. [ 1374.045126][ T622] bond0: entered promiscuous mode [ 1374.047168][ T622] bond0: entered allmulticast mode [ 1374.328885][ T641] netlink: 20 bytes leftover after parsing attributes in process `syz.3.26141'. [ 1374.945152][ T40] audit: type=1400 audit(1770478397.778:1000): avc: denied { connect } for pid=669 comm="syz.1.26155" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 1376.672679][ T728] overlayfs: missing 'lowerdir' [ 1377.453105][ T755] netlink: 'syz.3.26192': attribute type 10 has an invalid length. [ 1377.692369][ T40] audit: type=1400 audit(1770478400.476:1001): avc: denied { block_suspend } for pid=772 comm="syz.0.26201" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 1377.759023][ T782] netlink: 64 bytes leftover after parsing attributes in process `syz.2.26205'. [ 1378.430799][ T40] audit: type=1400 audit(1770478401.192:1002): avc: denied { associate } for pid=808 comm="syz.0.26213" name="core" scontext=root:object_r:etc_runtime_t tcontext=system_u:object_r:root_t tclass=filesystem permissive=1 [ 1378.574950][ T814] tipc: Failed to remove unknown binding: 66,1,1/0:426113815/426113817 [ 1378.578545][ T814] tipc: Failed to remove unknown binding: 66,1,1/0:426113815/426113817 [ 1378.583349][ T814] tipc: Failed to remove unknown binding: 66,1,1/0:426113815/426113817 [ 1378.959257][ T831] netlink: 'syz.1.26222': attribute type 10 has an invalid length. [ 1379.541871][ T854] netlink: 'syz.2.26233': attribute type 10 has an invalid length. [ 1379.574004][ T40] audit: type=1400 audit(1770478402.310:1003): avc: denied { ioctl } for pid=856 comm="syz.2.26234" path="socket:[435404]" dev="sockfs" ino=435404 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 1380.055206][ T909] netlink: 'syz.2.26256': attribute type 4 has an invalid length. [ 1380.058653][ T909] netlink: 17 bytes leftover after parsing attributes in process `syz.2.26256'. [ 1380.591778][ T931] netlink: 20 bytes leftover after parsing attributes in process `syz.2.26267'. [ 1380.793851][ T949] capability: warning: `syz.3.26275' uses deprecated v2 capabilities in a way that may be insecure [ 1380.812068][ T955] netlink: 20 bytes leftover after parsing attributes in process `syz.2.26276'. [ 1380.836435][ T961] overlayfs: failed to clone upperpath [ 1380.962860][ T991] netlink: 20 bytes leftover after parsing attributes in process `syz.2.26288'. [ 1381.002794][ T997] netlink: 'syz.0.26289': attribute type 13 has an invalid length. [ 1381.168448][ T1016] netlink: 20 bytes leftover after parsing attributes in process `syz.0.26299'. [ 1381.376283][ T1038] netlink: 20 bytes leftover after parsing attributes in process `syz.1.26310'. [ 1381.849401][ T1086] netlink: 'syz.1.26332': attribute type 11 has an invalid length. [ 1381.852788][ T1086] netlink: 44 bytes leftover after parsing attributes in process `syz.1.26332'. [ 1381.859531][ T1088] netlink: 'syz.0.26333': attribute type 13 has an invalid length. [ 1382.017689][ T1107] netlink: 20 bytes leftover after parsing attributes in process `syz.0.26339'. [ 1382.138555][ T1125] netlink: 8 bytes leftover after parsing attributes in process `syz.0.26345'. [ 1382.628754][ T1178] netlink: 'syz.3.26365': attribute type 13 has an invalid length. [ 1383.255011][ T1240] netlink: 'syz.3.26397': attribute type 13 has an invalid length. [ 1383.580037][ T1242] netlink: 'syz.3.26391': attribute type 13 has an invalid length. [ 1383.830265][ T1257] netlink: 'syz.2.26399': attribute type 13 has an invalid length. [ 1383.858754][ T1269] netlink: 'syz.0.26403': attribute type 13 has an invalid length. [ 1384.154551][ T1291] netlink: 'syz.1.26413': attribute type 13 has an invalid length. [ 1384.161778][T26616] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1384.169872][T26616] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1384.175029][T26616] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1384.195496][T26616] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1384.201025][T26616] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1384.549890][ T1292] chnl_net:caif_netlink_parms(): no params data found [ 1384.625737][ T1292] bridge0: port 1(bridge_slave_0) entered blocking state [ 1384.628553][ T1292] bridge0: port 1(bridge_slave_0) entered disabled state [ 1384.631591][ T1292] bridge_slave_0: entered allmulticast mode [ 1384.634793][ T1292] bridge_slave_0: entered promiscuous mode [ 1384.638902][ T1292] bridge0: port 2(bridge_slave_1) entered blocking state [ 1384.641711][ T1292] bridge0: port 2(bridge_slave_1) entered disabled state [ 1384.644552][ T1292] bridge_slave_1: entered allmulticast mode [ 1384.648197][ T1292] bridge_slave_1: entered promiscuous mode [ 1384.684593][ T1292] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1384.692564][ T1292] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1384.759096][ T1292] team0: Port device team_slave_0 added [ 1384.764428][ T1292] team0: Port device team_slave_1 added [ 1384.816538][ T1292] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1384.819564][ T1292] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1384.829913][ T1292] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1384.835912][ T1292] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1384.839137][ T1292] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1384.849570][ T1292] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1384.922037][ T1292] hsr_slave_0: entered promiscuous mode [ 1384.924785][ T1292] hsr_slave_1: entered promiscuous mode [ 1384.927528][ T1292] debugfs: 'hsr0' already exists in 'hsr' [ 1384.932762][ T1292] Cannot create hsr debugfs directory [ 1385.068410][ T1292] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1385.149274][ T1292] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1385.223514][ T1292] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1385.310029][ T1292] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1385.362987][ T1353] netlink: 20 bytes leftover after parsing attributes in process `syz.3.26436'. [ 1385.366157][ T1353] team0: entered promiscuous mode [ 1385.367752][ T1353] team0: entered allmulticast mode [ 1385.464901][ T1292] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1385.471892][ T1292] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1385.487802][ T1292] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1385.494732][ T1292] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1385.536511][ T1292] bridge0: port 2(bridge_slave_1) entered blocking state [ 1385.539615][ T1292] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1385.542589][ T1292] bridge0: port 1(bridge_slave_0) entered blocking state [ 1385.544833][ T1292] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1385.586893][ T1292] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1385.599292][ T81] bridge0: port 1(bridge_slave_0) entered disabled state [ 1385.604229][ T81] bridge0: port 2(bridge_slave_1) entered disabled state [ 1385.650420][ T1292] 8021q: adding VLAN 0 to HW filter on device team0 [ 1385.659158][ T1153] bridge0: port 1(bridge_slave_0) entered blocking state [ 1385.661320][ T1153] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1385.670765][ T81] bridge0: port 2(bridge_slave_1) entered blocking state [ 1385.673144][ T81] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1385.779412][ T1408] netlink: 20 bytes leftover after parsing attributes in process `syz.3.26456'. [ 1385.817654][ T1292] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1385.853379][ T1292] veth0_vlan: entered promiscuous mode [ 1385.864607][ T1292] veth1_vlan: entered promiscuous mode [ 1385.870593][ T1414] netlink: 'syz.1.26457': attribute type 13 has an invalid length. [ 1385.894221][ T1292] veth0_macvtap: entered promiscuous mode [ 1385.898860][ T1292] veth1_macvtap: entered promiscuous mode [ 1385.924362][ T1292] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1385.931429][ T1292] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1385.941326][ T1185] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1385.949108][ T1185] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1385.954793][ T1185] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1385.958361][ T1185] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1386.019425][ T1153] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1386.029466][ T1153] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1386.045242][ T1185] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1386.048581][ T1185] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1386.077596][ T1450] netlink: 20 bytes leftover after parsing attributes in process `syz.3.26473'. [ 1386.149660][ T1457] netlink: 'syz.2.26476': attribute type 13 has an invalid length. [ 1386.309250][ T5947] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1386.313220][ T5947] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1386.316682][ T5947] Bluetooth: hci2: command tx timeout [ 1386.318913][ T5947] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1386.322799][ T1475] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1386.337862][ T1475] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1386.347970][ T1481] netlink: 20 bytes leftover after parsing attributes in process `syz.0.26485'. [ 1386.541095][ T1503] netlink: 20 bytes leftover after parsing attributes in process `syz.0.26494'. [ 1386.543306][ T1473] chnl_net:caif_netlink_parms(): no params data found [ 1386.592324][ T1505] netlink: 'syz.0.26495': attribute type 13 has an invalid length. [ 1386.659538][ T1473] bridge0: port 1(bridge_slave_0) entered blocking state [ 1386.662175][ T1473] bridge0: port 1(bridge_slave_0) entered disabled state [ 1386.664715][ T1473] bridge_slave_0: entered allmulticast mode [ 1386.667486][ T1473] bridge_slave_0: entered promiscuous mode [ 1386.674320][ T1473] bridge0: port 2(bridge_slave_1) entered blocking state [ 1386.677927][ T1473] bridge0: port 2(bridge_slave_1) entered disabled state [ 1386.682675][ T1473] bridge_slave_1: entered allmulticast mode [ 1386.689311][ T1473] bridge_slave_1: entered promiscuous mode [ 1386.749193][ T1473] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1386.756605][ T1473] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1386.803252][ T1473] team0: Port device team_slave_0 added [ 1386.806754][ T1473] team0: Port device team_slave_1 added [ 1386.827688][ T1520] netlink: 4 bytes leftover after parsing attributes in process `syz.0.26501'. [ 1386.849735][ T1473] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1386.853185][ T1473] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1386.862263][ T1473] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1386.867283][ T1473] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1386.869620][ T1473] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1386.880250][ T1473] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1386.943744][T28550] usb 6-1: new high-speed USB device number 57 using dummy_hcd [ 1386.944756][ T1473] hsr_slave_0: entered promiscuous mode [ 1386.949470][ T1473] hsr_slave_1: entered promiscuous mode [ 1386.952371][ T1473] debugfs: 'hsr0' already exists in 'hsr' [ 1386.954916][ T1473] Cannot create hsr debugfs directory [ 1386.992021][ T1526] netlink: 'syz.0.26505': attribute type 13 has an invalid length. [ 1387.097957][T28550] usb 6-1: Using ep0 maxpacket: 8 [ 1387.102484][T28550] usb 6-1: unable to get BOS descriptor or descriptor too short [ 1387.107275][T28550] usb 6-1: config 12 has an invalid descriptor of length 0, skipping remainder of the config [ 1387.113313][T28550] usb 6-1: config 12 interface 0 altsetting 7 has an invalid descriptor for endpoint zero, skipping [ 1387.118027][T28550] usb 6-1: config 12 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1387.123289][T28550] usb 6-1: config 12 interface 0 has no altsetting 0 [ 1387.132706][T28550] usb 6-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=6a.e5 [ 1387.135571][T28550] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1387.139002][T28550] usb 6-1: Product: syz [ 1387.140824][T28550] usb 6-1: Manufacturer: syz [ 1387.142770][T28550] usb 6-1: SerialNumber: syz [ 1387.153032][ T1473] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1387.244959][ T1473] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1387.248275][ T1536] netlink: 20 bytes leftover after parsing attributes in process `syz.0.26509'. [ 1387.293013][ T1539] netlink: 4 bytes leftover after parsing attributes in process `syz.2.26510'. [ 1387.320569][ T1473] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1387.368867][ T1475] Bluetooth: hci3: command 0x0406 tx timeout [ 1387.369793][T28550] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 1387.373901][T28550] usb 6-1: selecting invalid altsetting 0 [ 1387.408046][T28550] snd-usb-audio 6-1:12.0: probe with driver snd-usb-audio failed with error -2 [ 1387.415635][ T1473] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1387.418342][T30855] udevd[30855]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb6/6-1/6-1:12.