last executing test programs: 10.29078882s ago: executing program 3 (id=4319): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000980)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581d3b3"], 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ppoll(&(0x7f00000013c0)=[{r1}], 0x1, 0x0, 0x0, 0x0) syz_usb_disconnect(r0) 7.09065219s ago: executing program 3 (id=4330): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x18, 0x140c, 0xb71decfdf6a93ea7, 0x0, 0x0, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x4}]}, 0x18}}, 0x0) 7.040448831s ago: executing program 3 (id=4331): keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'ecryptfs', 0x20, 'trusted:', 'syz', 0x20, 0x7f}, 0x2e, 0xfffffffffffffffa) add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) 6.895418057s ago: executing program 3 (id=4333): r0 = socket$key(0xf, 0x3, 0x2) socket$key(0xf, 0x3, 0x2) openat$cgroup_pressure(0xffffffffffffffff, 0x0, 0x2, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r2 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000000)={0x4}, 0x10) write(r2, &(0x7f0000000080)="240000001a007f0214f9f4070009040803000000000000050002000008000f40fe00000e", 0x24) r3 = socket$key(0xf, 0x3, 0x2) fcntl$addseals(r0, 0x409, 0x2) sendmsg$key(r3, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[@ANYBLOB="0203f3021600000000000000000a00000200090008000000e90000000000000003000600000000000200000000000000000000000000000002000100000000fffffffd0200000000030005000000000002000000ac1414aa00000000000000000a0008"], 0xb0}, 0x1, 0x7}, 0x0) bind$bt_hci(r1, &(0x7f00000000c0)={0x1f, 0x4, 0x4}, 0x6) write(r1, &(0x7f0000000000)="3b000300010010", 0x7) openat$pfkey(0xffffffffffffff9c, &(0x7f0000001580), 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000005c0)=ANY=[@ANYRES32=r2, @ANYRES16=0x0, @ANYBLOB="04020d800800010002f610635200001a9f5da32b06e7353384613d79ce6a90ac175b4f525469e0d66f20727c011dc3adc7f8f9ca558c3b691abd9e2e717551aa74e0f41451739060bcd833a3edc0d1b20102e3549719b0e712afe74de57dd53b209bd9142063062c4d2401e02684512869d26568f72acd77d423ae8c2275ac194fc39cdb66a7aa411f29cdcd618503580d88e195d1976a6735032d051540b81a53c77c81d758dbe0a4b2d358c0eba402abbd167a785f3d212735e1c9fb742b540d78aedde3125eded23db682a7c96ddad7351a26b8fa7666a467d878c181a4576ccabdc864f28592349a"], 0x24}, 0x1, 0x5502000000000000, 0x0, 0x4008881}, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000f, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) set_tid_address(0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xe, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b7020000f53f6314bfa300000000000024020000fffeff7f7a03f0fff0ffffff79a4f0ff00000000b7060000ffffffff2e64050000000000750afaff07cd02020404000000247d60b7030000030a00006a0a00fe0000000c8500000032000000b70000000000002995000000000000001da5ad3548ebb63d18c5071c7e821c9b767ac8308fbcd5c5e4a5ad1065b572c2c9ff215ac60c2ceaea4c0ec908abb6e7325ec1956bd8660bf3664148a2c96752fe2bb328dff1a15750ab9a780001000000000000d4bf20c2bd152d814f01f2cd519e078d4ffab418e4682b2aec5e4a35629e8ef040c50287c37a7f4182f32333b08c6e497687e10a4daea5cac0ceafdbb126eb02a1f5104d16ddb64963d84d91814cd5817e0b8f6f5e6ee7a39e180b5a18ed786b782ab1321ea5e82ae5ba2c42a5e23ea6253d5df768d0cb9f35e4f41a6211e52bb3598e9b5d4f22d8c19f958e8b34de35949a7a48ce18799ee53da177a81ea65e652c1d71b7ee86a75b0100000042127a8f84538a9a311c757f7169f006f3f5c95177fbd0b14b36259e2905ef911785c88a16aae46084d676d8ef8aa6ecc2d32e3f4ee367c5a769c0a606636c9f4a4413c098f4fcc96623b7c373b0ef04d55b846b094bf97e2ef5987b6e09a6a7cab79bffda141f65e7d9ebe3be70c436432b70a80cce69df30d3d67d84ccf3f9db9b690111de2ddc4b153c989ef100bbf76063d3f6ffffb73d70e9c3d7b90aecf48e7565efff2dbbb512218c98442406333c890923a797e00b75481739952fe87fde27ce81893f54ec0ea8e792414f639bc9ce1fea3f6ac0d7025759d4b45576c205c70631e8ad585951950e521f4e210b6494e3c52d927195737945cc03d5668483151710de246420a1b6c55b73876a6ed7fd0d9338923789a1edcd8043fe83919088383268324a25df14010c8ed6b8d43400eaa00ff9bc46e1cfecbdc0e451ac53b409d04544d3a7edd4d447d2fb431e226ae182b8dcc86fe09b404e0b7c723d3b19c3dc382fa91fb0fb8f9f3f13296bb1758b24aad0922091d49e2bc408a5a37deee7a60b903d2d9fe9d451cafcc8dc389671c2d08b6e264150a6b9445b00cee4585af04fa69e0380be0d66649dcf3bf8a906b029faca75ce34c41aec7aa86e596119109ea8b3f7c65c902499227c087301643baab1c95bb22cedd913b22dcaa197ccc34586dc50bd9f4628e3e77a0de32e356521df06f995cb57f97052fc4158250ccecfb67ea8faf509593fadc7eafb613327b052397af1ede94d87590ce90a0a7579766f0e5eb09d38ac46e99e7ec4fcd3cb0b1a8c531724d5ef6b334803cedaa9cedf16dc3af6e0b67f62a83a256474c97c925d9d447175b535c87dbdeb0dcca5303eed6689ea91e1665c691df736368dde47e6672e93a314c5f60e7b68c2242bd0f0d8c66449d8687dcf2d0f76668b2b9bf8b32b99b7daf34b2d825d192ade90a1162acfe9749d516d014cef5f99126324ea02baea5808c430985749901b09e4902a6f5addc0103756b894418e4591c624a9b206abbfb888d413d923b0d7c9d997d6d8e64787c4d397f57a15b6e0b4212b6cb55b9c207bbe08f483b1bea05f41b9a1d3af087047c568ae6ebfc0bb5ec10b6290dc757a4903a88fb2c035b2349b6d2f0c051b8b7718384eebd5fc19928cea713ff09e179c308fbe9bd64374d96ef2447a2a4af5ca0c39e7ca2e801e57560a55e9cfa095cf3f74398219ad1030a79517a88de7596429a20793e12616aa32b3e720c6521fbe93963e9536d16f3db211fca7dd99c0a0125ff8ef534b93dcb34e1da2c008a9f2a29e30823bf0ec3639cadaf9be9608358e1e5ab17eea477b1754f78f45468c9568471667f82f5e250b979b9f2bd0d1b6bc03d11811ac6eec9a3ecd9e3c3299ee5eb3c6cac8fbd06514b7ee743ece79c04566d02a08fd5fcabbab3d129c0cced3ce11dafa380700000000000000c114d0b423e64c6157fac5e4e2168f33541daeff9983d0e488a78bef538f870b84798272b2101e0abf1cd64500b79e01e11d727389653bd80a39d5bbe2e23d2f5ff10047423429981bd9b4ce680e174c266391e3e7689452654e5cd5ada6e025327a1942b5a068f15fa58eaa267d4e0881783dddbdd777f8be0824ffdf6d06c621880dbbe9534f15e8c2e364d3ec67deb6ab9f2a0f03212972dbd38500000008173553a67be48633103809eee0be51d67d7ce230b389607b4c3b18da1c48f3180f2e0d79e54565fdd9a099b5b5ba2761905b88b7cbfc39c35dd153609da3da263438f12769602c2195245ff83e249119d4f6cabfbdef84ada19ef4a67ed66d7043036515d0be5a231f99e71aba5d5ae04676eff3e85f0844c41bbcfde7a931d1ec55c01f703bfd1b97756bfe55a91f6b379f34a018906339771157c66dbd7471d1beec7f029ef552cf5e92a1a0db21b59355763967ce26a577bc514b6d22a09c385c5ba6caf524e1688fc0f29f8bb35ae7bc8eb5ba51aebdf7d972c3267cedbe77ed70d9c539bc455a6f88b39196c8a224b0acf4d796fea59a07baa34cc270fb096ef330fbebdf872d7d0bc4f9a963355c554abc5cdb91464faabcd09cd9a53f5d1b2ea7e96f428f7cd6735c19c61dc9942d30bf29ef85ed01c2fcd6060aa40eeff971477b4fde48507b7bad95a496540adff7e4a72fd1f94d7c703ab1525c946c54e0da3d7ebfcc8cea2e84c3b310aaea5a1627df898c00a9aaf2d88a36afa4c5b1816384310600001c33125ad7f7970beeb256aec06e39fc6c66544e1d1dc5fea4b68a82e3568ca30aea9a1d097f06f11dc362f4bae5ef57c67686a15855cd351bf26f40fb1348cfce79897682228e6d9643530c81bab27bf7b1c4a76a5be180bb830cf06827c3f38a9c9c580c732c30aaceda78b0297de35a922b1375b129655beb31899e26052cc216f832fdb0a0015f93c9cff77f59cda1ec5f3e358848756cebb074266a47e39ae26e80e8c65aaf73c24925458520a9ca98760d1005c9f81846459ae6d5baa4f02807939ddc29c3520f7c58ed9bc5a569c7a1bc33cf4f330a18276ffb4550b9166c3939e8041094bec034aa0ec6638b74fe34f0f1ec6903a1135808d5d8d26c9203c3f87e66c407b7c5c0888d4558dd657cc0213efad68e76fdd7b23e68064fd4b271ed79c50abacdd2871b0c1f8c971df59a5a1901ddf804bed43e391f882d2a45c51cdbba86b2a1b7c0c4923642a731ea4dcbad2b6ebbebe787a8e28e781d75beee924b3b1e390750f316648133922c021f98fd2d5d71a7a3679397ef6cf432837b7e264831ec01c4c3146ba0caac3b13d55945ec00e978a1c1712cd51187936200606c9cd6877b2f72125295c54721f8e15df2ae282a8becb99a726fd92acc92141e1f574b4b0b3c992a61af3372d0d9217776b1a42cd2cee816a70bf1ddd69b590d53e28ba356e74b38e23e50d898e95cdc7cc809e462c884b53f672aab1411ecfd4c91e7a9782fc6763f0efd4bcbaf1fc3a00000000000000000000000000000000500000000000000000000000048e510340087caf22439d5304bd704a6a78a512269a9b1cbd13bea78c807bbc73853ae187cbb768673e9d1bf74a3b0a6c234accd8506adf314f4c5e08174540b69d3c0da660052b43b86baf49e7ac64d9c21598b1e01dc1e1b5a53626b090496dbf7af441e397016c3c094d5c91ffe0a7ceacfd225ed9a6c905f79ad7052747dd6cceef4c310e0e935311118bc6bf0e5ca6c7cca7d5c03be570308da8a40578b4db14961fbccf6e2f2d56e9509c434126515b56d032e20c12e830d1bc64826fc9b318da5911e466878dbb81edeff69363fb75af5cd80536f14d2eaa7764db23acdbd394bbbbccfd8b129258bb0a93cee1d44f8665172c06933d20f184b78b435462c52a85149451ffd564c56a7cbf11a1127c77242915e43b2bc"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x200000, 0x10, &(0x7f0000000000), 0x143}, 0x48) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="180100000000000000000000bb810000850000006d00000085000000d000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='hrtimer_start\x00', r5}, 0x10) r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES16], 0x0) syz_usb_control_io$hid(r6, 0x0, 0x0) syz_usb_control_io$hid(r6, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00220f0000005b574e69622bf85eda07b3"], 0x0}, 0x0) r7 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0) ioctl$HIDIOCGCOLLECTIONINDEX(r7, 0x40184810, &(0x7f0000000000)={0x3, 0xffffffff, 0x0, 0x0, 0x800}) 4.201087919s ago: executing program 0 (id=4357): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000800)={0x18, 0x76, 0x31f, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @ipv4=@broadcast}]}, 0x18}], 0x1}, 0x0) 4.20078246s ago: executing program 0 (id=4358): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TCSBRKP(r0, 0x5425, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)) ioctl$TCSETSW2(r0, 0x540e, 0x0) r1 = syz_open_procfs(0x0, 0x0) r2 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) add_key(&(0x7f0000000140)='ceph\x00', 0x0, 0x0, 0x0, r2) getdents(0xffffffffffffffff, 0x0, 0x0) getdents(r1, 0x0, 0x0) r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x90) r4 = openat$cgroup_ro(r1, &(0x7f00000003c0)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r4, &(0x7f0000000100), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r4, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) r6 = openat$zero(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) fcntl$setpipe(r6, 0x407, 0x0) sendmsg$NFULNL_MSG_CONFIG(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="2400000001040102000000c9fd00000000"], 0x24}}, 0x28040084) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000440)=@ipv6_delrule={0x60, 0x21, 0x100, 0x0, 