last executing test programs: 1m34.752253033s ago: executing program 3 (id=5373): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) mremap(&(0x7f0000303000/0x3000)=nil, 0x3000, 0x1000, 0x0, &(0x7f0000007000/0x1000)=nil) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) 1m30.624492411s ago: executing program 3 (id=5396): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32=r0, @ANYRES8=r1, @ANYRES8=r1, @ANYRES32=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r2, 0x29, 0x20, 0x0, 0x20) 1m30.280978249s ago: executing program 3 (id=5399): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e20, 0x10001, @local, 0xffffffff}, 0x1c) bind$inet6(r2, &(0x7f0000000080)={0xa, 0x14e22, 0xfffffdf8, @ipv4={'\x00', '\xff\xff', @empty}, 0xfffffffc}, 0x1c) 1m29.83754657s ago: executing program 3 (id=5404): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x9, 0x4, 0x6, 0xfffa}, 0x1d, [0x1, 0xc95a, 0xfffffff3, 0x9, 0x80, 0x2, 0xffffffff, 0x7f, 0x6, 0x4d, 0x39cc191a, 0x5c, 0x6, 0x3, 0x2, 0x0, 0x6, 0x3, 0x0, 0x2ab, 0x4, 0x7, 0x4, 0x3c5b, 0x1, 0x1ff, 0x9, 0x5, 0x1f461e2c, 0x7, 0x2000e665, 0x7fff, 0xb, 0x3, 0x7fff, 0x4c74, 0x80000000, 0x800242, 0xffffffff, 0xa, 0x0, 0x71, 0x2, 0x6, 0x3, 0x2, 0x5, 0x3e, 0x8f, 0x6, 0x6, 0x3, 0x80092a3, 0x1200000, 0x1, 0x20000000, 0x82, 0x0, 0x7, 0x7, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0xffff, 0x12f, 0x6, 0x10, 0xfffffff3, 0x129432e6, 0xcb, 0xf9, 0xd, 0x2bf, 0x5, 0x1000, 0xfffffffc, 0x0, 0x0, 0x7, 0x5, 0x2f, 0xe, 0x312, 0x1, 0x0, 0xfffffffe, 0x8, 0x4, 0x8000, 0x9, 0x7fffffff, 0x401, 0xfff, 0x4, 0xfb, 0x5, 0x8000, 0x5f31, 0x4, 0x1, 0x2, 0x2, 0x20009, 0x4, 0x9, 0x8, 0x9, 0x6, 0xb, 0xa, 0x1, 0x9, 0x9, 0x2, 0x7f, 0x9, 0x1, 0x3, 0x9, 0xffffffff, 0x7, 0x3, 0x7, 0x200, 0x42, 0x400004], [0x6, 0x6, 0x80000001, 0x2, 0xff, 0x40000100, 0x8d2, 0x9, 0x20005, 0x7fff, 0x0, 0x20000001, 0xb, 0x4, 0x5, 0x1005, 0x0, 0x1f0, 0xfffffffd, 0x2, 0x86, 0x1, 0x9, 0x3e7, 0x3ff, 0x5, 0x2, 0x2, 0x800, 0x8, 0x5, 0x8001, 0x7, 0x38, 0x7f, 0x200, 0x80, 0x1, 0xcc52, 0x950bfaf, 0x1000, 0xa2, 0x7, 0x53cf697b, 0xfffffff9, 0x6, 0xac8, 0xbf, 0x10002, 0x403, 0x8, 0x3, 0x0, 0x1, 0xf7ff, 0x0, 0x6, 0x1c, 0x120000, 0x3, 0x6, 0xaaed, 0x4, 0xff], [0x9, 0xbb31, 0x3, 0xb, 0x5, 0x1, 0x6, 0x5, 0x0, 0x3, 0x80ce7, 0x1ff, 0x3, 0x7, 0x5, 0x1003, 0x101, 0x10000, 0x6, 0x7fff, 0xffff, 0xe620, 0x2, 0x2, 0x1, 0x2, 0x14c, 0x60a3, 0x6, 0x4, 0xffffffff, 0x80000000, 0x7, 0x8, 0xc8, 0xee1, 0x0, 0xffff, 0x3, 0x7b, 0x100, 0x9602, 0x4, 0x2, 0x10002, 0x6, 0x1, 0x10080, 0x6, 0xb, 0x30b1d693, 0x5a2b, 0xc, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1c, 0x1, 0x8000200, 0xffff3441, 0xfff]}, 0x45c) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) 1m29.440913161s ago: executing program 3 (id=5408): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r2 = gettid() tkill(r2, 0x7) 1m28.94136085s ago: executing program 3 (id=5413): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x140, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d6c2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x8, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x33, 0x78e, 0x80000000002, 0x181, 0x4, 0xffffffffffffffff, 0xf1, 0x4, 0xfffffffffffffd7e, 0x45, 0xf65, 0x1, 0xfffffffffffffffe, 0x0, 0xff, 0x8], 0x8000000, 0x3c4210}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1m27.492790538s ago: executing program 1 (id=5425): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(serpent))\x00'}, 0x58) 1m26.680061996s ago: executing program 1 (id=5430): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000006c0)='blkio.bfq.sectors\x00', 0x275a, 0x0) fcntl$lock(r2, 0x25, &(0x7f0000000100)={0x0, 0x2, 0x80000000000fffe, 0x40000001}) fcntl$lock(r2, 0x24, &(0x7f00000000c0)={0x2, 0x2, 0x401, 0x401}) 1m26.382108211s ago: executing program 1 (id=5432): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mremap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffe000/0x1000)=nil) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r2, 0x0) 1m25.988576057s ago: executing program 1 (id=5436): sendmsg$RDMA_NLDEV_CMD_RES_GET(0xffffffffffffffff, 0x0, 0x28040800) setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0) r0 = openat$uinput(0xffffff9c, &(0x7f0000000180), 0x802, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket(0x1f, 0x2, 0x2) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000000)={{}, 'syz1\x00'}) ioctl$UI_SET_ABSBIT(r0, 0x40045567, 0x0) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3) ioctl$UI_DEV_CREATE(r0, 0x5501) 1m24.291735841s ago: executing program 1 (id=5453): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$inet6_IPV6_ADDRFORM(r3, 0x29, 0x1, &(0x7f0000000040), 0x4) 1m24.135177783s ago: executing program 1 (id=5455): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_GET_DIRTY_LOG(r3, 0x4010ae42, &(0x7f0000000080)={0x3, 0x0, &(0x7f00004d7000/0x4000)=nil}) 1m12.836317416s ago: executing program 32 (id=5413): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x140, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d6c2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x8, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x33, 0x78e, 0x80000000002, 0x181, 0x4, 0xffffffffffffffff, 0xf1, 0x4, 0xfffffffffffffd7e, 0x45, 0xf65, 0x1, 0xfffffffffffffffe, 0x0, 0xff, 0x8], 0x8000000, 0x3c4210}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1m7.836607934s ago: executing program 33 (id=5455): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_GET_DIRTY_LOG(r3, 0x4010ae42, &(0x7f0000000080)={0x3, 0x0, &(0x7f00004d7000/0x4000)=nil}) 58.708506916s ago: executing program 2 (id=5681): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$tipc(0x1e, 0x2, 0x0) sendmsg$tipc(r3, &(0x7f00000000c0)={&(0x7f0000000140)=@name={0x1e, 0x2, 0x1, {{0x1}, 0x3}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x20000090) 58.535685561s ago: executing program 2 (id=5683): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x18) 58.337513294s ago: executing program 2 (id=5685): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) personality(0x5400004) 58.055363842s ago: executing program 2 (id=5687): r0 = socket$kcm(0x10, 0x2, 0x0) write$cgroup_subtree(r0, 0x0, 0xfe33) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r1 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x362, 0xc000, 0x7, 0x337}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0x0, 0xffff}}}, 0x24}}, 0x0) r2 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000300)=0x8) sendmsg(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)='9', 0x1}], 0x1, 0x0, 0x0, 0x2c}, 0x4000845) io_uring_enter(r1, 0x2219, 0x5f56, 0x53, 0x0, 0x0) 57.933044163s ago: executing program 2 (id=5689): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_all\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002cbd7000fbdbdf250100000004000180100002800c0001800800010003000080"], 0x28}, 0x1, 0x0, 0x0, 0x20000080}, 0x2000) 57.673950794s ago: executing program 2 (id=5691): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@debug={'debug', 0x3d, 0x10}}]}}) 54.379800522s ago: executing program 0 (id=5729): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x15, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x69, 0x11, 0x1e}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x1a}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport=0x27, 0xffffffffffffffff, 0x6}, 0x33) 54.274993388s ago: executing program 0 (id=5731): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'sit0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFDSTADDR(r2, 0x8918, &(0x7f0000000080)={@loopback={0x0, 0x3fc}, 0x0, r3}) 52.959278313s ago: executing program 0 (id=5747): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="740000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2b030040000000004c0012800b00010067656e65766500003c0002800800010001000000140007000000000000000005000000000000000108000f"], 0x74}}, 0x0) 51.21772558s ago: executing program 0 (id=5767): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000007540), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_CHANNELS_SET(r3, &(0x7f0000007640)={0x0, 0x0, &(0x7f0000007600)={&(0x7f0000000080)={0x2c, r2, 0x1, 0x70bd2a, 0x25dfdbfa, {}, [@ETHTOOL_A_CHANNELS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'erspan0\x00'}]}]}, 0x2c}}, 0x4) 51.028992809s ago: executing program 0 (id=5770): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB], 0x48) mkdir(0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) dup(0xffffffffffffffff) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x2, 0x4, 0x1, 0xbf22}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r1, 0xffffffffffffffff}, &(0x7f00000003c0), &(0x7f0000000400)}, 0x20) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0), &(0x7f00000000c0), 0xffffd6c0, r2}, 0x38) 50.485432832s ago: executing program 0 (id=5775): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d6c2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x8, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x33, 0x790, 0x80000000002, 0x180, 0x400000004, 0xffffffffffffffff, 0xf1, 0x3, 0xfffffffffffffd7e, 0x45, 0x0, 0x3b9, 0xfffffffffffffffe, 0x0, 0x0, 0x8], 0x8000000, 0x3c4210}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 41.662291362s ago: executing program 34 (id=5691): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@debug={'debug', 0x3d, 0x10}}]}}) 34.447264424s ago: executing program 35 (id=5775): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d6c2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x8, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x33, 0x790, 0x80000000002, 0x180, 0x400000004, 0xffffffffffffffff, 0xf1, 0x3, 0xfffffffffffffd7e, 0x45, 0x0, 0x3b9, 0xfffffffffffffffe, 0x0, 0x0, 0x8], 0x8000000, 0x3c4210}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 376.410745ms ago: executing program 4 (id=6348): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x70, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}]}, @CTA_TIMEOUT={0x8}, @CTA_SEQ_ADJ_REPLY={0xc, 0x10, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x5ff}]}]}, 0x70}}, 0x0) 256.918747ms ago: executing program 4 (id=6349): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$unix(0x1, 0x1, 0x0) setsockopt$sock_int(r2, 0x1, 0x10, &(0x7f0000000040)=0x888b, 0x4) connect$unix(r2, &(0x7f000057eff8)=@abs={0x1, 0x0, 0x4e23}, 0x6e) 216.411585ms ago: executing program 4 (id=6350): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$sock_linger(r2, 0x1, 0xd, &(0x7f0000000100)={0x1, 0x80000001}, 0x8) connect$inet(r2, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10) 165.637496ms ago: executing program 4 (id=6351): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2}) ioctl$TUNSETTXFILTER(r2, 0x400454d1, 0x0) 63.645094ms ago: executing program 4 (id=6352): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f0000000040), 0x4) sendto$inet6(r2, 0x0, 0x0, 0x2400ed80, &(0x7f0000000080)={0xa, 0x4621, 0x0, @local}, 0x1c) 0s ago: executing program 4 (id=6353): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) prlimit64(0x0, 0x6, &(0x7f0000000140), 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) syz_clone(0x80020000, 0x0, 0x0, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): z.1.1023'. [ 222.986996][ T8243] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1031'. [ 223.343166][ T8253] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1035'. [ 223.813695][ T8265] netlink: 580 bytes leftover after parsing attributes in process `syz.2.1040'. [ 224.197989][ T44] usb 4-1: USB disconnect, device number 6 [ 224.315055][ T8274] bond2: entered promiscuous mode [ 224.315086][ T8274] bond2: entered allmulticast mode [ 224.462017][ T8281] ip6erspan0: entered promiscuous mode [ 224.571111][ T8281] bond2: (slave ip6erspan0): making interface the new active one [ 224.571338][ T8281] ip6erspan0: entered allmulticast mode [ 224.598543][ T8281] bond2: (slave ip6erspan0): Enslaving as an active interface with an up link [ 225.281025][ T8313] process 'syz.2.1064' launched '/dev/fd/3' with NULL argv: empty string added [ 225.642198][ T8325] netlink: 'syz.2.1069': attribute type 4 has an invalid length. [ 226.182664][ T8346] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1079'. [ 226.870271][ T38] audit: type=1326 audit(1763555302.566:2317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8373 comm="syz.1.1095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15825af749 code=0x7ffc0000 [ 226.872662][ T38] audit: type=1326 audit(1763555302.575:2318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8373 comm="syz.1.1095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15825af749 code=0x7ffc0000 [ 226.874655][ T38] audit: type=1326 audit(1763555302.575:2319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8373 comm="syz.1.1095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f15825af749 code=0x7ffc0000 [ 226.874936][ T38] audit: type=1326 audit(1763555302.575:2320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8373 comm="syz.1.1095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15825af749 code=0x7ffc0000 [ 226.876372][ T38] audit: type=1326 audit(1763555302.575:2321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8373 comm="syz.1.1095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15825af749 code=0x7ffc0000 [ 226.876671][ T38] audit: type=1326 audit(1763555302.575:2322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8373 comm="syz.1.1095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f15825af749 code=0x7ffc0000 [ 227.088227][ T8377] netlink: 'syz.0.1096': attribute type 12 has an invalid length. [ 227.170936][ T8379] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1097'. [ 228.060992][ T8411] usb usb5: usbfs: process 8411 (syz.3.1111) did not claim interface 0 before use [ 228.593506][ T8432] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1121'. [ 230.150304][ T8483] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem [ 230.236340][ T8489] netlink: 2028 bytes leftover after parsing attributes in process `syz.2.1145'. [ 230.236364][ T8489] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1145'. [ 230.528167][ T8497] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1151'. [ 230.889867][ T8509] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1157'. [ 231.798754][ T8531] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1168'. [ 232.291065][ T38] kauditd_printk_skb: 16 callbacks suppressed [ 232.291085][ T38] audit: type=1326 audit(1763555307.661:2339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8552 comm="syz.0.1178" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f765ff6f749 code=0x0 [ 232.339747][ T5804] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 232.413912][ T5861] usb 3-1: new full-speed USB device number 5 using dummy_hcd [ 232.510762][ T5804] usb 4-1: Using ep0 maxpacket: 32 [ 232.515257][ T5804] usb 4-1: config 0 has an invalid interface number: 12 but max is 0 [ 232.515287][ T5804] usb 4-1: config 0 has no interface number 0 [ 232.515348][ T5804] usb 4-1: config 0 interface 12 has no altsetting 0 [ 232.518907][ T5804] usb 4-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 232.518937][ T5804] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 232.518956][ T5804] usb 4-1: Product: syz [ 232.518971][ T5804] usb 4-1: Manufacturer: syz [ 232.518986][ T5804] usb 4-1: SerialNumber: syz [ 232.594622][ T5804] usb 4-1: config 0 descriptor?? [ 232.598595][ T5861] usb 3-1: config 0 has an invalid interface number: 41 but max is 0 [ 232.598624][ T5861] usb 3-1: config 0 has no interface number 0 [ 232.598675][ T5861] usb 3-1: config 0 interface 41 has no altsetting 0 [ 232.635128][ T5861] usb 3-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 232.635162][ T5861] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 232.635183][ T5861] usb 3-1: Product: syz [ 232.635198][ T5861] usb 3-1: Manufacturer: syz [ 232.635213][ T5861] usb 3-1: SerialNumber: syz [ 232.661647][ T5861] usb 3-1: config 0 descriptor?? [ 233.178176][ T5861] CoreChips 3-1:0.41 (unnamed net_device) (uninitialized): set LINK LED failed : -71 [ 233.178441][ T5861] CoreChips 3-1:0.41: probe with driver CoreChips failed with error -71 [ 233.206697][ T5861] usb 3-1: USB disconnect, device number 5 [ 233.341390][ T5805] Bluetooth: hci1: command 0x0406 tx timeout [ 233.341497][ T5805] Bluetooth: hci3: command 0x0406 tx timeout [ 233.341553][ T5815] Bluetooth: hci2: command 0x0406 tx timeout [ 234.577450][ T5804] f81534 4-1:0.12: f81534_set_register: reg: 1003 data: b0 failed: -71 [ 234.577512][ T5804] f81534 4-1:0.12: f81534_find_config_idx: read failed: -71 [ 234.577531][ T5804] f81534 4-1:0.12: f81534_calc_num_ports: find idx failed: -71 [ 234.577630][ T5804] f81534 4-1:0.12: probe with driver f81534 failed with error -71 [ 234.631176][ T5804] usb 4-1: USB disconnect, device number 7 [ 238.531277][ T61] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 239.732597][ T8745] netlink: 260 bytes leftover after parsing attributes in process `syz.1.1271'. [ 239.807399][ T8748] netlink: 'syz.2.1272': attribute type 10 has an invalid length. [ 240.016086][ T8748] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 240.016275][ T8748] netdevsim netdevsim2 netdevsim0: entered allmulticast mode [ 240.017244][ T8748] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 240.719448][ T8778] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1287'. [ 241.456492][ T8801] netlink: 256 bytes leftover after parsing attributes in process `syz.0.1299'. [ 242.554016][ T8840] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1316'. [ 242.862684][ T38] audit: type=1326 audit(1763555317.579:2340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8852 comm="syz.1.1324" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f15825af749 code=0x0 [ 245.720799][ T8905] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1347'. [ 246.597570][ T8919] cgroup: No subsys list or none specified [ 246.764548][ T8923] dummy0: entered allmulticast mode [ 246.765298][ T8922] dummy0: left allmulticast mode [ 248.091415][ T38] audit: type=1326 audit(1763555322.477:2341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8961 comm="syz.0.1374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f765ff6f749 code=0x7ffc0000 [ 248.091759][ T38] audit: type=1326 audit(1763555322.487:2342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8961 comm="syz.0.1374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=440 compat=0 ip=0x7f765ff6f749 code=0x7ffc0000 [ 248.097630][ T38] audit: type=1326 audit(1763555322.487:2343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8961 comm="syz.0.1374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f765ff6f749 code=0x7ffc0000 [ 250.946695][ T9049] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1414'. [ 251.354497][ T9068] netlink: 'syz.0.1423': attribute type 4 has an invalid length. [ 251.354522][ T9068] netlink: 'syz.0.1423': attribute type 21 has an invalid length. [ 251.354537][ T9068] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.1423'. [ 252.463694][ T38] audit: type=1326 audit(1763555326.587:2344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9107 comm="syz.2.