last executing test programs: 1.805744007s ago: executing program 0 (id=3945): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40004) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmsg$nl_netfilter(r5, 0x0, 0x4) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r6, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_clone3(&(0x7f0000000140)={0x4000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 1.726737103s ago: executing program 1 (id=3948): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNATTACHFILTER(r4, 0x401054d5, 0x0) 1.710626996s ago: executing program 3 (id=3949): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000280), 0x20000, 0x0) 1.705494841s ago: executing program 1 (id=3950): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0xb, 0x84) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_emit_ethernet(0x4e, &(0x7f0000000300)=ANY=[@ANYBLOB="ffffffffffff0180c200000086dd625616990000000000000000060000000000000000000001200100000000000000000000000000023b0200000000000007"], 0x0) 1.617586043s ago: executing program 1 (id=3951): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r0, @ANYRES64], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) ioctl$KVM_X86_SETUP_MCE(r0, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r1 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r1, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0) ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0xfe, "0062ba7d82000000160000000000f738096304"}) r4 = syz_open_pts(r3, 0x900) r5 = dup3(r4, r3, 0x80000) read(r5, 0x0, 0x0) 1.527698458s ago: executing program 0 (id=3952): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000240)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f00000003c0)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x23}}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001a00)=ANY=[@ANYBLOB="18000000030000000000000026d0000095002b000000000093adff012255f674412d02000000880b5f04596a5e99fce658be2f200c699223886d8be4b50000005ab527ee3697f98125f30e6326996a3cfee33025a30b45bdcf2c69d105e5e55a1d273683623f1a5dc6e3c7e20eb7a98ecf3bd2cf898e924abe26ac296f660e69ba982fd76e00dcff7f0000ca6b78ad833488cfe4109eaf009eddcf21f5c63cde2f00150200000001000000520a0000151d010000000100bf00000000cc587424363da52001a3cdf2000000db74596fd72c002a60c1bc7dc8c38b7d2e13c50424b9dd1145d03ff45f70685c6bd9ff41c69b7de406e89dcbb7677e65a88a8407a9e7f9c0e91028b0856eb1ed9474480737a55ebb0bd701f7fb21135c6172eba7eb8a341f07e5a2d1e88b3cfc22df01e4bac9d97328fa2a82b5e8741e02056d93a433f50479387467824262852c7939db5672d07cdbe8e14abf56497e5d56dbe37551b870b2851c3f0a1a9ebfcba105a6ccdd01b0f04edb256c0200000073f6db43661bd7f0e2536ffbfe5ca31b4083145531458b7d1e341c6b351ebc5223f54d6bec93f4ef088e5d1be2515226988d664709ff03f1aa3dc7f1580ace9bf2afd28d0700000000000000d6eb372713255012e028cb2654d493a0b43bf21375709f348f5eda2967199cc936859a538100070000000000dc10e13ef227f627a40000ad1fa253d33fa74f172d3407ae4e1e347c0c6ef9dd2b6bb700000000000000000c586272c3f4d79bc36315745cb149f3cb385e6add14652003c7cdd3324f07d134d3a6c718bbd1aafe1140cff0be4c6f8df084c5e9734ae30aa9af030025f01ab03a9b1074407136bc506031f0916a39d3057d55183612b39e73ae8e6dc30356886a831836469e2051d937eb85f3f2d5ae2c1dca476b97419a3b76ed62409d004d7fbe362145d19605d760df4c5124ca325d374b371867a79b35c6617fc3327191fbf514573f0e30d1d60be2168fffc2f3dccd599a2cb77f124e22f87673675805494db821f39b50d938d5fd8c6b2a3a324c257bc9110971b749ccd74089ed6b86f81ca3ba47d8f71d290ed1b1a11f7a67125170c88c3b6a50692cc0064fc6bbd312536ac15016c85c6332226401b110da9c786eeca22debc99335587b54c13c3107008fa069af8223b38ced735c2d906551004d8dc10d88738488da01ffa4add56474573c964a270000f2f16625c0c10200000000c7a5ca60fdad159f2e44171f39638410020000004825d081f2d987f05c534187738655d7dc958f2046fa0c1619a6554b82d9c162eb61ca74f1ffdaccf0ea5f06e0fca8b27ff3983ab74fd3d560700a1fab44e77e312b3b129e000302d613916c9bcf9f0000fac73a5b6bfb27f88dba816020be760f7b45e001efada8000000000000fdaf4660402f7b3b79a433e08074ea2462974a00040000eb01352638f56dae0249d15ba8767259658878b7492cfbacde9b57cf4de00788adce638190f3570e0b4c80ef682df22201270955afb6008846557ee3bc09fda6dbb6550d597300eb82a184c96ffde5a30e5433e866665b98ca2002c804c22ff2634b7bfbf5c0d586cda5b45fd00dede1e88a4d41dee7cc76d7a23d06acb1d2d4c58faea84158bb440df2a694f4cdcaa4f65c22efffffffffffdd00000000d503d79986958115ae07b70f991430b7fb475d77b869ee02000000000000000000001ffff0ef89b2a68d2b05c995445d8a7700bcdfbec74fb2dd163e863315e84498dfb52bb93f6c9084659ce777ddac563c8596c2b1d8180289a61faa95a82bf1cfb7f2fd7252e9322abe282c33445d443a67467893b9bf0d1c8130ae6b226900000635376413c29f7c6f7b7e29b9a0c64e68328661f0c06e21f7d7dc22174ea4447a6f60edef3a4168d40200fbc71104512efe8e5d7d934aa289b4bd2b870000000000000000000007000000002000000000009b777883a02f0593dfc4cb4114b9f9cf4ad155110cc6ace2b322ac31bfa27847c799c8009a1ea5b98e525e6383ad7fd9795170e7b11e247603c2ff49a11459c7f606d729d3979676bffb3049166bb84a0f061991bd57c2566c10c282352aba05b6164ef876915a3f2491e4793e590dcc71de10da96366c1e992c0068c940dd4422c9882d3aa0f8a797b8fea6efcfb5276b7679f15559edaa977504cc0b2f777acb907ebf5fc14add71d0bca37405ded69b77ab4a3d7487fd04000000de17e1e13b93669b79556abb722d9c085b189b5fd1f30e8dc813f608830b110001732135e8e7262f290000923bfb6b41ff3792cee2fc37eee739c3e36a4bc80112968ec0d8902eced1fe552018014a463abbbf7ccd6a92a5734e3ebfca9b6e88e031f31de2183652e77c164c646a1cfd3710aa4205d8d4d4f974133ccb1e49feb42664eccd809c0ba8917eda87489e8946d5c8156197bcb66fd5606c63e3389ee9e8552381646365066ef9a36a449c96485c22ad1aa423b7b89efbc6cd54000bb0ea5f4f1e8773144fb6ac9a44d43593d77e66aa7ed7f3d4e7b211590c738888d02b2dbb0b2ba73ec72e1d8d7360a128499dd19e1e7b9b0671f4f58515b45ecb9964f3c4ddb8234391d514f8d996d8d6dd7f8fadfee2d7a0035638ce27c2936cb04b30a0eb0cde0000000000000040000000ec3c12ecee8fc3a40000000000000000e215b00ce2570b930723cbadb4033d1b8aaa2cfb3fb89e4a6e89737fd6232218a9e0c099d1eb59d60b3cca089785642f327139bc4394fb6d547a9b3c22599e780c1da7433fb47615d372e3fffe9703e37d5c87d513165278650738efcc04d27b766cf7f60066edd292f6c8a2174f391ed164bb1816819ceb3e378e776d422bc946cd9501accebeac3a5b31d8abc68ae537cd44a04e6bc21c35a7beab2610c51e593676bf635a20f597f4631b91454d182f826071f5210bd6d93173589929b23801e63c2266fde13b5a04b8d48be057c752bc415a756ea9b4d34156c4f73dd5e5924ef101a5fcdaf37c7ba2c4a9de9b000000000000000000000000000000a73b862e4b63c245616b522345587d0ee65a6902bdd0abd941e8aba37510b222ae544f395edd1b92ad53fc68f08ea00edc5e10d768836169dd296d56b306e8b75778c37571792a6c3d8b02ef378ebd59422cdd008bef6f80a80a68641ea5ed4f1126bb676098c10bf663eb3fb8c839364d28fd046dc64b35f9c3397ce6f4ad357b0000000000090000000088c7a8e2638f650a6f04a6f33a090f59414d6ebcbc687e66d600000000bd0a58ea6d36fc2cf9b9a71c137a2a22adb1006f371d4faf47285fd66fe0389afb96854bb360edcdf11b4ff6dd578bba93e949d240cde9b5836cb46032484dc19c93db7b6e5afa10547c78e76a3111557346e52566df196fd630561bb908fff4d2e19562aabd43742a26a43799f8636fa04ceb40c9e4ca1cfbbc7b949cd245a3ee118fd0d4f639444539af8766028d4ac4d4c548e290199e0dacbb4f6796b39bf32934d941ba2f88e3ebd0cf8e24f99eca86e4ca9b2cd2b54044a7fc4631572a6378a32df288785f146275c1f548e2a0c1016744e05f9de5044373d7650125027547eefe7b2d8c8871bb65395fae99d8456883705bfdfb00001854b2e5efa8aaf25827d659f592b1575281ec125de7fb91cd81d91dcb19f5cdf1e1e2b4a8a1389753a09110538689e38e07fb2dc72bd4fd11d7bc16aac5d85c6101bb722895248e463a5fb45ce0e564e90cb19d5993b471687ae4165e29cf2f58082115f5f8569896eedfd798733223e6d6584997510c374912ab798bd4af4654c01bb2c411bc36468ddd62b4eba5cfc8953526e0e5b1359797956152d0098ce47c62c3fe5a23219389622b7f65bf03527d25c3941b9cf1ffeedf6d99082bb57ea871c12213cc40900f83033bc18c529171fae324c315bc6ce358831d0230412212acfd5fc8d5cb0d028cf568e8bb40e27befe2ff01f7c6674a4d86d900633ea36641e0a781ea0ea7f2d928b8b22e2f97dd13348927375baea6863bef4acf4299096ada5cdd2a0eaafaa760a79d102d1e0c0000000000000000007926653b8d79ce16a432f124786a0bc3c5b7d196822492ae1ccf91aeac16406ad6f9cd3d96d57fceba8360ae49f73351814c9c2972f11064aaf3739d9100f9c0e4d0cb17d50c82e305ba7d62cf1cc6da26e34982a8c74dd8122cf5b5e7c34fd2712a0cef05e4d8ec7dd363219676bd9b19943185b132eb35a695e208dfa5cecdb1d6425c8879063c0f11bd64291a4209ee6dc1d9e9010013f6148c603e6a335e298efd6ab5cccc47a2c568c6afec54f8251bd840752addf200371361c9eedf05ed98585cf6d99e9e56055064bda2d373369761238c278147cd0eb7799f6b9c9fcaa3fd282154994f5b25420c86db9b6401e885de1c615a719a1c83e8fbbb181282dbaf3313a4e4a4877e9f37607e2cd6da0cf6371ec06a75f5a4206b2418ad8897ae149085d63f01f22eca44033234b3930b4d5da756669a1d59d69e7de54abf439988ed7ec33c2d0a901bb0985a24878984d8a4340fa9a356d100926fb5f2ef9976366a61b8cc2bcb1c072b0e9c564852388e1edff10d75b3832792e471cc15b40380f94d834243080158603fbc9134d6983c540525447478984611c0d9666941bfc0a30db47a8828b6e5c51aee2094599b4ce52795750e1764f1657ca8c5633c71287239dddf5c651496f7bbd148c937f083d2e4e0197dbc6ff0649c749707b17399b1d7efad23abb8b40b38704737e15662ae4913a4a001cd3b71c7af75b5ffad9780650c800a40ca80ddc41987919142fd28dbf22db5f4c435415a03455e1d55d1783ccef97d7e4655cf839d06f06e137bbe462a03b3100231914b19739dd57b4f12d026ad0c7fd3"], &(0x7f00002bf000)='GPL\x00', 0x4, 0x436, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffc95}, 0x48) r2 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000180)={r0, r1}) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x89e2, &(0x7f0000001380)={0xffffffffffffffff}) recvmmsg$unix(r3, &(0x7f0000005b80)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x4, 0x1, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40d1}, 0x40d8) 1.186276603s ago: executing program 1 (id=3955): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0x0, 0x0) 967.816861ms ago: executing program 2 (id=3960): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ieee802154(0x0, r2) sendmsg$IEEE802154_LLSEC_LIST_DEV(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)={0x14, r3, 0x303, 0x70bd2a, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x88d0}, 0x8000) 967.241663ms ago: executing program 2 (id=3961): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0) ftruncate(r2, 0x80000000) 966.619051ms ago: executing program 1 (id=3962): r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge_slave_0\x00', 0x0}) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xf) r3 = fcntl$dupfd(r2, 0x0, r2) syz_open_dev$tty1(0xc, 0x4, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) geteuid() connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r7}, 0x10) syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff) r8 = socket$netlink(0x10, 0x3, 0x4) sendmsg$nl_generic(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f000000d379)={&(0x7f0000000380)={0x18, 0x14, 0x609, 0x0, 0x0, {0x1e}, [@generic="c1"]}, 0x18}}, 0x8040) r9 = socket(0x11, 0x3, 0x0) bind$packet(r9, 0x0, 0x0) ioctl$TCFLSH(r3, 0x400455c8, 0x2) ioctl$TIOCSETD(r3, 0x5412, &(0x7f0000000140)=0xffffffc0) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000180)=0xdb) ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000019600)=0xff) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=@bridge_delneigh={0x1c, 0x1d, 0xf07, 0x20000000, 0x3, {0x7, 0x0, 0x0, r1, 0x80, 0x0, 0x8}}, 0x1c}}, 0x0) 887.439539ms ago: executing program 2 (id=3963): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) write(r0, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_open_procfs(0x0, &(0x7f00000000c0)='gid_map\x00') 886.344166ms ago: executing program 2 (id=3964): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r0, @ANYRES64], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) ioctl$KVM_X86_SETUP_MCE(r0, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r1 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r1, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0) ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0xfe, "0062ba7d82000000160000000000f738096304"}) r4 = syz_open_pts(r3, 0x900) r5 = dup3(r4, r3, 0x80000) read(r5, 0x0, 0x0) 797.734124ms ago: executing program 3 (id=3965): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.empty_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x4, 0x3, &(0x7f0000000580)=@framed, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 746.311036ms ago: executing program 3 (id=3966): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x0) write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYRES8, @ANYRES8], 0x118) r4 = socket$netlink(0x10, 0x3, 0x0) writev(r4, &(0x7f0000000180)=[{&(0x7f0000000240)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) 695.506686ms ago: executing program 3 (id=3967): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x0, &(0x7f00000004c0)={[{@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) 646.748985ms ago: executing program 3 (id=3968): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40004) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmsg$nl_netfilter(r5, 0x0, 0x4) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r6, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_clone3(&(0x7f0000000140)={0x4000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 597.363206ms ago: executing program 0 (id=3969): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_GET_WPAN_PHY(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="6d9311000000f8dbdf25010000000c0003"], 0x28}, 0x1, 0x0, 0x0, 0x48891}, 0x880) 527.263573ms ago: executing program 0 (id=3970): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ieee802154(0x0, r2) sendmsg$IEEE802154_LLSEC_LIST_DEV(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)={0x14, r3, 0x303, 0x70bd2a, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x88d0}, 0x8000) 526.66804ms ago: executing program 0 (id=3971): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000dc0), 0x0, 0x40004) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) write(r4, 0x0, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000000980)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r6, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r7, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$binfmt_misc(r7, &(0x7f00000001c0)="82019551", 0x4) 417.394677ms ago: executing program 0 (id=3972): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r5, 0x4400ae8f, &(0x7f00000003c0)={"8657b7c2306ba3d683317a3f78cfdb28d5bd6b14b9c1ab6c2c0279f0ef3d46399b5da2b3b59e90a5c35d558fb8b03b6156fe71e734682a10c1ddccf39314ac96267cabc37f1b7cb6c8dca33bbd0fafe23a2d2b4b1313de59d2eee0b81a440c50d246736dad8f3df6331571396e1d75bb51799a25eb9d34e2613152b05fadf1cd8a3cac148d934d466991289926c25e7bfbf474f8c4e8603e7d71349129dc1dbfcc037a768212987ac38d6dbe49234e9083fed1cb866fcb6c89a550ab3e4ee236a653579a449cc8ac9442f2eb080cbac196a3311ce60149cd46ec732d0f1a827ad9cefdf99c409edc1a636681a55e1359ad6987b23e6f3543d3e31b0cedf4359289eb95c9738681ffe72f4415b0de58f7f687a29af05e8d893d14fa40f016083d66e14e9dd393524546ddf9f82a8779a15293edb709b1c2a63ad763270a297d3d8918c6caa843070c025aa6fdcf46c1afee1f03c8c26738ec3881362e106f4a8a74596613c74447398db3259c50b9112e3628546df755ff26ef5e80bb21470bd109e0b7feec6e4686e29c8293d5c68f5ca745465d0a79583bce54a22970dfbf1e7e15f3b6785f84fef7a18f3ad81d1b6ba3afffa36db1808f653af59c0bcd99235f688638f64a7f4d72a6886385f77e85024a1740865a359be4e95d2cf7c640790ce82c4d34c2c1668a2ff9f1230b1240218af8308a6a0d732e9f8fb40de894a3d2450a999b92f7dc22f1d4f8837f8068e54a9fcf412421ee6b2a68d2b06f972f2b974ad5555158cd72902a75bf1a5331c667137b1025012ca1cce7ca607983534545c10c5b984a099a4eb847ae4612adaf98f1b203a61a03f9886721644af54706a5e23434653dbb1db3c1affdec971f47e06e1fd472b1733c07a315da97f2ad8cd9dc090c87fac28344ed386c5da862cf7bc8ec67177f0763af8f15a8815db5d85308c579872f201772905f3820c1fa4ca96106c956b956edd859a97fe46eeeb2161cac33aaa7b4a5d67463b98088ea9dfa8d71d62b2ce07ec556e81077c409c2af5ea4d4d3a09e2c0c8384ee56423b6d81e0f13594003fd8bfc123cd41cade439c007b4323e5d1009c5ed9d85c7917a2a411910967ff8081729d134666b526bb3de5e36b09d1b6315d1671df6b302ed25cb330d79e1e9eb9e6bd399042942cffc360afbcaf021c8f084e8d2973d331bcccf8ff7b90dc1decb55aa63ce4d89c984562643984a502333e9d17ffbd42ebcfa940d292c1ef7bd018f4b1c6052afd01967d42b226b7f75136ffce9d543844407a90e5bace2e359ae76cf861e99b327a9546712f6e2481610aac5f5b69304cd5dc1bcb2cb17368a24ea0a1ce83aa3654b2bc284b118f46091374aa629013a5160683130132d19612259296abc55192cb54f87adf1cb20f7d00592baf9fd36c4e080c681d2c0e6ff3cf36f363ae75c0"}) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, 0x0) 416.179886ms ago: executing program 3 (id=3973): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000280), 0x20000, 0x0) 177.850584ms ago: executing program 2 (id=3974): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0) ftruncate(r2, 0x80000000) 11.641325ms ago: executing program 2 (id=3975): r0 = io_uring_setup(0x6f8b, &(0x7f00000000c0)) clock_nanosleep(0x8, 0x1, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe) close_range(r0, 0xffffffffffffffff, 0x0) sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x4000) 0s ago: executing program 1 (id=3976): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0xb, 0x84) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_emit_ethernet(0x4e, &(0x7f0000000300)=ANY=[@ANYBLOB="ffffffffffff0180c200000086dd625616990000000000000000060000000000000000000001200100000000000000000000000000023b0200000000000007"], 0x0) kernel console output (not intermixed with test programs): [ 175.126481][ T40] audit: type=1400 audit(1763508601.390:310): avc: denied { listen } for pid=9441 comm="syz.0.1579" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 175.133395][ T40] audit: type=1400 audit(1763508601.410:311): avc: denied { connect } for pid=9441 comm="syz.0.1579" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 175.231587][ T9456] capability: warning: `syz.1.1583' uses deprecated v2 capabilities in a way that may be insecure [ 175.238446][ T9456] process 'syz.1.1583' launched '/dev/fd/5' with NULL argv: empty string added [ 175.246000][ T40] audit: type=1400 audit(1763508601.520:312): avc: denied { execute_no_trans } for pid=9449 comm="syz.1.1583" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=3083 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 175.301422][ T9459] netlink: 'syz.0.1585': attribute type 16 has an invalid length. [ 175.304936][ T9459] netlink: 64138 bytes leftover after parsing attributes in process `syz.0.1585'. [ 175.612572][ T40] audit: type=1400 audit(1763508601.890:313): avc: denied { sqpoll } for pid=9465 comm="syz.3.1589" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 176.145789][ T9481] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 176.672734][ T40] audit: type=1400 audit(1763508602.950:314): avc: denied { watch_mount } for pid=9490 comm="syz.2.1601" path="/410" dev="tmpfs" ino=2565 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 176.727120][ T9493] fuse: Bad value for 'user_id' [ 176.730568][ T9493] fuse: Bad value for 'user_id' [ 176.777386][ T9495] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1603'. [ 177.149628][ T6034] usb 5-1: new full-speed USB device number 17 using dummy_hcd [ 177.311019][ T6034] usb 5-1: config 8 has an invalid interface number: 206 but max is 0 [ 177.315711][ T6034] usb 5-1: config 8 has no interface number 0 [ 177.318176][ T6034] usb 5-1: config 8 interface 206 altsetting 1 has an invalid endpoint descriptor of length 2, skipping [ 177.322397][ T6034] usb 5-1: config 8 interface 206 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 177.327554][ T6034] usb 5-1: config 8 interface 206 has no altsetting 0 [ 177.333199][ T6034] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=35.bb [ 177.336653][ T6034] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 177.341245][ T6034] usb 5-1: Product: syz [ 177.343237][ T6034] usb 5-1: Manufacturer: syz [ 177.345597][ T6034] usb 5-1: SerialNumber: syz [ 177.564186][ T6034] garmin_gps 5-1:8.206: Garmin GPS usb/tty converter detected [ 177.575010][ T6034] garmin_gps ttyUSB0: failed to submit interrupt urb: -22 [ 177.579513][ T6034] garmin_gps ttyUSB0: probe with driver garmin_gps failed with error -22 [ 177.589852][ T6034] usb 5-1: USB disconnect, device number 17 [ 177.594742][ T6034] garmin_gps 5-1:8.206: device disconnected [ 178.145761][ T9528] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 178.862920][ T9562] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 179.206095][ T9580] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 179.514236][ T9615] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 179.816983][ T9646] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 179.853425][ T40] audit: type=1400 audit(1763508606.130:315): avc: denied { ioctl } for pid=9647 comm="syz.3.1675" path="socket:[32627]" dev="sockfs" ino=32627 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 179.862446][ T40] audit: type=1400 audit(1763508606.130:316): avc: denied { read } for pid=9647 comm="syz.3.1675" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1 [ 180.370343][ T9664] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 180.527057][ T40] kauditd_printk_skb: 1 callbacks suppressed [ 180.527074][ T40] audit: type=1400 audit(1763508606.800:318): avc: denied { write } for pid=9678 comm="syz.1.1689" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 180.579626][ T40] audit: type=1400 audit(1763508606.850:319): avc: denied { unmount } for pid=9682 comm="syz.2.1692" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 180.606376][ T9690] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 180.606618][ T9687] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 180.749562][ T5938] Bluetooth: hci1: command 0x0406 tx timeout [ 180.752177][ T5938] Bluetooth: hci2: command 0x0401 tx timeout [ 180.974924][ T9707] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1702'. [ 180.982156][ T9707] batadv_slave_0: entered promiscuous mode [ 180.984914][ T9707] batadv_slave_0: left promiscuous mode [ 181.144645][ T9711] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 181.435466][ T9735] mmap: syz.2.1715 (9735) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 181.455062][ T40] audit: type=1400 audit(1763508607.730:320): avc: denied { write } for pid=9734 comm="syz.1.1716" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 182.262379][ T9772] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 183.219339][ T841] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 183.259252][ T40] audit: type=1400 audit(1763508609.530:321): avc: denied { node_bind } for pid=9818 comm="syz.3.1754" saddr=224.0.0.1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 183.380118][ T841] usb 5-1: Using ep0 maxpacket: 8 [ 183.384014][ T841] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 183.390197][ T841] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 183.393577][ T841] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 183.398713][ T841] usb 5-1: config 0 descriptor?? [ 183.609976][ T6001] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 183.615201][ T841] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 183.769287][ T6001] usb 8-1: Using ep0 maxpacket: 16 [ 183.772503][ T6001] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 183.778102][ T6001] usb 8-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 183.783510][ T6001] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 183.793005][ T6001] usb 8-1: Product: syz [ 183.794582][ T6001] usb 8-1: Manufacturer: syz [ 183.796589][ T6001] usb 8-1: SerialNumber: syz [ 183.800401][ T6001] usb 8-1: config 0 descriptor?? [ 183.805002][ T6001] em28xx 8-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 183.820006][ T6001] em28xx 8-1:0.0: DVB interface 0 found: bulk [ 184.017647][ T2304] usb 5-1: USB disconnect, device number 18 [ 184.409748][ T6001] em28xx 8-1:0.0: unknown em28xx chip ID (0) [ 184.639391][ T9860] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 184.817440][ T6001] em28xx 8-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 184.821151][ T6001] em28xx 8-1:0.0: board has no eeprom [ 184.879457][ T6001] em28xx 8-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 184.883967][ T6001] em28xx 8-1:0.0: dvb set to bulk mode. [ 184.891603][ T29] em28xx 8-1:0.0: Binding DVB extension [ 184.896870][ T6001] usb 8-1: USB disconnect, device number 9 [ 184.913013][ T6001] em28xx 8-1:0.0: Disconnecting em28xx [ 184.919146][ T29] em28xx 8-1:0.0: Registering input extension [ 184.922271][ T6001] em28xx 8-1:0.0: Closing input extension [ 184.931790][ T6001] em28xx 8-1:0.0: Freeing device [ 185.360087][ T9888] program syz.3.1787 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 185.422043][ T9889] kvm: kvm [9887]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc2) = 0x9d00 [ 185.425893][ T9889] kvm: kvm [9887]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x9d00 [ 185.561217][ T9907] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 185.859323][ T9] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 186.020308][ T9] usb 5-1: Using ep0 maxpacket: 16 [ 186.024286][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 186.031149][ T9] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 186.035113][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 186.038197][ T9] usb 5-1: Product: syz [ 186.040365][ T9] usb 5-1: Manufacturer: syz [ 186.042678][ T9] usb 5-1: SerialNumber: syz [ 186.047083][ T9] usb 5-1: config 0 descriptor?? [ 186.055203][ T9] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 186.059536][ T9] em28xx 5-1:0.0: DVB interface 0 found: bulk [ 186.659091][ T9] em28xx 5-1:0.0: unknown em28xx chip ID (0) [ 187.068088][ T9] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 187.071157][ T9] em28xx 5-1:0.0: board has no eeprom [ 187.129561][ T9] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 187.133066][ T9] em28xx 5-1:0.0: dvb set to bulk mode. [ 187.135708][ T6002] em28xx 5-1:0.0: Binding DVB extension [ 187.143243][ T9] usb 5-1: USB disconnect, device number 19 [ 187.146716][ T9] em28xx 5-1:0.0: Disconnecting em28xx [ 187.161204][ T6002] em28xx 5-1:0.0: Registering input extension [ 187.163451][ T9] em28xx 5-1:0.0: Closing input extension [ 187.174446][ T9] em28xx 5-1:0.0: Freeing device [ 187.280618][ T9970] overlayfs: missing 'lowerdir' [ 187.491195][ T9986] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1831'. [ 187.494320][ T9986] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1831'. [ 187.497247][ T9986] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1831'. [ 187.599901][ T9992] overlayfs: missing 'lowerdir' [ 188.476408][T10028] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 188.479366][T10028] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 188.759616][ T6022] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 188.782235][T10050] syzkaller1: entered promiscuous mode [ 188.784600][T10050] syzkaller1: entered allmulticast mode [ 188.924109][ T6022] usb 8-1: Using ep0 maxpacket: 16 [ 188.927884][ T6022] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 188.934918][ T6022] usb 8-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 188.939118][ T6022] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 188.942981][ T6022] usb 8-1: Product: syz [ 188.944959][ T6022] usb 8-1: Manufacturer: syz [ 188.947027][ T6022] usb 8-1: SerialNumber: syz [ 188.951415][ T6022] usb 8-1: config 0 descriptor?? [ 188.957997][ T6022] em28xx 8-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 188.963125][ T6022] em28xx 8-1:0.0: DVB interface 0 found: bulk [ 189.634283][ T6022] em28xx 8-1:0.0: unknown em28xx chip ID (0) [ 189.854891][T10090] ip6t_srh: unknown srh match flags 5294 [ 190.046030][ T6022] em28xx 8-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 190.049161][ T6022] em28xx 8-1:0.0: board has no eeprom [ 190.109465][ T6022] em28xx 8-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 190.118003][ T6022] em28xx 8-1:0.0: dvb set to bulk mode. [ 190.121659][ T6049] em28xx 8-1:0.0: Binding DVB extension [ 190.148556][ T6022] usb 8-1: USB disconnect, device number 10 [ 190.155782][ T6022] em28xx 8-1:0.0: Disconnecting em28xx [ 190.177530][ T6049] em28xx 8-1:0.0: Registering input extension [ 190.181246][ T6022] em28xx 8-1:0.0: Closing input extension [ 190.190288][ T6022] em28xx 8-1:0.0: Freeing device [ 190.731443][T10138] overlayfs: missing 'workdir' [ 191.193267][T10168] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1918'. [ 191.524430][T10186] overlayfs: missing 'lowerdir' [ 191.805526][ T40] audit: type=1326 audit(1763508618.080:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10198 comm="syz.1.1932" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a0a18f6c9 code=0x7ffc0000 [ 191.829271][ T40] audit: type=1326 audit(1763508618.080:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10198 comm="syz.1.1932" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a0a18f6c9 code=0x7ffc0000 [ 191.836710][ T40] audit: type=1326 audit(1763508618.080:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10198 comm="syz.1.1932" exe="/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f5a0a18f6c9 code=0x7ffc0000 [ 191.849301][ T40] audit: type=1326 audit(1763508618.080:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10198 comm="syz.1.1932" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a0a18f6c9 code=0x7ffc0000 [ 191.856985][ T40] audit: type=1326 audit(1763508618.080:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10198 comm="syz.1.1932" exe="/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f5a0a18f6c9 code=0x7ffc0000 [ 191.879829][ T40] audit: type=1326 audit(1763508618.080:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10198 comm="syz.1.1932" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a0a18f6c9 code=0x7ffc0000 [ 191.887903][ T40] audit: type=1326 audit(1763508618.080:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10198 comm="syz.1.1932" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5a0a18f6c9 code=0x7ffc0000 [ 191.895500][ T40] audit: type=1326 audit(1763508618.080:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10198 comm="syz.1.1932" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a0a18f6c9 code=0x7ffc0000 [ 191.903171][ T40] audit: type=1326 audit(1763508618.080:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10198 comm="syz.1.1932" exe="/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f5a0a18f6c9 code=0x7ffc0000 [ 191.910942][ T40] audit: type=1326 audit(1763508618.080:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10198 comm="syz.1.1932" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a0a18f6c9 code=0x7ffc0000 [ 192.119438][ T6001] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 192.269485][ T6001] usb 5-1: Using ep0 maxpacket: 16 [ 192.289342][ T6001] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 192.294294][ T6001] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 192.297246][ T6001] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 192.300101][ T6001] usb 5-1: Product: syz [ 192.301500][ T6001] usb 5-1: Manufacturer: syz [ 192.303075][ T6001] usb 5-1: SerialNumber: syz [ 192.305817][ T6001] usb 5-1: config 0 descriptor?? [ 192.312213][ T6001] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 192.315233][ T6001] em28xx 5-1:0.0: DVB interface 0 found: bulk [ 192.482495][T10224] kvm: kvm [10223]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc2) = 0x9d00 [ 192.486922][T10224] kvm: kvm [10223]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x9d00 [ 192.918031][ T6001] em28xx 5-1:0.0: unknown em28xx chip ID (0) [ 192.963296][T10259] overlayfs: failed to clone upperpath [ 193.009794][T10263] ======================================================= [ 193.009794][T10263] WARNING: The mand mount option has been deprecated and [ 193.009794][T10263] and is ignored by this kernel. Remove the mand [ 193.009794][T10263] option from the mount to silence this warning. [ 193.009794][T10263] ======================================================= [ 193.027341][T10263] overlayfs: failed to clone lowerpath [ 193.032459][T10263] overlayfs: failed to clone lowerpath [ 193.172895][T10281] netlink: 280 bytes leftover after parsing attributes in process `syz.3.1967'. [ 193.210950][T10284] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 193.213907][T10284] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 193.328456][ T6001] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 193.336247][ T6001] em28xx 5-1:0.0: board has no eeprom [ 193.399806][ T6001] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 193.404479][ T6001] em28xx 5-1:0.0: dvb set to bulk mode. [ 193.407839][ T841] em28xx 5-1:0.0: Binding DVB extension [ 193.423850][ T6001] usb 5-1: USB disconnect, device number 20 [ 193.441908][ T6001] em28xx 5-1:0.0: Disconnecting em28xx [ 193.455002][ T841] em28xx 5-1:0.0: Registering input extension [ 193.459089][ T6001] em28xx 5-1:0.0: Closing input extension [ 193.466081][ T6001] em28xx 5-1:0.0: Freeing device [ 193.657484][T10304] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 193.663049][T10304] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 193.942485][T10327] overlayfs: missing 'lowerdir' [ 194.033758][ T1423] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.036421][ T1423] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.144559][T10335] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 194.399303][ T9] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 194.550075][ T9] usb 8-1: Using ep0 maxpacket: 16 [ 194.561056][ T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 194.567333][ T9] usb 8-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 194.571583][ T9] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 194.574642][ T9] usb 8-1: Product: syz [ 194.576633][ T9] usb 8-1: Manufacturer: syz [ 194.578902][ T9] usb 8-1: SerialNumber: syz [ 194.594044][ T9] usb 8-1: config 0 descriptor?? [ 194.599581][ T9] em28xx 8-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 194.603521][ T9] em28xx 8-1:0.0: DVB interface 0 found: bulk [ 194.921714][T10371] overlayfs: missing 'lowerdir' [ 195.203438][ T9] em28xx 8-1:0.0: unknown em28xx chip ID (0) [ 195.611480][ T9] em28xx 8-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 195.614133][ T9] em28xx 8-1:0.0: board has no eeprom [ 195.679348][ T9] em28xx 8-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 195.681977][ T9] em28xx 8-1:0.0: dvb set to bulk mode. [ 195.683924][ T6002] em28xx 8-1:0.0: Binding DVB extension [ 195.688658][ T9] usb 8-1: USB disconnect, device number 11 [ 195.692065][ T9] em28xx 8-1:0.0: Disconnecting em28xx [ 195.702336][ T6002] em28xx 8-1:0.0: Registering input extension [ 195.704524][ T9] em28xx 8-1:0.0: Closing input extension [ 195.711066][ T9] em28xx 8-1:0.0: Freeing device [ 195.839734][ T6022] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 195.989300][ T6022] usb 5-1: Using ep0 maxpacket: 8 [ 195.992861][ T6022] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 195.997328][ T6022] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 196.001462][ T6022] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 196.005544][ T6022] usb 5-1: config 0 descriptor?? [ 196.220922][ T6022] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 196.298868][T10429] tipc: Enabling of bearer rejected, failed to enable media [ 196.620800][ T841] usb 5-1: USB disconnect, device number 21 [ 196.945201][T10456] tipc: Started in network mode [ 196.947312][T10456] tipc: Node identity 0e33ac775c18, cluster identity 4711 [ 196.950373][T10456] tipc: Enabled bearer , priority 0 [ 196.954210][T10456] syzkaller0: entered promiscuous mode [ 196.956054][T10456] syzkaller0: entered allmulticast mode [ 196.971125][T10456] tipc: Resetting bearer [ 196.981456][T10456] tipc: Resetting bearer [ 196.993008][T10456] tipc: Disabling bearer [ 197.623605][T10483] overlayfs: missing 'lowerdir' [ 198.675544][T10529] syzkaller1: entered promiscuous mode [ 198.677680][T10529] syzkaller1: entered allmulticast mode [ 198.861420][T10531] netlink: 'syz.1.2082': attribute type 13 has an invalid length. [ 198.978969][T10533] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 199.209805][T10559] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 199.454389][T10574] kvm: kvm [10573]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc2) = 0x9d00 [ 199.459819][T10574] kvm: kvm [10573]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x9d00 [ 199.823301][T10595] syzkaller1: entered promiscuous mode [ 199.825743][T10595] syzkaller1: entered allmulticast mode [ 200.195538][ T40] kauditd_printk_skb: 14 callbacks suppressed [ 200.195556][ T40] audit: type=1400 audit(1763508626.470:346): avc: denied { create } for pid=10621 comm="syz.1.2120" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 200.301761][T10639] syzkaller1: entered promiscuous mode [ 200.303976][T10639] syzkaller1: entered allmulticast mode [ 200.443366][T10650] netlink: 'syz.3.2132': attribute type 13 has an invalid length. [ 200.779830][T10670] kvm: kvm [10669]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc2) = 0x9d00 [ 200.784234][T10670] kvm: kvm [10669]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x9d00 [ 201.543779][T10732] tipc: Enabled bearer , priority 10 [ 202.550968][ T6001] tipc: Node number set to 1378593911 [ 202.610735][T10783] overlayfs: failed to clone upperpath [ 203.194356][T10803] syzkaller1: entered promiscuous mode [ 203.196444][T10803] syzkaller1: entered allmulticast mode [ 203.539258][ T40] audit: type=1400 audit(1763508629.810:347): avc: denied { getopt } for pid=10832 comm="syz.3.2217" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 206.559283][ T840] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 206.723262][ T840] usb 5-1: unable to get BOS descriptor or descriptor too short [ 206.725913][ T840] usb 5-1: no configurations [ 206.727527][ T840] usb 5-1: can't read configurations, error -22 [ 207.451789][T10983] block nbd3: Unsupported socket: should be TCP or UNIX. [ 207.455295][T10983] block nbd3: NBD_DISCONNECT [ 209.653635][T11102] syzkaller1: entered promiscuous mode [ 209.655530][T11102] syzkaller1: entered allmulticast mode [ 209.679610][ T6001] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 209.771679][T11110] input: syz0 as /devices/virtual/input/input22 [ 209.842560][ T6001] usb 6-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac [ 209.845622][ T6001] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 209.848282][ T6001] usb 6-1: Product: syz [ 209.850142][ T6001] usb 6-1: Manufacturer: syz [ 209.851758][ T6001] usb 6-1: SerialNumber: syz [ 209.854682][ T6001] usb 6-1: config 0 descriptor?? [ 209.861666][ T6001] gspca_main: sunplus-2.14.0 probing 055f:c230 [ 210.422618][T11151] syzkaller1: entered promiscuous mode [ 210.424937][T11151] syzkaller1: entered allmulticast mode [ 210.445696][ T40] audit: type=1400 audit(1763508636.720:348): avc: denied { execute } for pid=11157 comm="syz-executor" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 210.460655][ T40] audit: type=1400 audit(1763508636.720:349): avc: denied { execute_no_trans } for pid=11157 comm="syz-executor" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 210.592224][ T5940] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 210.596235][ T5940] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 210.600097][ T5940] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 210.604369][ T5940] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 210.607349][ T5940] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 210.742388][ T5940] block nbd3: Receive control failed (result -32) [ 210.767345][T11160] chnl_net:caif_netlink_parms(): no params data found [ 210.772908][T11168] block nbd3: shutting down sockets [ 210.828206][T11182] syzkaller1: entered promiscuous mode [ 210.833612][T11182] syzkaller1: entered allmulticast mode [ 210.944597][ T61] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 210.951886][ T61] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 210.958601][T11160] bridge0: port 1(bridge_slave_0) entered blocking state [ 210.961746][T11160] bridge0: port 1(bridge_slave_0) entered disabled state [ 210.963921][T11160] bridge_slave_0: entered allmulticast mode [ 210.966592][T11160] bridge_slave_0: entered promiscuous mode [ 210.969921][T11160] bridge0: port 2(bridge_slave_1) entered blocking state [ 210.972989][T11160] bridge0: port 2(bridge_slave_1) entered disabled state [ 210.975556][T11160] bridge_slave_1: entered allmulticast mode [ 210.978406][T11160] bridge_slave_1: entered promiscuous mode [ 211.013000][T11160] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 211.025369][ T61] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 211.028993][ T61] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 211.037179][T11160] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 211.071699][T11160] team0: Port device team_slave_0 added [ 211.074948][T11160] team0: Port device team_slave_1 added [ 211.103231][ T61] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 211.106692][ T61] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 211.142183][T11160] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 211.145276][T11160] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 211.155106][T11160] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 211.160991][T11160] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 211.163493][T11160] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 211.173601][T11160] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 211.219984][T11160] hsr_slave_0: entered promiscuous mode [ 211.222977][T11160] hsr_slave_1: entered promiscuous mode [ 211.225594][T11160] debugfs: 'hsr0' already exists in 'hsr' [ 211.227968][T11160] Cannot create hsr debugfs directory [ 211.241565][ T61] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 211.245757][ T61] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 211.412623][ T61] bridge_slave_1: left allmulticast mode [ 211.415297][ T61] bridge_slave_1: left promiscuous mode [ 211.417260][ T61] bridge0: port 2(bridge_slave_1) entered disabled state [ 211.421496][ T61] bridge_slave_0: left allmulticast mode [ 211.423354][ T61] bridge_slave_0: left promiscuous mode [ 211.425277][ T61] bridge0: port 1(bridge_slave_0) entered disabled state [ 211.701723][ T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 211.707273][ T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 211.712999][ T61] bond0 (unregistering): Released all slaves [ 212.185554][ T61] hsr_slave_0: left promiscuous mode [ 212.188264][ T61] hsr_slave_1: left promiscuous mode [ 212.196168][ T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 212.198971][ T61] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 212.210214][ T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 212.212799][ T61] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 212.251938][ T61] veth1_macvtap: left promiscuous mode [ 212.254421][ T61] veth0_macvtap: left promiscuous mode [ 212.256635][ T61] veth1_vlan: left promiscuous mode [ 212.258420][ T61] veth0_vlan: left promiscuous mode [ 212.460647][ T6002] usb 6-1: USB disconnect, device number 8 [ 212.669843][ T5940] Bluetooth: hci3: command tx timeout [ 213.494114][T11160] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 213.501000][T11160] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 213.507794][T11160] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 213.516449][T11160] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 213.594579][T11160] 8021q: adding VLAN 0 to HW filter on device bond0 [ 213.611215][T11160] 8021q: adding VLAN 0 to HW filter on device team0 [ 213.620665][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 213.623167][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 213.642874][ T1046] bridge0: port 2(bridge_slave_1) entered blocking state [ 213.645621][ T1046] bridge0: port 2(bridge_slave_1) entered forwarding state [ 213.730750][ T5940] Bluetooth: hci1: Invalid handle: 0xff00 > 0x0eff [ 213.785360][T11160] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 213.827914][T11160] veth0_vlan: entered promiscuous mode [ 213.845002][T11160] veth1_vlan: entered promiscuous mode [ 213.868586][T11160] veth0_macvtap: entered promiscuous mode [ 213.874106][T11160] veth1_macvtap: entered promiscuous mode [ 213.884786][T11160] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 213.897706][T11160] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 213.907642][ T1250] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 213.912481][ T1250] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 213.920304][ T1250] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 213.924228][ T1250] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 213.972660][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 213.976389][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 213.992873][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 213.996046][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 214.563110][ T5940] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 214.568602][ T5940] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 214.575002][ T5940] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 214.580974][ T5940] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 214.585689][ T5940] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 214.736753][T11304] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2417'. [ 214.751465][ T5940] Bluetooth: hci3: command tx timeout [ 214.804142][T11296] chnl_net:caif_netlink_parms(): no params data found [ 214.828545][ T40] audit: type=1400 audit(1763508641.100:350): avc: denied { accept } for pid=11308 comm="syz.1.2418" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 214.934642][T11296] bridge0: port 1(bridge_slave_0) entered blocking state [ 214.937100][T11296] bridge0: port 1(bridge_slave_0) entered disabled state [ 214.939873][T11296] bridge_slave_0: entered allmulticast mode [ 214.942773][T11296] bridge_slave_0: entered promiscuous mode [ 214.946248][T11296] bridge0: port 2(bridge_slave_1) entered blocking state [ 214.948688][T11296] bridge0: port 2(bridge_slave_1) entered disabled state [ 214.952075][T11296] bridge_slave_1: entered allmulticast mode [ 214.955468][T11296] bridge_slave_1: entered promiscuous mode [ 214.996904][ T13] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 215.047875][T11296] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 215.056964][T11296] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 215.108458][T11296] team0: Port device team_slave_0 added [ 215.127308][ T13] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 215.138191][T11296] team0: Port device team_slave_1 added [ 215.184209][T11296] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 215.186729][T11296] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 215.197400][T11296] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 215.204156][T11296] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 215.206527][T11296] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 215.216875][T11296] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 215.301261][ T13] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 215.315675][T11296] hsr_slave_0: entered promiscuous mode [ 215.319080][T11296] hsr_slave_1: entered promiscuous mode [ 215.323575][T11296] debugfs: 'hsr0' already exists in 'hsr' [ 215.326174][T11296] Cannot create hsr debugfs directory [ 215.404327][ T13] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 215.633567][ T13] tipc: Resetting bearer [ 215.799842][ T13] tipc: Disabling bearer [ 215.924467][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 215.930925][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 215.935974][ T13] bond0 (unregistering): Released all slaves [ 216.016441][ T13] tipc: Left network mode [ 216.547685][T11296] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 216.580781][T11296] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 216.588260][T11296] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 216.596560][T11296] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 216.648132][ T13] hsr_slave_0: left promiscuous mode [ 216.651476][ T13] hsr_slave_1: left promiscuous mode [ 216.654120][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 216.657469][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 216.662128][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 216.665416][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 216.669967][ T5940] Bluetooth: hci4: command tx timeout [ 216.674738][ T13] veth1_macvtap: left promiscuous mode [ 216.676609][ T13] veth0_macvtap: left promiscuous mode [ 216.678583][ T13] veth1_vlan: left promiscuous mode [ 216.682221][ T13] veth0_vlan: left promiscuous mode [ 216.831494][ T5940] Bluetooth: hci3: command tx timeout [ 217.250737][ T13] team0 (unregistering): Port device team_slave_1 removed [ 217.326612][ T13] team0 (unregistering): Port device team_slave_0 removed [ 217.798318][T11426] syzkaller1: entered promiscuous mode [ 217.801019][T11426] syzkaller1: entered allmulticast mode [ 217.839823][T11296] 8021q: adding VLAN 0 to HW filter on device bond0 [ 217.853331][T11296] 8021q: adding VLAN 0 to HW filter on device team0 [ 217.862853][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 217.866329][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 217.877946][ T93] bridge0: port 2(bridge_slave_1) entered blocking state [ 217.881073][ T93] bridge0: port 2(bridge_slave_1) entered forwarding state [ 217.957482][T11439] netlink: 228 bytes leftover after parsing attributes in process `syz.2.2457'. [ 218.051402][T11296] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 218.104698][T11296] veth0_vlan: entered promiscuous mode [ 218.152718][T11296] veth1_vlan: entered promiscuous mode [ 218.177702][T11296] veth0_macvtap: entered promiscuous mode [ 218.185859][T11296] veth1_macvtap: entered promiscuous mode [ 218.206785][T11296] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 218.214637][T11296] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 218.280852][ T1046] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.283972][ T1046] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.288625][ T1046] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.291998][ T1046] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.341888][T11460] syzkaller1: entered promiscuous mode [ 218.344474][T11460] syzkaller1: entered allmulticast mode [ 218.350079][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 218.355943][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 218.384668][ T1046] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 218.387510][ T1046] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 218.749639][ T5940] Bluetooth: hci4: command tx timeout [ 218.909440][ T5940] Bluetooth: hci3: command tx timeout [ 219.323432][T11506] input: syz0 as /devices/virtual/input/input24 [ 219.507994][T11515] tipc: Enabling of bearer rejected, failed to enable media [ 219.595036][T11525] syzkaller1: entered promiscuous mode [ 219.596916][T11525] syzkaller1: entered allmulticast mode [ 219.929871][ T6034] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 220.143822][T11545] xt_cgroup: invalid path, errno=-2 [ 220.499312][ T6034] usb 5-1: Using ep0 maxpacket: 32 [ 220.502137][ T6034] usb 5-1: config 0 has an invalid interface number: 188 but max is 0 [ 220.505309][ T6034] usb 5-1: config 0 has no interface number 0 [ 220.507514][ T6034] usb 5-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32 [ 220.514090][ T6034] usb 5-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36 [ 220.517987][ T6034] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 220.521594][ T6034] usb 5-1: Product: syz [ 220.523452][ T6034] usb 5-1: Manufacturer: syz [ 220.525475][ T6034] usb 5-1: SerialNumber: syz [ 220.532108][ T6034] usb 5-1: config 0 descriptor?? [ 220.534694][T11539] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 220.610697][ T40] audit: type=1400 audit(1763508646.890:351): avc: denied { mounton } for pid=11560 comm="syz.1.2509" path="/syzcgroup/unified/syz1" dev="cgroup2" ino=128 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1 [ 220.744077][ T6034] asix 5-1:0.188: probe with driver asix failed with error -71 [ 220.761924][ T6034] usb 5-1: USB disconnect, device number 24 [ 220.839528][ T5940] Bluetooth: hci4: command tx timeout [ 220.947279][ T40] audit: type=1400 audit(1763508647.220:352): avc: denied { read write } for pid=11575 comm="syz.2.2516" name="ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 220.960835][ T40] audit: type=1400 audit(1763508647.220:353): avc: denied { open } for pid=11575 comm="syz.2.2516" path="/dev/ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 220.969255][ T40] audit: type=1400 audit(1763508647.230:354): avc: denied { ioctl } for pid=11575 comm="syz.2.2516" path="/dev/ppp" dev="devtmpfs" ino=730 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 220.983265][T11580] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11580 comm=syz.2.2516 [ 221.514649][T11594] syzkaller1: entered promiscuous mode [ 221.516571][T11594] syzkaller1: entered allmulticast mode [ 222.515250][T11617] syzkaller1: entered promiscuous mode [ 222.517599][T11617] syzkaller1: entered allmulticast mode [ 222.909657][ T5940] Bluetooth: hci4: command tx timeout [ 222.971778][T11637] syzkaller1: entered promiscuous mode [ 222.973665][T11637] syzkaller1: entered allmulticast mode [ 223.146826][ T40] audit: type=1400 audit(1763508649.420:355): avc: denied { create } for pid=11642 comm="syz.2.2544" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 223.157857][ T40] audit: type=1400 audit(1763508649.420:356): avc: denied { accept } for pid=11642 comm="syz.2.2544" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 224.040235][ T40] audit: type=1400 audit(1763508650.320:357): avc: denied { create } for pid=11674 comm="syz.0.2557" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 224.048777][ T40] audit: type=1400 audit(1763508650.320:358): avc: denied { ioctl } for pid=11674 comm="syz.0.2557" path="socket:[43668]" dev="sockfs" ino=43668 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 224.734905][T11706] ubi0: attaching mtd0 [ 224.738705][T11706] ubi0: scanning is finished [ 224.740891][T11706] ubi0: empty MTD device detected [ 225.140546][T11706] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 225.143209][T11706] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 225.145673][T11706] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 225.148083][T11706] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 225.150748][T11706] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 225.153229][T11706] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 225.155950][T11706] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3878305549 [ 225.159864][T11706] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 225.163837][T11725] ubi0: background thread "ubi_bgt0d" started, PID 11725 [ 225.682261][ T64] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 225.686934][ T64] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 225.691365][ T64] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 225.695687][ T64] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 225.698691][ T64] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 225.749307][ T6001] usb 8-1: new high-speed USB device number 12 using dummy_hcd [ 225.797126][T11753] chnl_net:caif_netlink_parms(): no params data found [ 225.827212][ T1147] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 225.895378][ T1147] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 225.899510][ T6001] usb 8-1: Using ep0 maxpacket: 32 [ 225.902905][ T6001] usb 8-1: config 0 has an invalid interface number: 51 but max is 0 [ 225.905746][ T6001] usb 8-1: config 0 has no interface number 0 [ 225.909630][ T6001] usb 8-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 225.912432][ T6001] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 225.914897][ T6001] usb 8-1: Product: syz [ 225.916389][ T6001] usb 8-1: Manufacturer: syz [ 225.917883][ T6001] usb 8-1: SerialNumber: syz [ 225.921863][ T6001] usb 8-1: config 0 descriptor?? [ 225.927541][ T6001] quatech2 8-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 225.958674][T11753] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.963047][T11753] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.966288][T11753] bridge_slave_0: entered allmulticast mode [ 225.971024][T11753] bridge_slave_0: entered promiscuous mode [ 225.976528][T11753] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.979316][T11753] bridge0: port 2(bridge_slave_1) entered disabled state [ 225.981958][T11753] bridge_slave_1: entered allmulticast mode [ 225.985305][T11753] bridge_slave_1: entered promiscuous mode [ 226.035698][ T1147] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 226.044468][T11753] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 226.052321][T11753] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 226.096263][T11753] team0: Port device team_slave_0 added [ 226.100784][T11753] team0: Port device team_slave_1 added [ 226.133884][ T6001] usb 8-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 226.141724][ T6001] usb 8-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 226.162366][ T1147] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 226.174292][T11753] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 226.176883][T11753] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 226.188361][T11753] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 226.193670][T11753] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 226.195991][T11753] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 226.204959][T11753] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 226.243727][T11753] hsr_slave_0: entered promiscuous mode [ 226.246008][T11753] hsr_slave_1: entered promiscuous mode [ 226.248166][T11753] debugfs: 'hsr0' already exists in 'hsr' [ 226.249928][T11753] Cannot create hsr debugfs directory [ 226.362907][ T1147] bridge_slave_1: left allmulticast mode [ 226.365058][ T1147] bridge_slave_1: left promiscuous mode [ 226.367076][ T1147] bridge0: port 2(bridge_slave_1) entered disabled state [ 226.371163][ T1147] bridge_slave_0: left allmulticast mode [ 226.373087][ T1147] bridge_slave_0: left promiscuous mode [ 226.375132][ T1147] bridge0: port 1(bridge_slave_0) entered disabled state [ 226.528741][ C1] usb 8-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 226.529747][ T840] usb 8-1: USB disconnect, device number 12 [ 226.536676][ T840] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 226.542139][ T840] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 226.545636][ T840] quatech2 8-1:0.51: device disconnected [ 226.609907][ T1147] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 226.615980][ T1147] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 226.622588][ T1147] bond0 (unregistering): (slave wlan1): Releasing backup interface [ 226.630893][ T1147] bond0 (unregistering): Released all slaves [ 227.131258][T11814] netlink: 6 bytes leftover after parsing attributes in process `syz.3.2608'. [ 227.236868][T11753] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 227.244635][T11753] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 227.249600][T11753] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 227.255935][T11753] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 227.352792][T11753] 8021q: adding VLAN 0 to HW filter on device bond0 [ 227.394319][T11753] 8021q: adding VLAN 0 to HW filter on device team0 [ 227.401355][ T1046] bridge0: port 1(bridge_slave_0) entered blocking state [ 227.404495][ T1046] bridge0: port 1(bridge_slave_0) entered forwarding state [ 227.414584][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 227.417616][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 227.439016][ T1147] hsr_slave_0: left promiscuous mode [ 227.442804][ T1147] hsr_slave_1: left promiscuous mode [ 227.444859][ T1147] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 227.447318][ T1147] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 227.451130][ T1147] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 227.453560][ T1147] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 227.464566][ T1147] veth1_macvtap: left promiscuous mode [ 227.466469][ T1147] veth0_macvtap: left promiscuous mode [ 227.468334][ T1147] veth1_vlan: left promiscuous mode [ 227.470189][ T1147] veth0_vlan: left promiscuous mode [ 227.710702][ T64] Bluetooth: hci0: command tx timeout [ 228.032403][ T1147] team0 (unregistering): Port device team_slave_1 removed [ 228.089157][ T1147] team0 (unregistering): Port device team_slave_0 removed [ 228.551876][ T40] audit: type=1400 audit(1763508654.830:359): avc: denied { bind } for pid=11861 comm="syz.0.2623" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 228.587479][ T40] audit: type=1400 audit(1763508654.860:360): avc: denied { setopt } for pid=11861 comm="syz.0.2623" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 228.594446][ T40] audit: type=1400 audit(1763508654.870:361): avc: denied { accept } for pid=11861 comm="syz.0.2623" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 228.662701][T11753] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 228.769986][T11753] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 228.793647][T11753] veth0_vlan: entered promiscuous mode [ 228.798577][T11753] veth1_vlan: entered promiscuous mode [ 228.822834][T11753] veth0_macvtap: entered promiscuous mode [ 228.826738][T11753] veth1_macvtap: entered promiscuous mode [ 228.835752][T11753] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 228.852102][T11753] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 228.858177][ T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.861390][ T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.866404][ T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.869523][ T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.909041][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 228.913720][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 228.930066][ T93] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 228.932783][ T93] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 228.949289][ T10] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 229.119462][ T10] usb 7-1: Using ep0 maxpacket: 16 [ 229.124562][ T10] usb 7-1: config 0 has no interfaces? [ 229.129731][ T10] usb 7-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 229.133668][ T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 229.137331][ T10] usb 7-1: Product: syz [ 229.140946][ T10] usb 7-1: Manufacturer: syz [ 229.143304][ T10] usb 7-1: SerialNumber: syz [ 229.147517][ T10] usb 7-1: config 0 descriptor?? [ 229.149532][T11910] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2642'. [ 229.376452][ T5940] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 229.381081][ T5940] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 229.386919][ T5940] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 229.391000][ T5940] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 229.395043][ T5940] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 229.507984][T11927] chnl_net:caif_netlink_parms(): no params data found [ 229.614690][T11927] bridge0: port 1(bridge_slave_0) entered blocking state [ 229.617882][T11927] bridge0: port 1(bridge_slave_0) entered disabled state [ 229.622589][T11927] bridge_slave_0: entered allmulticast mode [ 229.626596][T11927] bridge_slave_0: entered promiscuous mode [ 229.631566][T11927] bridge0: port 2(bridge_slave_1) entered blocking state [ 229.634752][T11927] bridge0: port 2(bridge_slave_1) entered disabled state [ 229.637944][T11927] bridge_slave_1: entered allmulticast mode [ 229.645074][T11927] bridge_slave_1: entered promiscuous mode [ 229.682051][T11927] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 229.687536][T11927] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 229.722543][T11927] team0: Port device team_slave_0 added [ 229.727388][T11927] team0: Port device team_slave_1 added [ 229.767541][T11927] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 229.771170][T11927] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 229.782301][T11927] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 229.786819][T11927] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 229.789989][ T5940] Bluetooth: hci0: command tx timeout [ 229.792553][T11927] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 229.802835][T11927] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 229.861735][T11927] hsr_slave_0: entered promiscuous mode [ 229.864242][T11927] hsr_slave_1: entered promiscuous mode [ 229.866706][T11927] debugfs: 'hsr0' already exists in 'hsr' [ 229.868782][T11927] Cannot create hsr debugfs directory [ 230.009318][T11927] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 230.132667][T11927] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 230.234165][T11927] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 230.474880][T11927] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 230.690922][T11927] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 230.695181][T11927] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 230.702258][T11927] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 230.710901][T11927] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 230.766925][T11927] 8021q: adding VLAN 0 to HW filter on device bond0 [ 230.784034][T11927] 8021q: adding VLAN 0 to HW filter on device team0 [ 230.792457][ T1046] bridge0: port 1(bridge_slave_0) entered blocking state [ 230.795550][ T1046] bridge0: port 1(bridge_slave_0) entered forwarding state [ 230.804566][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 230.807029][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 230.918494][T11927] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 230.948843][T11927] veth0_vlan: entered promiscuous mode [ 230.956205][T11927] veth1_vlan: entered promiscuous mode [ 230.974978][T11927] veth0_macvtap: entered promiscuous mode [ 230.979511][T11927] veth1_macvtap: entered promiscuous mode [ 230.989717][T11927] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 230.996708][T11927] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 231.008780][ T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.012415][ T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.015874][ T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.018933][ T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.065295][ T1046] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 231.067908][ T1046] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 231.084575][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 231.087563][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 231.479367][ T5940] Bluetooth: hci1: command tx timeout [ 231.628139][T12038] netlink: 'syz.3.2689': attribute type 4 has an invalid length. [ 231.872639][ T5940] Bluetooth: hci0: command tx timeout [ 232.504642][ T29] usb 7-1: USB disconnect, device number 3 [ 232.759373][ T6022] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 232.909515][ T6022] usb 5-1: Using ep0 maxpacket: 8 [ 232.909654][ T841] usb 8-1: new high-speed USB device number 13 using dummy_hcd [ 232.917442][ T6022] usb 5-1: unable to get BOS descriptor or descriptor too short [ 232.922540][ T6022] usb 5-1: config 4 interface 0 has no altsetting 0 [ 232.927069][ T6022] usb 5-1: string descriptor 0 read error: -22 [ 232.929427][ T6022] usb 5-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05 [ 232.932392][ T6022] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 232.938831][ T6022] usb 5-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state [ 232.946256][ T6022] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 232.950199][ T6022] dvbdev: DVB: registering new adapter (Sigmatek DVB-110) [ 232.952690][ T6022] usb 5-1: media controller created [ 232.962708][ T6022] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 233.059359][T11553] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 233.074198][ T841] usb 8-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 233.077648][ T841] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 233.080782][ T841] usb 8-1: Product: syz [ 233.082424][ T841] usb 8-1: Manufacturer: syz [ 233.084244][ T841] usb 8-1: SerialNumber: syz [ 233.092385][ T841] usb 8-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 233.109015][ T53] usb 8-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 233.219959][T11553] usb 6-1: Using ep0 maxpacket: 16 [ 233.223900][T11553] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 233.231257][T11553] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 233.235142][T11553] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 233.238600][T11553] usb 6-1: Product: syz [ 233.240755][T11553] usb 6-1: Manufacturer: syz [ 233.242922][T11553] usb 6-1: SerialNumber: syz [ 233.246993][T11553] usb 6-1: config 0 descriptor?? [ 233.312955][T12095] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 233.316546][T12095] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 233.345876][ T841] usb 5-1: USB disconnect, device number 25 [ 233.531274][ T841] usb 8-1: USB disconnect, device number 13 [ 233.549359][ T5940] Bluetooth: hci1: command tx timeout [ 233.888056][T12121] netlink: 'syz.0.2726': attribute type 4 has an invalid length. [ 233.892371][T12122] EXT4-fs (loop2): unable to read superblock [ 233.949540][ T5940] Bluetooth: hci0: command tx timeout [ 234.285265][T12143] bridge_slave_0: left allmulticast mode [ 234.287639][T12143] bridge_slave_0: left promiscuous mode [ 234.290619][T12143] bridge0: port 1(bridge_slave_0) entered disabled state [ 234.298336][T12143] bridge_slave_1: left allmulticast mode [ 234.301760][T12143] bridge_slave_1: left promiscuous mode [ 234.304364][T12143] bridge0: port 2(bridge_slave_1) entered disabled state [ 234.313007][T12143] bond0: (slave bond_slave_0): Releasing backup interface [ 234.318349][T12143] bond0: (slave bond_slave_1): Releasing backup interface [ 234.326656][T12143] team0: Port device team_slave_0 removed [ 234.332646][ T40] audit: type=1400 audit(1763508660.610:362): avc: denied { bind } for pid=12142 comm="syz.3.2737" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 234.333594][T12143] team0: Port device team_slave_1 removed [ 234.343130][ T40] audit: type=1400 audit(1763508660.620:363): avc: denied { setopt } for pid=12142 comm="syz.3.2737" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 234.344361][T12143] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 234.355417][ T53] usb 8-1: Service connection timeout for: 256 [ 234.357369][ T53] ath9k_htc 8-1:1.0: ath9k_htc: Unable to initialize HTC services [ 234.357506][T12143] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 234.360411][ T53] ath9k_htc: Failed to initialize the device [ 234.361687][ T841] usb 8-1: ath9k_htc: USB layer deinitialized [ 234.372222][T12143] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 234.377105][T12143] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 234.382168][T12143] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 234.396623][T12144] team0: Mode changed to "activebackup" [ 235.064200][ T40] audit: type=1400 audit(1763508661.340:364): avc: denied { ioctl } for pid=12157 comm="syz.0.2743" path="/dev/vhost-vsock" dev="devtmpfs" ino=1301 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 235.645531][ T5940] Bluetooth: hci1: command tx timeout [ 235.767239][T12207] team0: No ports can be present during mode change [ 235.832920][T12213] EXT4-fs (loop3): unable to read superblock [ 236.249639][ T40] audit: type=1400 audit(1763508662.530:365): avc: denied { create } for pid=12250 comm="syz.0.2782" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 236.256527][ T40] audit: type=1400 audit(1763508662.530:366): avc: denied { setopt } for pid=12250 comm="syz.0.2782" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 236.277146][T12253] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2783'. [ 236.612691][T12273] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2793'. [ 236.615755][T12273] netlink: 'syz.0.2793': attribute type 3 has an invalid length. [ 236.680600][ T6001] usb 6-1: USB disconnect, device number 9 [ 236.731682][T12284] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2797'. [ 236.927380][T12297] EXT4-fs (loop1): unable to read superblock [ 237.389473][ T6001] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 237.546503][T12306] netlink: 'syz.3.2806': attribute type 4 has an invalid length. [ 237.565663][ T6001] usb 6-1: Using ep0 maxpacket: 16 [ 237.571630][ T6001] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 237.579148][ T6001] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 237.583217][ T6001] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 237.586640][ T6001] usb 6-1: Product: syz [ 237.588658][ T6001] usb 6-1: Manufacturer: syz [ 237.593074][ T6001] usb 6-1: SerialNumber: syz [ 237.597180][ T6001] usb 6-1: config 0 descriptor?? [ 237.709437][ T5940] Bluetooth: hci1: command tx timeout [ 237.829322][ T10] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 237.989336][ T10] usb 5-1: Using ep0 maxpacket: 8 [ 237.993166][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 238.001700][ T10] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 238.006205][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 238.011164][ T10] usb 5-1: config 0 descriptor?? [ 238.227962][ T10] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 238.497289][T12342] bridge_slave_0: left allmulticast mode [ 238.499831][T12342] bridge_slave_0: left promiscuous mode [ 238.503057][T12342] bridge0: port 1(bridge_slave_0) entered disabled state [ 238.509182][T12342] bridge_slave_1: left allmulticast mode [ 238.512924][T12342] bridge_slave_1: left promiscuous mode [ 238.515873][T12342] bridge0: port 2(bridge_slave_1) entered disabled state [ 238.526508][T12342] bond0: (slave bond_slave_0): Releasing backup interface [ 238.532788][T12342] bond0: (slave bond_slave_1): Releasing backup interface [ 238.543493][T12342] team0: Port device team_slave_0 removed [ 238.549171][T12342] team0: Port device team_slave_1 removed [ 238.552544][T12342] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 238.555868][T12342] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 238.560548][T12342] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 238.563740][T12342] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 238.568468][T12342] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 238.586262][T12344] team0: Mode changed to "activebackup" [ 238.626050][ T53] usb 5-1: USB disconnect, device number 26 [ 238.881774][ T40] audit: type=1400 audit(1763508665.160:367): avc: denied { read } for pid=12354 comm="syz.2.2825" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 238.888562][ T40] audit: type=1400 audit(1763508665.160:368): avc: denied { open } for pid=12354 comm="syz.2.2825" path="/dev/snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 239.250227][T12372] netlink: 'syz.3.2832': attribute type 4 has an invalid length. [ 239.361404][T12385] EXT4-fs (loop0): unable to read superblock [ 239.396292][T12389] bridge_slave_0: left allmulticast mode [ 239.398206][T12389] bridge_slave_0: left promiscuous mode [ 239.400655][T12389] bridge0: port 1(bridge_slave_0) entered disabled state [ 239.405638][T12389] bridge_slave_1: left allmulticast mode [ 239.407546][T12389] bridge_slave_1: left promiscuous mode [ 239.410063][T12389] bridge0: port 2(bridge_slave_1) entered disabled state [ 239.415906][T12389] bond0: (slave bond_slave_0): Releasing backup interface [ 239.423999][T12389] bond0: (slave bond_slave_1): Releasing backup interface [ 239.432738][T12389] team0: Port device team_slave_0 removed [ 239.438074][T12389] team0: Port device team_slave_1 removed [ 239.440865][T12389] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 239.443856][T12389] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 239.447391][T12389] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 239.450887][T12389] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 239.454644][T12389] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 239.463268][T12394] netlink: 'syz.3.2842': attribute type 4 has an invalid length. [ 239.587917][T12409] netlink: 140 bytes leftover after parsing attributes in process `syz.3.2848'. [ 239.714202][T12355] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 239.717947][T12355] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 239.726133][T12355] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 239.734847][T12355] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 239.737451][T12355] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 239.742272][T12355] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 239.747364][T12355] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 239.750998][T12355] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 239.755222][T12355] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 239.760352][T12355] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 239.762872][T12355] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 239.767732][T12355] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 240.168333][T12436] netlink: 'syz.3.2859': attribute type 4 has an invalid length. [ 240.965747][ T2304] usb 6-1: USB disconnect, device number 10 [ 240.989540][ T5940] Bluetooth: hci3: command 0x0c1a tx timeout [ 241.144446][T12488] bridge_slave_0: left allmulticast mode [ 241.146786][T12488] bridge_slave_0: left promiscuous mode [ 241.148930][T12488] bridge0: port 1(bridge_slave_0) entered disabled state [ 241.157690][T12488] bridge_slave_1: left allmulticast mode [ 241.160619][T12488] bridge_slave_1: left promiscuous mode [ 241.163359][T12488] bridge0: port 2(bridge_slave_1) entered disabled state [ 241.168815][T12488] bond0: (slave bond_slave_0): Releasing backup interface [ 241.178024][T12488] bond0: (slave bond_slave_1): Releasing backup interface [ 241.188340][T12488] team0: Port device team_slave_0 removed [ 241.196027][T12488] team0: Port device team_slave_1 removed [ 241.199945][T12488] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 241.203188][T12488] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 241.207413][T12488] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 241.211563][T12488] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 241.217946][T12488] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 241.789652][ T5940] Bluetooth: hci1: command 0x0c1a tx timeout [ 241.789689][ T5934] Bluetooth: hci4: command 0x0c1a tx timeout [ 241.790029][ T64] Bluetooth: hci0: command 0x0c1a tx timeout [ 241.862661][T12479] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 241.864738][T12479] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 241.866906][T12479] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 241.870426][T12479] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 242.486833][T12536] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 242.829396][ T6002] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 242.875279][T12575] team0: Unable to change to the same mode the team is in [ 243.079281][ T6002] usb 7-1: Using ep0 maxpacket: 16 [ 243.082876][ T6002] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 243.086268][ T6002] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 243.092182][ T6002] usb 7-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 243.095181][ T6002] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 243.097744][ T6002] usb 7-1: Product: syz [ 243.099145][ T6002] usb 7-1: Manufacturer: syz [ 243.100777][ T6002] usb 7-1: SerialNumber: syz [ 243.103883][ T6002] usb 7-1: config 0 descriptor?? [ 243.149387][ T5940] Bluetooth: hci3: command 0x0c1a tx timeout [ 243.179284][T12612] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2935'. [ 243.450348][T12632] netlink: 140 bytes leftover after parsing attributes in process `syz.1.2943'. [ 243.543288][T12640] team0: Mode changed to "activebackup" [ 243.668300][T12650] netlink: 'syz.0.2953': attribute type 4 has an invalid length. [ 243.869664][ T5940] Bluetooth: hci0: command 0x0c1a tx timeout [ 243.869713][ T5934] Bluetooth: hci4: command 0x0c1a tx timeout [ 243.950656][ T5934] Bluetooth: hci1: command 0x0c1a tx timeout [ 244.234922][T12628] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 244.237703][T12628] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 244.241032][T12628] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 244.243881][T12628] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 244.371984][T12679] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2965'. [ 244.375512][T12679] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2965'. [ 245.276317][T12712] team0: Mode changed to "activebackup" [ 245.549357][ T5934] Bluetooth: hci3: command 0x0c1a tx timeout [ 245.591224][ T40] audit: type=1400 audit(1763508671.870:369): avc: denied { write } for pid=12722 comm="syz.0.2985" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 245.611431][ T2304] usb 7-1: USB disconnect, device number 4 [ 245.696366][T12733] team0: Unable to change to the same mode the team is in [ 245.959420][ T40] audit: type=1326 audit(1763508672.240:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12742 comm="syz.3.2993" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7318f6c9 code=0x7ffc0000 [ 245.969337][ T40] audit: type=1326 audit(1763508672.240:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12742 comm="syz.3.2993" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7318f6c9 code=0x7ffc0000 [ 245.979107][ T40] audit: type=1326 audit(1763508672.240:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12742 comm="syz.3.2993" exe="/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7fee7318f6c9 code=0x7ffc0000 [ 245.989310][ T40] audit: type=1326 audit(1763508672.240:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12742 comm="syz.3.2993" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7318f6c9 code=0x7ffc0000 [ 245.999009][ T40] audit: type=1326 audit(1763508672.240:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12742 comm="syz.3.2993" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7318f6c9 code=0x7ffc0000 [ 246.250346][ T53] usb 8-1: new high-speed USB device number 14 using dummy_hcd [ 246.269327][ T5934] Bluetooth: hci1: command 0x0c1a tx timeout [ 246.271407][ T5934] Bluetooth: hci0: command 0x0c1a tx timeout [ 246.273413][ T5934] Bluetooth: hci4: command 0x0c1a tx timeout [ 246.409513][ T53] usb 8-1: Using ep0 maxpacket: 16 [ 246.423486][ T53] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 246.427151][ T53] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 246.436186][ T53] usb 8-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 246.439629][ T53] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 246.442301][ T53] usb 8-1: Product: syz [ 246.443744][ T53] usb 8-1: Manufacturer: syz [ 246.445341][ T53] usb 8-1: SerialNumber: syz [ 246.450224][ T53] usb 8-1: config 0 descriptor?? [ 246.690353][T12779] netlink: 140 bytes leftover after parsing attributes in process `syz.0.3011'. [ 246.779735][ T60] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 246.939337][ T60] usb 6-1: Using ep0 maxpacket: 8 [ 246.942270][ T60] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 246.947238][ T60] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 246.951263][ T60] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 246.956244][ T60] usb 6-1: config 0 descriptor?? [ 247.173783][ T60] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 247.333144][T12788] netlink: 'syz.2.3015': attribute type 4 has an invalid length. [ 247.571351][ T53] usb 6-1: USB disconnect, device number 11 [ 248.052620][T12804] team0: Unable to change to the same mode the team is in [ 248.399882][ T6034] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 248.549889][ T6034] usb 7-1: Using ep0 maxpacket: 8 [ 248.555035][ T6034] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 248.560456][ T6034] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 248.564599][ T6034] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 248.570673][ T6034] usb 7-1: config 0 descriptor?? [ 248.578384][ T6034] iowarrior 7-1:0.0: no interrupt-in endpoint found [ 249.634141][T12827] netlink: 140 bytes leftover after parsing attributes in process `syz.1.3031'. [ 249.807355][T12835] team0: Unable to change to the same mode the team is in [ 249.827110][ T6034] usb 8-1: USB disconnect, device number 14 [ 250.162632][T12855] team0: Unable to change to the same mode the team is in [ 251.174523][ T6034] usb 7-1: USB disconnect, device number 5 [ 251.869837][T12897] team0: Unable to change to the same mode the team is in [ 252.237024][T12917] netlink: 'syz.0.3075': attribute type 4 has an invalid length. [ 252.381721][T12923] team0: Unable to change to the same mode the team is in [ 252.749513][ T841] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 252.889335][ T841] usb 6-1: device descriptor read/64, error -71 [ 253.139479][ T841] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 253.182287][T12943] team0: Unable to change to the same mode the team is in [ 253.269437][ T841] usb 6-1: device descriptor read/64, error -71 [ 253.286333][T12955] netlink: 'syz.2.3091': attribute type 4 has an invalid length. [ 253.379792][ T841] usb usb6-port1: attempt power cycle [ 253.719311][ T841] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 253.742611][ T841] usb 6-1: device descriptor read/8, error -71 [ 253.979415][ T841] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 253.999803][T12967] team0: Unable to change to the same mode the team is in [ 254.010290][ T841] usb 6-1: device descriptor read/8, error -71 [ 254.122586][ T841] usb usb6-port1: unable to enumerate USB device [ 254.147884][T12959] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 254.150862][T12959] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 254.153702][T12959] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 254.156777][T12959] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 254.272684][T12979] netlink: 'syz.0.3102': attribute type 4 has an invalid length. [ 254.399330][ T841] usb 8-1: new high-speed USB device number 15 using dummy_hcd [ 254.470402][T12993] netlink: 140 bytes leftover after parsing attributes in process `syz.2.3109'. [ 254.549770][ T6001] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 254.569373][ T841] usb 8-1: Using ep0 maxpacket: 32 [ 254.576852][ T841] usb 8-1: unable to get BOS descriptor or descriptor too short [ 254.582407][ T841] usb 8-1: config 255 has an invalid interface number: 81 but max is 0 [ 254.586415][ T841] usb 8-1: config 255 has an invalid descriptor of length 0, skipping remainder of the config [ 254.592504][ T841] usb 8-1: config 255 has no interface number 0 [ 254.595514][ T841] usb 8-1: config 255 interface 81 altsetting 3 endpoint 0x7 has invalid wMaxPacketSize 0 [ 254.600772][ T841] usb 8-1: config 255 interface 81 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 254.606986][ T841] usb 8-1: config 255 interface 81 has no altsetting 0 [ 254.613771][ T841] usb 8-1: New USB device found, idVendor=0dfc, idProduct=0001, bcdDevice=24.ac [ 254.618078][ T841] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 254.623176][ T841] usb 8-1: Product: syz [ 254.625185][ T841] usb 8-1: Manufacturer: syz [ 254.628973][ T841] usb 8-1: SerialNumber: syz [ 254.684298][T13003] EXT4-fs (loop2): unable to read superblock [ 254.710246][ T6001] usb 5-1: Using ep0 maxpacket: 32 [ 254.715052][ T6001] usb 5-1: config 0 has an invalid interface number: 35 but max is 0 [ 254.719071][ T6001] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 254.724422][ T6001] usb 5-1: config 0 has no interface number 0 [ 254.727471][ T6001] usb 5-1: config 0 interface 35 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 254.737761][ T6001] usb 5-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.ad [ 254.742202][ T6001] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 254.746131][ T6001] usb 5-1: Product: syz [ 254.748300][ T6001] usb 5-1: Manufacturer: syz [ 254.753327][ T6001] usb 5-1: SerialNumber: syz [ 254.760270][ T6001] usb 5-1: config 0 descriptor?? [ 254.767166][ T6001] radio-si470x 5-1:0.35: could not find interrupt in endpoint [ 254.771190][ T6001] radio-si470x 5-1:0.35: probe with driver radio-si470x failed with error -5 [ 254.853471][ T841] usb 8-1: USB disconnect, device number 15 [ 254.968764][ T6001] radio-raremono 5-1:0.35: this is not Thanko's Raremono. [ 254.972736][ T6001] usbhid 5-1:0.35: couldn't find an input interrupt endpoint [ 255.169608][ T6002] usb 5-1: USB disconnect, device number 27 [ 255.481915][ T1423] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.485043][ T1423] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.496880][ T5940] Bluetooth: hci3: command 0x0c1a tx timeout [ 255.558508][T13027] netlink: 'syz.2.3123': attribute type 4 has an invalid length. [ 255.729440][ T60] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 255.879340][ T60] usb 6-1: Using ep0 maxpacket: 8 [ 255.883520][ T60] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 255.887332][ T60] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 255.893288][ T60] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 255.896670][ T60] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 255.902571][ T60] usb 6-1: config 0 descriptor?? [ 255.907244][ T60] iowarrior 6-1:0.0: no interrupt-in endpoint found [ 255.942281][T13045] team0: Unable to change to the same mode the team is in [ 256.059352][ T6022] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 256.189714][ T5940] Bluetooth: hci1: command 0x0c1a tx timeout [ 256.189758][ T5934] Bluetooth: hci0: command 0x0c1a tx timeout [ 256.189796][ T6022] usb 7-1: device descriptor read/64, error -71 [ 256.190919][ T64] Bluetooth: hci4: command 0x0c1a tx timeout [ 256.429360][ T6022] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 256.569968][ T6022] usb 7-1: device descriptor read/64, error -71 [ 256.679518][ T6022] usb usb7-port1: attempt power cycle [ 256.885342][T13051] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 256.887634][T13051] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 256.889844][T13051] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 256.892043][T13051] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 257.029568][ T6022] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 257.060407][ T6022] usb 7-1: device descriptor read/8, error -71 [ 257.299348][ T6022] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 257.321735][ T6022] usb 7-1: device descriptor read/8, error -71 [ 257.429464][ T6022] usb usb7-port1: unable to enumerate USB device [ 257.518587][T13101] netlink: 140 bytes leftover after parsing attributes in process `syz.0.3157'. [ 258.157196][T13116] netlink: 'syz.3.3164': attribute type 4 has an invalid length. [ 258.189876][ T5934] Bluetooth: hci3: command 0x0c1a tx timeout [ 258.214891][T13120] netlink: 140 bytes leftover after parsing attributes in process `syz.3.3167'. [ 