0x0, {}, [@FIB_RULE_POLICY=@FRA_PROTOCOL={0x5}, @FRA_DST={0x14, 0x1, @dev={0xfe, 0x80, '\x00', 0x18}}, @FRA_SRC={0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}, @FRA_SRC={0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}]}, 0x60}}, 0x0) sendmsg$NFULNL_MSG_CONFIG(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x1, 0x4, 0x101, 0x0, 0x0, {0x0, 0x0, 0x400}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}}, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000180)={0x73622a85, 0xa, 0x3}) close(r5) ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000940)) ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f0000000000)) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r7, 0xc0185879, &(0x7f0000000080)={@desc={0x4100, 0x0, @desc2}}) 3.642506124s ago: executing program 0 (id=4361): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000340)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @mcast2, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) 3.30958887s ago: executing program 0 (id=4363): syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="04300300c9008cba4dffaa0a52c0186ef28359af281f3a6bfde3a6ee0de9ddee0bf7da43aebf706b3329b0a564835713c2de78691734f5b9ada875d8facbcb611c220f4296a197c00dc7780e18d276969228dd91f813fda5cbc6adcfdd40386249f98919c934448632816bbc251be47d7af97966b4a96a6a8b7f211d8e29678fe8216eb9b30f4fa5856c0371b3c31559e07c414833"], 0x6) r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, 0x0, 0x0) setsockopt$inet_opts(r0, 0x0, 0x0, &(0x7f0000000000)="89070404", 0x4) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) r5 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$TCPDIAG_GETSOCK(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="4c0000001200010003950000000000000a0900000000000000000000080000000000ffffff9e000000000000000000000000ffff"], 0x4c}}, 0x0) sendmsg$NFT_BATCH(r4, 0x0, 0x0) sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a40000000060a0b040000000000000000020000001400048010000180070001006374"], 0x68}, 0x1, 0x0, 0x0, 0x804}, 0x0) syz_emit_vhci(&(0x7f0000000180)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x0, 0x1f}, @l2cap_cid_signaling={{0x1b}, [@l2cap_conn_rsp={{0x3, 0x6, 0x8}, {0x7, 0xe, 0x8, 0x4}}, @l2cap_disconn_req={{0x6, 0x7, 0x4}, {0x723}}, @l2cap_move_chan_req={{0xe, 0x4, 0x3}, {0x9, 0xa}}]}}, 0x24) r6 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000), 0x121301, 0x0) write$dsp(r6, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="043e1f0a00c90001"], 0x22) mbind(&(0x7f0000068000/0x1000)=nil, 0x1000, 0x4000, 0x0, 0x0, 0x3) r7 = semget$private(0x0, 0x4, 0x424) semctl$SEM_STAT_ANY(r7, 0x0, 0x14, &(0x7f0000000380)=""/276) ioctl$KVM_RUN(r3, 0xae80, 0x0) r8 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r8, 0x3b81, &(0x7f0000000200)={0xc, 0x0, 0x0}) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) mprotect(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0) semget$private(0x0, 0x0, 0x0) ioctl$IOMMU_VFIO_IOAS$SET(r8, 0x3b88, &(0x7f0000000040)={0xc, r9}) 2.830836766s ago: executing program 2 (id=4368): mkdir(&(0x7f0000000000)='./control\x00', 0x0) r0 = open(&(0x7f0000022ff6)='./control\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000100)='./control\x00', 0x0) unlink(&(0x7f00000001c0)='./control/file0\x00') openat(r0, &(0x7f0000000280)='./control\x00', 0x470082, 0x0) unlinkat(r0, &(0x7f0000000140)='./control\x00', 0x200) rmdir(&(0x7f0000000040)='./control\x00') 2.604316128s ago: executing program 2 (id=4371): pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd\x00') pipe(&(0x7f00000001c0)) select(0x40, &(0x7f0000000140), 0x0, &(0x7f0000000400)={0xca}, 0x0) r2 = memfd_create(&(0x7f0000000340)='D\xa3\xd5Wj\x00\x00x0\xc1\xac\x1a\x1a\vG\xa9~vB\xbc\t\x00\x00\x00VoA\xaa\xbc\xee[\xe1\xa2\xe0\xff\x04\x00\x00\x00\\i\xcf\t\xb0\xa9 +H/\x1a\xe7\x95\xce\"\"\xbd\xf9!\xfd\xa4\xcaN\x84\xadS\x8bqE\x99\x01t\xb1\x1f|\x99PL\x92\x8f\xc2\xf9\xcd\x8cj\x03X\x05\x17mwI\xf0\x01\xe5z\xcdJ)\xc7\xfa)\xaa}\xef\xbb\xf5\xcd\xb1o5\x18\xd6\v\x85q\x98\x9bB\xb9\xea\xe7\xff\x7f\x00\x00T\xc0\xd2\t?\bpBl\xf4*8\xc6\xe5\x06P\xc11\f^\x7f\x8e\xc1\xd1Wra\x19)\xe3\x8f\xd9\x9f\x15\x1e\xf2\x18\r\xad\b\xe0\x96NH\x85\r+\xfc\xb3\xdd\xddhg \x03\xa7\x92\xff\x00+h\xb7@#K\x9cMY\xd3\x9b\b-G\xb1\xdaS\x81\xb2\x93\xb83\x8a\x94*\x8d\\\b\xff/\xa1\xc0\xf9&\xd3M\xf6\n\xff\x83k\xe6\rDa\x16\xbd\x1a\xb2w\b', 0x0) write(r2, &(0x7f00000000c0)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0) r3 = dup3(r1, r0, 0x0) fchdir(r3) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) 2.527168224s ago: executing program 1 (id=4372): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000340)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @mcast2, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) 2.377676863s ago: executing program 1 (id=4373): timerfd_create(0x7, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000042c0)='fdinfo/3\x00') read$FUSE(r0, &(0x7f0000000080)={0x2020}, 0x2020) 2.31323425s ago: executing program 3 (id=4374): bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c}, 0x38) r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="400000006800010000000000000000000a00190000000000100008800c00038008000100", @ANYRES32, @ANYBLOB="08000500", @ANYRES32, @ANYBLOB="08001000fd"], 0x40}}, 0x0) setsockopt$bt_BT_CHANNEL_POLICY(r3, 0x112, 0xa, &(0x7f0000000580)=0x3f, 0x4) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={&(0x7f0000000840)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x9, [@func, @var]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}, 0x0, 0x3d}, 0x20) socket$packet(0x11, 0x3, 0x300) ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f0000000380)=0x80000001) mmap(&(0x7f0000abb000/0x1000)=nil, 0x1000, 0x0, 0x102000200032, 0xffffffffffffffff, 0x0) splice(0xffffffffffffffff, 0xfffffffffffffffc, 0xffffffffffffffff, 0x0, 0x20, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=@newlink={0x4c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x74, r7, 0x0, 0x11203}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERIER={0x5, 0x19, 0x7}, @IFLA_BR_STP_STATE={0x8, 0x5, 0x1}, @IFLA_BR_MCAST_SNOOPING={0x5}]}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f00000005c0)={'batadv0\x00', 0x0}) setsockopt$MRT6_DEL_MIF(r3, 0x29, 0xcb, &(0x7f0000000980)={0x0, 0x1, 0x0, r8, 0x8}, 0xc) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r9, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={0x0, 0x14}}, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r9) sendmsg$TIPC_NL_NAME_TABLE_GET(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) r10 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f0000000540), r10) syz_genetlink_get_family_id$tipc2(&(0x7f0000000340), r9) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x2c, &(0x7f00000001c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x63c}, {}, {}, [@call, @map_val, @ringbuf_output, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, 0x1}}, @snprintf]}, 0x0}, 0x90) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r2, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r4, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff080211000001"], 0x398}}, 0x0) 2.192112443s ago: executing program 1 (id=4375): r0 = socket$pppl2tp(0x18, 0x1, 0x1) setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r0, 0x111, 0x5, 0x20000000, 0x4) 2.119276696s ago: executing program 1 (id=4376): r0 = socket$rds(0x15, 0x5, 0x0) sendmsg$rds(r0, &(0x7f0000000380)={&(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x10, 0x0}, 0x0) 2.02677793s ago: executing program 1 (id=4377): openat$sndtimer(0xffffffffffffff9c, &(0x7f00000017c0), 0x900) r0 = syz_io_uring_setup(0x6d0c, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f0000000200), &(0x7f0000000140)=0x0) syz_io_uring_setup(0x1868, &(0x7f00000003c0), &(0x7f0000000040)=0x0, &(0x7f0000000100)) syz_io_uring_submit(r2, r1, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r0, 0x184c, 0x0, 0x0, 0x0, 0x0) 1.821622782s ago: executing program 1 (id=4378): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/keys\x00', 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000440)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="38003300c0000000e7ffffffffff080211000000"], 0x54}}, 0x0) readv(r2, 0x0, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) geteuid() r6 = syz_open_dev$dri(&(0x7f0000000340), 0x5, 0x408041) ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r6, 0xc01064c7, &(0x7f00000002c0)={0x1, 0x0, &(0x7f0000000280)=[0x0]}) mkdir(&(0x7f0000000580)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kfree\x00', r7}, 0x10) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f00000001c0)='./bus\x00') pread64(0xffffffffffffffff, 0x0, 0x0, 0x0) 1.632587843s ago: executing program 2 (id=4379): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x1) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) 1.585175972s ago: executing program 0 (id=4380): r0 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r0, 0x1, 0x24, 0x0, &(0x7f0000cab000)) 1.458059539s ago: executing program 0 (id=4381): pipe2(&(0x7f0000000300), 0x0) syz_emit_ethernet(0x36, 0x0, 0x0) r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) read$FUSE(r0, &(0x7f0000002bc0)={0x2020}, 0x2020) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_pidfd_open(0x0, 0x0) sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) fanotify_init(0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={0xffffffffffffffff, 0x7, 0x0, 0x0, &(0x7f0000000040), 0x0, 0xffb0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r2 = socket$nl_route(0x10, 0x3, 0x0) openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000001140)={0x0, 0x0, 0x0, 0x3b7, 