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe48499f749 code=0x7ffc0000 [ 252.466783][ T38] audit: type=1326 audit(1763555326.587:2345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9107 comm="syz.2.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe48499f749 code=0x7ffc0000 [ 252.467108][ T38] audit: type=1326 audit(1763555326.587:2346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9107 comm="syz.2.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe48499f749 code=0x7ffc0000 [ 252.471951][ T38] audit: type=1326 audit(1763555326.596:2347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9107 comm="syz.2.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe48499f749 code=0x7ffc0000 [ 252.475285][ T38] audit: type=1326 audit(1763555326.596:2348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9107 comm="syz.2.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe48499f749 code=0x7ffc0000 [ 252.475761][ T38] audit: type=1326 audit(1763555326.596:2349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9107 comm="syz.2.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe48499f749 code=0x7ffc0000 [ 252.476460][ T38] audit: type=1326 audit(1763555326.596:2350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9107 comm="syz.2.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe48499f749 code=0x7ffc0000 [ 252.476919][ T38] audit: type=1326 audit(1763555326.596:2351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9107 comm="syz.2.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fe48499f749 code=0x7ffc0000 [ 252.481742][ T38] audit: type=1326 audit(1763555326.596:2352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9107 comm="syz.2.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe48499f749 code=0x7ffc0000 [ 252.487514][ T38] audit: type=1326 audit(1763555326.606:2353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9107 comm="syz.2.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe48499f749 code=0x7ffc0000 [ 253.341111][ T9125] 9pnet: Could not find request transport: 0xffffffffffffffff [ 253.823709][ T9145] netlink: 'syz.2.1458': attribute type 27 has an invalid length. [ 254.237641][ T9163] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1467'. [ 256.346669][ T9214] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1489'. [ 256.654928][ T9220] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1492'. [ 257.226765][ T9231] netlink: 'syz.2.1498': attribute type 27 has an invalid length. [ 258.355105][ T9259] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1511'. [ 259.164728][ T9283] overlayfs: missing 'lowerdir' [ 259.853187][ T9308] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1531'. [ 261.098353][ T9344] Unsupported ieee802154 address type: 0 [ 261.918399][ T9363] 9pnet_virtio: no channels available for device ./file0 [ 264.205763][ T9420] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1585'. [ 265.015908][ T9443] ALSA: seq fatal error: cannot create timer (-16) [ 265.380469][ T9461] netlink: 'syz.2.1606': attribute type 13 has an invalid length. [ 265.843579][ T9478] netlink: 'syz.3.1614': attribute type 16 has an invalid length. [ 265.843604][ T9478] netlink: 'syz.3.1614': attribute type 17 has an invalid length. [ 266.308727][ T9478] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 267.659519][ T9533] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1640'. [ 267.659559][ T9533] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1640'. [ 267.659577][ T9533] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1640'. [ 268.612311][ T9549] netlink: 'syz.0.1648': attribute type 1 has an invalid length. [ 269.101557][ T38] kauditd_printk_skb: 6 callbacks suppressed [ 269.101579][ T38] audit: type=1326 audit(1763555342.201:2360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9563 comm="syz.0.1656" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f765ff6f749 code=0x0 [ 269.194114][ T9568] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 269.194135][ T9568] overlayfs: missing 'lowerdir' [ 269.315373][ T1319] ieee802154 phy0 wpan0: encryption failed: -22 [ 269.315453][ T1319] ieee802154 phy1 wpan1: encryption failed: -22 [ 271.023045][ T9633] program syz.0.1690 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 271.388542][ T9647] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1695'. [ 271.492107][ C1] vkms_vblank_simulate: vblank timer overrun [ 272.044704][ C1] vkms_vblank_simulate: vblank timer overrun [ 272.070145][ T9] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 272.127843][ C1] vkms_vblank_simulate: vblank timer overrun [ 272.276477][ T9] usb 1-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00 [ 272.276511][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 272.276534][ T9] usb 1-1: Product: syz [ 272.276548][ T9] usb 1-1: Manufacturer: syz [ 272.276563][ T9] usb 1-1: SerialNumber: syz [ 272.786050][ T9] rtl8150 1-1:1.0: couldn't reset the device [ 272.786471][ T9] rtl8150 1-1:1.0: probe with driver rtl8150 failed with error -5 [ 272.869371][ T9] usb 1-1: USB disconnect, device number 7 [ 272.978108][ T9647] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 273.029654][ T9647] bond_slave_0: left allmulticast mode [ 273.082950][ T9647] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 273.140333][ T9647] bond_slave_1: left allmulticast mode [ 273.177536][ T9647] bond0 (unregistering): Released all slaves [ 273.473109][ T9696] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1715'. [ 274.196651][ T9724] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1726'. [ 274.842244][ T9740] binder: 9738:9740 ioctl c0306201 200000000100 returned -14 [ 274.898409][ T9741] tmpfs: Bad value for 'mpol' [ 275.214741][ T9753] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1741'. [ 275.455620][ T9759] netlink: 'syz.3.1745': attribute type 10 has an invalid length. [ 275.455647][ T9759] netlink: 17 bytes leftover after parsing attributes in process `syz.3.1745'. [ 276.468541][ T9792] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1761'. [ 276.540689][ T9794] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1762'. [ 276.834999][ T9804] futex_wake_op: syz.3.1767 tries to shift op by 144; fix this program [ 277.039582][ T38] audit: type=1326 audit(1763555349.651:2361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9807 comm="syz.1.1769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15825af749 code=0x7ffc0000 [ 277.039647][ T38] audit: type=1326 audit(1763555349.651:2362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9807 comm="syz.1.1769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15825af749 code=0x7ffc0000 [ 277.045312][ T38] audit: type=1326 audit(1763555349.651:2363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9807 comm="syz.1.1769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f15825af749 code=0x7ffc0000 [ 277.045370][ T38] audit: type=1326 audit(1763555349.651:2364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9807 comm="syz.1.1769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15825af749 code=0x7ffc0000 [ 277.045416][ T38] audit: type=1326 audit(1763555349.651:2365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9807 comm="syz.1.1769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15825af749 code=0x7ffc0000 [ 277.085375][ T38] audit: type=1326 audit(1763555349.688:2366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9807 comm="syz.1.1769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f15825af749 code=0x7ffc0000 [ 277.085441][ T38] audit: type=1326 audit(1763555349.688:2367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9807 comm="syz.1.1769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15825af749 code=0x7ffc0000 [ 277.085492][ T38] audit: type=1326 audit(1763555349.688:2368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9807 comm="syz.1.1769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15825af749 code=0x7ffc0000 [ 277.085542][ T38] audit: type=1326 audit(1763555349.688:2369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9807 comm="syz.1.1769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f15825af749 code=0x7ffc0000 [ 277.085591][ T38] audit: type=1326 audit(1763555349.688:2370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9807 comm="syz.1.1769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15825af749 code=0x7ffc0000 [ 278.520562][ T9846] openvswitch: netlink: IP tunnel dst address not specified [ 284.326035][T10013] comedi comedi3: comedi_test: 3879 microvolt, 2147483645 microsecond waveform attached [ 284.554518][T10022] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1865'. [ 285.926092][T10052] netlink: 'syz.1.1882': attribute type 6 has an invalid length. [ 286.559524][T10068] netlink: 'syz.1.1890': attribute type 4 has an invalid length. [ 286.559551][T10068] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.1890'. [ 286.830984][T10080] fuseblk: Bad value for 'user_id' [ 286.831008][T10080] fuseblk: Bad value for 'user_id' [ 287.093581][T10090] netlink: 260 bytes leftover after parsing attributes in process `syz.2.1900'. [ 287.093651][T10090] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1900'. [ 287.093669][T10090] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1900'. [ 287.151835][T10089] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1869'. [ 289.171843][T10153] sctp: [Deprecated]: syz.2.1926 (pid 10153) Use of struct sctp_assoc_value in delayed_ack socket option. [ 289.171843][T10153] Use struct sctp_sack_info instead [ 289.189860][T10152] netlink: 'syz.0.1931': attribute type 10 has an invalid length. [ 289.268901][T10152] team0: Port device dummy0 added [ 289.289338][T10156] netlink: 'syz.0.1931': attribute type 10 has an invalid length. [ 289.291314][T10156] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 289.413106][T10156] team0: Failed to send options change via netlink (err -105) [ 289.413418][T10156] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 289.414352][T10156] team0: Port device dummy0 removed [ 289.523479][T10156] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 290.264466][ T38] kauditd_printk_skb: 232 callbacks suppressed [ 290.264488][ T38] audit: type=1107 audit(1763555362.046:2603): pid=10184 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='' [ 291.055482][T10210] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1959'. [ 293.782181][T10304] bridge0: port 3(ip6gretap0) entered blocking state [ 293.782376][T10304] bridge0: port 3(ip6gretap0) entered disabled state [ 293.782623][T10304] ip6gretap0: entered allmulticast mode [ 293.785443][T10304] ip6gretap0: entered promiscuous mode [ 293.818198][T10304] bridge0: port 3(ip6gretap0) entered blocking state [ 293.819155][T10304] bridge0: port 3(ip6gretap0) entered forwarding state [ 296.881939][T10388] netlink: 'syz.0.2042': attribute type 13 has an invalid length. [ 296.917837][T10388] erspan0: refused to change device tx_queue_len [ 297.275351][T10399] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2046'. [ 297.850906][T10417] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2055'. [ 299.827964][T10480] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 299.828179][T10480] Error validating options; rc = [-22] [ 301.371945][T10520] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2094'. [ 301.927236][T10540] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2103'. [ 303.230562][T10584] netlink: 180 bytes leftover after parsing attributes in process `syz.3.2124'. [ 304.601455][T10641] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2149'. [ 305.840938][T10676] netlink: 'syz.2.2165': attribute type 1 has an invalid length. [ 305.923152][T10676] 8021q: adding VLAN 0 to HW filter on device bond3 [ 305.927393][T10644] mmap: syz.1.2150 (10644) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 306.071133][T10676] ip6gretap1: entered allmulticast mode [ 306.143109][T10676] bond3: (slave ip6gretap1): making interface the new active one [ 306.163340][T10676] bond3: (slave ip6gretap1): Enslaving as an active interface with an up link [ 307.778062][T10728] EXT4-fs (loop1): unable to read superblock [ 308.118938][T10739] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 308.118967][T10739] Error validating options; rc = [-22] [ 311.835548][T10825] sp0: Synchronizing with TNC [ 311.847228][T10824] [U] è [ 312.433340][T10845] netlink: 'syz.2.2242': attribute type 19 has an invalid length. [ 312.433366][T10845] netlink: 5 bytes leftover after parsing attributes in process `syz.2.2242'. [ 312.589677][T10851] netlink: 'syz.2.2246': attribute type 12 has an invalid length. [ 313.250663][ T31] usb 1-1: new full-speed USB device number 8 using dummy_hcd [ 313.449128][ T31] usb 1-1: not running at top speed; connect to a high speed hub [ 313.461942][ T31] usb 1-1: config 95 has an invalid interface number: 1 but max is 0 [ 313.461971][ T31] usb 1-1: config 95 has no interface number 0 [ 313.462013][ T31] usb 1-1: config 95 interface 1 has no altsetting 0 [ 313.629823][ T31] usb 1-1: string descriptor 0 read error: -22 [ 313.630019][ T31] usb 1-1: New USB device found, idVendor=0763, idProduct=2031, bcdDevice=ad.3f [ 313.630046][ T31] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 314.384049][ T31] usb 1-1: USB disconnect, device number 8 [ 315.158348][T10915] netlink: 'syz.0.2276': attribute type 12 has an invalid length. [ 315.467319][T10927] pim6reg: entered allmulticast mode [ 318.616046][T11028] netlink: 'syz.0.2330': attribute type 5 has an invalid length. [ 318.616076][T11028] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.2330'. [ 319.756199][T11070] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 320.070332][T11085] netlink: 260 bytes leftover after parsing attributes in process `syz.3.2356'. [ 320.292578][T11081] kvm_intel: kvm [11080]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0xeec7f47d563e95bb [ 320.293326][T11081] kvm_intel: kvm [11080]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0xeec7f47d563e95bb [ 320.293907][T11081] kvm_intel: kvm [11080]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0xeec7f47d563e95bb [ 320.294586][T11081] kvm_intel: kvm [11080]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0xeec7f47d563e95bb [ 320.295021][T11081] kvm_intel: kvm [11080]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0xeec7f47d563e95bb [ 320.353383][T11081] kvm_intel: kvm [11080]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0xeec7f47d563e95bb [ 320.353821][T11081] kvm_intel: kvm [11080]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0xeec7f47d563e95bb [ 320.354239][T11081] kvm_intel: kvm [11080]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0xeec7f47d563e95bb [ 320.354644][T11081] kvm_intel: kvm [11080]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0xeec7f47d563e95bb [ 320.355047][T11081] kvm_intel: kvm [11080]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0xeec7f47d563e95bb [ 321.829581][T11142] kAFS: No cell specified [ 322.252555][T11146] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2385'. [ 322.252585][T11146] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2385'. [ 322.252602][T11146] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2385'. [ 324.308414][T11204] XFS (nullb0): Invalid superblock magic number [ 324.506302][T11216] binder: 11210:11216 ioctl c0306201 200000000480 returned -14 [ 325.418850][T11241] netlink: 88 bytes leftover after parsing attributes in process `syz.2.2428'. [ 325.794977][T11253] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 327.836033][ T38] audit: type=1326 audit(2000000013.040:2604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11327 comm="syz.1.2473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15825af749 code=0x7ffc0000 [ 327.840778][ T38] audit: type=1326 audit(2000000013.040:2605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11327 comm="syz.1.2473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f15825af749 code=0x7ffc0000 [ 327.840837][ T38] audit: type=1326 audit(2000000013.040:2606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11327 comm="syz.1.2473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15825af749 code=0x7ffc0000 [ 327.840884][ T38] audit: type=1326 audit(2000000013.040:2607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11327 comm="syz.1.2473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f15825af749 code=0x7ffc0000 [ 327.840931][ T38] audit: type=1326 audit(2000000013.040:2608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11327 comm="syz.1.2473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15825af749 code=0x7ffc0000 [ 327.840976][ T38] audit: type=1326 audit(2000000013.040:2609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11327 comm="syz.1.2473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f15825af749 code=0x7ffc0000 [ 327.841041][ T38] audit: type=1326 audit(2000000013.040:2610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11327 comm="syz.1.2473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15825af749 code=0x7ffc0000 [ 327.842038][ T38] audit: type=1326 