258.445322][T13124] EXT4-fs (loop0): unable to read superblock [ 258.504105][ T10] usb 6-1: USB disconnect, device number 16 [ 258.652685][T13147] netlink: 140 bytes leftover after parsing attributes in process `syz.1.3176'. [ 258.835888][ T40] audit: type=1400 audit(1763508685.110:375): avc: denied { ioctl } for pid=13166 comm="syz.1.3187" path="socket:[56553]" dev="sockfs" ino=56553 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 258.919392][ T5934] Bluetooth: hci1: command 0x0c1a tx timeout [ 258.919445][ T5940] Bluetooth: hci0: command 0x0c1a tx timeout [ 258.919484][ T64] Bluetooth: hci4: command 0x0c1a tx timeout [ 258.929310][ T6022] usb 5-1: new high-speed USB device number 28 using dummy_hcd [ 259.079396][ T6022] usb 5-1: Using ep0 maxpacket: 8 [ 259.083258][ T6022] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 259.087678][ T6022] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 259.093234][ T6022] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 259.096460][ T6022] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 259.102309][ T6022] usb 5-1: config 0 descriptor?? [ 259.106356][ T6022] iowarrior 5-1:0.0: no interrupt-in endpoint found [ 259.239874][ T6001] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 259.379505][ T6001] usb 7-1: device descriptor read/64, error -71 [ 259.639397][ T6001] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 259.770158][ T6001] usb 7-1: device descriptor read/64, error -71 [ 259.839920][ T6034] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 259.879514][ T6001] usb usb7-port1: attempt power cycle [ 259.999367][ T6034] usb 6-1: Using ep0 maxpacket: 8 [ 260.005518][ T6034] usb 6-1: New USB device found, idVendor=0471, idProduct=0602, bcdDevice=71.5a [ 260.009954][ T6034] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 260.013627][ T6034] usb 6-1: Product: syz [ 260.015461][ T6034] usb 6-1: Manufacturer: syz [ 260.017619][ T6034] usb 6-1: SerialNumber: syz [ 260.023751][ T6034] usb 6-1: config 0 descriptor?? [ 260.028873][ T6034] ati_remote2 6-1:0.0: ati_remote2_probe(): interface 0 must have an endpoint [ 260.229424][ T6001] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 260.233617][ T10] usb 6-1: USB disconnect, device number 17 [ 260.253019][ T6001] usb 7-1: device descriptor read/8, error -71 [ 260.499604][ T6001] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 260.519867][ T6001] usb 7-1: device descriptor read/8, error -71 [ 260.629599][ T6001] usb usb7-port1: unable to enumerate USB device [ 261.234448][ T40] audit: type=1400 audit(1763508687.510:376): avc: denied { mount } for pid=13223 comm="syz.1.3213" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 261.449295][ T10] usb 8-1: new high-speed USB device number 16 using dummy_hcd [ 261.619324][ T10] usb 8-1: Using ep0 maxpacket: 16 [ 261.622492][ T10] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0 [ 261.627711][ T10] usb 8-1: New USB device found, idVendor=0c72, idProduct=0013, bcdDevice=ba.be [ 261.630956][ T10] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 261.633601][ T10] usb 8-1: Product: syz [ 261.635026][ T10] usb 8-1: Manufacturer: syz [ 261.636654][ T10] usb 8-1: SerialNumber: syz [ 261.643339][ T10] usb 8-1: config 0 descriptor?? [ 261.708850][ T6022] usb 5-1: USB disconnect, device number 28 [ 261.849476][ T6002] usb 8-1: USB disconnect, device number 16 [ 262.397441][T13269] netlink: 'syz.3.3235': attribute type 4 has an invalid length. [ 262.420731][ T6001] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 262.579597][ T6001] usb 6-1: Using ep0 maxpacket: 8 [ 262.583716][ T6001] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 262.589595][ T6001] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 262.593853][ T6001] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 262.600810][ T6001] usb 6-1: config 0 descriptor?? [ 262.609917][ T6001] iowarrior 6-1:0.0: no interrupt-in endpoint found [ 262.690834][T13283] netlink: 140 bytes leftover after parsing attributes in process `syz.0.3241'. [ 262.788698][ T40] audit: type=1400 audit(1763508689.060:377): avc: denied { map } for pid=13292 comm="syz.0.3246" path="/dev/loop0" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 262.882732][T13307] netlink: 140 bytes leftover after parsing attributes in process `syz.2.3252'. [ 263.977650][T13317] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 263.980650][T13317] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 263.983675][T13317] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 263.986629][T13317] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 264.756828][T13359] netlink: 'syz.2.3275': attribute type 4 has an invalid length. [ 265.019589][ T841] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 265.180945][ T841] usb 5-1: Using ep0 maxpacket: 8 [ 265.184776][ T841] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 265.187329][ T6034] usb 6-1: USB disconnect, device number 18 [ 265.189746][ T841] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 265.189768][ T841] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 265.195467][ T841] usb 5-1: config 0 descriptor?? [ 265.239329][ T5940] Bluetooth: hci3: command 0x0c1a tx timeout [ 265.550770][ T841] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 265.588332][ T841] usb 5-1: USB disconnect, device number 29 [ 265.795066][ T13] bridge_slave_1: left allmulticast mode [ 265.797011][ T13] bridge_slave_1: left promiscuous mode [ 265.799121][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 265.806134][ T13] bridge_slave_0: left allmulticast mode [ 265.808014][ T13] bridge_slave_0: left promiscuous mode [ 265.810697][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 266.030305][ T5940] Bluetooth: hci1: command 0x0c1a tx timeout [ 266.030457][ T5934] Bluetooth: hci0: command 0x0c1a tx timeout [ 266.033074][ T64] Bluetooth: hci4: command 0x0c1a tx timeout [ 266.124483][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 266.133545][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 266.138692][ T13] bond0 (unregistering): Released all slaves [ 266.148491][T13402] netlink: 140 bytes leftover after parsing attributes in process `syz.0.3294'. [ 266.194310][ T40] audit: type=1400 audit(1763508692.470:378): avc: denied { write } for pid=13405 comm="syz.0.3296" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 266.349606][ T53] usb 7-1: new high-speed USB device number 14 using dummy_hcd [ 266.509808][ T53] usb 7-1: Using ep0 maxpacket: 8 [ 266.513721][ T53] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 266.517120][ T53] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 266.522026][ T53] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 266.528782][ T53] usb 7-1: config 0 descriptor?? [ 266.538775][ T53] iowarrior 7-1:0.0: no interrupt-in endpoint found [ 266.540200][ T13] hsr_slave_0: left promiscuous mode [ 266.544626][ T13] hsr_slave_1: left promiscuous mode [ 266.547839][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 266.551826][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 266.560354][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 266.562800][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 266.600619][ T13] veth1_macvtap: left promiscuous mode [ 266.602687][ T13] veth0_macvtap: left promiscuous mode [ 266.604573][ T13] veth1_vlan: left promiscuous mode [ 266.606332][ T13] veth0_vlan: left promiscuous mode [ 266.679398][ T6034] usb 5-1: new high-speed USB device number 30 using dummy_hcd [ 266.809677][ T6034] usb 5-1: device descriptor read/64, error -71 [ 267.059657][ T6034] usb 5-1: new high-speed USB device number 31 using dummy_hcd [ 267.189881][ T6034] usb 5-1: device descriptor read/64, error -71 [ 267.203031][ T13] team0 (unregistering): Port device team_slave_1 removed [ 267.277133][ T13] team0 (unregistering): Port device team_slave_0 removed [ 267.300484][ T6034] usb usb5-port1: attempt power cycle [ 267.649792][ T6034] usb 5-1: new high-speed USB device number 32 using dummy_hcd [ 267.680556][ T6034] usb 5-1: device descriptor read/8, error -71 [ 267.939295][ T6034] usb 5-1: new high-speed USB device number 33 using dummy_hcd [ 267.970220][ T6034] usb 5-1: device descriptor read/8, error -71 [ 268.089668][ T6034] usb usb5-port1: unable to enumerate USB device [ 269.111887][T13461] netlink: 'syz.3.3317': attribute type 4 has an invalid length. [ 269.160399][ T60] usb 7-1: USB disconnect, device number 14 [ 269.536694][T13487] EXT4-fs (loop1): unable to read superblock [ 269.592784][T13493] netlink: 140 bytes leftover after parsing attributes in process `syz.1.3335'. [ 269.621783][ T40] audit: type=1400 audit(1763508695.900:379): avc: denied { mount } for pid=13494 comm="syz.1.3337" name="/" dev="hugetlbfs" ino=57813 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1 [ 269.639765][ T40] audit: type=1400 audit(1763508695.920:380): avc: denied { unmount } for pid=11753 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1 [ 269.714014][ T40] audit: type=1400 audit(1763508695.990:381): avc: denied { getopt } for pid=13507 comm="syz.1.3344" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 269.744155][T13511] EXT4-fs (loop0): unable to read superblock [ 269.745039][T13513] netlink: 140 bytes leftover after parsing attributes in process `syz.1.3346'. [ 269.908175][T13527] netlink: 156 bytes leftover after parsing attributes in process `syz.0.3352'. [ 270.010025][T13535] netlink: 140 bytes leftover after parsing attributes in process `syz.0.3356'. [ 270.082286][T13539] netlink: 'syz.0.3358': attribute type 29 has an invalid length. [ 270.086248][T13539] netlink: 'syz.0.3358': attribute type 29 has an invalid length. [ 270.337186][T13557] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3368'. [ 270.570974][T13580] netlink: 'syz.3.3378': attribute type 4 has an invalid length. [ 271.346215][ T40] audit: type=1400 audit(1763508697.620:382): avc: denied { watch watch_reads } for pid=13607 comm="syz.1.3393" path="/170" dev="tmpfs" ino=1008 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 271.474571][T13612] EXT4-fs (loop3): unable to read superblock [ 272.076819][T13632] netlink: 140 bytes leftover after parsing attributes in process `syz.0.3405'. [ 272.101605][ T40] audit: type=1400 audit(1763508698.380:383): avc: denied { map } for pid=13629 comm="syz.1.3404" path="socket:[58658]" dev="sockfs" ino=58658 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1 [ 273.590115][T13686] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 273.593898][T13686] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 273.596877][T13686] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 273.600017][T13686] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 273.653068][T13701] EXT4-fs (loop2): unable to read superblock [ 274.263336][T13735] EXT4-fs (loop1): unable to read superblock [ 274.660522][T13758] netlink: 80 bytes leftover after parsing attributes in process `syz.2.3458'. [ 274.914297][ T64] Bluetooth: hci3: command 0x0c1a tx timeout [ 275.293940][T13782] overlayfs: overlapping lowerdir path [ 275.304694][T13782] overlayfs: failed to verify upper (199/file0, ino=1187, err=-116) [ 275.308054][T13782] overlayfs: failed to verify index dir 'upper' xattr [ 275.310415][T13782] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 275.628092][T13794] EXT4-fs (loop3): unable to read superblock [ 275.639504][ T64] Bluetooth: hci1: command 0x0c1a tx timeout [ 275.643534][ T64] Bluetooth: hci0: command 0x0c1a tx timeout [ 275.647133][ T5934] Bluetooth: hci4: command 0x0c1a tx timeout [ 275.939305][ T6002] usb 7-1: new high-speed USB device number 15 using dummy_hcd [ 276.079305][ T6002] usb 7-1: device descriptor read/64, error -71 [ 276.319317][ T6002] usb 7-1: new high-speed USB device number 16 using dummy_hcd [ 276.449396][ T6002] usb 7-1: device descriptor read/64, error -71 [ 276.559571][ T6002] usb usb7-port1: attempt power cycle [ 276.840058][ T6034] usb 5-1: new high-speed USB device number 34 using dummy_hcd [ 276.873572][T13816] EXT4-fs (loop1): unable to read superblock [ 276.919412][ T6002] usb 7-1: new high-speed USB device number 17 using dummy_hcd [ 276.925035][ T40] audit: type=1326 audit(1763508703.200:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13821 comm="syz.3.3488" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7318f6c9 code=0x7ffc0000 [ 276.935573][ T40] audit: type=1326 audit(1763508703.200:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13821 comm="syz.3.3488" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7318f6c9 code=0x7ffc0000 [ 276.946055][ T40] audit: type=1326 audit(1763508703.200:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13821 comm="syz.3.3488" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fee7318f6c9 code=0x7ffc0000 [ 276.956703][ T6002] usb 7-1: device descriptor read/8, error -71 [ 276.959373][ T40] audit: type=1326 audit(1763508703.200:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13821 comm="syz.3.3488" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7318f6c9 code=0x7ffc0000 [ 276.968017][ T40] audit: type=1326 audit(1763508703.200:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13821 comm="syz.3.3488" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7318f6c9 code=0x7ffc0000 [ 276.978720][ T40] audit: type=1326 audit(1763508703.200:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13821 comm="syz.3.3488" exe="/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fee7318f6c9 code=0x7ffc0000 [ 276.988415][ T6034] usb 5-1: device descriptor read/64, error -71 [ 276.991269][ T40] audit: type=1326 audit(1763508703.200:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13821 comm="syz.3.3488" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7318f6c9 code=0x7ffc0000 [ 276.999046][ T40] audit: type=1326 audit(1763508703.200:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13821 comm="syz.3.3488" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7318f6c9 code=0x7ffc0000 [ 277.006932][ T40] audit: type=1326 audit(1763508703.210:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13821 comm="syz.3.3488" exe="/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7fee7318f6c9 code=0x7ffc0000 [ 277.015175][ T40] audit: type=1326 audit(1763508703.210:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13821 comm="syz.3.3488" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7318f6c9 code=0x7ffc0000 [ 277.219317][ T6002] usb 7-1: new high-speed USB device number 18 using dummy_hcd [ 277.251309][ T6002] usb 7-1: device descriptor read/8, error -71 [ 277.259498][ T6034] usb 5-1: new high-speed USB device number 35 using dummy_hcd [ 277.360226][ T6002] usb usb7-port1: unable to enumerate USB device [ 277.409331][ T6034] usb 5-1: device descriptor read/64, error -71 [ 277.520176][ T6034] usb usb5-port1: attempt power cycle [ 277.716273][T13883] netlink: 140 bytes leftover after parsing attributes in process `syz.1.3518'. [ 277.760306][T13885] overlayfs: overlapping lowerdir path [ 277.766754][T13885] overlayfs: failed to verify upper (226/file0, ino=1357, err=-116) [ 277.770515][T13885] overlayfs: failed to verify index dir 'upper' xattr [ 277.773282][T13885] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 277.879327][ T6034] usb 5-1: new high-speed USB device number 36 using dummy_hcd [ 277.900012][ T6034] usb 5-1: device descriptor read/8, error -71 [ 278.149621][ T6034] usb 5-1: new high-speed USB device number 37 using dummy_hcd [ 278.169346][ T6002] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 278.176875][ T6034] usb 5-1: device descriptor read/8, error -71 [ 278.289550][ T6034] usb usb5-port1: unable to enumerate USB device [ 278.339343][ T6002] usb 6-1: Using ep0 maxpacket: 16 [ 278.342595][ T6002] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 278.347854][ T6002] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 278.351546][ T6002] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 278.354726][ T6002] usb 6-1: Product: syz [ 278.356355][ T6002] usb 6-1: Manufacturer: syz [ 278.358049][ T6002] usb 6-1: SerialNumber: syz [ 278.360848][ T6002] usb 6-1: config 0 descriptor?? [ 278.367292][ T6002] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 278.370467][ T6002] em28xx 6-1:0.0: DVB interface 0 found: bulk [ 278.922048][T13917] netlink: 'syz.2.3535': attribute type 4 has an invalid length. [ 278.971176][ T6002] em28xx 6-1:0.0: unknown em28xx chip ID (0) [ 279.255161][T13927] netlink: 140 bytes leftover after parsing attributes in process `syz.3.3540'. [ 279.319484][ T10] usb 7-1: new high-speed USB device number 19 using dummy_hcd [ 279.380357][ T6002] em28xx 6-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 279.383424][ T6002] em28xx 6-1:0.0: board has no eeprom [ 279.439263][ T6002] em28xx 6-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 279.442782][ T6002] em28xx 6-1:0.0: dvb set to bulk mode. [ 279.445189][ T9] em28xx 6-1:0.0: Binding DVB extension [ 279.453438][ T6002] usb 6-1: USB disconnect, device number 19 [ 279.456353][ T6002] em28xx 6-1:0.0: Disconnecting em28xx [ 279.463004][ T10] usb 7-1: device descriptor read/64, error -71 [ 279.470081][ T9] em28xx 6-1:0.0: Registering input extension [ 279.473121][ T6002] em28xx 6-1:0.0: Closing input extension [ 279.482357][ T6002] em28xx 6-1:0.0: Freeing device [ 279.739276][ T10] usb 7-1: new high-speed USB device number 20 using dummy_hcd [ 279.893699][ T10] usb 7-1: device descriptor read/64, error -71 [ 279.918063][T13938] netlink: 'syz.1.3546': attribute type 4 has an invalid length. [ 280.009825][ T10] usb usb7-port1: attempt power cycle [ 280.359296][ T10] usb 7-1: new high-speed USB device number 21 using dummy_hcd [ 280.379909][ T10] usb 7-1: device descriptor read/8, error -71 [ 280.629833][ T10] usb 7-1: new high-speed USB device number 22 using dummy_hcd [ 280.665716][ T10] usb 7-1: device descriptor read/8, error -71 [ 280.689323][ T6002] usb 5-1: new high-speed USB device number 38 using dummy_hcd [ 280.779529][ T10] usb usb7-port1: unable to enumerate USB device [ 280.849304][ T6002] usb 5-1: Using ep0 maxpacket: 32 [ 280.853806][ T6002] usb 5-1: unable to get BOS descriptor or descriptor too short [ 280.858332][ T6002] usb 5-1: config 128 has an invalid interface number: 127 but max is 3 [ 280.862359][ T6002] usb 5-1: config 128 has an invalid descriptor of length 0, skipping remainder of the config [ 280.867023][ T6002] usb 5-1: config 128 has 1 interface, different from the descriptor's value: 4 [ 280.871255][ T6002] usb 5-1: config 128 has no interface number 0 [ 280.874038][ T6002] usb 5-1: config 128 interface 127 altsetting 14 endpoint 0x5 has an invalid bInterval 0, changing to 7 [ 280.879076][ T6002] usb 5-1: config 128 interface 127 altsetting 14 endpoint 0x5 has invalid wMaxPacketSize 0 [ 280.883849][ T6002] usb 5-1: config 128 interface 127 has no altsetting 0 [ 280.889025][ T6002] usb 5-1: New USB device found, idVendor=0582, idProduct=295c, bcdDevice=d4.55 [ 280.893265][ T6002] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 280.896809][ T6002] usb 5-1: Product: syz [ 280.898672][ T6002] usb 5-1: Manufacturer: syz [ 280.901158][ T6002] usb 5-1: SerialNumber: syz [ 281.132064][ T6002] usb 5-1: USB disconnect, device number 38 [ 281.147674][T10961] udevd[10961]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:128.127/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 281.347603][T13972] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 281.350616][T13972] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 281.354014][T13972] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 281.356937][T13972] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 281.449817][T13983] netlink: 140 bytes leftover after parsing attributes in process `syz.3.3567'. [ 282.459871][T13997] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 282.462744][T13997] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 282.464953][T13997] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 282.467134][T13997] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 282.508350][T14053] netlink: 'syz.1.3601': attribute type 4 has an invalid length. [ 282.739552][ T53] usb 8-1: new high-speed USB device number 17 using dummy_hcd [ 282.869576][ T53] usb 8-1: device descriptor read/64, error -71 [ 283.119703][ T53] usb 8-1: new high-speed USB device number 18 using dummy_hcd [ 283.249606][ T53] usb 8-1: device descriptor read/64, error -71 [ 283.369853][ T53] usb usb8-port1: attempt power cycle [ 283.617096][T14083] netlink: 'syz.1.3612': attribute type 4 has an invalid length. [ 283.719534][ T53] usb 8-1: new high-speed USB device number 19 using dummy_hcd [ 283.739924][ T53] usb 8-1: device descriptor read/8, error -71 [ 283.989558][ T53] usb 8-1: new high-speed USB device number 20 using dummy_hcd [ 284.010098][ T53] usb 8-1: device descriptor read/8, error -71 [ 284.120498][ T53] usb usb8-port1: unable to enumerate USB device [ 284.131508][T14072] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 284.134235][T14072] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 284.136914][T14072] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 284.140100][T14072] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 284.233772][T14098] overlayfs: failed to resolve './file1/file0': -2 [ 284.239734][T14098] overlayfs: failed to resolve './file1': -2 [ 285.161943][T14105] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 285.164940][T14105] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 285.167955][T14105] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 285.172077][T14105] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 285.218068][T14117] netlink: 'syz.1.3627': attribute type 3 has an invalid length. [ 285.226383][T14117] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3627'. [ 286.042429][T14161] netlink: 140 bytes leftover after parsing attributes in process `syz.1.3648'. [ 286.240193][T14184] netlink: 140 bytes leftover after parsing attributes in process `syz.1.3659'. [ 286.429346][ T5940] Bluetooth: hci3: command 0x0c1a tx timeout [ 286.434034][T14206] netlink: 140 bytes leftover after parsing attributes in process `syz.3.3670'. [ 286.901813][ T6002] usb 5-1: new full-speed USB device number 39 using dummy_hcd [ 287.050579][ T6002] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 287.053671][ T6002] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 287.057573][ T6002] usb 5-1: config 0 descriptor?? [ 287.229381][ T5940] Bluetooth: hci1: command 0x0c1a tx timeout [ 287.229410][ T5934] Bluetooth: hci0: command 0x0c1a tx timeout [ 287.231741][ T5940] Bluetooth: hci4: command 0x0c1a tx timeout [ 287.265127][ T6002] udl 5-1:0.0: [drm] Unrecognized vendor firmware descriptor [ 287.282386][ T6002] [drm] Initialized udl 0.0.1 for 5-1:0.0 on minor 3 [ 287.285428][ T6002] [drm] Initialized udl on minor 3 [ 287.392735][T14284] overlayfs: failed to resolve './file1/file0': -2 [ 287.396573][T14284] overlayfs: failed to resolve './file1': -2 [ 287.469320][ T6002] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed [ 287.473474][ T6002] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 287.669750][ T6002] usb 5-1: USB disconnect, device number 39 [ 287.672219][ T10] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 287.678672][ T10] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 288.249283][ T53] usb 8-1: new high-speed USB device number 21 using dummy_hcd [ 288.399868][ T53] usb 8-1: Using ep0 maxpacket: 16 [ 288.402986][ T53] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 288.407655][ T53] usb 8-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 288.412912][ T53] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 288.416431][ T53] usb 8-1: Product: syz [ 288.419020][ T53] usb 8-1: Manufacturer: syz [ 288.421466][ T53] usb 8-1: SerialNumber: syz [ 288.426136][ T53] usb 8-1: config 0 descriptor?? [ 288.436350][ T53] em28xx 8-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 288.440705][ T53] em28xx 8-1:0.0: DVB interface 0 found: bulk [ 288.580427][T14333] netlink: 'syz.2.3730': attribute type 3 has an invalid length. [ 288.584008][T14333] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3730'. [ 289.036333][ T53] em28xx 8-1:0.0: unknown em28xx chip ID (0) [ 289.226908][T14363] netlink: 'syz.2.3745': attribute type 4 has an invalid length. [ 289.447149][ T53] em28xx 8-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 289.450364][ T53] em28xx 8-1:0.0: board has no eeprom [ 289.509391][ T53] em28xx 8-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 289.512002][ T53] em28xx 8-1:0.0: dvb set to bulk mode. [ 289.514170][ T6001] em28xx 8-1:0.0: Binding DVB extension [ 289.529785][ T53] usb 8-1: USB disconnect, device number 21 [ 289.550385][ T53] em28xx 8-1:0.0: Disconnecting em28xx [ 289.553149][ T6001] em28xx 8-1:0.0: Registering input extension [ 289.556609][ T53] em28xx 8-1:0.0: Closing input extension [ 289.560749][T14344] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 289.564611][T14344] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 289.569580][T14344] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 289.569931][ T53] em28xx 8-1:0.0: Freeing device [ 289.576006][T14344] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 290.829413][ T5934] Bluetooth: hci3: command 0x0c1a tx timeout [ 290.966985][ T40] kauditd_printk_skb: 4 callbacks suppressed [ 290.967002][ T40] audit: type=1400 audit(1763508717.240:398): avc: denied { append } for pid=14468 comm="syz.2.3795" name="comedi3" dev="devtmpfs" ino=1305 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 290.972605][T14469] comedi comedi3: 8255: I/O port conflict (0x40404f26,4) [ 290.983682][T14469] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 290.986107][T14469] comedi comedi3: 8255: I/O port conflict (0x2,4) [ 290.989059][T14469] comedi comedi3: 8255: I/O port conflict (0xc,4) [ 290.992723][T14469] comedi comedi3: 8255: I/O port conflict (0x9,4) [ 290.995756][T14469] comedi comedi3: 8255: I/O port conflict (0xfff,4) [ 290.998372][T14469] comedi comedi3: 8255: I/O port conflict (0x5c95238c,4) [ 291.001660][T14469] comedi comedi3: 8255: I/O port conflict (0xa,4) [ 291.004207][T14469] comedi comedi3: 8255: I/O port conflict (0x3bf,4) [ 291.006687][T14469] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 291.008899][T14469] comedi comedi3: 8255: I/O port conflict (0x20000001,4) [ 291.011771][T14469] comedi comedi3: 8255: I/O port conflict (0x400e1c8,4) [ 291.014160][T14469] comedi comedi3: 8255: I/O port conflict (0x6,4) [ 291.016700][T14469] comedi comedi3: 8255: I/O port conflict (0x7,4) [ 291.018846][T14469] comedi comedi3: 8255: I/O port conflict (0x6,4) [ 291.021793][T14469] comedi comedi3: 8255: I/O port conflict (0x6,4) [ 291.023926][T14469] comedi comedi3: 8255: I/O port conflict (0x4,4) [ 291.026071][T14469] comedi comedi3: 8255: I/O port conflict (0xb,4) [ 291.028250][T14469] comedi comedi3: 8255: I/O port conflict (0x10,4) [ 291.032022][T14469] comedi comedi3: 8255: I/O port conflict (0x3,4) [ 291.034195][T14469] comedi comedi3: 8255: I/O port conflict (0xef,4) [ 291.495069][T14503] netlink: 'syz.2.3811': attribute type 4 has an invalid length. [ 291.639415][ T5934] Bluetooth: hci1: command 0x0c1a tx timeout [ 291.640356][ T64] Bluetooth: hci0: command 0x0c1a tx timeout [ 291.642419][ T5934] Bluetooth: hci4: command 0x0c1a tx timeout [ 291.779635][ T53] usb 7-1: new high-speed USB device number 23 using dummy_hcd [ 291.950036][ T53] usb 7-1: Using ep0 maxpacket: 8 [ 291.959717][ T53] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 291.963937][ T53] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 291.968266][ T53] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 291.979327][ T53] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 291.984264][ T53] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 291.987729][ T53] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 292.123147][T14519] loop8: detected capacity change from 0 to 1 [ 292.130743][T14519] Dev loop8: unable to read RDB block 1 [ 292.133403][T14519] loop8: unable to read partition table [ 292.136114][T14519] loop8: partition table beyond EOD, truncated [ 292.139066][T14519] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 292.212387][ T53] usb 7-1: GET_CAPABILITIES returned 0 [ 292.214906][ T53] usbtmc 7-1:16.0: can't read capabilities [ 292.294788][T14533] overlayfs: missing 'lowerdir' [ 292.410251][T14543] netlink: 'syz.1.3828': attribute type 3 has an invalid length. [ 292.414124][T14543] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3828'. [ 292.422027][ T6034] usb 7-1: USB disconnect, device number 23 [ 292.450204][ T6022] usb 5-1: new high-speed USB device number 40 using dummy_hcd [ 292.536068][T14557] overlayfs: missing 'lowerdir' [ 292.619678][ T6022] usb 5-1: Using ep0 maxpacket: 32 [ 292.624122][ T6022] usb 5-1: config 0 has an invalid interface number: 67 but max is 0 [ 292.628169][ T6022] usb 5-1: config 0 has no interface number 0 [ 292.635052][ T6022] usb 5-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 292.639638][ T6022] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 292.643563][ T6022] usb 5-1: Product: syz [ 292.645539][ T6022] usb 5-1: Manufacturer: syz [ 292.647770][ T6022] usb 5-1: SerialNumber: syz [ 292.651270][T14567] netlink: 'syz.1.3839': attribute type 3 has an invalid length. [ 292.654537][T14567] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3839'. [ 292.655274][ T6022] usb 5-1: config 0 descriptor?? [ 292.664697][ T6022] smsc95xx v2.0.0 [ 292.666516][ T6022] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22 [ 292.671778][ T6022] smsc95xx 5-1:0.67: probe with driver smsc95xx failed with error -22 [ 292.687637][ T40] audit: type=1400 audit(1763508718.960:399): avc: denied { map } for pid=14568 comm="syz.3.3840" path="/proc/779/smaps" dev="proc" ino=61303 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1 [ 292.743342][ T40] audit: type=1400 audit(1763508719.020:400): avc: denied { write } for pid=14574 comm="syz.1.3843" name="mcfilter" dev="proc" ino=4026533045 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 292.819588][T14579] overlayfs: missing 'lowerdir' [ 292.871801][ T6022] usb 5-1: USB disconnect, device number 40 [ 293.241549][T14591] comedi comedi3: 8255: I/O port conflict (0x40404f26,4) [ 293.244466][T14591] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 293.247279][T14591] comedi comedi3: 8255: I/O port conflict (0x2,4) [ 293.250095][T14591] comedi comedi3: 8255: I/O port conflict (0xc,4) [ 293.252695][T14591] comedi comedi3: 8255: I/O port conflict (0x9,4) [ 293.255381][T14591] comedi comedi3: 8255: I/O port conflict (0xfff,4) [ 293.259169][T14591] comedi comedi3: 8255: I/O port conflict (0x5c95238c,4) [ 293.270201][T14591] comedi comedi3: 8255: I/O port conflict (0xa,4) [ 293.273355][T14591] comedi comedi3: 8255: I/O port conflict (0x3bf,4) [ 293.276708][T14591] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 293.279888][T14591] comedi comedi3: 8255: I/O port conflict (0x20000001,4) [ 293.283345][T14591] comedi comedi3: 8255: I/O port conflict (0x400e1c8,4) [ 293.286712][T14591] comedi comedi3: 8255: I/O port conflict (0x6,4) [ 293.289905][T14591] comedi comedi3: 8255: I/O port conflict (0x7,4) [ 293.292959][T14591] comedi comedi3: 8255: I/O port conflict (0x6,4) [ 293.296253][T14591] comedi comedi3: 8255: I/O port conflict (0x6,4) [ 293.299400][T14591] comedi comedi3: 8255: I/O port conflict (0x4,4) [ 293.302420][T14591] comedi comedi3: 8255: I/O port conflict (0xb,4) [ 293.305489][T14591] comedi comedi3: 8255: I/O port conflict (0x10,4) [ 293.308740][T14591] comedi comedi3: 8255: I/O port conflict (0x3,4) [ 293.311825][T14591] comedi comedi3: 8255: I/O port conflict (0xef,4) [ 294.382102][T14619] netlink: 'syz.2.3861': attribute type 4 has an invalid length. [ 294.385479][T14619] netlink: 'syz.2.3861': attribute type 5 has an invalid length. [ 294.389046][T14619] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.3861'. [ 294.909676][ T64] Bluetooth: hci1: command 0x0c1a tx timeout [ 295.159311][ T53] usb 8-1: new full-speed USB device number 22 using dummy_hcd [ 295.313228][ T53] usb 8-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 295.321972][ T53] usb 8-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b [ 295.325848][ T53] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 295.331573][ T53] usb 8-1: Product: syz [ 295.333484][ T53] usb 8-1: Manufacturer: syz [ 295.335666][ T53] usb 8-1: SerialNumber: syz [ 295.350228][ T53] usb 8-1: dvb_usb_v2: found a '774 Friio White ISDB-T USB2.0' in warm state [ 295.599409][ T6022] usb 7-1: new high-speed USB device number 24 using dummy_hcd [ 295.702514][ T40] audit: type=1400 audit(1763508721.980:401): avc: denied { read } for pid=14665 comm="syz.0.3885" lport=48385 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 295.759331][ T6022] usb 7-1: Using ep0 maxpacket: 16 [ 295.761894][ T53] usb 8-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter) [ 295.774809][ T53] usb 8-1: USB disconnect, device number 22 [ 295.777549][ T6022] usb 7-1: config index 0 descriptor too short (expected 12580, got 36) [ 295.781229][ T6022] usb 7-1: config 40 has too many interfaces: 196, using maximum allowed: 32 [ 295.785245][ T6022] usb 7-1: config 40 has an invalid interface number: 251 but max is 195 [ 295.789155][ T6022] usb 7-1: config 40 has 1 interface, different from the descriptor's value: 196 [ 295.793675][ T6022] usb 7-1: config 40 has no interface number 0 [ 295.796727][ T6022] usb 7-1: config 40 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 295.804272][ T6022] usb 7-1: config 40 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 295.810930][ T6022] usb 7-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 295.814929][ T6022] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 295.818504][ T6022] usb 7-1: Product: syz [ 295.821027][ T6022] usb 7-1: Manufacturer: syz [ 295.823183][ T6022] usb 7-1: SerialNumber: syz [ 295.828971][T14656] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 295.833420][T14656] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 296.051567][ T6022] asix 7-1:40.251: probe with driver asix failed with error -71 [ 296.059954][ T6022] usb 7-1: USB disconnect, device number 24 [ 296.600733][ T40] audit: type=1400 audit(1763508722.880:402): avc: denied { create } for pid=14681 comm="syz.2.3891" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 296.612566][ T40] audit: type=1400 audit(1763508722.880:403): avc: denied { write } for pid=14681 comm="syz.2.3891" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 296.632016][T14684] Bluetooth: Invalid esc byte 0xff [ 296.745172][ T13] Bluetooth: (null): Invalid header checksum [ 296.748954][ T13] Bluetooth: (null): Invalid header checksum [ 296.849634][ T12] Bluetooth: (null): Invalid header checksum [ 296.959590][ T12] Bluetooth: (null): Invalid header checksum [ 297.080094][ T12] Bluetooth: (null): Invalid header checksum [ 297.336494][T14678] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 297.338644][T14678] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 297.341184][T14678] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 297.343792][T14678] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 297.467695][T14723] netlink: 'syz.3.3909': attribute type 4 has an invalid length. [ 297.579695][ T6034] usb 5-1: new high-speed USB device number 41 using dummy_hcd [ 297.729510][ T6034] usb 5-1: Using ep0 maxpacket: 16 [ 297.732895][ T6034] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 297.738820][ T6034] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 297.742354][ T6034] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 297.745358][ T6034] usb 5-1: Product: syz [ 297.746965][ T6034] usb 5-1: Manufacturer: syz [ 297.748489][ T6034] usb 5-1: SerialNumber: syz [ 297.751687][ T6034] usb 5-1: config 0 descriptor?? [ 297.758937][ T6034] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 297.762905][ T6034] em28xx 5-1:0.0: DVB interface 0 found: bulk [ 298.340840][T14727] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 298.343729][T14727] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 298.346642][T14727] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 298.350320][T14727] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 298.363121][ T6034] em28xx 