0x0, &(0x7f0000000140)="2b7393b7c6347cd49978d5023a81022d1e7baeea09c5d463b04397f7a66a0f0b769bc097d48d09754d7e15e59224486b3df2c3fc8b3379a1a30fee142bb1a32d4c3b32006571f5de9d846e7e8b8e64c79a66e2ba19f7eca5d0e0517dcd4eba1ab882af481e477e362ceb1fd11c9d50b5e3afd7f60aa6881b2681c53ee87badeeba28eba948324721a382f000917a4a6f6f76d04e0b19396feccdbae7795aaa45818dce2d1f7b4642b09dd40bf4bef9854b631eb821b13a7e475d5c9a9d4bbb3fd9b07650683a35d9557d1e7e6496dd6f6f5ca57a5c43b9863819829430e1607ebf0dbb2308a8181ef5ccdcf1eb157470d54635a1a5b7075c77dfdb97155af8fa282fcc5ca5bad36839e0cad1304c542be170a44da4089a32bc3f35a85a6e30b8d233809335a4274938505517a26728b643c2f04917afe55c68759adea3bb70f5b5c3c59fc24d6e3835c110420cfd6de096f8dec90f5f577744d2d0f3ec21819253cdb102d50678293328726f1c4f7163e28e79ab4767e3054dfa9a11b1fdafb8757b2a91f8283ad01712062048b52b5cfcaf648fe760a98ee82fbb1836c88434e0b36f9b56c4d3cd8b42566cba88ddb7418762cd8495a4ec8de7952789c2a6d37cdbbecde53ffea86db893181d9b5c7d4663d1bd78c9cb87af7cbfa54a1b2c98432ef5ba6f43c358ae873495f46850d56d83f3d7d376b3b6120ffe93c8ab6b6f214316d8c3376a5a65d173b6e4243326c729163050547d49338a737bc894f487bc9b51e75ac2031ea714ed6c917f13e3cc0ee85a75e9a98a42f9aad6f1e244c1daa06ee55b205e11aa3a2982387210bccd26c5108f2a548b06dd0a0520ca8f99532ab0a4fd8c33f0f01ad40b74ef4e9f0d01b7bbc8aa69296cca1f19d92c5be8ffa3264e3951dd318363e02d36fa69ecaa3978b6c471c9dde0052632d1ebe277982fb0c900dd3f461257ad46a69b8f1e9bc36d8992426aa4adddc024bb74a39539f1cf801502cbd0d7acb8b2c5d9778a8253d2c8746d5b252a32f67c94cb8916a6310c1af0c0eb6f09a07d5020948a9c0f147c01d4a8b3af25686eadef9eaed2623cb012521ab86453e71bf351c130b6d33ffc388afdb5b2b7c16c1002a0640dd73e7a7e6a852dd2c75209d711a50363e46116ad2a14483c3729a81e4ef2fed2f18732f0038e079e561eea96eb665219070f42139c627dd5f185d23fdc316d38eb99826bcb63938d6cd1af3b5274f57009f87854ad98bef03025c32e7aa4a721d28e94ec5feff3a279c2e1c18002e39eaaefec3dfd1eae45a61e4283e8a7ef1eaf70d93a0333a9ff9ef048332f3fcc797076f8c0285854"}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) syz_usb_connect$cdc_ncm(0x0, 0x91, &(0x7f0000000680)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x7f, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x6, 0x24, 0x6, 0x0, 0x1, ';'}, {0x5, 0x24, 0x0, 0xfffe}, {0xd, 0x24, 0xf, 0x1, 0x0, 0x0, 0x0, 0x2f}, {0x6}, [@mbim_extended={0x8, 0x24, 0x1c, 0x3, 0x0, 0x1ff}, @network_terminal={0x7, 0x24, 0xa, 0x7, 0x0, 0x7}, @network_terminal={0x7, 0x24, 0xa, 0x6d, 0x0, 0xfe}, @mbim={0xc, 0x24, 0x1b, 0x100, 0x59d}]}}}}}]}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=@newlink={0x38, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x8, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MACADDR_DATA={0x4}]}}}]}, 0x38}}, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f0000000b00)={{0x12, 0x1, 0x0, 0xa5, 0xaf, 0x5f, 0x20, 0xe8d, 0x23, 0x3aab, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x56, 0x0, 0x0, 0xa}}]}}]}}, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000880)=ANY=[@ANYBLOB="00000000000080000000148a3045e2d59b2f835be5ea0e158eca154cbab5354fbf743f5fc122403262404ab03d579ff00ae8803b1d4b880ed1f02b5aa5b0c2883f9126da4a26a5f382ff54dd48e667192affe59dc40ee4fc3ec1030a0850e9281e119ab2de5ada1393ab9069", @ANYRES32=0x0, @ANYBLOB="00000000000000002400128009000100626f6e64000000001100028005000100030000000500150000000000"], 0x44}}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) syz_io_uring_setup(0x24f8, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000040), &(0x7f0000000080)) socket$inet6_sctp(0xa, 0x801, 0x84) syz_io_uring_setup(0x1fbf, &(0x7f0000000040)={0x0, 0x0, 0x140}, &(0x7f00000000c0), &(0x7f0000000100)) 1.146480276s ago: executing program 2 (id=4382): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000340)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @mcast2, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) 905.720858ms ago: executing program 3 (id=4383): r0 = socket$key(0xf, 0x3, 0x2) socket$key(0xf, 0x3, 0x2) openat$cgroup_pressure(0xffffffffffffffff, 0x0, 0x2, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r2 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000000)={0x4}, 0x10) write(r2, &(0x7f0000000080)="240000001a007f0214f9f4070009040803000000000000050002000008000f40fe00000e", 0x24) r3 = socket$key(0xf, 0x3, 0x2) fcntl$addseals(r0, 0x409, 0x2) sendmsg$key(r3, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[@ANYBLOB="0203f3021600000000000000000a00000200090008000000e90000000000000003000600000000000200000000000000000000000000000002000100000000fffffffd0200000000030005000000000002000000ac1414aa00000000000000000a0008"], 0xb0}, 0x1, 0x7}, 0x0) bind$bt_hci(r1, &(0x7f00000000c0)={0x1f, 0x4, 0x4}, 0x6) write(r1, &(0x7f0000000000)="3b000300010010", 0x7) openat$pfkey(0xffffffffffffff9c, &(0x7f0000001580), 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000005c0)=ANY=[@ANYRES32=r2, @ANYRES16=0x0, @ANYBLOB="04020d800800010002f610635200001a9f5da32b06e7353384613d79ce6a90ac175b4f525469e0d66f20727c011dc3adc7f8f9ca558c3b691abd9e2e717551aa74e0f41451739060bcd833a3edc0d1b20102e3549719b0e712afe74de57dd53b209bd9142063062c4d2401e02684512869d26568f72acd77d423ae8c2275ac194fc39cdb66a7aa411f29cdcd618503580d88e195d1976a6735032d051540b81a53c77c81d758dbe0a4b2d358c0eba402abbd167a785f3d212735e1c9fb742b540d78aedde3125eded23db682a7c96ddad7351a26b8fa7666a467d878c181a4576ccabdc864f28592349a"], 0x24}, 0x1, 0x5502000000000000, 0x0, 0x4008881}, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000f, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) set_tid_address(0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xe, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b7020000f53f6314bfa300000000000024020000fffeff7f7a03f0fff0ffffff79a4f0ff00000000b7060000ffffffff2e64050000000000750afaff07cd02020404000000247d60b7030000030a00006a0a00fe0000000c8500000032000000b70000000000002995000000000000001da5ad3548ebb63d18c5071c7e821c9b767ac8308fbcd5c5e4a5ad1065b572c2c9ff215ac60c2ceaea4c0ec908abb6e7325ec1956bd8660bf3664148a2c96752fe2bb328dff1a15750ab9a780001000000000000d4bf20c2bd152d814f01f2cd519e078d4ffab418e4682b2aec5e4a35629e8ef040c50287c37a7f4182f32333b08c6e497687e10a4daea5cac0ceafdbb126eb02a1f5104d16ddb64963d84d91814cd5817e0b8f6f5e6ee7a39e180b5a18ed786b782ab1321ea5e82ae5ba2c42a5e23ea6253d5df768d0cb9f35e4f41a6211e52bb3598e9b5d4f22d8c19f958e8b34de35949a7a48ce18799ee53da177a81ea65e652c1d71b7ee86a75b0100000042127a8f84538a9a311c757f7169f006f3f5c95177fbd0b14b36259e2905ef911785c88a16aae46084d676d8ef8aa6ecc2d32e3f4ee367c5a769c0a606636c9f4a4413c098f4fcc96623b7c373b0ef04d55b846b094bf97e2ef5987b6e09a6a7cab79bffda141f65e7d9ebe3be70c436432b70a80cce69df30d3d67d84ccf3f9db9b690111de2ddc4b153c989ef100bbf76063d3f6ffffb73d70e9c3d7b90aecf48e7565efff2dbbb512218c98442406333c890923a797e00b75481739952fe87fde27ce81893f54ec0ea8e792414f639bc9ce1fea3f6ac0d7025759d4b45576c205c70631e8ad585951950e521f4e210b6494e3c52d927195737945cc03d5668483151710de246420a1b6c55b73876a6ed7fd0d9338923789a1edcd8043fe83919088383268324a25df14010c8ed6b8d43400eaa00ff9bc46e1cfecbdc0e451ac53b409d04544d3a7edd4d447d2fb431e226ae182b8dcc86fe09b404e0b7c723d3b19c3dc382fa91fb0fb8f9f3f13296bb1758b24aad0922091d49e2bc408a5a37deee7a60b903d2d9fe9d451cafcc8dc389671c2d08b6e264150a6b9445b00cee4585af04fa69e0380be0d66649dcf3bf8a906b029faca75ce34c41aec7aa86e596119109ea8b3f7c65c902499227c087301643baab1c95bb22cedd913b22dcaa197ccc34586dc50bd9f4628e3e77a0de32e356521df06f995cb57f97052fc4158250ccecfb67ea8faf509593fadc7eafb613327b052397af1ede94d87590ce90a0a7579766f0e5eb09d38ac46e99e7ec4fcd3cb0b1a8c531724d5ef6b334803cedaa9cedf16dc3af6e0b67f62a83a256474c97c925d9d447175b535c87dbdeb0dcca5303eed6689ea91e1665c691df736368dde47e6672e93a314c5f60e7b68c2242bd0f0d8c66449d8687dcf2d0f76668b2b9bf8b32b99b7daf34b2d825d192ade90a1162acfe9749d516d014cef5f99126324ea02baea5808c430985749901b09e4902a6f5addc0103756b894418e4591c624a9b206abbfb888d413d923b0d7c9d997d6d8e64787c4d397f57a15b6e0b4212b6cb55b9c207bbe08f483b1bea05f41b9a1d3af087047c568ae6ebfc0bb5ec10b6290dc757a4903a88fb2c035b2349b6d2f0c051b8b7718384eebd5fc19928cea713ff09e179c308fbe9bd64374d96ef2447a2a4af5ca0c39e7ca2e801e57560a55e9cfa095cf3f74398219ad1030a79517a88de7596429a20793e12616aa32b3e720c6521fbe93963e9536d16f3db211fca7dd99c0a0125ff8ef534b93dcb34e1da2c008a9f2a29e30823bf0ec3639cadaf9be9608358e1e5ab17eea477b1754f78f45468c9568471667f82f5e250b979b9f2bd0d1b6bc03d11811ac6eec9a3ecd9e3c3299ee5eb3c6cac8fbd06514b7ee743ece79c04566d02a08fd5fcabbab3d129c0cced3ce11dafa380700000000000000c114d0b423e64c6157fac5e4e2168f33541daeff9983d0e488a78bef538f870b84798272b2101e0abf1cd64500b79e01e11d727389653bd80a39d5bbe2e23d2f5ff10047423429981bd9b4ce680e174c266391e3e7689452654e5cd5ada6e025327a1942b5a068f15fa58eaa267d4e0881783dddbdd777f8be0824ffdf6d06c621880dbbe9534f15e8c2e364d3ec67deb6ab9f2a0f03212972dbd38500000008173553a67be48633103809eee0be51d67d7ce230b389607b4c3b18da1c48f3180f2e0d79e54565fdd9a099b5b5ba2761905b88b7cbfc39c35dd153609da3da263438f12769602c2195245ff83e249119d4f6cabfbdef84ada19ef4a67ed66d7043036515d0be5a231f99e71aba5d5ae04676eff3e85f0844c41bbcfde7a931d1ec55c01f703bfd1b97756bfe55a91f6b379f34a018906339771157c66dbd7471d1beec7f029ef552cf5e92a1a0db21b59355763967ce26a577bc514b6d22a09c385c5ba6caf524e1688fc0f29f8bb35ae7bc8eb5ba51aebdf7d972c3267cedbe77ed70d9c539bc455a6f88b39196c8a224b0acf4d796fea59a07baa34cc270fb096ef330fbebdf872d7d0bc4f9a963355c554abc5cdb91464faabcd09cd9a53f5d1b2ea7e96f428f7cd6735c19c61dc9942d30bf29ef85ed01c2fcd6060aa40eeff971477b4fde48507b7bad95a496540adff7e4a72fd1f94d7c703ab1525c946c54e0da3d7ebfcc8cea2e84c3b310aaea5a1627df898c00a9aaf2d88a36afa4c5b1816384310600001c33125ad7f7970beeb256aec06e39fc6c66544e1d1dc5fea4b68a82e3568ca30aea9a1d097f06f11dc362f4bae5ef57c67686a15855cd351bf26f40fb1348cfce79897682228e6d9643530c81bab27bf7b1c4a76a5be180bb830cf06827c3f38a9c9c580c732c30aaceda78b0297de35a922b1375b129655beb31899e26052cc216f832fdb0a0015f93c9cff77f59cda1ec5f3e358848756cebb074266a47e39ae26e80e8c65aaf73c24925458520a9ca98760d1005c9f81846459ae6d5baa4f02807939ddc29c3520f7c58ed9bc5a569c7a1bc33cf4f330a18276ffb4550b9166c3939e8041094bec034aa0ec6638b74fe34f0f1ec6903a1135808d5d8d26c9203c3f87e66c407b7c5c0888d4558dd657cc0213efad68e76fdd7b23e68064fd4b271ed79c50abacdd2871b0c1f8c971df59a5a1901ddf804bed43e391f882d2a45c51cdbba86b2a1b7c0c4923642a731ea4dcbad2b6ebbebe787a8e28e781d75beee924b3b1e390750f316648133922c021f98fd2d5d71a7a3679397ef6cf432837b7e264831ec01c4c3146ba0caac3b13d55945ec00e978a1c1712cd51187936200606c9cd6877b2f72125295c54721f8e15df2ae282a8becb99a726fd92acc92141e1f574b4b0b3c992a61af3372d0d9217776b1a42cd2cee816a70bf1ddd69b590d53e28ba356e74b38e23e50d898e95cdc7cc809e462c884b53f672aab1411ecfd4c91e7a9782fc6763f0efd4bcbaf1fc3a00000000000000000000000000000000500000000000000000000000048e510340087caf22439d5304bd704a6a78a512269a9b1cbd13bea78c807bbc73853ae187cbb768673e9d1bf74a3b0a6c234accd8506adf314f4c5e08174540b69d3c0da660052b43b86baf49e7ac64d9c21598b1e01dc1e1b5a53626b090496dbf7af441e397016c3c094d5c91ffe0a7ceacfd225ed9a6c905f79ad7052747dd6cceef4c310e0e935311118bc6bf0e5ca6c7cca7d5c03be570308da8a40578b4db14961fbccf6e2f2d56e9509c434126515b56d032e20c12e830d1bc64826fc9b318da5911e466878dbb81edeff69363fb75af5cd80536f14d2eaa7764db23acdbd394bbbbccfd8b129258bb0a93cee1d44f8665172c06933d20f184b78b435462c52a85149451ffd564c56a7cbf11a1127c77242915e43b2bc"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x200000, 