audit(2000000013.040:2611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11327 comm="syz.1.2473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=332 compat=0 ip=0x7f15825af749 code=0x7ffc0000 [ 327.844108][ T38] audit: type=1326 audit(2000000013.050:2612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11327 comm="syz.1.2473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15825af749 code=0x7ffc0000 [ 327.853480][ T38] audit: type=1326 audit(2000000013.059:2613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11327 comm="syz.1.2473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15825af749 code=0x7ffc0000 [ 329.997742][T11364] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2487'. [ 329.997774][T11364] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2487'. [ 330.974026][T11381] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2496'. [ 334.376763][ T38] audit: type=1326 audit(2000000019.176:2614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11453 comm="syz.2.2529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe48499f749 code=0x7ffc0000 [ 334.376834][ T38] audit: type=1326 audit(2000000019.186:2615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11453 comm="syz.2.2529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=104 compat=0 ip=0x7fe48499f749 code=0x7ffc0000 [ 334.376882][ T38] audit: type=1326 audit(2000000019.186:2616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11453 comm="syz.2.2529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe48499f749 code=0x7ffc0000 [ 334.376927][ T38] audit: type=1326 audit(2000000019.186:2617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11453 comm="syz.2.2529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe48499f749 code=0x7ffc0000 [ 334.802461][ T1319] ieee802154 phy0 wpan0: encryption failed: -22 [ 334.802543][ T1319] ieee802154 phy1 wpan1: encryption failed: -22 [ 334.842717][T11463] netlink: 'syz.0.2531': attribute type 4 has an invalid length. [ 334.842742][T11463] netlink: 'syz.0.2531': attribute type 5 has an invalid length. [ 334.842756][T11463] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.2531'. [ 334.843495][T11464] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 335.523828][T11476] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2541'. [ 335.688632][ T38] audit: type=1326 audit(2000000020.415:2618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11480 comm="syz.1.2542" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f15825af749 code=0x0 [ 336.320013][T11502] kvm_pr_unimpl_wrmsr: 36 callbacks suppressed [ 336.320040][T11502] kvm_intel: kvm [11500]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0xeec7f47d563e95bb [ 336.322187][T11502] kvm_intel: kvm [11500]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0xeec7f47d563e95bb [ 336.322915][T11502] kvm_intel: kvm [11500]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0xeec7f47d563e95bb [ 336.324753][T11502] kvm_intel: kvm [11500]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0xeec7f47d563e95bb [ 336.325729][T11502] kvm_intel: kvm [11500]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0xeec7f47d563e95bb [ 336.332533][T11502] kvm_intel: kvm [11500]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0xeec7f47d563e95bb [ 336.337748][T11502] kvm_intel: kvm [11500]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0xeec7f47d563e95bb [ 336.342552][T11502] kvm_intel: kvm [11500]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0xeec7f47d563e95bb [ 336.349042][T11502] kvm_intel: kvm [11500]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0xeec7f47d563e95bb [ 336.349754][T11502] kvm_intel: kvm [11500]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0xeec7f47d563e95bb [ 338.477736][T11581] netlink: 88 bytes leftover after parsing attributes in process `syz.2.2588'. [ 340.136781][T11651] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 340.136781][T11651] The task syz.3.2616 (11651) triggered the difference, watch for misbehavior. [ 344.379039][T11675] netlink: 'syz.0.2628': attribute type 4 has an invalid length. [ 344.379062][T11675] netlink: 17 bytes leftover after parsing attributes in process `syz.0.2628'. [ 345.119461][ T5861] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 345.294700][ T5861] usb 2-1: Using ep0 maxpacket: 32 [ 345.301477][ T5861] usb 2-1: config 0 has an invalid interface number: 67 but max is 0 [ 345.301611][ T5861] usb 2-1: config 0 has no interface number 0 [ 345.306664][ T5861] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 345.306701][ T5861] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 345.306727][ T5861] usb 2-1: Product: syz [ 345.306745][ T5861] usb 2-1: Manufacturer: syz [ 345.306763][ T5861] usb 2-1: SerialNumber: syz [ 345.359996][ T5861] usb 2-1: config 0 descriptor?? [ 345.411689][ T5861] smsc95xx v2.0.0 [ 345.686582][T11722] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2648'. [ 345.833979][ T5861] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71 [ 345.834013][ T5861] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 345.834824][ T5861] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 345.835149][ T5861] smsc95xx 2-1:0.67: probe with driver smsc95xx failed with error -71 [ 345.874045][ T5861] usb 2-1: USB disconnect, device number 4 [ 346.856927][T11744] dns_resolver: Unsupported content type (6) [ 347.307162][T11758] 9pnet_fd: Insufficient options for proto=fd [ 347.609998][T11770] Device name not specified. [ 347.609998][T11770] [ 347.861434][T11777] netlink: 80 bytes leftover after parsing attributes in process `syz.2.2674'. [ 349.479460][ T9] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 349.758118][ T9] usb 1-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00 [ 349.758150][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 349.758170][ T9] usb 1-1: Product: syz [ 349.758185][ T9] usb 1-1: Manufacturer: syz [ 349.758198][ T9] usb 1-1: SerialNumber: syz [ 350.318844][ T9] rtl8150 1-1:1.0: couldn't reset the device [ 350.319240][ T9] rtl8150 1-1:1.0: probe with driver rtl8150 failed with error -5 [ 350.405685][ T9] usb 1-1: USB disconnect, device number 9 [ 351.592818][T11855] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 351.712487][T11856] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer. [ 352.247642][T11878] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 352.247665][T11878] overlayfs: missing 'lowerdir' [ 353.810954][T11918] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2739'. [ 357.580836][T12024] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2788'. [ 357.739693][ T10] usb 3-1: new low-speed USB device number 6 using dummy_hcd [ 357.923852][ T10] usb 3-1: config index 0 descriptor too short (expected 1307, got 27) [ 357.923884][ T10] usb 3-1: config 0 has an invalid interface number: 0 but max is -1 [ 357.923916][ T10] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 357.923959][ T10] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 33, using maximum allowed: 30 [ 357.924006][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x4 is Bulk; changing to Interrupt [ 357.924030][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0 [ 357.924054][ T10] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 33 [ 357.929916][ T10] usb 3-1: string descriptor 0 read error: -22 [ 357.930103][ T10] usb 3-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=c3.de [ 357.930129][ T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 358.020544][ T10] usb 3-1: config 0 descriptor?? [ 358.059898][ T10] hub 3-1:0.0: bad descriptor, ignoring hub [ 358.059944][ T10] hub 3-1:0.0: probe with driver hub failed with error -5 [ 358.399418][ T31] usb 3-1: USB disconnect, device number 6 [ 359.249922][T12065] netlink: 'syz.3.2807': attribute type 6 has an invalid length. [ 359.266500][T12069] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2809'. [ 361.526084][T12135] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2841'. [ 362.037735][T12149] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2847'. [ 362.302241][T12160] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2853'. [ 362.329824][T12161] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2854'. [ 364.136477][ T5804] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 364.224469][ T5804] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syz0 [ 364.241224][ T31] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 364.419860][ T31] usb 2-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00 [ 364.419884][ T31] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 364.419899][ T31] usb 2-1: Product: syz [ 364.419909][ T31] usb 2-1: Manufacturer: syz [ 364.419920][ T31] usb 2-1: SerialNumber: syz [ 364.945764][ T31] rtl8150 2-1:1.0: couldn't reset the device [ 364.946209][ T31] rtl8150 2-1:1.0: probe with driver rtl8150 failed with error -5 [ 364.999643][ T31] usb 2-1: USB disconnect, device number 5 [ 366.950962][T12251] hpfs: Bad magic ... probably not HPFS [ 367.159326][T12258] binder: 12256:12258 ioctl c0306201 200000000640 returned -22 [ 367.427341][T12266] netlink: 4096 bytes leftover after parsing attributes in process `syz.0.2901'. [ 369.411177][T12319] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2923'. [ 369.411253][T12319] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2923'. [ 369.677406][T12319] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2923'. [ 369.677476][T12319] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2923'. [ 369.905659][T12319] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2923'. [ 369.905736][T12319] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2923'. [ 371.521189][T12364] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 371.522447][T12364] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 371.522557][T12364] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 371.655873][T12364] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 371.656042][T12364] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 371.756442][T12364] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 371.756559][T12364] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 372.074582][T12414] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2969'. [ 373.674478][ T61] Bluetooth: hci1: command 0x0406 tx timeout [ 373.844747][ T61] Bluetooth: hci2: command 0x0406 tx timeout [ 373.940571][ T61] Bluetooth: hci3: command 0x0406 tx timeout [ 374.360162][T12492] netlink: 'syz.0.3007': attribute type 19 has an invalid length. [ 374.720814][T12502] netlink: 'syz.1.3012': attribute type 4 has an invalid length. [ 374.720842][T12502] netlink: 17 bytes leftover after parsing attributes in process `syz.1.3012'. [ 374.754594][T12505] netlink: 'syz.3.3014': attribute type 6 has an invalid length. [ 374.754623][T12505] IPv6: NLM_F_CREATE should be specified when creating new route [ 375.016047][ T2997] tipc: Subscription rejected, illegal request [ 375.115195][T12515] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3016'. [ 375.891808][ T61] Bluetooth: hci1: command 0x0406 tx timeout [ 376.018479][T12542] overlayfs: conflicting options: userxattr,metacopy=on [ 376.061681][ T61] Bluetooth: hci2: command 0x0406 tx timeout [ 376.147014][ T61] Bluetooth: hci3: command 0x0406 tx timeout [ 376.650083][T12561] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3038'. [ 376.672071][T12561] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3038'. [ 376.838186][ C1] vkms_vblank_simulate: vblank timer overrun [ 377.713746][ T5861] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 377.898364][ T5861] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 377.898449][ T5861] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 377.898477][ T5861] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 377.951317][ T5861] usb 2-1: config 0 descriptor?? [ 377.975900][ T5861] pwc: Askey VC010 type 2 USB webcam detected. [ 378.050590][T12607] binder: Bad value for 'max' [ 378.093004][T12606] cgroup: Unknown subsys name 'cpuset' [ 378.412129][ T5861] pwc: recv_control_msg error -32 req 02 val 2b00 [ 378.425879][ T5861] pwc: recv_control_msg error -32 req 02 val 2700 [ 378.427130][ T5861] pwc: recv_control_msg error -32 req 02 val 2c00 [ 378.446703][ T5861] pwc: recv_control_msg error -32 req 04 val 1000 [ 378.495401][ T5861] pwc: recv_control_msg error -32 req 04 val 1300 [ 378.497560][ T5861] pwc: recv_control_msg error -32 req 04 val 1400 [ 378.716203][ T5861] pwc: recv_control_msg error -71 req 02 val 2100 [ 378.716883][ T5861] pwc: recv_control_msg error -71 req 04 val 1500 [ 378.717399][ T5861] pwc: recv_control_msg error -71 req 02 val 2500 [ 378.718043][ T5861] pwc: recv_control_msg error -71 req 02 val 2400 [ 378.720391][ T5861] pwc: recv_control_msg error -71 req 02 val 2600 [ 378.723462][ T5861] pwc: recv_control_msg error -71 req 02 val 2900 [ 378.726153][ T5861] pwc: recv_control_msg error -71 req 02 val 2800 [ 378.784177][ T5861] pwc: recv_control_msg error -71 req 04 val 1100 [ 378.786303][ T5861] pwc: recv_control_msg error -71 req 04 val 1200 [ 378.883153][ T5861] pwc: Registered as video103. [ 378.911421][ T5861] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input10 [ 378.957259][ T5861] usb 2-1: USB disconnect, device number 6 [ 379.083513][T12627] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3068'. [ 379.414286][T12636] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3073'. [ 379.624109][T12646] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3076'. [ 379.931836][T12661] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 380.773017][ T5804] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 380.852841][T12703] overlayfs: empty lowerdir [ 380.932683][ T5804] usb 2-1: Using ep0 maxpacket: 16 [ 380.949182][ T5804] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 380.949236][ T5804] usb 2-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00 [ 380.949263][ T5804] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 380.967483][ T5804] usb 2-1: config 0 descriptor?? [ 381.213989][ T5804] usbhid 2-1:0.0: can't add hid device: -71 [ 381.214151][ T5804] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 381.285638][ T5804] usb 2-1: USB disconnect, device number 7 [ 381.797122][T12734] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3118'. [ 381.854000][T12736] warning: `syz.0.3119' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 382.494054][T12754] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3128'. [ 382.521754][T12758] netlink: 17 bytes leftover after parsing attributes in process `syz.2.3130'. [ 382.581915][T12760] dummy0: entered allmulticast mode [ 382.582276][T12759] dummy0: left allmulticast mode [ 384.234323][T12809] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 385.174484][T12846] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3172'. [ 385.772688][T12870] netlink: 'syz.1.3181': attribute type 13 has an invalid length. [ 385.840401][T12870] gretap0: refused to change device tx_queue_len [ 385.841191][T12870] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 385.857379][T12869] syzkaller0: entered promiscuous mode [ 385.857412][T12869] syzkaller0: entered allmulticast mode [ 385.929763][T12869] tipc: Started in network mode [ 385.929799][T12869] tipc: Node identity da26c8d4ae5f, cluster identity 4711 [ 385.982548][T12869] tipc: Enabled bearer , priority 0 [ 386.031782][T12867] tipc: Resetting bearer [ 386.259735][T12867] tipc: Disabling bearer [ 386.832717][T12901] loop5: detected capacity change from 0 to 7 [ 386.970761][ C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 386.971290][ C0] Buffer I/O error on dev loop5, logical block 0, async page read [ 387.021599][ C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 387.021635][ C0] Buffer I/O error on dev loop5, logical block 0, async page read [ 387.028435][ C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 387.028473][ C0] Buffer I/O error on dev loop5, logical block 0, async page read [ 387.028835][ C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 387.028865][ C0] Buffer I/O error on dev loop5, logical block 0, async page read [ 387.029251][ C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 387.029282][ C0] Buffer I/O error on dev loop5, logical block 0, async page read [ 387.109990][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 387.110034][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 387.142367][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 387.142413][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 387.142483][T12593] ldm_validate_partition_table(): Disk read failed. [ 387.142937][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 387.142964][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 387.144632][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 387.144679][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 387.144941][ C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 387.145164][ C1] Buffer I/O error on dev loop5, logical block 0, async page read [ 387.145820][T12593] Dev loop5: unable to read RDB block 0 [ 387.264058][T12593] loop5: unable to read partition table [ 387.264388][T12593] loop5: partition table beyond EOD, truncated [ 387.484842][T12901] ldm_validate_partition_table(): Disk read failed. [ 387.532662][T12901] Dev loop5: unable to read RDB block 0 [ 387.607039][T12901] loop5: unable to read partition table [ 387.607313][T12901] loop5: partition table beyond EOD, truncated [ 387.607349][T12901] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 388.178963][T12939] cgroup2: Unknown parameter '18446744073709551615' [ 388.849134][T12968] netlink: 'syz.2.3231': attribute type 1 has an invalid length. [ 388.849162][T12968] netlink: 'syz.2.3231': attribute type 2 has an invalid length. [ 389.348004][T12971] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 389.741110][T12971] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 389.822808][T12998] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3246'. [ 389.979571][T13012] loop5: detected capacity change from 0 to 7 [ 