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1387.426198][T28550] usb 6-1: USB disconnect, device number 57 [ 1387.443656][ T1553] netlink: 32 bytes leftover after parsing attributes in process `syz.2.26517'. [ 1387.494444][ T1559] netlink: 20 bytes leftover after parsing attributes in process `syz.0.26520'. [ 1387.520963][ T1473] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1387.525653][ T1473] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1387.532740][ T1473] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1387.546356][ T1473] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1387.572454][ T1473] bridge0: port 2(bridge_slave_1) entered blocking state [ 1387.574712][ T1473] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1387.577181][ T1473] bridge0: port 1(bridge_slave_0) entered blocking state [ 1387.579411][ T1473] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1387.637346][ T1473] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1387.654169][T28009] bridge0: port 1(bridge_slave_0) entered disabled state [ 1387.658681][T28009] bridge0: port 2(bridge_slave_1) entered disabled state [ 1387.679196][ T1473] 8021q: adding VLAN 0 to HW filter on device team0 [ 1387.685549][T28009] bridge0: port 1(bridge_slave_0) entered blocking state [ 1387.687841][T28009] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1387.697808][ T81] bridge0: port 2(bridge_slave_1) entered blocking state [ 1387.700876][ T81] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1387.857597][ T1473] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1387.870664][ T1605] validate_nla: 2 callbacks suppressed [ 1387.870675][ T1605] netlink: 'syz.2.26538': attribute type 13 has an invalid length. [ 1387.912506][ T1473] veth0_vlan: entered promiscuous mode [ 1387.921678][ T1473] veth1_vlan: entered promiscuous mode [ 1387.952348][ T1473] veth0_macvtap: entered promiscuous mode [ 1387.958834][ T1473] veth1_macvtap: entered promiscuous mode [ 1387.974385][ T1473] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1387.984444][ T1473] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1387.996823][ T81] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1388.001254][ T81] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1388.005039][ T81] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1388.022783][ T81] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1388.078833][ T1146] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1388.081810][ T1630] netlink: 'syz.0.26550': attribute type 13 has an invalid length. [ 1388.081934][ T1146] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1388.118433][ T81] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1388.122157][ T81] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1388.299287][ T6017] usb 6-1: new high-speed USB device number 58 using dummy_hcd [ 1388.334595][ T1652] netlink: 'syz.3.26560': attribute type 13 has an invalid length. [ 1388.420352][T26616] Bluetooth: hci0: command tx timeout [ 1388.420634][ T1475] Bluetooth: hci2: command tx timeout [ 1388.460623][ T6017] usb 6-1: Using ep0 maxpacket: 8 [ 1388.474649][ T6017] usb 6-1: unable to get BOS descriptor or descriptor too short [ 1388.479044][ T6017] usb 6-1: config 12 has an invalid descriptor of length 0, skipping remainder of the config [ 1388.485578][ T6017] usb 6-1: config 12 interface 0 altsetting 7 has an invalid descriptor for endpoint zero, skipping [ 1388.490087][ T6017] usb 6-1: config 12 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1388.504494][ T6017] usb 6-1: config 12 interface 0 has no altsetting 0 [ 1388.509466][ T6017] usb 6-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=6a.e5 [ 1388.513972][ T6017] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1388.517454][ T6017] usb 6-1: Product: syz [ 1388.519259][ T6017] usb 6-1: Manufacturer: syz [ 1388.521546][ T6017] usb 6-1: SerialNumber: syz [ 1388.756317][ T6017] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 1388.759298][ T6017] usb 6-1: selecting invalid altsetting 0 [ 1388.776536][ T6017] snd-usb-audio 6-1:12.0: probe with driver snd-usb-audio failed with error -2 [ 1388.784961][ T6017] usb 6-1: USB disconnect, device number 58 [ 1388.804753][T30855] udevd[30855]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb6/6-1/6-1:12.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1389.371520][ T1703] netlink: 'syz.1.26583': attribute type 13 has an invalid length. [ 1389.440337][ T1711] bridge_slave_1: left allmulticast mode [ 1389.444863][ T1711] bridge_slave_1: left promiscuous mode [ 1389.447800][ T1711] bridge0: port 2(bridge_slave_1) entered disabled state [ 1389.451819][ T1711] bridge_slave_0: left allmulticast mode [ 1389.453592][ T1711] bridge_slave_0: left promiscuous mode [ 1389.455486][ T1711] bridge0: port 1(bridge_slave_0) entered disabled state [ 1389.468722][ T1711] bond0: (slave bridge0): Releasing backup interface [ 1389.472244][ T1711] bridge0 (unregistering): left promiscuous mode [ 1389.474611][ T1711] bridge0 (unregistering): left allmulticast mode [ 1390.095123][ T1729] netlink: 'syz.0.26595': attribute type 13 has an invalid length. [ 1390.146634][ T1731] bridge_slave_1: left allmulticast mode [ 1390.148769][ T1731] bridge_slave_1: left promiscuous mode [ 1390.150621][ T1731] bridge0: port 2(bridge_slave_1) entered disabled state [ 1390.154642][ T1731] bridge_slave_0: left allmulticast mode [ 1390.156993][ T1731] bridge_slave_0: left promiscuous mode [ 1390.159775][ T1731] bridge0: port 1(bridge_slave_0) entered disabled state [ 1390.173010][ T1731] bond0: (slave bridge0): Releasing backup interface [ 1390.175971][ T1731] bridge0 (unregistering): left promiscuous mode [ 1390.178645][ T1731] bridge0 (unregistering): left allmulticast mode [ 1390.271655][ T1735] bond0: entered promiscuous mode [ 1390.273439][ T1735] bond_slave_0: entered promiscuous mode [ 1390.275432][ T1735] bond_slave_1: entered promiscuous mode [ 1390.277351][ T1735] bond0: entered allmulticast mode [ 1390.280044][ T1735] bond_slave_0: entered allmulticast mode [ 1390.281950][ T1735] bond_slave_1: entered allmulticast mode [ 1390.521603][ T1475] Bluetooth: hci2: command tx timeout [ 1390.521629][T26616] Bluetooth: hci0: command tx timeout [ 1390.551301][ T938] usb 7-1: new high-speed USB device number 64 using dummy_hcd [ 1390.647156][ T1753] netlink: 'syz.0.26604': attribute type 13 has an invalid length. [ 1390.702606][ T938] usb 7-1: Using ep0 maxpacket: 8 [ 1390.709605][ T938] usb 7-1: unable to get BOS descriptor or descriptor too short [ 1390.712902][ T938] usb 7-1: config 12 has an invalid descriptor of length 0, skipping remainder of the config [ 1390.716405][ T938] usb 7-1: config 12 interface 0 altsetting 7 has an invalid descriptor for endpoint zero, skipping [ 1390.719830][ T938] usb 7-1: config 12 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1390.724059][ T938] usb 7-1: config 12 interface 0 has no altsetting 0 [ 1390.727743][ T938] usb 7-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=6a.e5 [ 1390.730633][ T938] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1390.733409][ T938] usb 7-1: Product: syz [ 1390.735124][ T938] usb 7-1: Manufacturer: syz [ 1390.736747][ T938] usb 7-1: SerialNumber: syz [ 1390.768612][ T1759] __nla_validate_parse: 9 callbacks suppressed [ 1390.768623][ T1759] netlink: 24 bytes leftover after parsing attributes in process `syz.0.26607'. [ 1390.808664][ T1761] netlink: 20 bytes leftover after parsing attributes in process `syz.0.26608'. [ 1390.949695][ T938] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 1390.952031][ T938] usb 7-1: selecting invalid altsetting 0 [ 1390.959706][ T938] snd-usb-audio 7-1:12.0: probe with driver snd-usb-audio failed with error -2 [ 1390.966267][ T938] usb 7-1: USB disconnect, device number 64 [ 1390.973314][T30855] udevd[30855]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb7/7-1/7-1:12.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1391.491289][ T1772] netlink: 'syz.2.26614': attribute type 13 has an invalid length. [ 1391.552671][ T1774] netlink: 32 bytes leftover after parsing attributes in process `syz.1.26615'. [ 1391.636598][ T1780] netlink: 20 bytes leftover after parsing attributes in process `syz.1.26618'. [ 1391.797211][ T1794] netlink: 'syz.0.26625': attribute type 13 has an invalid length. [ 1391.917292][ T1803] netlink: 20 bytes leftover after parsing attributes in process `syz.0.26627'. [ 1391.949415][ T1805] netlink: 32 bytes leftover after parsing attributes in process `syz.0.26628'. [ 1392.248189][ T1822] netlink: 32 bytes leftover after parsing attributes in process `syz.3.26631'. [ 1392.354022][ T1829] netlink: 4 bytes leftover after parsing attributes in process `syz.0.26639'. [ 1392.620107][T26616] Bluetooth: hci2: command tx timeout [ 1392.620132][ T1475] Bluetooth: hci0: command tx timeout [ 1392.764830][ T1851] netlink: 4 bytes leftover after parsing attributes in process `syz.1.26650'. [ 1392.805850][ T1855] netlink: 32 bytes leftover after parsing attributes in process `syz.1.26651'. [ 1392.969027][ T1872] bridge_slave_1: left allmulticast mode [ 1392.971428][ T1872] bridge_slave_1: left promiscuous mode [ 1392.979037][ T1872] bridge0: port 2(bridge_slave_1) entered disabled state [ 1392.987622][ T1872] bridge_slave_0: left allmulticast mode [ 1392.989654][ T1872] bridge_slave_0: left promiscuous mode [ 1392.991740][ T1872] bridge0: port 1(bridge_slave_0) entered disabled state [ 1393.056365][ T1874] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1393.368145][ T1889] netlink: 'syz.3.26667': attribute type 13 has an invalid length. [ 1394.006771][ T1902] tipc: Started in network mode [ 1394.008831][ T1902] tipc: Node identity fffffffa, cluster identity 4711 [ 1394.012443][ T1902] tipc: Node number set to 4294967290 [ 1394.431956][ T1928] netlink: 'syz.0.26686': attribute type 13 has an invalid length. [ 1394.483796][ T6547] usb 6-1: new high-speed USB device number 59 using dummy_hcd [ 1394.649460][ T6547] usb 6-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 1394.653193][ T6547] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1394.656579][ T6547] usb 6-1: Product: syz [ 1394.658383][ T6547] usb 6-1: Manufacturer: syz [ 1394.660337][ T6547] usb 6-1: SerialNumber: syz [ 1394.715461][ T1475] Bluetooth: hci0: command tx timeout [ 1394.878822][ T1916] @: renamed from vlan0 (while UP) [ 1394.886717][ T6547] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO [ 1394.891591][ T6547] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): lan78xx_setup_irq_domain() failed : -71 [ 1394.895990][ T6547] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 1394.905363][ T6547] lan78xx 6-1:1.0: probe with driver lan78xx failed with error -71 [ 1394.913294][ T6547] usb 6-1: USB disconnect, device number 59 [ 1395.594516][ T2038] @: renamed from vlan0 (while UP) [ 1395.622271][ T2033] netlink: 'syz.1.26738': attribute type 13 has an invalid length. [ 1395.850065][ T2068] netlink: 'syz.3.26754': attribute type 13 has an invalid length. [ 1396.004038][ T2082] __nla_validate_parse: 9 callbacks suppressed [ 1396.004055][ T2082] netlink: 4 bytes leftover after parsing attributes in process `syz.3.26761'. [ 1396.047314][ T2080] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1397.786131][ T6017] usb 6-1: new high-speed USB device number 60 using dummy_hcd [ 1397.941561][ T6017] usb 6-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 1397.945265][ T6017] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1397.948773][ T6017] usb 6-1: Product: syz [ 1397.950517][ T6017] usb 6-1: Manufacturer: syz [ 1397.952386][ T6017] usb 6-1: SerialNumber: syz [ 1398.166571][ T6017] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO [ 1398.172603][ T6017] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): lan78xx_setup_irq_domain() failed : -71 [ 1398.177154][ T6017] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 1398.188670][ T6017] lan78xx 6-1:1.0: probe with driver lan78xx failed with error -71 [ 1398.197697][ T6017] usb 6-1: USB disconnect, device number 60 [ 1399.586088][T29398] usb 8-1: new high-speed USB device number 49 using dummy_hcd [ 1399.772371][T29398] usb 8-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 1399.775699][T29398] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1399.779218][T29398] usb 8-1: Product: syz [ 1399.781177][T29398] usb 8-1: Manufacturer: syz [ 1399.782681][T29398] usb 8-1: SerialNumber: syz [ 1400.007414][T29398] lan78xx 8-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO [ 1400.015140][T29398] lan78xx 8-1:1.0 (unnamed net_device) (uninitialized): lan78xx_setup_irq_domain() failed : -71 [ 1400.019725][T29398] lan78xx 8-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 1400.026543][T29398] lan78xx 8-1:1.0: probe with driver lan78xx failed with error -71 [ 1400.034944][T29398] usb 8-1: USB disconnect, device number 49 [ 1400.243804][ T2198] netlink: 4 bytes leftover after parsing attributes in process `syz.0.26815'. [ 1400.991498][ T2212] tipc: Started in network mode [ 1400.993191][ T2212] tipc: Node identity fffffffa, cluster identity 4711 [ 1400.999857][ T2212] tipc: Node number set to 4294967290 [ 1401.015226][ T2214] netlink: 20 bytes leftover