0x10, &(0x7f0000000000), 0x143}, 0x48) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="180100000000000000000000bb810000850000006d00000085000000d000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='hrtimer_start\x00', r5}, 0x10) r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES16], 0x0) syz_usb_control_io$hid(r6, 0x0, 0x0) syz_usb_control_io$hid(r6, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00220f0000005b574e69622bf85eda07b3"], 0x0}, 0x0) r7 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0) ioctl$HIDIOCGCOLLECTIONINDEX(r7, 0x40184810, &(0x7f0000000000)={0x3, 0xffffffff, 0x0, 0x0, 0x800}) 839.811131ms ago: executing program 2 (id=4384): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000440), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_GET_NESTED_STATE(r3, 0x4048ae9b, &(0x7f0000001600)={{0x0, 0x0, 0x80}}) 0s ago: executing program 2 (id=4385): r0 = getpid() process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r1 = syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x2042) writev(r1, &(0x7f0000000000)=[{&(0x7f0000000640)="f3", 0xf000}], 0x1) kernel console output (not intermixed with test programs): ll=202 compat=0 ip=0x7f950a575bd9 code=0x7ffc0000 [ 322.403731][ T828] usb 8-1: new high-speed USB device number 12 using dummy_hcd [ 322.594916][ T828] usb 8-1: Using ep0 maxpacket: 32 [ 322.599511][ T828] usb 8-1: config index 0 descriptor too short (expected 156, got 27) [ 322.603438][ T828] usb 8-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 322.607867][ T828] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 322.612302][ T828] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 322.617692][ T828] usb 8-1: config 0 interface 0 has no altsetting 0 [ 322.622466][ T828] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 322.626929][ T828] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 322.631856][ T828] usb 8-1: Product: syz [ 322.634963][ T828] usb 8-1: Manufacturer: syz [ 322.636818][ T828] usb 8-1: SerialNumber: syz [ 322.640631][ T828] usb 8-1: config 0 descriptor?? [ 322.645254][ T828] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 322.649551][ T828] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 322.856582][ T5284] usb 8-1: USB disconnect, device number 12 [ 322.858969][ C3] ldusb 8-1:0.0: usb_submit_urb failed (-19) [ 322.865715][ T5284] ldusb 8-1:0.0: LD USB Device #0 now disconnected [ 323.069176][T13353] ldusb: No device or device unplugged -19 [ 323.206579][ T1359] ieee802154 phy0 wpan0: encryption failed: -22 [ 323.209475][ T1359] ieee802154 phy1 wpan1: encryption failed: -22 [ 323.303841][T13401] netlink: 'syz.0.3073': attribute type 5 has an invalid length. [ 323.732788][T13419] netlink: 'syz.3.3082': attribute type 5 has an invalid length. [ 323.971740][T13443] netlink: 'syz.0.3092': attribute type 5 has an invalid length. [ 324.076849][T13449] overlayfs: failed to clone upperpath [ 324.386019][T13469] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3103'. [ 324.427069][T13469] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 324.485252][T13469] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 324.497702][T13469] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 325.047992][T13489] netlink: 'syz.0.3112': attribute type 5 has an invalid length. [ 325.380851][T13510] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3121'. [ 325.443881][T13510] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 325.507897][T13510] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 325.526721][T13510] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 325.772320][ T39] kauditd_printk_skb: 58 callbacks suppressed [ 325.772335][ T39] audit: type=1326 audit(2000000203.579:1132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13524 comm="syz.3.3128" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa031b75bd9 code=0x7fc00000 [ 325.786785][ T39] audit: type=1326 audit(2000000203.589:1133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13524 comm="syz.3.3128" exe="/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fa031b75bd9 code=0x7fc00000 [ 326.445620][ T39] audit: type=1326 audit(2000000204.259:1134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13524 comm="syz.3.3128" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa031b75bd9 code=0x7fc00000 [ 326.502978][T13552] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3139'. [ 326.564056][T13552] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 326.628055][T13552] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 326.642510][T13552] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 326.973496][ T39] audit: type=1400 audit(2000000204.779:1135): avc: denied { read } for pid=13569 comm="syz.0.3148" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 327.031559][ T39] audit: type=1400 audit(2000000204.839:1136): avc: denied { mount } for pid=13571 comm="syz.0.3149" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 327.063025][ T39] audit: type=1400 audit(2000000204.869:1137): avc: denied { unmount } for pid=12062 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 327.119094][ T5207] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 327.126021][ T5207] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 327.130362][ T5207] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 327.135285][ T5207] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 327.139427][ T5207] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 327.143956][ T5207] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 327.335698][T13575] chnl_net:caif_netlink_parms(): no params data found [ 327.340386][T13582] netlink: 191384 bytes leftover after parsing attributes in process `syz.1.3152'. [ 327.345827][T13582] netlink: 8438 bytes leftover after parsing attributes in process `syz.1.3152'. [ 327.495289][ T1099] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 327.550888][T13601] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3159'. [ 327.614824][ T1099] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 327.628094][T13575] bridge0: port 1(bridge_slave_0) entered blocking state [ 327.631268][T13575] bridge0: port 1(bridge_slave_0) entered disabled state [ 327.634903][T13575] bridge_slave_0: entered allmulticast mode [ 327.638752][T13575] bridge_slave_0: entered promiscuous mode [ 327.646606][T13575] bridge0: port 2(bridge_slave_1) entered blocking state [ 327.649776][T13575] bridge0: port 2(bridge_slave_1) entered disabled state [ 327.653039][T13575] bridge_slave_1: entered allmulticast mode [ 327.658713][T13575] bridge_slave_1: entered promiscuous mode [ 327.707918][T13601] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 327.748803][ T1099] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 327.765822][T13575] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 327.772695][T13575] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 327.773806][T13601] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 327.803800][T13601] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 327.837945][T13575] team0: Port device team_slave_0 added [ 327.859883][ T1099] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 327.870024][T13575] team0: Port device team_slave_1 added [ 327.926801][T13575] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 327.929522][T13575] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 327.939877][T13575] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 327.946027][T13575] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 327.948771][T13575] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 327.961215][T13575] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 328.051523][T13575] hsr_slave_0: entered promiscuous mode [ 328.057196][T13575] hsr_slave_1: entered promiscuous mode [ 328.060491][T13575] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 328.064017][T13575] Cannot create hsr debugfs directory [ 328.286831][ T1099] bridge_slave_1: left allmulticast mode [ 328.289290][ T1099] bridge_slave_1: left promiscuous mode [ 328.292228][ T1099] bridge0: port 2(bridge_slave_1) entered disabled state [ 328.302681][ T1099] bridge_slave_0: left allmulticast mode [ 328.305308][ T1099] bridge_slave_0: left promiscuous mode [ 328.307979][ T1099] bridge0: port 1(bridge_slave_0) entered disabled state [ 328.829583][ T5241] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 328.863600][ T1099] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 328.871432][ T1099] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 328.879038][ T1099] bond0 (unregistering): Released all slaves [ 328.915624][T13634] wireguard: wg1: Could not create IPv6 socket [ 329.034375][ T5241] usb 5-1: Using ep0 maxpacket: 8 [ 329.061912][ T5241] usb 5-1: config 179 has an invalid interface number: 65 but max is 0 [ 329.065821][ T5241] usb 5-1: config 179 has no interface number 0 [ 329.068792][ T5241] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 64, changing to 10 [ 329.074832][ T5241] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 1029, setting to 1024 [ 329.079770][ T5241] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 329.085929][ T5241] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 329.090516][ T5241] usb 5-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 329.113398][ T5241] usb 5-1: config 179 interface 65 has no altsetting 0 [ 329.116305][ T5241] usb 5-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 