390.063349][T12593] ldm_validate_partition_table(): Disk read failed. [ 390.100831][T12593] Dev loop5: unable to read RDB block 0 [ 390.101845][T12593] loop5: unable to read partition table [ 390.102131][T12593] loop5: partition table beyond EOD, truncated [ 390.163367][T13012] ldm_validate_partition_table(): Disk read failed. [ 390.194452][T13012] Dev loop5: unable to read RDB block 0 [ 390.199371][T13012] loop5: unable to read partition table [ 390.199683][T13012] loop5: partition table beyond EOD, truncated [ 390.199736][T13012] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 390.305768][T12971] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 390.665764][T12971] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 391.146192][ T1027] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 391.211806][ T13] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 391.265580][ T13] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 391.344662][ T1027] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 391.687078][T13074] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3283'. [ 391.736407][T13071] netlink: 140 bytes leftover after parsing attributes in process `syz.2.3284'. [ 392.116281][T13089] netlink: 'syz.0.3291': attribute type 2 has an invalid length. [ 392.967437][ T38] audit: type=1326 audit(2000000074.155:2619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13125 comm="syz.1.3309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15825af749 code=0x7ffc0000 [ 392.974659][ T38] audit: type=1326 audit(2000000074.155:2620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13125 comm="syz.1.3309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15825af749 code=0x7ffc0000 [ 392.974999][ T38] audit: type=1326 audit(2000000074.155:2621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13125 comm="syz.1.3309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7f15825af749 code=0x7ffc0000 [ 392.976421][ T38] audit: type=1326 audit(2000000074.155:2622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13125 comm="syz.1.3309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15825af749 code=0x7ffc0000 [ 395.183025][T13205] 9pnet: Could not find request transport: 0xffffffffffffffff [ 395.292501][T13216] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3353'. [ 395.292531][T13216] IPv6: NLM_F_CREATE should be specified when creating new route [ 395.808992][T13232] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3360'. [ 396.337309][T13254] Unsupported ieee802154 address type: 0 [ 396.446006][T13258] tmpfs: Unknown parameter 'no' [ 397.475098][ T9] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 397.642131][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 397.642170][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 397.642196][ T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 397.642246][ T9] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 397.642284][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 397.679819][ T9] usb 3-1: config 0 descriptor?? [ 399.429687][T13336] netlink: 'syz.1.3406': attribute type 3 has an invalid length. [ 399.429744][ T9] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 399.690231][ T5804] usb 3-1: USB disconnect, device number 7 [ 400.286259][ T1319] ieee802154 phy0 wpan0: encryption failed: -22 [ 400.286337][ T1319] ieee802154 phy1 wpan1: encryption failed: -22 [ 400.380336][T13363] tipc: Started in network mode [ 400.380361][T13363] tipc: Node identity 4, cluster identity 4711 [ 400.380375][T13363] tipc: Node number set to 4 [ 400.924627][ T31] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 401.099015][ T31] usb 1-1: Using ep0 maxpacket: 32 [ 401.102379][ T31] usb 1-1: config index 0 descriptor too short (expected 29220, got 36) [ 401.102411][ T31] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 401.102433][ T31] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 401.102488][ T31] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 401.102511][ T31] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 401.102537][ T31] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 401.102581][ T31] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 401.102604][ T31] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 401.108899][ T31] usb 1-1: config 0 descriptor?? [ 401.390847][ T31] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 10 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 401.415956][ T31] usb 1-1: USB disconnect, device number 10 [ 401.436783][ T31] usblp0: removed [ 401.624480][T13406] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 401.624510][T13406] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 401.715433][T13406] vhci_hcd vhci_hcd.0: Device attached [ 401.728552][T13408] vhci_hcd: connection closed [ 401.773599][ T37] vhci_hcd: stop threads [ 401.776421][ T37] vhci_hcd: release socket [ 401.776543][ T37] vhci_hcd: disconnect device [ 402.099919][ T38] audit: type=1326 audit(2000000082.711:2623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13424 comm="syz.2.3448" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe48499f749 code=0x0 [ 403.320990][T13468] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3468'. [ 404.594693][T13514] netlink: 182 bytes leftover after parsing attributes in process `syz.2.3489'. [ 405.478018][T13552] netlink: 'syz.1.3507': attribute type 10 has an invalid length. [ 405.478043][T13552] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3507'. [ 405.554566][T13558] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3511'. [ 405.636631][T13552] team0: Port device geneve0 added [ 405.743042][T13567] netlink: 'syz.0.3516': attribute type 7 has an invalid length. [ 405.743066][T13567] netlink: 'syz.0.3516': attribute type 8 has an invalid length. [ 406.110274][T13581] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3522'. [ 407.205647][T13634] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3547'. [ 407.431200][T13644] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3550'. [ 408.016510][T13662] netlink: 260 bytes leftover after parsing attributes in process `syz.0.3557'. [ 408.164987][T13669] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3561'. [ 408.351249][ T38] audit: type=1326 audit(2000000088.584:2624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13671 comm="syz.1.3562" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f15825af749 code=0x0 [ 408.646997][ T9] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 408.819588][ T9] usb 4-1: Using ep0 maxpacket: 16 [ 408.823026][ T9] usb 4-1: config 1 has an invalid interface number: 64 but max is 0 [ 408.823056][ T9] usb 4-1: config 1 has no interface number 0 [ 408.823132][ T9] usb 4-1: config 1 interface 64 altsetting 0 endpoint 0xF has an invalid bInterval 121, changing to 7 [ 408.826284][ T9] usb 4-1: New USB device found, idVendor=19d2, idProduct=ffbf, bcdDevice=68.78 [ 408.826315][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 408.826335][ T9] usb 4-1: Product: syz [ 408.880396][ T9] usb 4-1: Manufacturer: syz [ 408.880418][ T9] usb 4-1: SerialNumber: syz [ 409.187954][ T9] option 4-1:1.64: GSM modem (1-port) converter detected [ 409.191740][T13707] tipc: Trying to set illegal importance in message [ 409.210708][T13708] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3576'. [ 409.232518][ T9] usb 4-1: USB disconnect, device number 8 [ 409.269906][ T9] option 4-1:1.64: device disconnected [ 410.224024][T13758] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3604'. [ 410.391486][T13763] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3604'. [ 410.510314][T13771] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3607'. [ 411.883473][T13821] gretap0: left allmulticast mode [ 412.318476][T13821] bridge0: port 2(bridge_slave_1) entered disabled state [ 412.318973][T13821] bridge0: port 1(bridge_slave_0) entered disabled state [ 412.398560][T13814] Bluetooth: hci0: Opcode 0x0c20 failed: -4 [ 412.987647][T13851] netlink: 256 bytes leftover after parsing attributes in process `syz.1.3647'. [ 413.424695][T13821] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 413.455020][T13821] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 414.260595][T13891] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3666'. [ 414.260659][T13891] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3666'. [ 414.308987][T13893] netlink: 104 bytes leftover after parsing attributes in process `syz.1.3667'. [ 414.659338][T13903] evm: overlay not supported [ 414.786377][T13821] sit1: left allmulticast mode [ 414.838194][ T31] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 414.941779][ T13] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 414.941977][ T13] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 414.951820][ T13] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 414.951894][ T13] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 415.011640][ T31] usb 2-1: Using ep0 maxpacket: 8 [ 415.018418][ T31] usb 2-1: config 179 has an invalid interface number: 65 but max is 0 [ 415.018450][ T31] usb 2-1: config 179 has no interface number 0 [ 415.018508][ T31] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 415.018538][ T31] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 415.018567][ T31] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 415.018596][ T31] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 415.018620][ T31] usb 2-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 415.018648][ T31] usb 2-1: config 179 interface 65 has no altsetting 0 [ 415.018697][ T31] usb 2-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 415.018781][ T31] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 415.332804][ T31] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:179.65/input/input12 [ 415.495448][ T31] usb 2-1: USB disconnect, device number 8 [ 416.056123][T13947] netlink: 52 bytes leftover after parsing attributes in process `syz.2.3689'. [ 417.649744][T14002] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3717'. [ 417.649798][T14002] openvswitch: netlink: EtherType 0 is less than min 600 [ 418.908754][T14055] bond2: entered allmulticast mode [ 419.006147][T14055] ip6gretap1: entered allmulticast mode [ 419.006611][T14055] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link [ 419.067066][T14068] pimreg: entered allmulticast mode [ 419.261380][ T31] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 419.423741][ T31] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 419.423774][ T31] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 419.423795][ T31] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 419.423853][ T31] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 419.423880][ T31] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 419.426220][ T31] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 419.426251][ T31] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 419.426273][ T31] usb 2-1: Product: syz [ 419.426288][ T31] usb 2-1: Manufacturer: syz [ 419.521675][ T31] cdc_wdm 2-1:1.0: skipping garbage [ 419.521699][ T31] cdc_wdm 2-1:1.0: skipping garbage [ 419.548303][ T31] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device [ 419.548337][ T31] cdc_wdm 2-1:1.0: Unknown control protocol [ 419.678194][T14094] bond0: entered allmulticast mode [ 419.678226][T14094] bond_slave_0: entered allmulticast mode [ 419.678243][T14094] bond_slave_1: entered allmulticast mode [ 419.887612][ C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71 [ 419.887728][ C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes [ 419.889846][ C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71 [ 419.889867][ C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes [ 419.891699][ C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71 [ 419.891723][ C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes [ 419.891983][ C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71 [ 419.892002][ C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes [ 419.893364][ C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71 [ 419.893383][ C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes [ 419.893617][ C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71 [ 419.893635][ C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes [ 419.893865][ C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71 [ 419.893882][ C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes [ 419.894108][ C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71 [ 419.894126][ C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes [ 419.894361][ C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71 [ 419.894388][ C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes [ 419.894632][ C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71 [ 419.894651][ C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes [ 420.015382][ T31] usb 2-1: USB disconnect, device number 9 [ 420.015475][ C1] cdc_wdm 2-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 420.644673][T14139] overlayfs: overlapping lowerdir path [ 420.663608][T14140] netlink: 56 bytes leftover after parsing attributes in process `syz.2.3785'. [ 421.590165][ T38] audit: type=1326 audit(2000000101.006:2625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14175 comm="syz.2.3802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe48499f749 code=0x7ffc0000 [ 421.590229][ T38] audit: type=1326 audit(2000000101.006:2626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14175 comm="syz.2.3802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe48499f749 code=0x7ffc0000 [ 421.665689][ T38] audit: type=1326 audit(2000000101.072:2627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14175 comm="syz.2.3802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe48499df90 code=0x7ffc0000 [ 421.667461][ T38] audit: type=1326 audit(2000000101.072:2628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14175 comm="syz.2.3802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe48499f749 code=0x7ffc0000 [ 421.668775][ T38] audit: type=1326 audit(2000000101.072:2629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14175 comm="syz.2.3802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fe48499f749 code=0x7ffc0000 [ 421.669088][ T38] audit: type=1326 audit(2000000101.072:2630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14175 comm="syz.2.3802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe48499f749 code=0x7ffc0000 [ 421.669419][ T38] audit: type=1326 audit(2000000101.072:2631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14175 comm="syz.2.3802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe48499f749 code=0x7ffc0000 [ 421.671713][ T38] audit: type=1326 audit(2000000101.072:2632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14175 comm="syz.2.3802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe48499f749 code=0x7ffc0000 [ 421.682969][ T38] audit: type=1326 audit(2000000101.081:2633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14175 comm="syz.2.3802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe48499f749 code=0x7ffc0000 [ 421.683047][ T38] audit: type=1326 audit(2000000101.091:2634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14175 comm="syz.2.3802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe48499f749 code=0x7ffc0000 [ 422.233264][T14201] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3814'. [ 422.233296][T14201] netlink: 43 bytes leftover after parsing attributes in process `syz.2.3814'. [ 422.233313][T14201] netlink: 'syz.2.3814': attribute type 6 has an invalid length. [ 422.233327][T14201] netlink: 'syz.2.3814': attribute type 5 has an invalid length. [ 422.233340][T14201] netlink: 43 bytes leftover after parsing attributes in process `syz.2.3814'. [ 423.287455][T14255] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3841'. [ 423.969205][T14288] netlink: 188 bytes leftover after parsing attributes in process `syz.3.3856'. [ 426.641666][T14356] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3888'. [ 428.192477][T14425] netlink: 72 bytes leftover after parsing attributes in process `syz.1.3920'. [ 428.488219][T14443] netlink: 'syz.2.3929': attribute type 5 has an invalid length. [ 428.715391][T14455] bridge0: port 3(gretap0) entered blocking state [ 428.715645][T14455] bridge0: port 3(gretap0) entered disabled state [ 428.719736][T14455] bridge0: port 3(gretap0) entered blocking state [ 428.719872][T14455] bridge0: port 3(gretap0) entered forwarding state [ 429.945863][T14513] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3964'. [ 430.206537][ T5117] Bluetooth: hci5: command 0x1003 tx timeout [ 430.210419][ T61] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 430.361520][T14530] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3971'. [ 432.092867][ T5804] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 432.118698][T14567] cgroup: fork rejected by pids controller in /syz1 [ 432.256139][ T5804] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 432.256174][ T5804] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 432.256214][ T5804] usb 4-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 432.256239][ T5804] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 432.309256][ T5804] usb 4-1: config 0 descriptor?? [ 432.540863][ T5804] usbhid 4-1:0.0: can't add hid device: -71 [ 432.541077][ T5804] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 432.579613][ T5804] usb 4-1: USB disconnect, device number 9 [ 433.003481][T14665] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4024'. [ 435.134911][T14769] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4075'. [ 435.697655][T14792] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4086'. [ 435.748971][T14786] syz.1.4081 (14786) used greatest stack depth: 16936 bytes left [ 436.236358][T14817] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 438.431701][T14897] netlink: 9 bytes leftover after parsing attributes in process `syz.3.4137'. [ 439.863407][T14961] netlink: 72 bytes leftover after parsing attributes in process `syz.2.4168'. [ 