after parsing attributes in process `syz.0.26823'. [ 1401.114158][ T2228] netlink: 4 bytes leftover after parsing attributes in process `syz.3.26830'. [ 1401.205530][ T2236] netlink: 20 bytes leftover after parsing attributes in process `syz.3.26834'. [ 1401.208609][ T2236] team0: entered promiscuous mode [ 1401.210216][ T2236] team_slave_0: entered promiscuous mode [ 1401.212119][ T2236] team_slave_1: entered promiscuous mode [ 1401.213949][ T2236] team0: entered allmulticast mode [ 1401.216253][ T2236] team_slave_0: entered allmulticast mode [ 1401.218070][ T2236] team_slave_1: entered allmulticast mode [ 1401.418517][ T2251] netlink: 4 bytes leftover after parsing attributes in process `syz.3.26841'. [ 1401.465043][ T2255] netlink: 20 bytes leftover after parsing attributes in process `syz.3.26844'. [ 1401.572050][ T2259] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1401.824149][ T2280] netlink: 20 bytes leftover after parsing attributes in process `syz.3.26855'. [ 1401.926033][ T2283] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1402.131077][ T2310] netlink: 20 bytes leftover after parsing attributes in process `syz.0.26868'. [ 1402.262550][ T2332] netlink: 20 bytes leftover after parsing attributes in process `syz.1.26879'. [ 1402.685415][ T2358] netlink: 20 bytes leftover after parsing attributes in process `syz.1.26891'. [ 1403.101937][ T2375] netlink: 20 bytes leftover after parsing attributes in process `syz.0.26900'. [ 1403.287734][ T2396] tipc: Started in network mode [ 1403.289408][ T2396] tipc: Node identity fffffffa, cluster identity 4711 [ 1403.291773][ T2396] tipc: Node number set to 4294967290 [ 1403.327078][ T2400] netlink: 20 bytes leftover after parsing attributes in process `syz.2.26911'. [ 1403.412726][ T2404] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1403.797994][ T938] usb 7-1: new high-speed USB device number 65 using dummy_hcd [ 1403.960731][ T938] usb 7-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 1403.964204][ T938] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1403.967580][ T938] usb 7-1: Product: syz [ 1403.969168][ T938] usb 7-1: Manufacturer: syz [ 1403.970906][ T938] usb 7-1: SerialNumber: syz [ 1404.180579][ T2409] @: renamed from vlan0 (while UP) [ 1404.189043][ T938] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO [ 1404.193552][ T938] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): lan78xx_setup_irq_domain() failed : -71 [ 1404.197520][ T938] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 1404.216343][ T2422] 8021q: adding VLAN 0 to HW filter on device team0 [ 1404.223433][ T938] lan78xx 7-1:1.0: probe with driver lan78xx failed with error -71 [ 1404.236478][ T938] usb 7-1: USB disconnect, device number 65 [ 1405.006366][ T2457] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1405.479477][ T2489] 8021q: adding VLAN 0 to HW filter on device team0 [ 1405.573826][ T2491] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1406.255116][ T2542] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1406.464029][ T2566] __nla_validate_parse: 5 callbacks suppressed [ 1406.464045][ T2566] netlink: 20 bytes leftover after parsing attributes in process `syz.2.26982'. [ 1406.759370][ T2579] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1407.178141][ T2604] netlink: 20 bytes leftover after parsing attributes in process `syz.0.26997'. [ 1407.217854][ T2606] @: renamed from vlan0 (while UP) [ 1408.102365][ T2628] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65288 sclass=netlink_route_socket pid=2628 comm=syz.2.27006 [ 1408.176465][ T2632] netlink: 4 bytes leftover after parsing attributes in process `syz.2.27009'. [ 1408.180327][ T2632] bridge_slave_1: left allmulticast mode [ 1408.182687][ T2632] bridge_slave_1: left promiscuous mode [ 1408.185515][ T2632] bridge0: port 2(bridge_slave_1) entered disabled state [ 1408.189697][ T2632] bridge_slave_0: left allmulticast mode [ 1408.191484][ T2632] bridge_slave_0: left promiscuous mode [ 1408.193610][ T2632] bridge0: port 1(bridge_slave_0) entered disabled state [ 1408.549275][ T2652] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65288 sclass=netlink_route_socket pid=2652 comm=syz.2.27017 [ 1408.623508][ T2663] netlink: 4 bytes leftover after parsing attributes in process `syz.1.27021'. [ 1408.830917][ T2677] overlayfs: failed to clone upperpath [ 1408.899992][ T2681] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65288 sclass=netlink_route_socket pid=2681 comm=syz.2.27027 [ 1408.981838][ T2692] netlink: 4 bytes leftover after parsing attributes in process `syz.0.27031'. [ 1409.072419][ T2709] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65288 sclass=netlink_route_socket pid=2709 comm=syz.3.27038 [ 1409.180855][ T2722] netlink: 4 bytes leftover after parsing attributes in process `syz.2.27043'. [ 1409.546018][ T2748] netlink: 4 bytes leftover after parsing attributes in process `syz.1.27054'. [ 1409.883018][ T2776] netlink: 4 bytes leftover after parsing attributes in process `syz.2.27065'. [ 1410.372666][ T2804] netlink: 4 bytes leftover after parsing attributes in process `syz.3.27076'. [ 1410.671887][ T2814] netlink: 20 bytes leftover after parsing attributes in process `syz.0.27081'. [ 1410.801607][T26616] Bluetooth: hci1: command 0x0406 tx timeout [ 1411.739990][ T2923] __nla_validate_parse: 3 callbacks suppressed [ 1411.740001][ T2923] netlink: 4 bytes leftover after parsing attributes in process `syz.0.27124'. [ 1412.687832][ T2969] netlink: 4 bytes leftover after parsing attributes in process `syz.2.27140'. [ 1412.813153][ T2973] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1413.119639][ T3003] netlink: 20 bytes leftover after parsing attributes in process `syz.3.27148'. [ 1413.675326][ T3030] netlink: 20 bytes leftover after parsing attributes in process `syz.2.27161'. [ 1414.062185][ T3046] netlink: 20 bytes leftover after parsing attributes in process `syz.0.27170'. [ 1414.809020][ T3072] netlink: 20 bytes leftover after parsing attributes in process `syz.0.27181'. [ 1416.300754][ T3156] netlink: 4 bytes leftover after parsing attributes in process `syz.1.27221'. [ 1417.255148][ T3227] netlink: 4 bytes leftover after parsing attributes in process `syz.1.27247'. [ 1418.974320][ C3] ------------[ cut here ]------------ [ 1418.976274][ C3] ODEBUG: free active (active state 0) object: ffff888044019890 object type: timer_list hint: rose_t0timer_expiry+0x0/0x150 [ 1418.980514][ C3] WARNING: CPU: 3 PID: 3328 at lib/debugobjects.c:612 debug_print_object+0x1a2/0x2b0 [ 1418.984423][ C3] Modules linked in: [ 1418.986377][ C3] CPU: 3 UID: 0 PID: 3328 Comm: syz.0.27299 Not tainted syzkaller #0 PREEMPT(full) [ 1418.991833][ C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1418.996299][ C3] RIP: 0010:debug_print_object+0x1a2/0x2b0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1418.998707][ C3] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd a0 81 f0 8b 4c 89 e6 48 c7 c7 20 76 f0 8b e8 bf b3 ce fc 90 <0f> 0b 90 90 58 83 05 d6 da d5 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 1419.006867][ C3] RSP: 0018:ffffc900006f8a18 EFLAGS: 00010282 [ 1419.009415][ C3] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817b1cd8 [ 1419.012751][ C3] RDX: ffff88802490c900 RSI: ffffffff817b1ce5 RDI: 0000000000000001 [ 1419.016000][ C3] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 1419.019295][ C3] R10: 0000000000000000 R11: 0000000000000001 R12: ffffffff8bf07cc0 [ 1419.022650][ C3] R13: ffffffff8b9021e0 R14: ffffffff8a4da210 R15: ffffc900006f8b18 [ 1419.025948][ C3] FS: 00007fc2e90376c0(0000) GS:ffff8880d6d06000(0000) knlGS:0000000000000000 [ 1419.029321][ C3] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1419.032145][ C3] CR2: 0000200000003c00 CR3: 000000002daee000 CR4: 0000000000352ef0 [ 1419.034788][ C3] DR0: 0000000000000008 DR1: 0000000000000002 DR2: 0000000000000081 [ 1419.037248][ C3] DR3: ffffffffefffff15 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 1419.039690][ C3] Call Trace: [ 1419.040806][ C3] [ 1419.041779][ C3] ? __pfx_rose_t0timer_expiry+0x10/0x10 [ 1419.043716][ C3] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1419.045560][ C3] debug_check_no_obj_freed+0x4b7/0x600 [ 1419.047308][ C3] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 1419.049208][ C3] kfree+0x291/0x6d0 [ 1419.050495][ C3] ? rose_timer_expiry+0x53f/0x630 [ 1419.052196][ C3] ? rose_timer_expiry+0x53f/0x630 [ 1419.054099][ C3] rose_timer_expiry+0x53f/0x630 [ 1419.056205][ C3] ? __pfx_rose_timer_expiry+0x10/0x10 [ 1419.058485][ C3] call_timer_fn+0x19a/0x620 [ 1419.060508][ C3] ? __pfx_call_timer_fn+0x10/0x10 [ 1419.062637][ C3] ? mark_held_locks+0x49/0x80 [ 1419.064712][ C3] ? __pfx_rose_timer_expiry+0x10/0x10 [ 1419.066880][ C3] __run_timers+0x6ef/0x960 [ 1419.068614][ C3] ? __pfx___run_timers+0x10/0x10 [ 1419.070390][ C3] run_timer_base+0x114/0x190 [ 1419.072364][ C3] ? __pfx_run_timer_base+0x10/0x10 [ 1419.074562][ C3] run_timer_softirq+0x1a/0x40 [ 1419.076590][ C3] handle_softirqs+0x219/0x8e0 [ 1419.078646][ C3] ? __pfx_handle_softirqs+0x10/0x10 [ 1419.080960][ C3] __irq_exit_rcu+0x109/0x170 [ 1419.082973][ C3] irq_exit_rcu+0x9/0x30 [ 1419.084783][ C3] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 1419.087154][ C3] [ 1419.088419][ C3] [ 1419.089677][ C3] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1419.092246][ C3] RIP: 0010:preempt_count_add+0x9e/0x150 [ 1419.094606][ C3] Code: 0f 00 85 c0 75 38 65 48 8b 2d c6 0b 18 12 48 8d bd 20 15 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 <0f> 85 87 00 00 00 48 89 9d 20 15 00 00 5b 5d c3 cc cc cc cc 31 ff [ 1419.102508][ C3] RSP: 0018:ffffc900044b6f80 EFLAGS: 00000246 [ 1419.105026][ C3] RAX: dffffc0000000000 RBX: ffffffff81980758 RCX: 1ffffffff3562220 [ 1419.107882][ C3] RDX: 1ffff11004921bc4 RSI: 0000000000000008 RDI: ffff88802490de20 [ 1419.110416][ C3] RBP: ffff88802490c900 R08: 0000000000000000 R09: ffffed1008464793 [ 1419.113407][ C3] R10: ffff888042323c9f R11: 0000000000000000 R12: ffff888042323cf8 [ 1419.115932][ C3] R13: ffffc900044b71c8 R14: ffffffff90824250 R15: ffffffff81ff41f0 [ 1419.118384][ C3] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1419.120227][ C3] ? up_write+0x118/0x520 [ 1419.121663][ C3] up_write+0x118/0x520 [ 1419.123333][ C3] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1419.125932][ C3] shmem_file_write_iter+0xcf/0x140 [ 1419.128121][ C3] __kernel_write_iter+0x31a/0xb10 [ 1419.130203][ C3] ? __pfx___kernel_write_iter+0x10/0x10 [ 1419.132563][ C3] ? cgroup_freezing+0x12c/0x3b0 [ 1419.134667][ C3] ? cgroup_freezing+0x136/0x3b0 [ 1419.136791][ C3] dump_user_range+0x413/0xb70 [ 1419.138776][ C3] ? __pfx_dump_user_range+0x10/0x10 [ 1419.140945][ C3] ? elf_coredump_extra_notes_write+0xbd/0x4f0 [ 1419.143518][ C3] ? __pfx_writenote+0x10/0x10 [ 1419.145455][ C3] elf_core_dump+0x29c3/0x3c00 [ 1419.147491][ C3] ? __pfx_elf_core_dump+0x10/0x10 [ 1419.149622][ C3] ? kasan_save_stack+0x33/0x60 [ 1419.151717][ C3] ? __kasan_kmalloc+0xaa/0xb0 [ 1419.153945][ C3] ? __kvmalloc_node_noprof+0x3a3/0x9c0 [ 1419.156276][ C3] ? vfs_coredump+0x1ddc/0x5670 [ 1419.158315][ C3] ? arch_do_signal_or_restart+0x8f/0x7c0 [ 1419.160757][ C3] ? irqentry_exit_to_user_mode+0x176/0x310 [ 1419.163182][ C3] ? asm_exc_invalid_op+0x1a/0x20 [ 1419.165309][ C3] ? 0xffffffffff600000 [ 1419.166970][ C3] ? vfs_coredump+0x2b9f/0x5670 [ 1419.168563][ C3] vfs_coredump+0x2b9f/0x5670 [ 1419.170084][ C3] ? __pfx_vfs_coredump+0x10/0x10 [ 1419.172272][ C3] ? __lock_acquire+0x622/0x1c90 [ 1419.174370][ C3] ? lock_acquire+0x179/0x350 [ 1419.176389][ C3] ? is_bpf_text_address+0x8a/0x1a0 [ 1419.178578][ C3] ? bpf_ksym_find+0x127/0x1c0 [ 1419.180529][ C3] ? unwind_get_return_address+0x59/0xa0 [ 1419.182591][ C3] ? arch_stack_walk+0xa6/0x100 [ 1419.184671][ C3] ? stack_trace_save+0x8e/0xc0 [ 1419.186219][ C3] ? __pfx_stack_trace_save+0x10/0x10 [ 1419.188611][ C3] ? stack_depot_save_flags+0x29/0x9c0 [ 1419.190996][ C3] ? __lock_acquire+0xb8a/0x1c90 [ 1419.193126][ C3] ? proc_coredump_connector+0x2d1/0x4f0 [ 1419.195446][ C3] ? __pfx_proc_coredump_connector+0x10/0x10 [ 1419.197676][ C3] ? rcu_is_watching+0x12/0xc0 [ 1419.199597][ C3] get_signal+0x22e1/0x26d0 [ 1419.201612][ C3] ? __pfx_get_signal+0x10/0x10 [ 1419.203725][ C3] arch_do_signal_or_restart+0x8f/0x7c0 [ 1419.206048][ C3] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1419.208617][ C3] ? trace_irq_disable.constprop.0+0xd4/0x120 [ 1419.211295][ C3] ? do_error_trap+0x214/0x240 [ 1419.213342][ C3] irqentry_exit_to_user_mode+0x176/0x310 [ 1419.215806][ C3] asm_exc_invalid_op+0x1a/0x20 [ 1419.217859][ C3] RIP: 0033:0x200000000006 [ 1419.219395][ C3] Code: Unable to access opcode bytes at 0x1fffffffffdc. [ 1419.221782][ C3] RSP: 002b:00007fc2e9036338 EFLAGS: 00010202 [ 1419.224394][ C3] RAX: 00000000000000da RBX: 00007fc2e83e5fa0 RCX: 00007fc2e818f6c9 [ 1419.227332][ C3] RDX: 00007fc2e9036340 RSI: 00007fc2e9036470 RDI: 000000000000000d [ 1419.229779][ C3] RBP: 00007fc2e8211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1419.232483][ C3] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1419.235808][ C3] R13: 00007fc2e83e6038 R14: 