329.120077][ T5241] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 329.129380][T13631] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 329.152714][ T5241] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:179.65/input/input32 [ 329.219421][ T5207] Bluetooth: hci2: command tx timeout [ 329.361202][ T5284] usb 5-1: USB disconnect, device number 16 [ 329.361277][ C2] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 329.367718][ T5284] xpad 5-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 329.478658][ T1099] hsr_slave_0: left promiscuous mode [ 329.494058][ T1099] hsr_slave_1: left promiscuous mode [ 329.500911][ T1099] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 329.513346][ T1099] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 329.519760][ T1099] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 329.526392][ T1099] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 329.592042][ T1099] veth1_macvtap: left promiscuous mode [ 329.597378][ T1099] veth0_macvtap: left promiscuous mode [ 329.600942][ T1099] veth1_vlan: left promiscuous mode [ 329.603542][ T1099] veth0_vlan: left promiscuous mode [ 330.926358][ T1099] team0 (unregistering): Port device team_slave_1 removed [ 331.053720][ T1099] team0 (unregistering): Port device team_slave_0 removed [ 331.283441][ T5207] Bluetooth: hci2: command tx timeout [ 332.254080][T13575] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 332.269539][T13575] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 332.280734][T13575] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 332.312766][T13575] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 332.513672][T13575] 8021q: adding VLAN 0 to HW filter on device bond0 [ 332.555800][T13575] 8021q: adding VLAN 0 to HW filter on device team0 [ 332.568374][ T30] bridge0: port 1(bridge_slave_0) entered blocking state [ 332.571385][ T30] bridge0: port 1(bridge_slave_0) entered forwarding state [ 332.595961][ T30] bridge0: port 2(bridge_slave_1) entered blocking state [ 332.599448][ T30] bridge0: port 2(bridge_slave_1) entered forwarding state [ 332.612929][T13707] wireguard: wg1: Could not create IPv6 socket [ 332.671591][T13575] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 332.921644][T13575] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 332.974482][T13575] veth0_vlan: entered promiscuous mode [ 332.983973][T13575] veth1_vlan: entered promiscuous mode [ 333.050690][T13728] overlayfs: failed to resolve './file0': -2 [ 333.091926][T13575] veth0_macvtap: entered promiscuous mode [ 333.099882][T13575] veth1_macvtap: entered promiscuous mode [ 333.122890][T13575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 333.129088][T13575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 333.132932][T13575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 333.145522][T13575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 333.150241][T13575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 333.155367][T13575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 333.161512][T13575] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 333.169984][T13730] Bluetooth: MGMT ver 1.22 [ 333.172194][T13575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 333.172213][T13575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 333.172225][T13575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 333.172237][T13575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 333.174974][T13575] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 333.213977][T13575] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 333.218500][T13575] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 333.223278][T13575] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 333.228831][T13575] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 333.358190][ T827] usb 7-1: new high-speed USB device number 15 using dummy_hcd [ 333.380138][ T5207] Bluetooth: hci2: command tx timeout [ 333.382731][ T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 333.386460][ T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 333.425829][ T1095] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 333.463307][ T1095] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 333.624109][ T827] usb 7-1: no configurations [ 333.627045][ T827] usb 7-1: can't read configurations, error -22 [ 333.783300][ T827] usb 7-1: new high-speed USB device number 16 using dummy_hcd [ 333.818043][T13747] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 333.821037][T13747] overlayfs: failed to set xattr on upper [ 333.823444][T13747] overlayfs: ...falling back to redirect_dir=nofollow. [ 333.826812][T13747] overlayfs: ...falling back to index=off. [ 333.829231][T13747] overlayfs: ...falling back to uuid=null. [ 333.987365][ T827] usb 7-1: no configurations [ 333.989459][ T827] usb 7-1: can't read configurations, error -22 [ 333.995522][ T827] usb usb7-port1: attempt power cycle [ 334.404556][ T827] usb 7-1: new high-speed USB device number 17 using dummy_hcd [ 334.458645][ T827] usb 7-1: no configurations [ 334.460800][ T827] usb 7-1: can't read configurations, error -22 [ 334.623214][ T827] usb 7-1: new high-speed USB device number 18 using dummy_hcd [ 334.658708][ T827] usb 7-1: no configurations [ 334.660616][ T827] usb 7-1: can't read configurations, error -22 [ 334.685982][ T827] usb usb7-port1: unable to enumerate USB device [ 334.803490][ T5248] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 335.032414][ T5248] usb 6-1: config 0 has no interfaces? [ 335.034851][ T5248] usb 6-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 335.038676][ T5248] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 335.045179][ T5248] usb 6-1: config 0 descriptor?? [ 335.376678][ T5241] usb 6-1: USB disconnect, device number 15 [ 335.459479][ T5207] Bluetooth: hci2: command tx timeout [ 336.299861][ T39] audit: type=1800 audit(2000000214.109:1138): pid=13806 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.1.3223" name="/" dev="fuse" ino=1 res=0 errno=0 [ 336.473360][ T39] audit: type=1400 audit(2000000214.279:1139): avc: denied { setopt } for pid=13817 comm="syz.0.3234" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 336.683373][ T827] usb 7-1: new high-speed USB device number 19 using dummy_hcd [ 336.867527][T13833] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3241'. [ 336.895943][T13833] bridge0: port 2(bridge_slave_1) entered disabled state [ 336.898311][ T827] usb 7-1: config 0 has no interfaces? [ 336.902175][ T827] usb 7-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 336.911727][ T827] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 336.928798][ T827] usb 7-1: config 0 descriptor?? [ 337.054654][T13833] bridge_slave_1 (unregistering): left allmulticast mode [ 337.057801][T13833] bridge_slave_1 (unregistering): left promiscuous mode [ 337.063642][T13833] bridge0: port 2(bridge_slave_1) entered disabled state [ 337.202504][ T5242] usb 7-1: USB disconnect, device number 19 [ 338.253440][ T39] audit: type=1400 audit(2000000216.049:1140): avc: denied { mounton } for pid=13867 comm="syz.0.3255" path="/160/file0" dev="configfs" ino=3095 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 339.003441][ T25] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 339.190157][T13900] Unknown gid [ 339.196505][ T25] usb 5-1: config 0 has no interfaces? [ 339.199218][ T25] usb 5-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 339.208992][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 339.216884][ T25] usb 5-1: config 0 descriptor?? [ 339.489419][ T25] usb 5-1: USB disconnect, device number 17 [ 339.858295][T13907] syz.3.3268 (13907) used greatest stack depth: 20784 bytes left [ 340.003906][T13923] Unknown gid [ 340.423782][T13955] Illegal XDP return value 4294967274 on prog (id 451) dev N/A, expect packet loss! [ 340.663656][ T5199] Bluetooth: hci1: command 0x0406 tx timeout [ 340.695730][ T827] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 340.944328][ T827] usb 6-1: config 0 has no interfaces? [ 340.946754][ T827] usb 6-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 340.950652][ T827] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 340.963532][ T827] usb 6-1: config 0 descriptor?? [ 341.141055][T13975] mkiss: ax0: crc mode is auto. [ 341.209824][T13987] program syz.2.3303 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 341.226393][ T39] audit: type=1400 audit(2000000219.039:1141): avc: denied { accept } for pid=13974 comm="syz.0.3299" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 341.333783][ T5284] usb 6-1: USB disconnect, device number 16 [ 341.600290][ T39] audit: type=1400 audit(2000000219.409:1142): avc: denied { read write } for pid=13575 comm="syz-executor" name="loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 341.614423][ T39] audit: type=1400 audit(2000000219.419:1143): avc: denied { open } for pid=13575 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 341.628242][ T39] audit: type=1400 audit(2000000219.419:1144): avc: denied { ioctl } for pid=13575 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 342.560350][T14023] mkiss: ax0: crc mode is auto. [ 343.151611][ T5199] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 343.172358][ T5199] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 343.180846][ T5199] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 343.189997][ T5199] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 343.196783][ T5199] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 343.202295][ T5199] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 343.520906][T14045] chnl_net:caif_netlink_parms(): no params data found [ 343.912834][ T13] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 344.362483][ T39] audit: type=1400 audit(2000000222.169:1145): avc: denied { name_bind } for pid=14074 comm="syz.1.3334" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 344.379539][ T39] audit: type=1400 audit(2000000222.179:1146): avc: denied { name_connect } for pid=14074 comm="syz.1.3334" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 