440.040434][T14969] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4171'. [ 440.348508][T14985] overlayfs: regular lower layers cannot follow data lower layers [ 440.532380][T14993] overlayfs: failed to resolve './file1': -2 [ 440.753179][T14992] mac80211_hwsim hwsim6 wlan0: entered promiscuous mode [ 442.099855][T15067] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4218'. [ 442.395333][T15081] netlink: 'syz.1.4225': attribute type 11 has an invalid length. [ 442.395361][T15081] netlink: 3593 bytes leftover after parsing attributes in process `syz.1.4225'. [ 442.530354][ T5804] usb 4-1: new full-speed USB device number 10 using dummy_hcd [ 442.708818][ T5804] usb 4-1: config 1 has an invalid interface number: 1 but max is 0 [ 442.708850][ T5804] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 442.708869][ T5804] usb 4-1: config 1 has no interface number 0 [ 442.708902][ T5804] usb 4-1: too many endpoints for config 1 interface 1 altsetting 0: 253, using maximum allowed: 30 [ 442.708946][ T5804] usb 4-1: config 1 interface 1 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 442.708968][ T5804] usb 4-1: config 1 interface 1 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 253 [ 442.780621][ T5804] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 442.780652][ T5804] usb 4-1: New USB device strings: Mfr=8, Product=0, SerialNumber=1 [ 442.780673][ T5804] usb 4-1: Manufacturer: syz [ 442.780687][ T5804] usb 4-1: SerialNumber: syz [ 443.052161][ T5804] usb 4-1: USB disconnect, device number 10 [ 443.164328][ T38] kauditd_printk_skb: 11 callbacks suppressed [ 443.164350][ T38] audit: type=1326 audit(2000000005.694:2646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15106 comm="syz.0.4238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f765ff6f749 code=0x7ffc0000 [ 443.173011][ T38] audit: type=1326 audit(2000000005.694:2647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15106 comm="syz.0.4238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f765ff6f749 code=0x7ffc0000 [ 443.174195][ T38] audit: type=1326 audit(2000000005.704:2648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15106 comm="syz.0.4238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f765ff6f749 code=0x7ffc0000 [ 443.175390][ T38] audit: type=1326 audit(2000000005.704:2649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15106 comm="syz.0.4238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f765ff6f749 code=0x7ffc0000 [ 443.181814][ T38] audit: type=1326 audit(2000000005.713:2650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15106 comm="syz.0.4238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f765ff6f749 code=0x7ffc0000 [ 443.182627][ T38] audit: type=1326 audit(2000000005.713:2651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15106 comm="syz.0.4238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f765ff6f749 code=0x7ffc0000 [ 443.183138][ T38] audit: type=1326 audit(2000000005.713:2652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15106 comm="syz.0.4238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f765ff6f749 code=0x7ffc0000 [ 443.185017][ T38] audit: type=1326 audit(2000000005.713:2653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15106 comm="syz.0.4238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f765ff6f749 code=0x7ffc0000 [ 447.004971][T15229] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 447.784761][T15257] random: crng reseeded on system resumption [ 449.849621][ T10] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 450.023308][ T10] usb 2-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 450.023343][ T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 450.023371][ T10] usb 2-1: Product: syz [ 450.023400][ T10] usb 2-1: Manufacturer: syz [ 450.023421][ T10] usb 2-1: SerialNumber: syz [ 450.254795][T15357] netlink: 64 bytes leftover after parsing attributes in process `syz.3.4353'. [ 450.509879][ T10] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO [ 450.509944][ T10] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPROTO [ 450.510575][ T10] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO [ 450.510635][ T10] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 450.512437][ T10] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 450.635774][ T10] lan78xx 2-1:1.0: probe with driver lan78xx failed with error -71 [ 450.677995][ T10] usb 2-1: USB disconnect, device number 10 [ 450.858042][T15377] bpf: Bad value for 'mode' [ 452.787338][T15465] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4405'. [ 453.228535][ T10] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 453.388275][ T10] usb 2-1: Using ep0 maxpacket: 32 [ 453.390919][ T10] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 453.390948][ T10] usb 2-1: config 0 has no interface number 0 [ 453.394104][ T10] usb 2-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=2c.d8 [ 453.394138][ T10] usb 2-1: New USB device strings: Mfr=193, Product=2, SerialNumber=3 [ 453.394160][ T10] usb 2-1: Product: syz [ 453.394176][ T10] usb 2-1: Manufacturer: syz [ 453.394191][ T10] usb 2-1: SerialNumber: syz [ 453.466699][ T10] usb 2-1: config 0 descriptor?? [ 453.480039][ T10] usb 2-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 453.480074][ T10] usb 2-1: selecting invalid altsetting 1 [ 453.480091][ T10] usb 2-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 453.540743][ T10] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 453.541523][ T10] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 453.541641][ T10] usb 2-1: media controller created [ 453.605230][ T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 453.718790][ T10] usb 2-1: dvb_usb_ce6230: usb_control_msg() failed=-71 [ 453.718854][ T10] zl10353_read_register: readreg error (reg=127, ret==-71) [ 453.719364][ T10] usb 2-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 453.882380][ T10] usb 2-1: USB disconnect, device number 11 [ 456.495481][T15570] netlink: 57 bytes leftover after parsing attributes in process `syz.1.4457'. [ 456.647345][T15578] netlink: 68 bytes leftover after parsing attributes in process `syz.1.4461'. [ 456.707861][T15581] netlink: 56 bytes leftover after parsing attributes in process `syz.0.4460'. [ 457.023615][T15592] netlink: 152 bytes leftover after parsing attributes in process `syz.0.4465'. [ 457.190376][T15601] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4470'. [ 458.300046][T15631] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4485'. [ 460.231823][ T38] audit: type=1326 audit(2000000021.709:2654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15686 comm="syz.1.4512" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f15825af749 code=0x0 [ 460.433834][ T5804] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 460.595947][ T5804] usb 3-1: Using ep0 maxpacket: 8 [ 460.601551][ T5804] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 460.601590][ T5804] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 460.601614][ T5804] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 460.601639][ T5804] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 256 [ 460.601685][ T5804] usb 3-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 460.601710][ T5804] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 460.654142][ T5804] usb 3-1: config 0 descriptor?? [ 460.656105][T15684] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 461.107834][ T61] Bluetooth: hci5: Opcode 0x0c03 failed: -71 [ 461.215562][ T5804] usb 3-1: USB disconnect, device number 8 [ 462.970496][ T5861] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 463.141076][ T5861] usb 3-1: Using ep0 maxpacket: 16 [ 463.180090][ T5861] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 463.180121][ T5861] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 463.180161][ T5861] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 463.180186][ T5861] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 463.228488][ T5861] usb 3-1: config 0 descriptor?? [ 463.475130][ T5804] usb 3-1: USB disconnect, device number 9 [ 464.898104][T15819] binder: Bad value for 'stats' [ 465.770050][ T1319] ieee802154 phy0 wpan0: encryption failed: -22 [ 466.677648][T15894] netlink: 312 bytes leftover after parsing attributes in process `syz.0.4611'. [ 467.077821][T15913] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4620'. [ 467.555949][T15929] netlink: 92 bytes leftover after parsing attributes in process `syz.1.4627'. [ 468.667429][T15973] sock: sock_timestamping_bind_phc: sock not bind to device [ 469.766003][T16015] netlink: 52 bytes leftover after parsing attributes in process `syz.2.4669'. [ 470.211323][T16026] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 470.634220][T16044] tipc: Enabling of bearer rejected, media not registered [ 471.582944][T16089] tipc: MTU too low for tipc bearer [ 471.811924][T16097] bpf: Bad value for 'uid' [ 472.488550][T16127] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4722'. [ 472.961437][T16151] veth1_macvtap: left promiscuous mode [ 472.961468][T16151] macsec0: entered promiscuous mode [ 472.961487][T16151] macsec0: entered allmulticast mode [ 473.113350][T16156] netlink: 148 bytes leftover after parsing attributes in process `syz.0.4736'. [ 473.113378][T16156] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 473.713355][ T38] audit: type=1326 audit(2000000034.356:2655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16178 comm="syz.3.4747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ff91bf749 code=0x7ffc0000 [ 473.713750][ T38] audit: type=1326 audit(2000000034.356:2656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16178 comm="syz.3.4747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f7ff91bf749 code=0x7ffc0000 [ 473.714064][ T38] audit: type=1326 audit(2000000034.356:2657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16178 comm="syz.3.4747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ff91bf749 code=0x7ffc0000 [ 473.789058][ T38] audit: type=1326 audit(2000000034.431:2658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16178 comm="syz.3.4747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f7ff91bf749 code=0x7ffc0000 [ 473.867205][ T38] audit: type=1326 audit(2000000034.506:2659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16182 comm="syz.3.4747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f7ff91f2005 code=0x7ffc0000 [ 474.037185][ T38] audit: type=1326 audit(2000000034.657:2660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16182 comm="syz.3.4747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f7ff91bf749 code=0x7ffc0000 [ 474.037257][ T38] audit: type=1326 audit(2000000034.666:2661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16178 comm="syz.3.4747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000 [ 474.037313][ T38] audit: type=1326 audit(2000000034.666:2662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16178 comm="syz.3.4747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f7ff91bf749 code=0x7ffc0000 [ 474.883894][T16214] overlay: Unknown parameter 'fscontext' [ 475.795502][T16256] netlink: 84 bytes leftover after parsing attributes in process `syz.1.4782'. [ 475.795541][T16256] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4782'. [ 476.586262][T16295] netlink: 68 bytes leftover after parsing attributes in process `syz.3.4799'. [ 479.900253][ T38] audit: type=1326 audit(2000000040.164:2663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16454 comm="syz.3.4878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ff91bf749 code=0x7ffc0000 [ 479.900694][ T38] audit: type=1326 audit(2000000040.164:2664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16454 comm="syz.3.4878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f7ff91bf749 code=0x7ffc0000 [ 479.901692][ T38] audit: type=1326 audit(2000000040.164:2665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16454 comm="syz.3.4878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ff91bf749 code=0x7ffc0000 [ 480.710673][T16492] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4896'. [ 480.777769][ T38] audit: type=1326 audit(2000000040.980:2666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16496 comm="syz.2.4897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe48499f749 code=0x7ffc0000 [ 480.823771][ T38] audit: type=1326 audit(2000000040.999:2667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16496 comm="syz.2.4897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe48499f749 code=0x7ffc0000 [ 480.823831][ T38] audit: type=1326 audit(2000000041.027:2668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16496 comm="syz.2.4897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7fe48499f749 code=0x7ffc0000 [ 480.825013][ T38] audit: type=1326 audit(2000000041.027:2669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16496 comm="syz.2.4897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe48499f749 code=0x7ffc0000 [ 480.825068][ T38] audit: type=1326 audit(2000000041.036:2670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16496 comm="syz.2.4897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe48499f749 code=0x7ffc0000 [ 480.995659][T16502] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4901'. [ 481.504310][T16532] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4914'. [ 483.200800][ T5893] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 483.232978][T16614] netlink: 48 bytes leftover after parsing attributes in process `syz.3.4954'. [ 483.363043][ T5893] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 483.363080][ T5893] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 483.363103][ T5893] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 483.363147][ T5893] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 483.363172][ T5893] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 483.430894][ T5893] usb 2-1: config 0 descriptor?? [ 483.556735][T16620] lo: left promiscuous mode [ 483.556765][T16620] lo: left allmulticast mode [ 483.558155][T16620] tunl0: left promiscuous mode [ 483.558179][T16620] tunl0: left allmulticast mode [ 483.559347][T16620] gre0: left promiscuous mode [ 483.559370][T16620] gre0: left allmulticast mode [ 483.579461][T16620] erspan0: left promiscuous mode [ 483.579490][T16620] erspan0: left allmulticast mode [ 483.581190][T16620] ip_vti0: left promiscuous mode [ 483.581213][T16620] ip_vti0: left allmulticast mode [ 483.982274][ T5893] usbhid 2-1:0.0: can't add hid device: -71 [ 483.982413][ T5893] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 484.011465][ T5893] usb 2-1: USB disconnect, device number 12 [ 484.246291][T16654] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4972'. [ 484.248156][T16655] fuse: Bad value for 'group_id' [ 484.248176][T16655] fuse: Bad value for 'group_id' [ 484.563886][T16671] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 484.564314][T16671] qnx6: wrong signature (magic) in superblock #1. [ 484.564326][T16671] qnx6: unable to read the first superblock [ 485.086568][T16694] overlayfs: conflicting lowerdir path [ 485.578485][T16719] netlink: 'syz.1.5002': attribute type 10 has an invalid length. [ 485.578511][T16719] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5002'. [ 485.635532][T16722] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5002'. [ 486.143498][T16739] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5012'. [ 486.589521][T16762] +$<¶: renamed from bridge0 [ 489.084445][T16860] overlay: ./file0 is not a directory [ 489.560062][T16878] netlink: 68 bytes leftover after parsing attributes in process `syz.3.5080'. [ 491.118762][T16934] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5105'. [ 491.152144][T16934] ip6gretap0: left allmulticast mode [ 491.152177][T16934] ip6gretap0: left promiscuous mode [ 491.152494][T16934] bridge0: port 3(ip6gretap0) entered disabled state [ 491.283751][T16934] bridge_slave_1: left allmulticast mode [ 491.283785][T16934] bridge_slave_1: left promiscuous mode [ 491.284070][T16934] bridge0: port 2(bridge_slave_1) entered disabled state [ 491.602039][T16934] bridge_slave_0: left allmulticast mode [ 491.602074][T16934] bridge_slave_0: left promiscuous mode [ 491.608251][T16934] bridge0: port 1(bridge_slave_0) entered disabled state [ 491.655845][T16952] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5112'. [ 492.036797][T16966] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized [ 492.796181][T16978] netlink: 48 bytes leftover after parsing attributes in process `syz.1.5126'. [ 493.343628][T16994] virtio-fs: tag not found [ 494.873986][T17066] netlink: 'syz.0.5170': attribute type 1 has an invalid length. [ 496.241854][T17138] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5204'. [ 496.930844][T17170] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5219'. [ 497.262457][T17188] IPv6: addrconf: prefix option has invalid lifetime [ 497.286078][T17189] veth2: entered promiscuous mode [ 497.286106][T17189] veth2: entered allmulticast mode [ 498.022041][ T38] audit: type=1326 audit(2000000057.164:2671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17220 comm="syz.3.5243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ff91bf749 code=0x7ffc0000 [ 498.022100][ T38] audit: type=1326 audit(2000000057.164:2672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17220 comm="syz.3.5243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ff91bf749 code=0x7ffc0000 [ 498.026542][ T38] audit: type=1326 audit(2000000057.164:2673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17220 comm="syz.3.5243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7ff91bf749 code=0x7ffc0000 [ 498.069505][ T38] audit: type=1326 audit(2000000057.211:2674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17220 comm="syz.3.5243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ff91bf749 code=0x7ffc0000 [ 498.070864][ T38] audit: type=1326 audit(2000000057.220:2675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17220 comm="syz.3.5243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ff91bf749 code=0x7ffc0000 [ 498.070926][ T38] audit: type=1326 