5-1:0.0: unknown em28xx chip ID (0) [ 298.577776][T14745] tmpfs: Unknown parameter 'g' [ 298.623749][T14751] netlink: 'syz.1.3922': attribute type 4 has an invalid length. [ 298.774448][ T6034] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 298.778087][ T6034] em28xx 5-1:0.0: board has no eeprom [ 298.849981][ T6034] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 298.853203][ T6034] em28xx 5-1:0.0: dvb set to bulk mode. [ 298.855670][ T60] em28xx 5-1:0.0: Binding DVB extension [ 298.860877][ T6034] usb 5-1: USB disconnect, device number 41 [ 298.864592][ T6034] em28xx 5-1:0.0: Disconnecting em28xx [ 298.894867][ T60] em28xx 5-1:0.0: Registering input extension [ 298.897610][ T6034] em28xx 5-1:0.0: Closing input extension [ 298.904811][ T6034] em28xx 5-1:0.0: Freeing device [ 298.984963][T14773] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 298.987996][T14773] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 299.329316][ T53] usb 7-1: new high-speed USB device number 25 using dummy_hcd [ 299.479340][ T53] usb 7-1: Using ep0 maxpacket: 32 [ 299.483576][ T53] usb 7-1: config 0 has an invalid interface number: 67 but max is 0 [ 299.487981][ T53] usb 7-1: config 0 has no interface number 0 [ 299.494311][ T53] usb 7-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 299.498483][ T53] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 299.503808][ T53] usb 7-1: Product: syz [ 299.505835][ T53] usb 7-1: Manufacturer: syz [ 299.508028][ T53] usb 7-1: SerialNumber: syz [ 299.515072][ T53] usb 7-1: config 0 descriptor?? [ 299.520111][ T53] smsc95xx v2.0.0 [ 299.521837][ T53] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22 [ 299.526588][ T53] smsc95xx 7-1:0.67: probe with driver smsc95xx failed with error -22 [ 299.629496][ T5940] Bluetooth: hci3: command 0x0c1a tx timeout [ 299.722919][ T6002] usb 7-1: USB disconnect, device number 25 [ 299.740205][T14804] overlayfs: missing 'lowerdir' [ 300.359706][ T5940] Bluetooth: hci0: command 0x0c1a tx timeout [ 300.360780][ T64] Bluetooth: hci4: command 0x0c1a tx timeout [ 300.364038][T14823] overlayfs: missing 'workdir' [ 300.429332][ T64] Bluetooth: hci1: command 0x0c1a tx timeout [ 300.622676][T14808] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 300.625735][T14808] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 300.628503][T14808] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 300.631806][T14808] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 300.722236][T14844] netlink: 'syz.3.3966': attribute type 4 has an invalid length. [ 300.765742][T14845] Bluetooth: Invalid esc byte 0xff [ 300.775434][T14847] overlayfs: missing 'workdir' [ 300.870475][ T12] Bluetooth: (null): Invalid header checksum [ 300.873223][ T12] Bluetooth: (null): Invalid header checksum [ 300.982652][ T93] Bluetooth: (null): Invalid header checksum [ 301.083762][T14858] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3851450944 (3851450944 ns) > initial count (1115526657 ns). Using initial count to start timer. [ 301.091908][ T93] Bluetooth: (null): Invalid header checksum [ 301.199690][ T13] Bluetooth: (null): Invalid header checksum [ 301.309471][ T12] Bluetooth: (null): Invalid header checksum [ 301.549395][ C0] ------------[ cut here ]------------ [ 301.552218][ C0] ODEBUG: free active (active state 0) object: ffff888046c66090 object type: timer_list hint: rose_t0timer_expiry+0x0/0x150 [ 301.558275][ C0] WARNING: CPU: 0 PID: 0 at lib/debugobjects.c:612 debug_print_object+0x1a2/0x2b0 SYZFAIL: failed to recv rpc [ 301.562425][ C0] Modules linked in: fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 301.564307][ C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted syzkaller #0 PREEMPT(full) [ 301.569153][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 301.572788][ C0] RIP: 0010:debug_print_object+0x1a2/0x2b0 [ 301.574901][ C0] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd a0 84 f0 8b 4c 89 e6 48 c7 c7 20 79 f0 8b e8 bf a7 ce fc 90 <0f> 0b 90 90 58 83 05 d6 d1 d5 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 301.581309][ C0] RSP: 0018:ffffc90000007a18 EFLAGS: 00010282 [ 301.583382][ C0] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817b1cd8 [ 301.586177][ C0] RDX: ffffffff8e097a00 RSI: ffffffff817b1ce5 RDI: 0000000000000001 [ 301.589318][ C0] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 301.591996][ C0] R10: 0000000000000000 R11: 0000000000000001 R12: ffffffff8bf07fc0 [ 301.594934][ C0] R13: ffffffff8b9021e0 R14: ffffffff8a4db9d0 R15: ffffc90000007b18 [ 301.598288][ C0] FS: 0000000000000000(0000) GS:ffff8880d6a05000(0000) knlGS:0000000000000000 [ 301.602151][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 301.605103][ C0] CR2: 000000110c464104 CR3: 00000000505f4000 CR4: 0000000000352ef0 [ 301.608706][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 301.612312][ C0] DR3: 000000000000000e DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 301.615950][ C0] Call Trace: [ 301.617283][ C0] [ 301.618311][ C0] ? __pfx_rose_t0timer_expiry+0x10/0x10 [ 301.620336][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 301.622314][ C0] debug_check_no_obj_freed+0x4b7/0x600 [ 301.624201][ C0] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 301.626555][ C0] ? mark_held_locks+0x49/0x80 [ 301.628569][ C0] ? kasan_quarantine_put+0x10a/0x240 [ 301.630916][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 301.633081][ C0] kfree+0x291/0x6d0 [ 301.634749][ C0] ? rose_timer_expiry+0x53f/0x630 [ 301.636876][ C0] ? rose_timer_expiry+0x53f/0x630 [ 301.638867][ C0] rose_timer_expiry+0x53f/0x630 [ 301.640602][ C0] ? __pfx_rose_timer_expiry+0x10/0x10 [ 301.642451][ C0] call_timer_fn+0x19a/0x620 [ 301.644006][ C0] ? __pfx_call_timer_fn+0x10/0x10 [ 301.645760][ C0] ? rcu_is_watching+0x12/0xc0 [ 301.647398][ C0] ? __pfx_rose_timer_expiry+0x10/0x10 [ 301.649260][ C0] __run_timers+0x6ef/0x960 [ 301.650806][ C0] ? __pfx___run_timers+0x10/0x10 [ 301.652534][ C0] run_timer_base+0x114/0x190 [ 301.654142][ C0] ? __pfx_run_timer_base+0x10/0x10 [ 301.655967][ C0] ? rcu_is_watching+0x12/0xc0 [ 301.657651][ C0] run_timer_softirq+0x1a/0x40 [ 301.659354][ C0] handle_softirqs+0x219/0x8e0 [ 301.661040][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 301.662859][ C0] __irq_exit_rcu+0x109/0x170 [ 301.664467][ C0] irq_exit_rcu+0x9/0x30 [ 301.665908][ C0] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 301.667924][ C0] [ 301.668288][T14860] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 301.668936][ C0] [ 301.671833][T14860] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 301.672036][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 301.674279][T14860] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 301.676264][ C0] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 301.676288][ C0] Code: b7 6c 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 83 65 29 00 fb f4 3c 0a 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 301.676299][ C0] RSP: 0018:ffffffff8e007df8 EFLAGS: 00000286 [ 301.678519][T14860] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 301.680677][ C0] RAX: 000000000040d463 RBX: 0000000000000000 RCX: ffffffff8b60c2a9 [ 301.680689][ C0] RDX: 0000000000000000 RSI: ffffffff8da2c014 RDI: ffffffff8bf073c0 [ 301.680719][ C0] RBP: fffffbfff1c12f40 R08: 0000000000000001 R09: ffffed100d486655 [ 301.680728][ C0] R10: ffff88806a4332ab R11: 0000000000000001 R12: 0000000000000000 [ 301.680735][ C0] R13: ffffffff8e097a00 R14: ffffffff908214d0 R15: 0000000000000000 [ 301.680746][ C0] ? ct_kernel_exit+0x139/0x190 [ 301.680762][ C0] default_idle+0x13/0x20 [ 301.680774][ C0] default_idle_call+0x6c/0xb0 [ 301.711083][ C0] do_idle+0x38d/0x500 [ 301.712458][ C0] ? __pfx_do_idle+0x10/0x10 [ 301.714021][ C0] ? trace_sched_exit_tp+0x2f/0x120 [ 301.715753][ C0] cpu_startup_entry+0x4f/0x60 [ 301.717340][ C0] rest_init+0x16b/0x2b0 [ 301.718779][ C0] ? acpi_subsystem_init+0x133/0x180 [ 301.720584][ C0] ? __pfx_x86_late_time_init+0x10/0x10 [ 301.722429][ C0] start_kernel+0x3f6/0x4e0 [ 301.723995][ C0] x86_64_start_reservations+0x18/0x30 [ 301.725849][ C0] x86_64_start_kernel+0x130/0x190 [ 301.727569][ C0] common_startup_64+0x13e/0x148 [ 301.729274][ C0] [ 301.730341][ C0] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 301.732724][ C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted syzkaller #0 PREEMPT(full) [ 301.735653][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 301.739154][ C0] Call Trace: [ 301.740314][ C0] [ 301.741283][ C0] dump_stack_lvl+0x3d/0x1f0 [ 301.742840][ C0] vpanic+0x640/0x6f0 [ 301.744193][ C0] ? debug_print_object+0x1a2/0x2b0 [ 301.745976][ C0] panic+0xca/0xd0 [ 301.747256][ C0] ? __pfx_panic+0x10/0x10 [ 301.748748][ C0] ? check_panic_on_warn+0x1f/0xb0 [ 301.750671][ C0] check_panic_on_warn+0xab/0xb0 [ 301.752312][ C0] __warn+0xf6/0x3c0 [ 301.753645][ C0] ? debug_print_object+0x1a2/0x2b0 [ 301.755405][ C0] report_bug+0x3c3/0x580 [ 301.756847][ C0] ? debug_print_object+0x1a2/0x2b0 [ 301.758587][ C0] handle_bug+0x184/0x210 [ 301.760170][ C0] exc_invalid_op+0x17/0x50 [ 301.761713][ C0] asm_exc_invalid_op+0x1a/0x20 [ 301.763340][ C0] RIP: 0010:debug_print_object+0x1a2/0x2b0 [ 301.765306][ C0] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd a0 84 f0 8b 4c 89 e6 48 c7 c7 20 79 f0 8b e8 bf a7 ce fc 90 <0f> 0b 90 90 58 83 05 d6 d1 d5 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 301.772487][ C0] RSP: 0018:ffffc90000007a18 EFLAGS: 00010282 [ 301.775018][ C0] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817b1cd8 [ 301.778321][ C0] RDX: ffffffff8e097a00 RSI: ffffffff817b1ce5 RDI: 0000000000000001 [ 301.781145][ C0] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 301.783754][ C0] R10: 0000000000000000 R11: 0000000000000001 R12: ffffffff8bf07fc0 [ 301.786402][ C0] R13: ffffffff8b9021e0 R14: ffffffff8a4db9d0 R15: ffffc90000007b18 [ 301.788921][ C0] ? __pfx_rose_t0timer_expiry+0x10/0x10 [ 301.790775][ C0] ? __warn_printk+0x198/0x350 [ 301.792344][ C0] ? __warn_printk+0x1a5/0x350 [ 301.793932][ C0] ? debug_print_object+0x1a1/0x2b0 [ 301.795670][ C0] ? __pfx_rose_t0timer_expiry+0x10/0x10 [ 301.797565][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 301.799585][ C0] debug_check_no_obj_freed+0x4b7/0x600 [ 301.801373][ C0] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 301.803350][ C0] ? mark_held_locks+0x49/0x80 [ 301.804970][ C0] ? kasan_quarantine_put+0x10a/0x240 [ 301.806755][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 301.808450][ C0] kfree+0x291/0x6d0 [ 301.809800][ C0] ? rose_timer_expiry+0x53f/0x630 [ 301.811489][ C0] ? rose_timer_expiry+0x53f/0x630 [ 301.813180][ C0] rose_timer_expiry+0x53f/0x630 [ 301.814875][ C0] ? __pfx_rose_timer_expiry+0x10/0x10 [ 301.816668][ C0] call_timer_fn+0x19a/0x620 [ 301.818215][ C0] ? __pfx_call_timer_fn+0x10/0x10 [ 301.819957][ C0] ? rcu_is_watching+0x12/0xc0 [ 301.821583][ C0] ? __pfx_rose_timer_expiry+0x10/0x10 [ 301.823373][ C0] __run_timers+0x6ef/0x960 [ 301.824890][ C0] ? __pfx___run_timers+0x10/0x10 [ 301.826706][ C0] run_timer_base+0x114/0x190 [ 301.828343][ C0] ? __pfx_run_timer_base+0x10/0x10 [ 301.830322][ C0] ? rcu_is_watching+0x12/0xc0 [ 301.832340][ C0] run_timer_softirq+0x1a/0x40 [ 301.834326][ C0] handle_softirqs+0x219/0x8e0 [ 301.835942][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 301.837704][ C0] __irq_exit_rcu+0x109/0x170 [ 301.839311][ C0] irq_exit_rcu+0x9/0x30 [ 301.840719][ C0] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 301.842588][ C0] [ 301.843578][ C0] [ 301.844619][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 301.846632][ C0] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 301.848502][ C0] Code: b7 6c 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 83 65 29 00 fb f4 3c 0a 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 301.854825][ C0] RSP: 0018:ffffffff8e007df8 EFLAGS: 00000286 [ 301.856812][ C0] RAX: 000000000040d463 RBX: 0000000000000000 RCX: ffffffff8b60c2a9 [ 301.859495][ C0] RDX: 0000000000000000 RSI: ffffffff8da2c014 RDI: ffffffff8bf073c0 [ 301.862120][ C0] RBP: fffffbfff1c12f40 R08: 0000000000000001 R09: ffffed100d486655 [ 301.864707][ C0] R10: ffff88806a4332ab R11: 0000000000000001 R12: 0000000000000000 [ 301.867297][ C0] R13: ffffffff8e097a00 R14: ffffffff908214d0 R15: 0000000000000000 [ 301.869978][ C0] ? ct_kernel_exit+0x139/0x190 [ 301.871613][ C0] default_idle+0x13/0x20 [ 301.873071][ C0] default_idle_call+0x6c/0xb0 [ 301.874702][ C0] do_idle+0x38d/0x500 [ 301.876061][ C0] ? __pfx_do_idle+0x10/0x10 [ 301.877603][ C0] ? trace_sched_exit_tp+0x2f/0x120 [ 301.879337][ C0] cpu_startup_entry+0x4f/0x60 [ 301.880922][ C0] rest_init+0x16b/0x2b0 [ 301.882323][ C0] ? acpi_subsystem_init+0x133/0x180 [ 301.884056][ C0] ? __pfx_x86_late_time_init+0x10/0x10 [ 301.885925][ C0] start_kernel+0x3f6/0x4e0 [ 301.887447][ C0] x86_64_start_reservations+0x18/0x30 [ 301.889292][ C0] x86_64_start_kernel+0x130/0x190 [ 301.891131][ C0] common_startup_64+0x13e/0x148 [ 301.892786][ C0] [ 301.894470][ C0] Kernel Offset: disabled [ 301.895951][ C0] Rebooting in 86400 seconds.. VM DIAGNOSIS: 23:32:07 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000043 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85297215 RDI=ffffffff9addb780 RBP=ffffffff9addb740 RSP=ffffc90000007380 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=0000000000000043 R14=ffffffff9addb740 R15=ffffffff852971b0 RIP=ffffffff8529723f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6a05000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c464104 CR3=00000000505f4000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000054 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb242013050 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb24201305d ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb242013057 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb24201306b ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb2420130f1 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb2420131cf ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb2421b74a8 00007fb2421b74a0 00007fb2421b7498 00007fb2421b7470 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb242d1d100 00007fb2421b7460 00007fb2421b0004 0008000f0010000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb2421b74b8 00007fb2421b74b0 00007fb2421b74a8 00007fb2421b74a0 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=ffffc90006b20000 RBX=ffff888106510000 RCX=ffffffff819ced53 RDX=1ffff11020ca225a RSI=ffffffff867952bf RDI=0000000000000016 RBP=0000000000000080 RSP=ffffc900006a0ea8 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=ffffffff908211c0 R13=dffffc0000000000 R14=ffff8881065112d0 R15=0000000000000000 RIP=ffffffff867952e7 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6b05000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f2ee9717d60 CR3=0000000033367000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000002020004 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2ee8bb76c3 00007f2ee8bb76c3 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcd07e8460 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055558e5a99c7 000055558e5a97f0 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055558e59efa4 000055558e59efa0 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055558e59a42a 000055558e59a190 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055558e59cc64 000055558e59cc60 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055558e59b528 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 14d0030fffffffff ffff0414c0030010 0014b0030fffffff ffffff0414a00300 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 010fffffffffffff 040c8004019c1000 060172dc07000000 000000023b020000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000120010000 0000000000000000 0600000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0099165662dd8600 0000c28001ffffff ffffff7e080c8003 0810000210001480 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0401000008080608 01598e00080014f0 0300080014e00300 100014d0030fffff ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=dffffc0000000000 RBX=ffff88802b808000 RCX=ffffc90034156000 RDX=1ffff11005701004 RSI=ffffffff8236e67a RDI=ffff88802b808020 RBP=0000000000000000 RSP=ffffc9000741ef00 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=ffffc9000741ef68 R13=000000000085a000 R14=ffff8880357b6fc0 R15=ffff8880357b6fc0 RIP=ffffffff8236e6f7 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f36b1ec46c0 ffffffff 00c00000 GS =0000 ffff8880d6c05000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000200000000000 CR3=000000002b35f000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8160ea7b ffffffff8160ea7b ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8160ea7b ffffffff8160ea7b ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 ffffffff8160ea7b ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f36b1013050 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f36b101305d ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f36b1013057 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f36b101306b ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f36b10130f1 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f36b10131cf ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=ffff88806a442700 RCX=ffffffff81b0db41 RDX=ffff88801d6ec900 RSI=ffffffff81b0db1b RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc900000f7878 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=dffffc0000000000 R13=ffffed100d4884e1 R14=0000000000000001 R15=0000000000000000 RIP=ffffffff81b0db1d RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6d05000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000200000003c00 CR3=000000000e182000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffda9fe9e40 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f36b1013050 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f36b101305d ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f36b1013057 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f36b101306b ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f36b10130f1 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f36b10131cf ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000