344.397503][ T13] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 344.418454][T14045] bridge0: port 1(bridge_slave_0) entered blocking state [ 344.421915][T14045] bridge0: port 1(bridge_slave_0) entered disabled state [ 344.431448][T14045] bridge_slave_0: entered allmulticast mode [ 344.444172][T14045] bridge_slave_0: entered promiscuous mode [ 344.455498][T14045] bridge0: port 2(bridge_slave_1) entered blocking state [ 344.458898][T14045] bridge0: port 2(bridge_slave_1) entered disabled state [ 344.462313][T14045] bridge_slave_1: entered allmulticast mode [ 344.467276][T14045] bridge_slave_1: entered promiscuous mode [ 344.560687][ T13] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 344.621324][T14045] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 344.684805][ T13] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 344.716443][T14045] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 344.840081][T14045] team0: Port device team_slave_0 added [ 344.847802][T14045] team0: Port device team_slave_1 added [ 344.927989][T14045] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 344.930721][T14045] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 344.942844][T14045] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 344.949570][T14045] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 344.952635][T14045] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 344.965329][T14045] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 345.081820][T14100] mkiss: ax0: crc mode is auto. [ 345.123774][T14045] hsr_slave_0: entered promiscuous mode [ 345.128369][T14045] hsr_slave_1: entered promiscuous mode [ 345.131279][T14045] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 345.139153][T14045] Cannot create hsr debugfs directory [ 345.230350][ T13] bridge_slave_1: left allmulticast mode [ 345.233038][ T13] bridge_slave_1: left promiscuous mode [ 345.237172][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 345.242911][ T13] bridge_slave_0: left allmulticast mode [ 345.245844][ T13] bridge_slave_0: left promiscuous mode [ 345.249066][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 345.283706][ T5199] Bluetooth: hci4: command tx timeout [ 345.793397][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 345.803832][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 345.836051][ T13] bond0 (unregistering): Released all slaves [ 346.195994][ T39] audit: type=1400 audit(2000000224.009:1147): avc: denied { module_load } for pid=14121 comm="syz.1.3348" path="/405/bus" dev="tmpfs" ino=2177 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=system permissive=1 [ 346.196433][T14122] Invalid ELF header magic: != ELF [ 346.461460][ T13] hsr_slave_0: left promiscuous mode [ 346.470861][ T13] hsr_slave_1: left promiscuous mode [ 346.478891][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 346.482167][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 346.568798][ T13] veth1_macvtap: left promiscuous mode [ 346.571239][ T13] veth0_macvtap: left promiscuous mode [ 346.575146][ T13] veth1_vlan: left promiscuous mode [ 346.581272][ T13] veth0_vlan: left promiscuous mode [ 347.044907][ T39] audit: type=1400 audit(2000000224.859:1148): avc: denied { setopt } for pid=14132 comm="syz.3.3351" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 347.363816][ T5199] Bluetooth: hci4: command tx timeout [ 348.416097][ T13] team0 (unregistering): Port device team_slave_1 removed [ 348.600270][ T13] team0 (unregistering): Port device team_slave_0 removed [ 349.454720][ T5199] Bluetooth: hci4: command tx timeout [ 349.596124][T14147] syzkaller0: entered promiscuous mode [ 349.599130][T14147] syzkaller0: entered allmulticast mode [ 351.526467][ T5199] Bluetooth: hci4: command tx timeout [ 352.672691][T14045] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 352.694649][T14045] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 352.724977][T14045] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 352.762506][T14045] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 352.900804][T14045] 8021q: adding VLAN 0 to HW filter on device bond0 [ 352.916989][T14045] 8021q: adding VLAN 0 to HW filter on device team0 [ 352.930740][ T827] bridge0: port 1(bridge_slave_0) entered blocking state [ 352.933944][ T827] bridge0: port 1(bridge_slave_0) entered forwarding state [ 352.966626][ T827] bridge0: port 2(bridge_slave_1) entered blocking state [ 352.969852][ T827] bridge0: port 2(bridge_slave_1) entered forwarding state [ 353.198853][T14045] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 353.282652][T14045] veth0_vlan: entered promiscuous mode [ 353.314750][T14045] veth1_vlan: entered promiscuous mode [ 353.353574][T14045] veth0_macvtap: entered promiscuous mode [ 353.361352][T14045] veth1_macvtap: entered promiscuous mode [ 353.384450][T14045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 353.391266][ T39] audit: type=1400 audit(2000000231.209:1149): avc: denied { ioctl } for pid=14214 comm="syz.1.3373" path="socket:[56554]" dev="sockfs" ino=56554 ioctlcmd=0x8941 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 353.391370][T14045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 353.413004][T14045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 353.420955][T14045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 353.438126][T14045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 353.446202][T14045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 353.447929][T14216] ALSA: mixer_oss: invalid OSS volume '' [ 353.454336][T14216] ALSA: mixer_oss: invalid OSS volume '' [ 353.454344][T14045] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 353.457336][T14216] ALSA: mixer_oss: invalid OSS volume 'L' [ 353.470402][T14045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 353.516582][T14045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 353.520811][T14045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 353.525971][T14045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 353.530828][T14045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 353.536596][T14045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 353.544594][T14045] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 353.552932][T14045] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 353.569373][T14045] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 353.575683][T14045] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 353.579680][T14045] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 353.632588][ T39] audit: type=1400 audit(2000000231.439:1150): avc: denied { read } for pid=14218 comm="syz.1.3375" laddr=::ffff:172.20.20.10 lport=47958 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 353.695703][ T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 353.717062][ T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 353.791688][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 353.798553][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 354.969147][T14249] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 354.973611][T14249] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 354.977486][T14249] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 355.265400][ T39] audit: type=1400 audit(2000000233.079:1151): avc: denied { ioctl } for pid=14273 comm="syz.1.3395" path="uts:[4026533030]" dev="nsfs" ino=4026533030 ioctlcmd=0xb703 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 355.377684][ T39] audit: type=1400 audit(2000000233.169:1152): avc: denied { execute } for pid=14277 comm="syz.1.3397" path="/dev/bsg/blkio.throttle.io_service_bytes_recursive" dev="devtmpfs" ino=2732 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=file permissive=1 [ 355.638643][T14292] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3404'. [ 355.650461][T14292] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3404'. [ 355.729131][T14292] QAT: Invalid ioctl 21531 [ 355.977750][T14312] ALSA: mixer_oss: invalid OSS volume '' [ 355.979963][T14312] ALSA: mixer_oss: invalid OSS volume '' [ 355.982287][T14312] ALSA: mixer_oss: invalid OSS volume 'L' [ 356.265890][T14319] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 356.302314][T14319] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 356.315508][T14319] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 356.567429][ T39] audit: type=1326 audit(2000000234.379:1153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14324 comm="syz.1.3415" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f950a575bd9 code=0x7fc00000 [ 356.590748][ T39] audit: type=1326 audit(2000000234.399:1154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14324 comm="syz.1.3415" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f950a575bd9 code=0x7fc00000 [ 357.222644][ T39] audit: type=1326 audit(2000000235.029:1155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14324 comm="syz.1.3415" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f950a575bd9 code=0x7fc00000 [ 357.297889][T14343] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3422'. [ 357.444413][T14349] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3424'. [ 357.597190][ T39] audit: type=1400 audit(2000000235.409:1156): avc: denied { map } for pid=14357 comm="syz.0.3426" path="socket:[58461]" dev="sockfs" ino=58461 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 357.626183][ T39] audit: type=1400 audit(2000000235.409:1157): avc: denied { read } for pid=14357 comm="syz.0.3426" path="socket:[58461]" dev="sockfs" ino=58461 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 357.759903][T14374] netlink: 'syz.1.3429': attribute type 1 has an invalid length. [ 357.839298][T14379] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3432'. [ 358.092027][T14397] netlink: 'syz.0.3441': attribute type 1 has an invalid length. [ 358.292886][T14410] mkiss: ax0: crc mode is auto. [ 358.522540][T14432] team0: Device lo is loopback device. Loopback devices can't be added as a team port [ 358.527628][T14432] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 358.676815][T14447] netlink: 