audit(2000000057.220:2676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17220 comm="syz.3.5243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f7ff91bf749 code=0x7ffc0000 [ 498.070978][ T38] audit: type=1326 audit(2000000057.220:2677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17220 comm="syz.3.5243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ff91bf749 code=0x7ffc0000 [ 498.071272][ T38] audit: type=1326 audit(2000000057.220:2678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17220 comm="syz.3.5243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f7ff91bf749 code=0x7ffc0000 [ 498.083504][ T38] audit: type=1326 audit(2000000057.230:2679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17220 comm="syz.3.5243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ff91bf749 code=0x7ffc0000 [ 498.083568][ T38] audit: type=1326 audit(2000000057.230:2680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17220 comm="syz.3.5243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ff91bf749 code=0x7ffc0000 [ 501.419037][T17289] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5273'. [ 504.050353][T17345] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5297'. [ 507.470863][T17390] veth0: entered promiscuous mode [ 507.471489][T17387] veth0: left promiscuous mode [ 509.134188][T17422] @: renamed from vlan0 (while UP) [ 510.467463][T17443] netlink: 76 bytes leftover after parsing attributes in process `syz.3.5342'. [ 518.004068][T17505] netlink: 'syz.2.5371': attribute type 11 has an invalid length. [ 518.004095][T17505] netlink: 'syz.2.5371': attribute type 2 has an invalid length. [ 524.399074][T17600] kvm: pic: level sensitive irq not supported [ 524.399279][T17600] kvm: pic: non byte read [ 526.121281][T17632] binder_alloc: binder_alloc_mmap_handler: 17631 2000000a0000-2000000a2000 already mapped failed -16 [ 526.955718][T17651] input: syz1 as /devices/virtual/input/input14 [ 529.037226][T17695] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5458'. [ 529.205916][T17697] tipc: Enabling of bearer rejected, failed to enable media [ 529.327887][T17703] netlink: 44 bytes leftover after parsing attributes in process `syz.0.5461'. [ 530.483987][T17726] netlink: 'syz.0.5472': attribute type 3 has an invalid length. [ 531.272991][ T1319] ieee802154 phy0 wpan0: encryption failed: -22 [ 532.617149][T17763] netlink: 92 bytes leftover after parsing attributes in process `syz.0.5490'. [ 533.833679][T17792] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5505'. [ 544.281718][ T5117] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 544.307259][ T5117] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 544.328540][ T5117] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 544.356864][ T5117] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 544.357825][ T5117] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 546.598754][ T5117] Bluetooth: hci5: command tx timeout [ 546.796735][T17987] chnl_net:caif_netlink_parms(): no params data found [ 547.383905][ T61] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 547.406297][ T61] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 547.425519][ T61] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 547.519671][ T61] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 547.520593][ T61] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 548.817271][ T5117] Bluetooth: hci5: command tx timeout [ 549.753643][ T5117] Bluetooth: hci6: command tx timeout [ 550.349486][T18064] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5625'. [ 550.349595][T18064] tipc: Enabling of bearer rejected, failed to enable media [ 551.034276][ T5117] Bluetooth: hci5: command tx timeout [ 551.970629][ T5117] Bluetooth: hci6: command tx timeout [ 552.326323][T17987] bridge0: port 1(bridge_slave_0) entered blocking state [ 552.326435][T17987] bridge0: port 1(bridge_slave_0) entered disabled state [ 552.326617][T17987] bridge_slave_0: entered allmulticast mode [ 552.329135][T17987] bridge_slave_0: entered promiscuous mode [ 552.718675][T17987] bridge0: port 2(bridge_slave_1) entered blocking state [ 552.718812][T17987] bridge0: port 2(bridge_slave_1) entered disabled state [ 552.719363][T17987] bridge_slave_1: entered allmulticast mode [ 552.722186][T17987] bridge_slave_1: entered promiscuous mode [ 553.249705][ T5117] Bluetooth: hci5: command tx timeout [ 554.023453][T18179] netlink: 'syz.0.5679': attribute type 1 has an invalid length. [ 554.187940][ T5117] Bluetooth: hci6: command tx timeout [ 554.811632][T18181] bond1: entered promiscuous mode [ 554.811668][T18181] bond1: entered allmulticast mode [ 554.812248][T18181] 8021q: adding VLAN 0 to HW filter on device bond1 [ 554.951456][T18185] 8021q: adding VLAN 0 to HW filter on device bond2 [ 554.953677][T18185] bond2: entered promiscuous mode [ 554.953836][T18185] bond2: entered allmulticast mode [ 554.954814][T18185] bond1: (slave bond2): Enslaving as a backup interface with a down link [ 556.414427][ T5117] Bluetooth: hci6: command tx timeout [ 558.176115][T17987] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 558.224727][T17987] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 559.886435][T18321] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5747'. [ 559.886477][T18321] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5747'. [ 561.356306][T18321] geneve4: entered promiscuous mode [ 561.356336][T18321] geneve4: entered allmulticast mode [ 561.385789][T17987] team0: Port device team_slave_0 added [ 561.386314][ T12] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 561.420389][ T12] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 561.422713][T17987] team0: Port device team_slave_1 added [ 561.423251][ T12] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 561.423331][ T12] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 565.594771][T17987] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 565.594793][T17987] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 565.595525][T17987] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 565.657102][T17987] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 565.657121][T17987] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 565.657151][T17987] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 569.593335][T17987] hsr_slave_0: entered promiscuous mode [ 569.596784][T17987] hsr_slave_1: entered promiscuous mode [ 569.597959][T17987] debugfs: 'hsr0' already exists in 'hsr' [ 569.597986][T17987] Cannot create hsr debugfs directory [ 572.194682][ T61] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 572.217374][ T61] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 572.221701][ T61] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 572.248585][ T61] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 572.249865][ T61] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 572.373046][T18032] chnl_net:caif_netlink_parms(): no params data found [ 574.482113][ T61] Bluetooth: hci7: command tx timeout [ 576.699072][ T61] Bluetooth: hci7: command tx timeout [ 578.916162][ T61] Bluetooth: hci7: command tx timeout [ 579.229418][ T5117] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 579.252894][ T5117] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 579.254364][ T5117] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 579.255608][ T5117] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 579.256462][ T5117] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 581.132860][ T61] Bluetooth: hci7: command tx timeout [ 581.549485][T18032] bridge0: port 1(bridge_slave_0) entered blocking state [ 581.549680][T18032] bridge0: port 1(bridge_slave_0) entered disabled state [ 581.549929][T18032] bridge_slave_0: entered allmulticast mode [ 581.556681][T18032] bridge_slave_0: entered promiscuous mode [ 581.645058][ T61] Bluetooth: hci2: command tx timeout [ 581.661625][T18032] bridge0: port 2(bridge_slave_1) entered blocking state [ 581.661774][T18032] bridge0: port 2(bridge_slave_1) entered disabled state [ 581.662067][T18032] bridge_slave_1: entered allmulticast mode [ 581.665211][T18032] bridge_slave_1: entered promiscuous mode [ 583.450150][T18032] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 583.489423][T18032] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 583.861571][ T61] Bluetooth: hci2: command tx timeout [ 585.297938][T18032] team0: Port device team_slave_0 added [ 585.355159][T18032] team0: Port device team_slave_1 added [ 586.078523][ T61] Bluetooth: hci2: command tx timeout [ 587.850093][T17987] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 588.295527][ T61] Bluetooth: hci2: command tx timeout [ 589.079577][T18032] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 589.079596][T18032] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 589.079627][T18032] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 589.082070][T17987] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 590.822871][T18032] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 590.822891][T18032] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 590.822937][T18032] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 590.832455][T17987] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 591.313372][T17987] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 594.118475][T18032] hsr_slave_0: entered promiscuous mode [ 594.120021][T18032] hsr_slave_1: entered promiscuous mode [ 594.121181][T18032] debugfs: 'hsr0' already exists in 'hsr' [ 594.121206][T18032] Cannot create hsr debugfs directory [ 594.222194][T18583] chnl_net:caif_netlink_parms(): no params data found [ 596.747102][ T1319] ieee802154 phy0 wpan0: encryption failed: -22 [ 600.693365][T18583] bridge0: port 1(bridge_slave_0) entered blocking state [ 600.693524][T18583] bridge0: port 1(bridge_slave_0) entered disabled state [ 600.693808][T18583] bridge_slave_0: entered allmulticast mode [ 600.723873][T18583] bridge_slave_0: entered promiscuous mode [ 600.780971][T18744] chnl_net:caif_netlink_parms(): no params data found [ 600.816471][T18583] bridge0: port 2(bridge_slave_1) entered blocking state [ 600.816615][T18583] bridge0: port 2(bridge_slave_1) entered disabled state [ 600.816878][T18583] bridge_slave_1: entered allmulticast mode [ 600.845475][T18583] bridge_slave_1: entered promiscuous mode [ 604.773411][ T5117] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 604.811720][ T5117] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 604.818259][ T5117] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 604.830952][ T5117] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 604.840791][ T5117] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 607.055203][ T5117] Bluetooth: hci8: command tx timeout [ 608.285041][T18583] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 608.360881][T18583] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 609.272085][ T5117] Bluetooth: hci8: command tx timeout [ 609.977740][ T61] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 609.999475][ T61] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 610.000913][ T61] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 610.002247][ T61] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 610.050141][ T61] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 611.489091][ T61] Bluetooth: hci8: command tx timeout [ 612.256552][ T61] Bluetooth: hci5: command tx timeout [ 613.705848][ T61] Bluetooth: hci8: command tx timeout [ 614.473684][ T61] Bluetooth: hci5: command tx timeout [ 615.571692][T18583] team0: Port device team_slave_0 added [ 616.694656][ T5117] Bluetooth: hci5: command tx timeout [ 617.581760][T18583] team0: Port device team_slave_1 added [ 617.594478][T18744] bridge0: port 1(bridge_slave_0) entered blocking state [ 617.594638][T18744] bridge0: port 1(bridge_slave_0) entered disabled state [ 617.594914][T18744] bridge_slave_0: entered allmulticast mode [ 617.621829][T18744] bridge_slave_0: entered promiscuous mode [ 618.063269][T18744] bridge0: port 2(bridge_slave_1) entered blocking state [ 618.063755][T18744] bridge0: port 2(bridge_slave_1) entered disabled state [ 618.063990][T18744] bridge_slave_1: entered allmulticast mode [ 618.090892][T18744] bridge_slave_1: entered promiscuous mode [ 618.907440][ T5117] Bluetooth: hci5: command tx timeout [ 621.643113][T18583] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 621.643134][T18583] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 621.643164][T18583] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 622.081565][T18583] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 622.081585][T18583] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 622.081625][T18583] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 622.149152][T18744] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 622.239094][T18744] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 629.082122][T18744] team0: Port device team_slave_0 added [ 629.107287][T18583] hsr_slave_0: entered promiscuous mode [ 629.121890][T18583] hsr_slave_1: entered promiscuous mode [ 629.123060][T18583] debugfs: 'hsr0' already exists in 'hsr' [ 629.123088][T18583] Cannot create hsr debugfs directory [ 629.186871][T18744] team0: Port device team_slave_1 added [ 630.911710][T18744] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 630.911728][T18744] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 630.911771][T18744] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 630.990418][T18744] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 630.990437][T18744] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 630.990477][T18744] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 633.037491][T18744] hsr_slave_0: entered promiscuous mode [ 633.039136][T18744] hsr_slave_1: entered promiscuous mode [ 633.040302][T18744] debugfs: 'hsr0' already exists in 'hsr' [ 633.040328][T18744] Cannot create hsr debugfs directory [ 635.988237][ T61] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 636.008046][ T61] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 636.013574][ T61] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 636.033332][ T61] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 636.035179][ T61] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 636.895870][T19508] chnl_net:caif_netlink_parms(): no params data found [ 636.980515][T19395] chnl_net:caif_netlink_parms(): no params data found [ 638.264242][ T61] Bluetooth: hci6: command tx timeout [ 640.480947][ T61] Bluetooth: hci6: command tx timeout [ 642.698183][ T61] Bluetooth: hci6: command tx timeout [ 642.925401][ T5117] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 642.959915][ T5117] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 642.971623][ T5117] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 642.973036][ T5117] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 643.006937][ T5117] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 644.915485][ T5117] Bluetooth: hci6: command tx timeout [ 645.255735][ T5117] Bluetooth: hci7: command tx timeout [ 645.568288][T19508] bridge0: port 1(bridge_slave_0) entered blocking state [ 645.568457][T19508] bridge0: port 1(bridge_slave_0) entered disabled state [ 645.568745][T19508] bridge_slave_0: entered allmulticast mode [ 645.571981][T19508] bridge_slave_0: entered promiscuous mode [ 646.226034][T19508] bridge0: port 2(bridge_slave_1) entered blocking state [ 646.226190][T19508] bridge0: port 2(bridge_slave_1) entered disabled state [ 646.227143][T19508] bridge_slave_1: entered allmulticast mode [ 646.268426][T19508] bridge_slave_1: entered promiscuous mode [ 646.270255][T19395] bridge0: port 1(bridge_slave_0) entered blocking state [ 646.270445][T19395] bridge0: port 1(bridge_slave_0) entered disabled state [ 646.270661][T19395] bridge_slave_0: entered allmulticast mode [ 646.274005][T19395] bridge_slave_0: entered promiscuous mode [ 646.979889][T19395] bridge0: port 2(bridge_slave_1) entered blocking state [ 646.980132][T19395] bridge0: port 2(bridge_slave_1) entered disabled state [ 646.980375][T19395] bridge_slave_1: entered allmulticast mode [ 647.007016][T19395] bridge_slave_1: entered promiscuous mode [ 647.473152][ T5117] Bluetooth: hci7: command tx timeout [ 649.690081][ T5117] Bluetooth: hci7: command tx timeout [ 649.740755][T19508] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 650.682982][T19508] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 650.691046][T19395] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 650.917393][T19395] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 651.907031][ T5117] Bluetooth: hci7: command tx timeout [ 654.101430][T19508] team0: Port device team_slave_0 added [ 654.122639][T19395] team0: Port device team_slave_0 added [ 654.126458][T19508] team0: Port device team_slave_1 added [ 655.849024][T19395] team0: Port device team_slave_1 added [ 657.377272][T19508] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 657.377291][T19508] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 657.377323][T19508] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 658.600323][T19508] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 658.600342][T19508] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 658.600373][T19508] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 658.612162][T19395] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 658.612183][T19395] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 658.612217][T19395] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 658.673870][T19395] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 658.673901][T19395] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 658.673935][T19395] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 662.234192][ T1319] ieee802154 phy0 wpan0: encryption failed: -22 [ 663.057872][T19508] hsr_slave_0: entered promiscuous mode [ 663.059632][T19508] hsr_slave_1: entered promiscuous mode [ 663.060834][T19508] debugfs: 'hsr0' already exists in 'hsr' [ 663.060861][T19508] Cannot create hsr debugfs directory [ 663.074308][T19395] hsr_slave_0: entered promiscuous mode [ 663.094283][T19395] hsr_slave_1: entered promiscuous mode [ 663.096300][T19395] debugfs: 'hsr0' already exists in 'hsr' [ 663.096332][T19395] Cannot create hsr debugfs directory [ 663.113051][T19597] chnl_net:caif_netlink_parms(): no params data found [ 668.659679][ T61] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 668.685740][ T61] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 668.689261][ T61] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 668.694623][ T61] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 668.695855][ T61] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 670.924932][ T61] Bluetooth: hci2: command tx timeout [ 673.149424][ T5117] Bluetooth: hci2: command tx timeout [ 673.460241][ T5117] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 673.464681][ T5117] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 673.466197][ T5117] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 673.467531][ T5117] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 673.468436][ T5117] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 675.356213][ T61] Bluetooth: hci2: command tx timeout [ 675.953231][ T61] Bluetooth: hci0: command tx timeout [ 677.573062][ T61] Bluetooth: hci2: command tx timeout [ 678.170417][ T61] Bluetooth: hci0: command tx timeout [ 679.897899][T19608] chnl_net:caif_netlink_parms(): no params data found [ 680.388259][ T61] Bluetooth: hci0: command tx timeout [ 682.604680][ T61] Bluetooth: hci0: command tx timeout [ 682.939886][T19597] bridge0: port 1(bridge_slave_0) entered blocking state [ 682.940194][T19597] bridge0: port 1(bridge_slave_0) entered disabled state [ 682.943873][T19597] bridge_slave_0: entered allmulticast mode [ 682.969344][T19597] bridge_slave_0: entered promiscuous mode [ 683.718241][T19597] bridge0: port 2(bridge_slave_1) entered blocking state [ 683.718408][T19597] bridge0: port 2(bridge_slave_1) entered disabled state [ 683.718695][T19597] bridge_slave_1: entered allmulticast mode [ 683.721968][T19597] bridge_slave_1: entered promiscuous mode [ 684.707283][T19597] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 685.465894][T19597] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 686.609477][T19608] bridge0: port 1(bridge_slave_0) entered blocking state [ 686.609623][T19608] bridge0: port 1(bridge_slave_0) entered disabled state [ 686.609932][T19608] bridge_slave_0: entered allmulticast mode [ 686.648239][T19608] bridge_slave_0: entered promiscuous mode [ 686.960718][T19608] bridge0: port 2(bridge_slave_1) entered blocking state [ 686.960866][T19608] bridge0: port 2(bridge_slave_1) entered disabled state [ 686.961180][T19608] bridge_slave_1: entered allmulticast mode [ 686.988134][T19608] bridge_slave_1: entered promiscuous mode [ 686.993481][T19597] team0: Port device team_slave_0 added [ 688.009241][T19597] team0: Port device team_slave_1 added [ 689.171336][T19608] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 690.871668][T19608] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 690.911245][T19597] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 690.911269][T19597] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 690.911301][T19597] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 693.080864][T19597] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 693.080883][T19597] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 693.080916][T19597] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 694.365116][T19608] team0: Port device team_slave_0 added [ 694.388973][T19608] team0: Port device team_slave_1 added [ 698.957152][T19608] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 698.957172][T19608] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 698.957204][T19608] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 699.024085][T19597] hsr_slave_0: entered promiscuous mode [ 699.025936][T19597] hsr_slave_1: entered promiscuous mode [ 699.027572][T19597] debugfs: 'hsr0' already exists in 'hsr' [ 699.027604][T19597] Cannot create hsr debugfs directory [ 699.107812][T19608] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 699.107831][T19608] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 699.107863][T19608] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 700.318152][ T5117] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 700.336828][ T5117] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 700.368574][ T5117] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 700.369969][ T5117] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 700.371193][ T5117] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 701.736803][T19620] chnl_net:caif_netlink_parms(): no params data found [ 702.557333][ T61] Bluetooth: hci1: command tx timeout [ 703.556038][T19608] hsr_slave_0: entered promiscuous mode [ 703.557758][T19608] hsr_slave_1: entered promiscuous mode [ 703.570999][T19608] debugfs: 'hsr0' already exists in 'hsr' [ 703.571032][T19608] Cannot create hsr debugfs directory [ 703.571694][T19627] chnl_net:caif_netlink_parms(): no params data found [ 704.774127][ T61] Bluetooth: hci1: command tx timeout [ 706.991654][ T61] Bluetooth: hci1: command tx timeout [ 707.365439][ T5117] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 707.391151][ T5117] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 707.393187][ T5117] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 707.394746][ T5117] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 707.455203][ T5117] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 709.208475][ T61] Bluetooth: hci1: command tx timeout [ 709.635074][ T61] Bluetooth: hci5: command tx timeout [ 711.851663][ T61] Bluetooth: hci5: command tx timeout [ 712.810109][T19620] bridge0: port 1(bridge_slave_0) entered blocking state [ 712.819286][T19620] bridge0: port 1(bridge_slave_0) entered disabled state [ 712.819662][T19620] bridge_slave_0: entered allmulticast mode [ 712.839015][T19620] bridge_slave_0: entered promiscuous mode [ 713.419906][T19620] bridge0: port 2(bridge_slave_1) entered blocking state [ 713.420048][T19620] bridge0: port 2(bridge_slave_1) entered disabled state [ 713.420324][T19620] bridge_slave_1: entered allmulticast mode [ 713.429085][T19620] bridge_slave_1: entered promiscuous mode [ 714.078917][ T61] Bluetooth: hci5: command tx timeout [ 714.726346][T19627] bridge0: port 1(bridge_slave_0) entered blocking state [ 714.726540][T19627] bridge0: port 1(bridge_slave_0) entered disabled state [ 714.726804][T19627] bridge_slave_0: entered allmulticast mode [ 714.763482][T19627] bridge_slave_0: entered promiscuous mode [ 715.602176][T19627] bridge0: port 2(bridge_slave_1) entered blocking state [ 715.602408][T19627] bridge0: port 2(bridge_slave_1) entered disabled state [ 715.602716][T19627] bridge_slave_1: entered allmulticast mode [ 715.626983][T19627] bridge_slave_1: entered promiscuous mode [ 715.633131][T19620] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 716.286152][ T5117] Bluetooth: hci5: command tx timeout [ 717.174814][T19620] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 718.872122][T19627] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 719.648173][T19627] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 719.671826][T19620] team0: Port device team_slave_0 added [ 719.891219][T19620] team0: Port device team_slave_1 added [ 721.674329][T19627] team0: Port device team_slave_0 added [ 723.406326][T19627] team0: Port device team_slave_1 added [ 723.411568][T19620] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 723.411587][T19620] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 723.411618][T19620] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 724.027924][T19620] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 724.027944][T19620] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 724.027974][T19620] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 725.124951][T19627] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 725.124971][T19627] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 725.125010][T19627] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 725.151797][T19627] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 725.151818][T19627] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 725.151849][T19627] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 727.719024][ T1319] ieee802154 phy0 wpan0: encryption failed: -22 [ 728.582983][T19620] hsr_slave_0: entered promiscuous mode [ 728.587154][T19620] hsr_slave_1: entered promiscuous mode [ 728.588917][T19620] debugfs: 'hsr0' already exists in 'hsr' [ 728.588948][T19620] Cannot create hsr debugfs directory [ 728.590878][T19647] chnl_net:caif_netlink_parms(): no params data found [ 730.606701][T19627] hsr_slave_0: entered promiscuous mode [ 730.608514][T19627] hsr_slave_1: entered promiscuous mode [ 730.609749][T19627] debugfs: 'hsr0' already exists in 'hsr' [ 730.609775][T19627] Cannot create hsr debugfs directory [ 733.046654][ T61] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 733.062343][ T61] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 733.064243][ T61] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 733.070507][ T61] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 733.072438][ T61] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 735.300749][ T61] Bluetooth: hci6: command tx timeout [ 735.342405][T19654] chnl_net:caif_netlink_parms(): no params data found [ 737.518393][ T61] Bluetooth: hci6: command tx timeout [ 737.913804][ T5117] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 737.918409][ T5117] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 737.930462][ T5117] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 737.983230][ T5117] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 737.994657][ T5117] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 739.735085][ T61] Bluetooth: hci6: command tx timeout [ 740.160939][ T61] Bluetooth: hci2: command tx timeout [ 741.857823][T19647] bridge0: port 1(bridge_slave_0) entered blocking state [ 741.857978][T19647] bridge0: port 1(bridge_slave_0) entered disabled state [ 741.858680][T19647] bridge_slave_0: entered allmulticast mode [ 741.919737][T19647] bridge_slave_0: entered promiscuous mode [ 741.957426][ T61] Bluetooth: hci6: command tx timeout [ 742.032954][T19647] bridge0: port 2(bridge_slave_1) entered blocking state [ 742.033099][T19647] bridge0: port 2(bridge_slave_1) entered disabled state [ 742.033358][T19647] bridge_slave_1: entered allmulticast mode [ 742.068706][T19647] bridge_slave_1: entered promiscuous mode [ 742.389322][ T61] Bluetooth: hci2: command tx timeout [ 744.316895][T19647] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 744.595255][ T61] Bluetooth: hci2: command tx timeout [ 746.201960][T19647] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 746.812576][ T61] Bluetooth: hci2: command tx timeout [ 748.983048][T19654] bridge0: port 1(bridge_slave_0) entered blocking state [ 748.983196][T19654] bridge0: port 1(bridge_slave_0) entered disabled state [ 748.983533][T19654] bridge_slave_0: entered allmulticast mode [ 748.997949][T19654] bridge_slave_0: entered promiscuous mode [ 749.004837][T19647] team0: Port device team_slave_0 added [ 749.027479][T19654] bridge0: port 2(bridge_slave_1) entered blocking state [ 749.027636][T19654] bridge0: port 2(bridge_slave_1) entered disabled state [ 749.027964][T19654] bridge_slave_1: entered allmulticast mode [ 749.034076][T19654] bridge_slave_1: entered promiscuous mode [ 749.038906][T19647] team0: Port device team_slave_1 added [ 754.279166][T19647] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 754.279186][T19647] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 754.279215][T19647] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 754.338261][T19654] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 754.356717][T19647] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 754.356736][T19647] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 754.356765][T19647] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 754.415314][T19654] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 755.986413][T19654] team0: Port device team_slave_0 added [ 756.021683][T19654] team0: Port device team_slave_1 added [ 758.891308][T19647] hsr_slave_0: entered promiscuous mode [ 758.893259][T19647] hsr_slave_1: entered promiscuous mode [ 758.894635][T19647] debugfs: 'hsr0' already exists in 'hsr' [ 758.894663][T19647] Cannot create hsr debugfs directory [ 759.521521][T19654] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 759.521540][T19654] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 759.521572][T19654] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 761.210028][T19654] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 761.210048][T19654] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 761.210079][T19654] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 763.154121][T19671] chnl_net:caif_netlink_parms(): no params data found [ 763.173697][T19678] chnl_net:caif_netlink_parms(): no params data found [ 763.244536][T19654] hsr_slave_0: entered promiscuous mode [ 763.246306][T19654] hsr_slave_1: entered promiscuous mode [ 763.260131][T19654] debugfs: 'hsr0' already exists in 'hsr' [ 763.260162][T19654] Cannot create hsr debugfs directory [ 764.511246][ T5117] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 764.535540][ T5117] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 764.552281][ T5117] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 764.555799][ T5117] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 764.556623][ T5117] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 766.764813][T18586] Bluetooth: hci0: command tx timeout [ 767.959897][ T39] INFO: task syz-executor:17987 blocked for more than 143 seconds. [ 767.959936][ T39] Not tainted syzkaller #0 [ 767.959948][ T39] Blocked by coredump. [ 767.959956][ T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 767.959967][ T39] task:syz-executor state:D stack:14984 pid:17987 tgid:17987 ppid:1 task_flags:0x40054c flags:0x00080003 [ 767.960031][ T39] Call Trace: [ 767.960044][ T39] [ 767.960068][ T39] __schedule+0x16f3/0x4c20 [ 767.960136][ T39] ? __pfx___schedule+0x10/0x10 [ 767.960187][ T39] ? _raw_spin_unlock_irq+0x23/0x50 [ 767.960224][ T39] rt_mutex_schedule+0x77/0xf0 [ 767.960248][ T39] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 767.960275][ T39] ? task_blocks_on_rt_mutex+0xf12/0x1380 [ 767.960321][ T39] rt_mutex_slowlock+0x2b1/0x6e0 [ 767.960350][ T39] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 767.960378][ T39] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 767.960402][ T39] ? __lock_acquire+0xab9/0xd20 [ 767.960444][ T39] ? rcu_barrier+0x4c/0x570 [ 767.960483][ T39] ? rcu_barrier+0x4c/0x570 [ 767.960504][ T39] mutex_lock_nested+0x16a/0x1d0 [ 767.960528][ T39] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 767.960557][ T39] ? __pfx_tun_chr_close+0x10/0x10 [ 767.960588][ T39] rcu_barrier+0x4c/0x570 [ 767.960616][ T39] ? __pfx_tun_chr_close+0x10/0x10 [ 767.960645][ T39] ? __pfx_tun_chr_close+0x10/0x10 [ 767.960674][ T39] netdev_run_todo+0x327/0xea0 [ 767.960707][ T39] ? __pfx_netif_state_change+0x10/0x10 [ 767.960742][ T39] ? __pfx_netdev_run_todo+0x10/0x10 [ 767.960770][ T39] ? lockdep_hardirqs_on+0x9c/0x150 [ 767.960813][ T39] ? netdev_state_change+0x1ca/0x220 [ 767.960839][ T39] ? __pfx_tun_chr_close+0x10/0x10 [ 767.960867][ T39] tun_chr_close+0x13f/0x1c0 [ 767.960896][ T39] __fput+0x45b/0xa80 [ 767.960933][ T39] task_work_run+0x1d4/0x260 [ 767.960959][ T39] ? __pfx_task_work_run+0x10/0x10 [ 767.960981][ T39] ? do_exit+0x6b0/0x2300 [ 767.961014][ T39] ? do_exit+0x6b0/0x2300 [ 767.961059][ T39] do_exit+0x6b5/0x2300 [ 767.961093][ T39] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 767.961138][ T39] ? __pfx_do_exit+0x10/0x10 [ 767.961168][ T39] ? rt_mutex_slowunlock+0x493/0x8a0 [ 767.961194][ T39] ? rt_spin_lock+0x1c1/0x3e0 [ 767.961235][ T39] do_group_exit+0x21c/0x2d0 [ 767.961256][ T39] ? rt_spin_unlock+0x161/0x200 [ 767.961285][ T39] get_signal+0x125d/0x1310 [ 767.961337][ T39] arch_do_signal_or_restart+0xa0/0x790 [ 767.961361][ T39] ? fput_close_sync+0x119/0x200 [ 767.961385][ T39] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 767.961429][ T39] ? exit_to_user_mode_loop+0x40/0x130 [ 767.961463][ T39] exit_to_user_mode_loop+0x72/0x130 [ 767.961494][ T39] do_syscall_64+0x2bd/0xfa0 [ 767.961525][ T39] ? lockdep_hardirqs_on+0x9c/0x150 [ 767.961557][ T39] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 767.961580][ T39] ? clear_bhb_loop+0x60/0xb0 [ 767.961608][ T39] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 767.961630][ T39] RIP: 0033:0x7fcdc23615dc [ 767.961655][ T39] RSP: 002b:00007ffe3ec16d30 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 767.961678][ T39] RAX: 0000000000000040 RBX: 00007fcdc30e4620 RCX: 00007fcdc23615dc [ 767.961694][ T39] RDX: 0000000000000040 RSI: 00007fcdc30e4670 RDI: 0000000000000003 [ 767.961708][ T39] RBP: 0000000000000000 R08: 00007ffe3ec16d84 R09: 000000000000000c [ 767.961723][ T39] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 767.961736][ T39] R13: 0000000000000000 R14: 00007fcdc30e4670 R15: 0000000000000000 [ 767.961772][ T39] [ 767.961832][ T39] [ 767.961832][ T39] Showing all locks held in the system: [ 767.961848][ T39] 6 locks held by ksoftirqd/0/15: [ 767.961862][ T39] 4 locks held by rcuc/0/20: [ 767.961876][ T39] 1 lock held by khungtaskd/39: [ 767.961888][ T39] #0: ffffffff8d5aa880 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 767.961952][ T39] 3 locks held by kworker/u8:6/1027: [ 767.961965][ T39] #0: ffff88813ff69938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 767.962027][ T39] #1: ffffc9000491fba0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 767.962089][ T39] #2: ffffffff8e8637f8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60 [ 767.962150][ T39] 4 locks held by kworker/u8:7/1458: [ 767.962163][ T39] #0: ffff888019ad4938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 