00007fc2e83e5fa0 R15: 00007fffc2525db8 [ 1419.239125][ C3] [ 1419.240465][ C3] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1419.243533][ C3] CPU: 3 UID: 0 PID: 3328 Comm: syz.0.27299 Not tainted syzkaller #0 PREEMPT(full) [ 1419.247249][ C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1419.251577][ C3] Call Trace: [ 1419.253010][ C3] [ 1419.254242][ C3] dump_stack_lvl+0x3d/0x1f0 [ 1419.256240][ C3] vpanic+0x640/0x6f0 [ 1419.257852][ C3] ? debug_print_object+0x1a2/0x2b0 [ 1419.260068][ C3] panic+0xca/0xd0 [ 1419.261672][ C3] ? __pfx_panic+0x10/0x10 [ 1419.263608][ C3] ? check_panic_on_warn+0x1f/0xb0 [ 1419.265727][ C3] check_panic_on_warn+0xab/0xb0 [ 1419.267825][ C3] __warn+0xf6/0x3c0 [ 1419.269498][ C3] ? debug_print_object+0x1a2/0x2b0 [ 1419.271692][ C3] report_bug+0x3c3/0x580 [ 1419.273519][ C3] ? debug_print_object+0x1a2/0x2b0 [ 1419.275180][ C3] handle_bug+0x184/0x210 [ 1419.276563][ C3] exc_invalid_op+0x17/0x50 [ 1419.278006][ C3] asm_exc_invalid_op+0x1a/0x20 [ 1419.279546][ C3] RIP: 0010:debug_print_object+0x1a2/0x2b0 [ 1419.281404][ C3] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd a0 81 f0 8b 4c 89 e6 48 c7 c7 20 76 f0 8b e8 bf b3 ce fc 90 <0f> 0b 90 90 58 83 05 d6 da d5 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 1419.287890][ C3] RSP: 0018:ffffc900006f8a18 EFLAGS: 00010282 [ 1419.290426][ C3] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817b1cd8 [ 1419.293724][ C3] RDX: ffff88802490c900 RSI: ffffffff817b1ce5 RDI: 0000000000000001 [ 1419.296205][ C3] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 1419.299365][ C3] R10: 0000000000000000 R11: 0000000000000001 R12: ffffffff8bf07cc0 [ 1419.302596][ C3] R13: ffffffff8b9021e0 R14: ffffffff8a4da210 R15: ffffc900006f8b18 [ 1419.305884][ C3] ? __pfx_rose_t0timer_expiry+0x10/0x10 [ 1419.308281][ C3] ? __warn_printk+0x198/0x350 [ 1419.310311][ C3] ? __warn_printk+0x1a5/0x350 [ 1419.312344][ C3] ? debug_print_object+0x1a1/0x2b0 [ 1419.314465][ C3] ? __pfx_rose_t0timer_expiry+0x10/0x10 [ 1419.316844][ C3] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1419.319333][ C3] debug_check_no_obj_freed+0x4b7/0x600 [ 1419.321656][ C3] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 1419.324261][ C3] kfree+0x291/0x6d0 [ 1419.325905][ C3] ? rose_timer_expiry+0x53f/0x630 [ 1419.328118][ C3] ? rose_timer_expiry+0x53f/0x630 [ 1419.330109][ C3] rose_timer_expiry+0x53f/0x630 [ 1419.331758][ C3] ? __pfx_rose_timer_expiry+0x10/0x10 [ 1419.334075][ C3] call_timer_fn+0x19a/0x620 [ 1419.336000][ C3] ? __pfx_call_timer_fn+0x10/0x10 [ 1419.337597][ C3] ? mark_held_locks+0x49/0x80 [ 1419.339128][ C3] ? __pfx_rose_timer_expiry+0x10/0x10 [ 1419.340827][ C3] __run_timers+0x6ef/0x960 [ 1419.342286][ C3] ? __pfx___run_timers+0x10/0x10 [ 1419.343909][ C3] run_timer_base+0x114/0x190 [ 1419.345389][ C3] ? __pfx_run_timer_base+0x10/0x10 [ 1419.347352][ C3] run_timer_softirq+0x1a/0x40 [ 1419.349355][ C3] handle_softirqs+0x219/0x8e0 [ 1419.351410][ C3] ? __pfx_handle_softirqs+0x10/0x10 [ 1419.353661][ C3] __irq_exit_rcu+0x109/0x170 [ 1419.355678][ C3] irq_exit_rcu+0x9/0x30 [ 1419.357244][ C3] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 1419.359492][ C3] [ 1419.360753][ C3] [ 1419.362019][ C3] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1419.364411][ C3] RIP: 0010:preempt_count_add+0x9e/0x150 [ 1419.366270][ C3] Code: 0f 00 85 c0 75 38 65 48 8b 2d c6 0b 18 12 48 8d bd 20 15 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 <0f> 85 87 00 00 00 48 89 9d 20 15 00 00 5b 5d c3 cc cc cc cc 31 ff [ 1419.373945][ C3] RSP: 0018:ffffc900044b6f80 EFLAGS: 00000246 [ 1419.376131][ C3] RAX: dffffc0000000000 RBX: ffffffff81980758 RCX: 1ffffffff3562220 [ 1419.379383][ C3] RDX: 1ffff11004921bc4 RSI: 0000000000000008 RDI: ffff88802490de20 [ 1419.382583][ C3] RBP: ffff88802490c900 R08: 0000000000000000 R09: ffffed1008464793 [ 1419.385684][ C3] R10: ffff888042323c9f R11: 0000000000000000 R12: ffff888042323cf8 [ 1419.388430][ C3] R13: ffffc900044b71c8 R14: ffffffff90824250 R15: ffffffff81ff41f0 [ 1419.390896][ C3] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1419.392709][ C3] ? up_write+0x118/0x520 [ 1419.394101][ C3] up_write+0x118/0x520 [ 1419.395427][ C3] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1419.397260][ C3] shmem_file_write_iter+0xcf/0x140 [ 1419.398904][ C3] __kernel_write_iter+0x31a/0xb10 [ 1419.400509][ C3] ? __pfx___kernel_write_iter+0x10/0x10 [ 1419.402272][ C3] ? cgroup_freezing+0x12c/0x3b0 [ 1419.403882][ C3] ? cgroup_freezing+0x136/0x3b0 [ 1419.405454][ C3] dump_user_range+0x413/0xb70 [ 1419.406980][ C3] ? __pfx_dump_user_range+0x10/0x10 [ 1419.408658][ C3] ? elf_coredump_extra_notes_write+0xbd/0x4f0 [ 1419.410530][ C3] ? __pfx_writenote+0x10/0x10 [ 1419.412051][ C3] elf_core_dump+0x29c3/0x3c00 [ 1419.413558][ C3] ? __pfx_elf_core_dump+0x10/0x10 [ 1419.415193][ C3] ? kasan_save_stack+0x33/0x60 [ 1419.416733][ C3] ? __kasan_kmalloc+0xaa/0xb0 [ 1419.418237][ C3] ? __kvmalloc_node_noprof+0x3a3/0x9c0 [ 1419.419968][ C3] ? vfs_coredump+0x1ddc/0x5670 [ 1419.421423][ C3] ? arch_do_signal_or_restart+0x8f/0x7c0 [ 1419.423203][ C3] ? irqentry_exit_to_user_mode+0x176/0x310 [ 1419.425064][ C3] ? asm_exc_invalid_op+0x1a/0x20 [ 1419.426653][ C3] ? 0xffffffffff600000 [ 1419.428002][ C3] ? vfs_coredump+0x2b9f/0x5670 [ 1419.429526][ C3] vfs_coredump+0x2b9f/0x5670 [ 1419.431019][ C3] ? __pfx_vfs_coredump+0x10/0x10 [ 1419.432584][ C3] ? __lock_acquire+0x622/0x1c90 [ 1419.434157][ C3] ? lock_acquire+0x179/0x350 [ 1419.435649][ C3] ? is_bpf_text_address+0x8a/0x1a0 [ 1419.437271][ C3] ? bpf_ksym_find+0x127/0x1c0 [ 1419.438779][ C3] ? unwind_get_return_address+0x59/0xa0 [ 1419.440519][ C3] ? arch_stack_walk+0xa6/0x100 [ 1419.442067][ C3] ? stack_trace_save+0x8e/0xc0 [ 1419.443625][ C3] ? __pfx_stack_trace_save+0x10/0x10 [ 1419.445301][ C3] ? stack_depot_save_flags+0x29/0x9c0 [ 1419.447013][ C3] ? __lock_acquire+0xb8a/0x1c90 [ 1419.448582][ C3] ? proc_coredump_connector+0x2d1/0x4f0 [ 1419.450328][ C3] ? __pfx_proc_coredump_connector+0x10/0x10 [ 1419.452205][ C3] ? rcu_is_watching+0x12/0xc0 [ 1419.453704][ C3] get_signal+0x22e1/0x26d0 [ 1419.455144][ C3] ? __pfx_get_signal+0x10/0x10 [ 1419.456689][ C3] arch_do_signal_or_restart+0x8f/0x7c0 [ 1419.458418][ C3] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1419.460333][ C3] ? trace_irq_disable.constprop.0+0xd4/0x120 [ 1419.462190][ C3] ? do_error_trap+0x214/0x240 [ 1419.463638][ C3] irqentry_exit_to_user_mode+0x176/0x310 [ 1419.465415][ C3] asm_exc_invalid_op+0x1a/0x20 [ 1419.466953][ C3] RIP: 0033:0x200000000006 [ 1419.468356][ C3] Code: Unable