6 bytes leftover after parsing attributes in process `syz.0.3458'. [ 358.682755][T14447] netlink: 6 bytes leftover after parsing attributes in process `syz.0.3458'. [ 358.854136][T14459] team0: Device lo is loopback device. Loopback devices can't be added as a team port [ 358.859084][T14459] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 358.938522][T14434] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 358.941543][T14434] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 358.944892][T14434] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 359.037255][ T39] audit: type=1400 audit(2000000236.849:1158): avc: denied { read } for pid=14468 comm="syz.1.3467" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 359.091247][T14473] netlink: 6 bytes leftover after parsing attributes in process `syz.3.3469'. [ 359.095553][T14473] netlink: 6 bytes leftover after parsing attributes in process `syz.3.3469'. [ 359.197148][ T5199] block nbd0: Receive control failed (result -107) [ 359.305785][T14469] block nbd0: shutting down sockets [ 359.798694][ T39] audit: type=1400 audit(2000000237.579:1159): avc: denied { read } for pid=14497 comm="syz.2.3480" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 360.234313][ T39] audit: type=1326 audit(2000000238.039:1160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14523 comm="syz.2.3490" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9760975bd9 code=0x7fc00000 [ 360.251047][ T39] audit: type=1326 audit(2000000238.049:1161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14523 comm="syz.2.3490" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9760975bd9 code=0x7fc00000 [ 360.274621][ T39] audit: type=1400 audit(2000000238.079:1162): avc: denied { bind } for pid=14534 comm="syz.3.3492" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 360.543568][ T30] usb 8-1: new high-speed USB device number 13 using dummy_hcd [ 360.727317][ T30] usb 8-1: New USB device found, idVendor=0403, idProduct=da73, bcdDevice=dc.8d [ 360.730846][ T30] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 360.739775][ T30] usb 8-1: config 0 descriptor?? [ 360.750329][ T30] usb 8-1: NDI device with a latency value of 1 [ 360.955566][ T30] ftdi_sio 8-1:0.0: FTDI USB Serial Device converter detected [ 360.960275][ T30] ftdi_sio ttyUSB0: unknown device type: 0xdc8d [ 360.969158][ T30] usb 8-1: USB disconnect, device number 13 [ 360.973057][ T30] ftdi_sio 8-1:0.0: device disconnected [ 361.024885][ T39] audit: type=1326 audit(2000000238.839:1163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14523 comm="syz.2.3490" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9760975bd9 code=0x7fc00000 [ 361.157815][T14545] team0: Device lo is loopback device. Loopback devices can't be added as a team port [ 361.162135][T14545] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 361.267005][T14555] pimreg: entered allmulticast mode [ 361.289612][T14555] pimreg: left allmulticast mode [ 361.392719][ T39] audit: type=1326 audit(2000000239.199:1164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14548 comm="syz.1.3498" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f950a575bd9 code=0x7fc00000 [ 361.420512][ T39] audit: type=1326 audit(2000000239.229:1165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14548 comm="syz.1.3498" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f950a575bd9 code=0x7fc00000 [ 361.498845][T14573] Cannot find add_set index 0 as target [ 361.761021][T14593] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3517'. [ 362.003310][ T5199] Bluetooth: hci0: command tx timeout [ 362.044767][ T39] audit: type=1326 audit(2000000239.859:1166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14548 comm="syz.1.3498" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f950a575bd9 code=0x7fc00000 [ 362.055525][ T39] audit: type=1326 audit(2000000239.859:1167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14548 comm="syz.1.3498" exe="/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f950a575bd9 code=0x7fc00000 [ 362.083373][T14601] Cannot find add_set index 0 as target [ 362.277301][T14606] ALSA: mixer_oss: invalid OSS volume '' [ 362.279621][T14606] ALSA: mixer_oss: invalid OSS volume '' [ 362.281974][T14606] ALSA: mixer_oss: invalid OSS volume 'L' [ 363.041641][T14627] Cannot find add_set index 0 as target [ 363.209762][T14639] dccp_invalid_packet: pskb_may_pull failed [ 363.344097][T14645] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3535'. [ 363.772850][T14657] Cannot find add_set index 0 as target [ 363.922664][T14667] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3545'. [ 364.050561][T14673] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3548'. [ 364.083798][ T5199] Bluetooth: hci0: command tx timeout [ 364.098829][T14675] Cannot find add_set index 0 as target [ 364.137936][ T39] kauditd_printk_skb: 6 callbacks suppressed [ 364.137952][ T39] audit: type=1400 audit(2000000241.949:1174): avc: denied { search } for pid=14676 comm="syz.1.3550" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1 [ 364.229077][T14681] hub 6-0:1.0: USB hub found [ 364.231577][T14681] hub 6-0:1.0: 1 port detected [ 364.439506][T14690] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 364.472485][T14692] dccp_invalid_packet: pskb_may_pull failed [ 364.583285][ T5284] usb 7-1: new high-speed USB device number 20 using dummy_hcd [ 364.773367][ T5284] usb 7-1: Using ep0 maxpacket: 8 [ 364.779226][ T5284] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 364.787937][ T5284] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 364.792622][ T5284] usb 7-1: New USB device found, idVendor=056a, idProduct=0003, bcdDevice= 0.00 [ 364.802192][ T5284] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 364.813905][ T5284] usb 7-1: config 0 descriptor?? [ 364.989714][ T39] audit: type=1400 audit(2000000242.799:1175): avc: denied { sys_chroot } for pid=14716 comm="dhcpcd" capability=18 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1 [ 365.000998][ T39] audit: type=1400 audit(2000000242.799:1176): avc: denied { setgid } for pid=14716 comm="dhcpcd" capability=6 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1 [ 365.010562][ T39] audit: type=1400 audit(2000000242.799:1177): avc: denied { setrlimit } for pid=14716 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=process permissive=1 [ 365.235159][ T5284] hid (null): global environment stack underflow [ 365.241286][ T5284] wacom 0003:056A:0003.000E: global environment stack underflow [ 365.246622][ T5284] wacom 0003:056A:0003.000E: item 0 1 1 11 parsing failed [ 365.250552][ T5284] wacom 0003:056A:0003.000E: parse failed [ 365.253122][ T5284] wacom 0003:056A:0003.000E: probe with driver wacom failed with error -22 [ 365.406614][ T5207] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 365.412050][ T5207] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 365.417508][ T5207] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 365.425639][ T5207] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 365.431694][ T5207] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 365.434927][ T5207] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 365.435488][ T5242] usb 7-1: USB disconnect, device number 20 [ 365.550698][ T1122] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 365.641393][ T1122] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 365.685348][T14718] chnl_net:caif_netlink_parms(): no params data found [ 365.739570][ T1122] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 365.876906][ T1122] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 365.932142][T14718] bridge0: port 1(bridge_slave_0) entered blocking state [ 365.936522][T14718] bridge0: port 1(bridge_slave_0) entered disabled state [ 365.939883][T14718] bridge_slave_0: entered allmulticast mode [ 365.944963][T14718] bridge_slave_0: entered promiscuous mode [ 365.950480][T14718] bridge0: port 2(bridge_slave_1) entered blocking state [ 365.954967][T14718] bridge0: port 2(bridge_slave_1) entered disabled state [ 365.958257][T14718] bridge_slave_1: entered allmulticast mode [ 365.961903][T14718] bridge_slave_1: entered promiscuous mode [ 366.019205][T14743] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 366.051040][T14718] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 366.064329][T14718] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 366.137397][T14718] team0: Port device team_slave_0 added [ 366.176348][T14718] team0: Port device team_slave_1 added [ 366.269668][ T1122] bridge_slave_1: left allmulticast mode [ 366.272164][ T1122] bridge_slave_1: left promiscuous mode [ 366.276386][ T1122] bridge0: port 2(bridge_slave_1) entered disabled state [ 366.285592][ T1122] bridge_slave_0: left allmulticast mode [ 366.288477][ T1122] bridge_slave_0: left promiscuous mode [ 366.291277][ T1122] bridge0: port 1(bridge_slave_0) entered disabled state [ 366.332644][ T39] audit: type=1400 audit(2000000244.139:1178): avc: denied { ioctl } for pid=14756 comm="syz.3.3579" path="socket:[60468]" dev="sockfs" ino=60468 ioctlcmd=0x8907 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 366.343331][ T39] audit: type=1400 audit(2000000244.149:1179): avc: denied { read } for pid=14756 comm="syz.3.3579" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 366.423695][ T5207] bt_err_ratelimited: 10 callbacks suppressed [ 366.423712][ T5207] Bluetooth: hci2: SCO packet for unknown connection handle 0 [ 366.693522][ T827] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 366.799249][ T1122] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 366.806489][ T1122] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 366.816796][ T1122] bond0 (unregistering): Released all slaves [ 366.831817][T14718] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 366.835323][T14718] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 366.846953][T14718] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 366.875433][T14718] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 366.878444][T14718] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 