767.962219][ T39] #1: ffffc9000550fba0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 767.962274][ T39] #2: ffffffff8e8568e0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x820 [ 767.962324][ T39] #3: ffffffff8d5b0230 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 767.962389][ T39] 2 locks held by getty/5553: [ 767.962401][ T39] #0: ffff88823bf768a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 767.962456][ T39] #1: ffffc90003e8b2e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1400 [ 767.962526][ T39] 1 lock held by syz.3.5413/17594: [ 767.962538][ T39] #0: ffffffff8d5b0230 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 767.962590][ T39] 1 lock held by syz.1.5455/17687: [ 767.962602][ T39] #0: ffffffff8d5b0230 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 767.962653][ T39] 1 lock held by syz-executor/17987: [ 767.962665][ T39] #0: ffffffff8d5b0230 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 767.962717][ T39] 1 lock held by syz-executor/18032: [ 767.962730][ T39] #0: ffffffff8d5b0230 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 767.962781][ T39] 1 lock held by syz.2.5691/18206: [ 767.962794][ T39] #0: ffffffff8d5b0230 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 767.962846][ T39] 1 lock held by syz.0.5775/18377: [ 767.962858][ T39] #0: ffffffff8d5b0230 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 767.962910][ T39] 1 lock held by syz-executor/18583: [ 767.962922][ T39] #0: ffffffff8d5b0230 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 767.962976][ T39] 1 lock held by syz-executor/18744: [ 767.962988][ T39] #0: ffffffff8d5b0230 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 767.963041][ T39] 1 lock held by syz-executor/19395: [ 767.963060][ T39] #0: ffffffff8d5b0230 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 767.963111][ T39] 1 lock held by syz-executor/19508: [ 767.963124][ T39] #0: ffffffff8d5b0230 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 767.963176][ T39] 1 lock held by syz-executor/19597: [ 767.963188][ T39] #0: ffffffff8d5b0230 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 767.963240][ T39] 1 lock held by syz-executor/19608: [ 767.963252][ T39] #0: ffffffff8d5b0230 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 767.963304][ T39] 1 lock held by syz-executor/19620: [ 767.963317][ T39] #0: ffffffff8d5b0230 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 767.963369][ T39] 1 lock held by syz-executor/19627: [ 767.963382][ T39] #0: ffffffff8d5b0230 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 767.963433][ T39] 10 locks held by syz-executor/19647: [ 767.963447][ T39] 2 locks held by syz-executor/19671: [ 767.963460][ T39] #0: ffffffff8ed65910 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250 [ 767.963517][ T39] #1: ffffffff8e8637f8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8e9/0x1c80 [ 767.963567][ T39] 2 locks held by syz-executor/19678: [ 767.963581][ T39] 1 lock held by syz-executor/19697: [ 767.963593][ T39] #0: ffffffff8e8637f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 767.963653][ T39] [ 767.963659][ T39] ============================================= [ 767.963659][ T39] [ 767.963670][ T39] NMI backtrace for cpu 1 [ 767.963697][ T39] CPU: 1 UID: 0 PID: 39 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 767.963721][ T39] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 767.963733][ T39] Call Trace: [ 767.963742][ T39] [ 767.963750][ T39] dump_stack_lvl+0x189/0x250 [ 767.963786][ T39] ? __pfx_dump_stack_lvl+0x10/0x10 [ 767.963820][ T39] ? __pfx__printk+0x10/0x10 [ 767.963859][ T39] nmi_cpu_backtrace+0x39e/0x3d0 [ 767.963888][ T39] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 767.963919][ T39] ? __pfx__printk+0x10/0x10 [ 767.963947][ T39] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 767.963973][ T39] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 767.963999][ T39] watchdog+0xf60/0xfa0 [ 767.964034][ T39] ? watchdog+0x1e2/0xfa0 [ 767.964075][ T39] kthread+0x711/0x8a0 [ 767.964111][ T39] ? __pfx_watchdog+0x10/0x10 [ 767.964138][ T39] ? __pfx_kthread+0x10/0x10 [ 767.964166][ T39] ? rt_spin_unlock+0x150/0x200 [ 767.964194][ T39] ? rt_spin_unlock+0x161/0x200 [ 767.964216][ T39] ? __pfx_kthread+0x10/0x10 [ 767.964246][ T39] ret_from_fork+0x4bc/0x870 [ 767.964273][ T39] ? __pfx_ret_from_fork+0x10/0x10 [ 767.964306][ T39] ? __switch_to_asm+0x39/0x70 [ 767.964325][ T39] ? __switch_to_asm+0x33/0x70 [ 767.964345][ T39] ? __pfx_kthread+0x10/0x10 [ 767.964376][ T39] ret_from_fork_asm+0x1a/0x30 [ 767.964414][ T39] [ 767.964422][ T39] Sending NMI from CPU 1 to CPUs 0: [ 767.964448][ C0] NMI backtrace for cpu 0 [ 767.964463][ C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 767.964483][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 767.964494][ C0] RIP: 0010:__lock_acquire+0x50c/0xd20 [ 767.964522][ C0] Code: 49 83 c7 28 41 89 c4 48 39 cb 0f 8d d6 00 00 00 48 83 fb 31 0f 83 92 00 00 00 41 8b 07 25 ff 1f 00 00 48 0f a3 05 34 4e 0e 11 <73> 10 48 69 c0 c8 00 00 00 48 8d 88 10 33 4b 92 eb 40 83 3d fb dd [ 767.964539][ C0] RSP: 0018:ffffc900001463e8 EFLAGS: 00000003 [ 767.964554][ C0] RAX: 000000000000000b RBX: 0000000000000003 RCX: 0000000000000005 [ 767.964565][ C0] RDX: 0000000000000003 RSI: 0000000000000003 RDI: ffff88801b2f3c00 [ 767.964584][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff81736c15 [ 767.964596][ C0] R10: ffffc90000146638 R11: ffffffff81aacc60 R12: 0000000000000003 [ 767.964609][ C0] R13: 0000000000000001 R14: ffff88801b2f4828 R15: ffff88801b2f47f8 [ 767.964621][ C0] FS: 0000000000000000(0000) GS:ffff888126df7000(0000) knlGS:0000000000000000 [ 767.964637][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 767.964674][ C0] CR2: 00007f303efcae90 CR3: 00000000346b2000 CR4: 00000000003526f0 [ 767.964691][ C0] Call Trace: [ 767.964697][ C0] [ 767.964708][ C0] ? unwind_next_frame+0xa5/0x2390 [ 767.964733][ C0] lock_acquire+0x120/0x360 [ 767.964763][ C0] ? unwind_next_frame+0xa5/0x2390 [ 767.964790][ C0] ? unwind_next_frame+0xa5/0x2390 [ 767.964819][ C0] ? NF_HOOK+0x206/0x3a0 [ 767.964836][ C0] ? unwind_next_frame+0xa5/0x2390 [ 767.964859][ C0] unwind_next_frame+0xc2/0x2390 [ 767.964882][ C0] ? unwind_next_frame+0xa5/0x2390 [ 767.964908][ C0] ? unwind_next_frame+0xa5/0x2390 [ 767.964937][ C0] ? nf_hook_slow+0xc5/0x220 [ 767.964960][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 767.964980][ C0] arch_stack_walk+0x11c/0x150 [ 767.965008][ C0] ? NF_HOOK+0x206/0x3a0 [ 767.965026][ C0] stack_trace_save+0x9c/0xe0 [ 767.965045][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 767.965065][ C0] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 767.965093][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 767.965127][ C0] kasan_save_track+0x3e/0x80 [ 767.965150][ C0] ? kasan_save_track+0x3e/0x80 [ 767.965170][ C0] ? __kasan_slab_alloc+0x6c/0x80 [ 767.965193][ C0] ? kmem_cache_alloc_noprof+0x181/0x6b0 [ 767.965216][ C0] ? dst_alloc+0x105/0x170 [ 767.965238][ C0] ? ip_route_output_key_hash_rcu+0x1560/0x23e0 [ 767.965262][ C0] ? ip_route_output_key_hash+0x174/0x280 [ 767.965286][ C0] ? ip_route_output_flow+0x2a/0x150 [ 767.965306][ C0] ? ip_route_me_harder+0x6c4/0xf10 [ 767.965333][ C0] ? synproxy_send_tcp+0x3a7/0x700 [ 767.965353][ C0] ? synproxy_send_client_synack+0x8bb/0xe20 [ 767.965375][ C0] ? nft_synproxy_eval_v4+0x36e/0x560 [ 767.965400][ C0] ? nft_synproxy_do_eval+0x345/0x570 [ 767.965433][ C0] ? nft_do_chain+0x40c/0x1920 [ 767.965456][ C0] ? nft_do_chain_inet+0x25d/0x340 [ 767.965480][ C0] ? nf_hook_slow+0xc5/0x220 [ 767.965498][ C0] ? NF_HOOK+0x206/0x3a0 [ 767.965532][ C0] ? __slab_alloc+0xc6/0x1f0 [ 767.965549][ C0] __kasan_slab_alloc+0x6c/0x80 [ 767.965572][ C0] ? dst_alloc+0x105/0x170 [ 767.965594][ C0] kmem_cache_alloc_noprof+0x181/0x6b0 [ 767.965615][ C0] ? __pfx_fib4_rule_suppress+0x10/0x10 [ 767.965638][ C0] dst_alloc+0x105/0x170 [ 767.965662][ C0] ip_route_output_key_hash_rcu+0x1560/0x23e0 [ 767.965698][ C0] ? ip_route_output_key_hash+0xc1/0x280 [ 767.965722][ C0] ip_route_output_key_hash+0x174/0x280 [ 767.965746][ C0] ? __lock_acquire+0xab9/0xd20 [ 767.965771][ C0] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 767.965809][ C0] ip_route_output_flow+0x2a/0x150 [ 767.965829][ C0] ? ip_route_me_harder+0x6ae/0xf10 [ 767.965864][ C0] ip_route_me_harder+0x6c4/0xf10 [ 767.965903][ C0] ? __pfx_ip_route_me_harder+0x10/0x10 [ 767.965937][ C0] ? rcu_is_watching+0x15/0xb0 [ 767.965959][ C0] synproxy_send_tcp+0x3a7/0x700 [ 767.965985][ C0] synproxy_send_client_synack+0x8bb/0xe20 [ 767.966014][ C0] ? __pfx_synproxy_send_client_synack+0x10/0x10 [ 767.966036][ C0] ? nft_fib_store_result+0x8/0x2f0 [ 767.966059][ C0] ? synproxy_pernet+0x45/0x270 [ 767.966088][ C0] nft_synproxy_eval_v4+0x36e/0x560 [ 767.966117][ C0] ? __pfx_nft_synproxy_eval_v4+0x10/0x10 [ 767.966146][ C0] ? nf_ip_checksum+0x13c/0x510 [ 767.966173][ C0] nft_synproxy_do_eval+0x345/0x570 [ 767.966205][ C0] ? skb_orphan+0xaf/0xd0 [ 767.966223][ C0] ? __pfx_nft_synproxy_do_eval+0x10/0x10 [ 767.966249][ C0] ? nft_trace_init+0x283/0x4a0 [ 767.966281][ C0] nft_do_chain+0x40c/0x1920 [ 767.966307][ C0] ? __pfx_ip_list_rcv+0x10/0x10 [ 767.966329][ C0] ? __pfx_nft_do_chain+0x10/0x10 [ 767.966352][ C0] ? __netif_receive_skb_list_core+0x7d2/0x800 [ 767.966394][ C0] ? __napi_schedule+0x12d/0x1f0 [ 767.966423][ C0] nft_do_chain_inet+0x25d/0x340 [ 767.966447][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 767.966472][ C0] ? __lock_acquire+0xab9/0xd20 [ 767.966500][ C0] ? NF_HOOK+0x9a/0x3a0 [ 767.966517][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 767.966542][ C0] nf_hook_slow+0xc5/0x220 [ 767.966564][ C0] NF_HOOK+0x206/0x3a0 [ 767.966582][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 767.966600][ C0] ? NF_HOOK+0x9a/0x3a0 [ 767.966616][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 767.966632][ C0] ? ip_rcv_finish_core+0xda3/0x1c00 [ 767.966651][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 767.966671][ C0] ? skb_dst+0x4f/0xd0 [ 767.966688][ C0] ? ip_local_deliver+0x12a/0x1b0 [ 767.966707][ C0] NF_HOOK+0x30c/0x3a0 [ 767.966724][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 767.966741][ C0] ? NF_HOOK+0x9a/0x3a0 [ 767.966757][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 767.966775][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 767.966805][ C0] ? __pfx_ip_rcv+0x10/0x10 [ 767.966821][ C0] __netif_receive_skb+0x143/0x380 [ 767.966851][ C0] ? process_backlog+0x27b/0x900 [ 767.966867][ C0] process_backlog+0x31e/0x900 [ 767.966890][ C0] __napi_poll+0xb6/0x540 [ 767.966919][ C0] net_rx_action+0x5f7/0xda0 [ 767.966943][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 767.966961][ C0] ? kvm_sched_clock_read+0x11/0x20 [ 767.966991][ C0] ? __pfx_sched_clock_cpu+0x10/0x10 [ 767.967015][ C0] handle_softirqs+0x22f/0x710 [ 767.967041][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 767.967070][ C0] run_ksoftirqd+0xac/0x210 [ 767.967103][ C0] ? __pfx_run_ksoftirqd+0x10/0x10 [ 767.967128][ C0] ? preempt_schedule_thunk+0x16/0x30 [ 767.967150][ C0] ? smpboot_thread_fn+0x5f4/0xa60 [ 767.967173][ C0] ? smpboot_thread_fn+0x4d/0xa60 [ 767.967194][ C0] smpboot_thread_fn+0x542/0xa60 [ 767.967218][ C0] ? smpboot_thread_fn+0x4d/0xa60 [ 767.967244][ C0] kthread+0x711/0x8a0 [ 767.967271][ C0] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 767.967294][ C0] ? __pfx_kthread+0x10/0x10 [ 767.967318][ C0] ? rt_spin_unlock+0x150/0x200 [ 767.967341][ C0] ? rt_spin_unlock+0x161/0x200 [ 767.967361][ C0] ? __pfx_kthread+0x10/0x10 [ 767.967388][ C0] ret_from_fork+0x4bc/0x870 [ 767.967409][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 767.967433][ C0] ? __switch_to_asm+0x39/0x70 [ 767.967450][ C0] ? __switch_to_asm+0x33/0x70 [ 767.967467][ C0] ? __pfx_kthread+0x10/0x10 [ 767.967493][ C0] ret_from_fork_asm+0x1a/0x30 [ 767.967519][ C0] [ 768.033792][ T5785] ------------[ cut here ]------------ [ 768.033831][ T5785] WARNING: CPU: 0 PID: 5785 at kernel/kcov.c:477 kcov_task_exit+0x13c/0x150 [ 768.033891][ T5785] Modules linked in: [ 768.033913][ T5785] CPU: 0 UID: 0 PID: 5785 Comm: syz-executor Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 768.033944][ T5785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 768.033959][ T5785] RIP: 0010:kcov_task_exit+0x13c/0x150 [ 768.033996][ T5785] Code: c7 c7 10 44 c5 8e 48 c7 c6 cb 26 da 8c 48 c7 c2 aa fc d8 8c 4c 89 f9 e8 32 4b f1 02 4c 39 bb 98 00 00 00 0f 84 ff fe ff ff 90 <0f> 0b 90 4c 89 f7 5b 41 5e 41 5f e9 d4 2e 04 09 0f 1f 40 00 90 90 [ 768.034019][ T5785] RSP: 0018:ffffc900048cfd00 EFLAGS: 00010206 [ 768.034040][ T5785] RAX: ba227a71304a9800 RBX: ffff8880301ad500 RCX: 0000000000000000 [ 768.034058][ T5785] RDX: 0000000000000000 RSI: ffffffff8b3ddfc0 RDI: 00000000ffffffff [ 768.034076][ T5785] RBP: ffffc900048cfe68 R08: 0000000000000000 R09: ffffffff8ac2db41 [ 768.034095][ T5785] R10: dffffc0000000000 R11: fffffbfff1dac80f R12: 1ffff1100523797d [ 768.034115][ T5785] R13: 0000000000004300 R14: ffff8880301ad508 R15: ffff88803c8e9e00 [ 768.034133][ T5785] FS: 0000555582ee3500(0000) GS:ffff888126df7000(0000) knlGS:0000000000000000 [ 768.034154][ T5785] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 768.034172][ T5785] CR2: 00007f92549b7d60 CR3: 000000003157a000 CR4: 00000000003526f0 [ 768.034194][ T5785] Call Trace: [ 768.034205][ T5785] [ 768.034218][ T5785] do_exit+0x105/0x2300 [ 768.034268][ T5785] ? rt_mutex_slowunlock+0x493/0x8a0 [ 768.034307][ T5785] ? __pfx_do_exit+0x10/0x10 [ 768.034345][ T5785] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 768.034387][ T5785] ? rt_spin_unlock+0x161/0x200 [ 768.034420][ T5785] do_group_exit+0x21c/0x2d0 [ 768.034452][ T5785] __x64_sys_exit_group+0x3f/0x40 [ 768.034474][ T5785] x64_sys_call+0x21f7/0x2200 [ 768.034501][ T5785] do_syscall_64+0xfa/0xfa0 [ 768.034537][ T5785] ? lockdep_hardirqs_on+0x9c/0x150 [ 768.034574][ T5785] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 768.034600][ T5785] ? clear_bhb_loop+0x60/0xb0 [ 768.034633][ T5785] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 768.034656][ T5785] RIP: 0033:0x7f9253c2f749 [ 768.034679][ T5785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 768.034700][ T5785] RSP: 002b:00007ffff5b677d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 768.034725][ T5785] RAX: ffffffffffffffda RBX: 00007f9253cd0661 RCX: 00007f9253c2f749 [ 768.034744][ T5785] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043 [ 768.034760][ T5785] RBP: 00007f9253cd067f R08: 00007ffff5b65577 R09: 0000000000000004 [ 768.034777][ T5785] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000009 [ 768.034792][ T5785] R13: 0000000000000004 R14: 00007ffff5b678fc R15: 00007ffff5b67990 [ 768.034842][ T5785] [ 768.034859][ T5785] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 768.034876][ T5785] CPU: 0 UID: 0 PID: 5785 Comm: syz-executor Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 768.034904][ T5785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 768.034919][ T5785] Call Trace: [ 768.034929][ T5785] [ 768.034938][ T5785] dump_stack_lvl+0x99/0x250 [ 768.034978][ T5785] ? __asan_memcpy+0x40/0x70 [ 768.035011][ T5785] ? __pfx_dump_stack_lvl+0x10/0x10 [ 768.035049][ T5785] ? __pfx__printk+0x10/0x10 [ 768.035095][ T5785] vpanic+0x237/0x6d0 [ 768.035120][ T5785] ? __pfx_vpanic+0x10/0x10 [ 768.035157][ T5785] panic+0xb9/0xc0 [ 768.035182][ T5785] ? __pfx_panic+0x10/0x10 [ 768.035224][ T5785] __warn+0x31b/0x4b0 [ 768.035247][ T5785] ? kcov_task_exit+0x13c/0x150 [ 768.035284][ T5785] ? kcov_task_exit+0x13c/0x150 [ 768.035317][ T5785] report_bug+0x2be/0x4f0 [ 768.035353][ T5785] ? kcov_task_exit+0x13c/0x150 [ 768.035388][ T5785] ? kcov_task_exit+0x13c/0x150 [ 768.035422][ T5785] ? kcov_task_exit+0x13e/0x150 [ 768.035455][ T5785] handle_bug+0x84/0x160 [ 768.035482][ T5785] exc_invalid_op+0x1a/0x50 [ 768.035506][ T5785] asm_exc_invalid_op+0x1a/0x20 [ 768.035528][ T5785] RIP: 0010:kcov_task_exit+0x13c/0x150 [ 768.035556][ T5785] Code: c7 c7 10 44 c5 8e 48 c7 c6 cb 26 da 8c 48 c7 c2 aa fc d8 8c 4c 89 f9 e8 32 4b f1 02 4c 39 bb 98 00 00 00 0f 84 ff fe ff ff 90 <0f> 0b 90 4c 89 f7 5b 41 5e 41 5f e9 d4 2e 04 09 0f 1f 40 00 90 90 [ 768.035573][ T5785] RSP: 0018:ffffc900048cfd00 EFLAGS: 00010206 [ 768.035591][ T5785] RAX: ba227a71304a9800 RBX: ffff8880301ad500 RCX: 0000000000000000 [ 768.035607][ T5785] RDX: 0000000000000000 RSI: ffffffff8b3ddfc0 RDI: 00000000ffffffff [ 768.035621][ T5785] RBP: ffffc900048cfe68 R08: 0000000000000000 R09: ffffffff8ac2db41 [ 768.035637][ T5785] R10: dffffc0000000000 R11: fffffbfff1dac80f R12: 1ffff1100523797d [ 768.035653][ T5785] R13: 0000000000004300 R14: ffff8880301ad508 R15: ffff88803c8e9e00 [ 768.035677][ T5785] ? rt_spin_lock+0x1c1/0x3e0 [ 768.035715][ T5785] do_exit+0x105/0x2300 [ 768.035754][ T5785] ? rt_mutex_slowunlock+0x493/0x8a0 [ 768.035784][ T5785] ? __pfx_do_exit+0x10/0x10 [ 768.035823][ T5785] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 768.035857][ T5785] ? rt_spin_unlock+0x161/0x200 [ 768.035885][ T5785] do_group_exit+0x21c/0x2d0 [ 768.035909][ T5785] __x64_sys_exit_group+0x3f/0x40 [ 768.035928][ T5785] x64_sys_call+0x21f7/0x2200 [ 768.035950][ T5785] do_syscall_64+0xfa/0xfa0 [ 768.035978][ T5785] ? lockdep_hardirqs_on+0x9c/0x150 [ 768.036003][ T5785] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 768.036021][ T5785] ? clear_bhb_loop+0x60/0xb0 [ 768.036043][ T5785] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 768.036062][ T5785] RIP: 0033:0x7f9253c2f749 [ 768.036077][ T5785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 768.036092][ T5785] RSP: 002b:00007ffff5b677d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 768.036109][ T5785] RAX: ffffffffffffffda RBX: 00007f9253cd0661 RCX: 00007f9253c2f749 [ 768.036121][ T5785] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043 [ 768.036131][ T5785] RBP: 00007f9253cd067f R08: 00007ffff5b65577 R09: 0000000000000004 [ 768.036143][ T5785] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000009 [ 768.036153][ T5785] R13: 0000000000000004 R14: 00007ffff5b678fc R15: 00007ffff5b67990 [ 768.036180][ T5785] [ 768.039612][ T5785] Kernel Offset: disabled