to access opcode bytes at 0x1fffffffffdc. [ 1419.470488][ C3] RSP: 002b:00007fc2e9036338 EFLAGS: 00010202 [ 1419.472381][ C3] RAX: 00000000000000da RBX: 00007fc2e83e5fa0 RCX: 00007fc2e818f6c9 [ 1419.474857][ C3] RDX: 00007fc2e9036340 RSI: 00007fc2e9036470 RDI: 000000000000000d [ 1419.477312][ C3] RBP: 00007fc2e8211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1419.479758][ C3] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1419.482198][ C3] R13: 00007fc2e83e6038 R14: 00007fc2e83e5fa0 R15: 00007fffc2525db8 [ 1419.484683][ C3] [ 1419.486333][ C3] Kernel Offset: disabled [ 1419.487703][ C3] Rebooting in 86400 seconds.. VM DIAGNOSIS: 16:40:10 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000100 RBX=ffffffff90824250 RCX=ffffffff8198152a RDX=ffffed1006ddc58f RSI=0000000000000008 RDI=ffff888036ee2c70 RBP=ffff888036ee2c78 RSP=ffffc900044e7058 R8 =0000000000000001 R9 =ffffed1006ddc58e R10=ffff888036ee2c77 R11=0000000000000001 R12=1ffff9200089ce0e R13=0000000000000001 R14=ffff88802810c900 R15=ffff888036ee2c70 RIP=ffffffff81981536 RFL=00000247 [---Z-PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007f64a2eea6c0 ffffffff 00c00000 GS =0000 ffff8880d6a06000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055558f2c4808 CR3=0000000041d42000 CR4=00352ef0 DR0=0000000000000008 DR1=0000000000000002 DR2=0000000000000081 DR3=ffffffffefffff15 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffeaf067c00 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa7e1813050 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa7e181305d ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa7e1813057 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa7e181306b ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa7e18130f1 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa7e18131cf ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=ffff88806a7426e0 RCX=ffffffff81b0dbf1 RDX=ffff88805123c900 RSI=0000000000000000 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90020687758 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=dffffc0000000000 R13=ffffed100d4e84dd R14=0000000000000001 R15=0000000000000003 RIP=ffffffff81bce272 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6b06000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=000000000e182000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000c0fffc00 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000015 000000000003bf12 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555578748ae5 0000555578748840 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557872d554 000055557872d550 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557872d482 000055557872d210 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557873a884 000055557873a880 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555578736f68 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 080c800300100007 fe10000380040606 7598002364726163 2f6972642f766564 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0c80040608759800 23647261632f6972 642f7665642f01ff ffffffffffffffe1 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff04088183909a08 0001000008080606 0116f201c4c08410 0008818080821000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 92ea080001000008 0806060113fc0208 0005900304800405 80030fffffffffff ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 010b800418828392 ec08000100000608 06060113fa0fffff ffffffff040bb003 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0008000ba8030008 000ba0030008000b 98030008000b9003 0008000b88030000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000a08060b800308 04800a0505800418 818392ea08000100 00080806060113fc ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0208000590030480 040580030fffffff ffffff0408818390 9a08000100000808 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=ffffed1004854f60 RBX=ffffed1004855000 RCX=ffffffff84a36516 RDX=ffffed1004855000 RSI=0000000000001000 RDI=ffff8880242a7000 RBP=ffffed1004854e00 RSP=ffffc9000d196d10 R8 =0000000000000000 R9 =ffffed1004854fff R10=ffff8880242a7fff R11=0000000000000040 R12=ffff888066361000 R13=0000000000000000 R14=0000000000001000 R15=0000000000001000 RIP=ffffffff8225808e RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007f33d81fe6c0 ffffffff 00c00000 GS =0000 ffff8880d6c06000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000555580178808 CR3=0000000033d60000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 db4007b82e9bfc0b 158f0afcebc28ba3 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 70e3496934452039 845adad7e262db7a ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 76cfc21e2ba15598 50fe4ca742dcfb86 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c425aab247bb40e3 501d823e2674f9f0 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff 00000000000000b4 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000034 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 9853e807f84209c6 6e9a9aa7f727ed98 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 3db938a7028c3157 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 88c7f595144aca60 5e234ec799dd08ae ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 07593a5300000000 8630a02b3dd71c5e ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 3b54dd2629777b4f 38d79d815029fa00 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4abfdb820b44b689 e857a5d30a0cd21b ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000032 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85296395 RDI=ffffffff9adda780 RBP=ffffffff9adda740 RSP=ffffc900006f8380 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=0000000000000032 R14=ffffffff9adda740 R15=ffffffff85296330 RIP=ffffffff852963bf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fc2e90376c0 ffffffff 00c00000 GS =0000 ffff8880d6d06000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000200000003c00 CR3=000000002daee000 CR4=00352ef0 DR0=0000000000000008 DR1=0000000000000002 DR2=0000000000000081 DR3=ffffffffefffff15 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffce639cb20 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f33d7413050 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f33d741305d ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f33d7413057 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f33d741306b ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f33d74130f1 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f33d74131cf ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000050 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000