366.893586][T14718] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 366.900272][ T827] usb 5-1: New USB device found, idVendor=0403, idProduct=da73, bcdDevice=dc.8d [ 366.909206][ T827] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 366.920487][ T827] usb 5-1: config 0 descriptor?? [ 366.929578][ T827] usb 5-1: NDI device with a latency value of 1 [ 367.008982][T14718] hsr_slave_0: entered promiscuous mode [ 367.013682][T14718] hsr_slave_1: entered promiscuous mode [ 367.018801][T14718] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 367.021978][T14718] Cannot create hsr debugfs directory [ 367.209197][ T827] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected [ 367.216387][ T827] ftdi_sio ttyUSB0: unknown device type: 0xdc8d [ 367.264181][ T827] usb 5-1: USB disconnect, device number 18 [ 367.282161][ T827] ftdi_sio 5-1:0.0: device disconnected [ 367.533954][ T5207] Bluetooth: hci1: command tx timeout [ 367.577477][ T1122] hsr_slave_0: left promiscuous mode [ 367.581310][ T1122] hsr_slave_1: left promiscuous mode [ 367.585031][ T1122] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 367.596714][ T1122] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 367.602149][ T1122] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 367.607231][ T1122] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 367.662816][ T1122] veth1_macvtap: left promiscuous mode [ 367.666434][ T1122] veth0_macvtap: left promiscuous mode [ 367.668972][ T1122] veth1_vlan: left promiscuous mode [ 367.671348][ T1122] veth0_vlan: left promiscuous mode [ 369.108802][ T1122] team0 (unregistering): Port device team_slave_1 removed [ 369.282453][ T1122] team0 (unregistering): Port device team_slave_0 removed [ 369.613488][ T5207] Bluetooth: hci1: command tx timeout [ 370.521660][T14808] syz.3.3595[14808] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 370.521796][T14808] syz.3.3595[14808] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 370.737471][T14811] hub 6-0:1.0: USB hub found [ 370.747946][T14811] hub 6-0:1.0: 1 port detected [ 370.843986][ T827] usb 7-1: new high-speed USB device number 21 using dummy_hcd [ 370.971262][T14718] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 370.978216][T14718] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 370.983928][T14718] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 370.990112][T14718] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 371.040477][ T5207] Bluetooth: hci2: SCO packet for unknown connection handle 0 [ 371.055876][ T827] usb 7-1: New USB device found, idVendor=0403, idProduct=da73, bcdDevice=dc.8d [ 371.063060][ T827] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 371.072741][ T827] usb 7-1: config 0 descriptor?? [ 371.073027][T14718] 8021q: adding VLAN 0 to HW filter on device bond0 [ 371.082948][ T827] usb 7-1: NDI device with a latency value of 1 [ 371.092930][T14718] 8021q: adding VLAN 0 to HW filter on device team0 [ 371.101176][ T5242] bridge0: port 1(bridge_slave_0) entered blocking state [ 371.103888][ T5242] bridge0: port 1(bridge_slave_0) entered forwarding state [ 371.107016][ T5248] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 371.115138][ T5242] bridge0: port 2(bridge_slave_1) entered blocking state [ 371.118303][ T5242] bridge0: port 2(bridge_slave_1) entered forwarding state [ 371.284917][ T5248] usb 5-1: Using ep0 maxpacket: 8 [ 371.290272][ T5248] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 371.295637][ T827] ftdi_sio 7-1:0.0: FTDI USB Serial Device converter detected [ 371.299670][ T5248] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 371.300441][ T827] ftdi_sio ttyUSB0: unknown device type: 0xdc8d [ 371.303680][ T5248] usb 5-1: New USB device found, idVendor=056a, idProduct=0003, bcdDevice= 0.00 [ 371.309830][ T5248] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 371.317031][ T827] usb 7-1: USB disconnect, device number 21 [ 371.321212][ T5248] usb 5-1: config 0 descriptor?? [ 371.321609][T14718] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 371.326897][ T827] ftdi_sio 7-1:0.0: device disconnected [ 371.370839][T14718] veth0_vlan: entered promiscuous mode [ 371.381621][T14718] veth1_vlan: entered promiscuous mode [ 371.432499][T14718] veth0_macvtap: entered promiscuous mode [ 371.442537][T14718] veth1_macvtap: entered promiscuous mode [ 371.462706][T14718] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 371.467986][T14718] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 371.472003][T14718] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 371.477587][T14718] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 371.482345][T14718] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 371.487124][T14718] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 371.495707][T14718] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 371.508027][T14718] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 371.512788][T14718] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 371.516690][T14718] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 371.520845][T14718] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 371.525189][T14718] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 371.529633][T14718] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 371.535473][T14718] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 371.548617][T14718] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.552691][T14718] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.557096][T14718] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.560790][T14718] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.637678][ T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 371.643783][ T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 371.664761][ T1122] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 371.668531][ T1122] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 371.683487][ T5207] Bluetooth: hci1: command tx timeout [ 371.744038][T14823] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3566'. [ 371.769414][T14823] team0: Device gre0 is of different type [ 371.774828][ T5248] hid (null): global environment stack underflow [ 371.779062][T14823] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3566'. [ 371.791972][ T5248] wacom 0003:056A:0003.000F: global environment stack underflow [ 371.796337][ T5248] wacom 0003:056A:0003.000F: item 0 1 1 11 parsing failed [ 371.806549][ T5248] wacom 0003:056A:0003.000F: parse failed [ 371.809271][ T5248] wacom 0003:056A:0003.000F: probe with driver wacom failed with error -22 [ 371.971364][ T5242] usb 5-1: USB disconnect, device number 19 [ 372.021140][ T39] audit: type=1400 audit(2000000249.829:1180): avc: denied { connect } for pid=14836 comm="syz.2.3604" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 372.766136][T14887] openvswitch: netlink: IP tunnel dst address not specified [ 372.841427][T14889] hub 6-0:1.0: USB hub found [ 372.843851][ T5248] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 372.848467][T14889] hub 6-0:1.0: 1 port detected [ 373.029695][ T5248] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 373.038910][ T5248] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 373.044676][ T5248] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 373.052258][ T5248] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 373.056936][ T5248] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 373.066204][ T5248] usb 5-1: config 0 descriptor?? [ 373.203434][ T5242] usb 7-1: new high-speed USB device number 22 using dummy_hcd [ 373.387535][ T5242] usb 7-1: Using ep0 maxpacket: 8 [ 373.414957][ T5242] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 373.419219][ T5242] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 373.424443][ T5242] usb 7-1: New USB device found, idVendor=056a, idProduct=0003, bcdDevice= 0.00 [ 373.430324][ T5242] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 373.448631][ T5242] usb 7-1: config 0 descriptor?? [ 373.497334][ T5248] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 373.501503][ T5248] plantronics 0003:047F:FFFF.0010: No inputs registered, leaving [ 373.509329][ T5248] plantronics 0003:047F:FFFF.0010: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 373.763588][ T5207] Bluetooth: hci1: command tx timeout [ 373.889829][ T5242] hid (null): global environment stack underflow [ 373.896941][ T5242] wacom 0003:056A:0003.0011: global environment stack underflow [ 373.900512][ T5242] wacom 0003:056A:0003.0011: item 0 1 1 11 parsing failed [ 373.905168][ T5242] wacom 0003:056A:0003.0011: parse failed [ 373.908132][ T5242] wacom 0003:056A:0003.0011: probe with driver wacom failed with error -22 [ 374.096307][ T5248] usb 7-1: USB disconnect, device number 22 [ 374.311073][T14924] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.3640'. [ 375.221956][ T93] Bluetooth: hci3: Frame reassembly failed (-84) [ 375.604722][ T5241] usb 5-1: USB disconnect, device number 20 [ 376.144101][ T5248] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 376.161910][T14975] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3660'. [ 376.331523][ T5248] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 376.337273][ T5248] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 376.341988][ T5248] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 376.349377][ T5248] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 376.358033][ T5248] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 376.366552][ T5248] usb 5-1: config 0 descriptor?? [ 376.796050][ T5248] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0 [ 376.806031][ T5248] plantronics 0003:047F:FFFF.0012: No inputs registered, leaving [ 376.816681][ T5248] plantronics 0003:047F:FFFF.0012: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 377.042634][T15000] syz.1.3671: attempt to access beyond end of device [ 377.042634][T15000] nbd1: rw=2048, sector=2, nr_sectors = 2 limit=0 [ 377.293510][ T5207] Bluetooth: hci3: Opcode 0x1003 failed: -110 [ 377.296716][ T5199] Bluetooth: hci3: command 0x1003 tx timeout [ 378.071845][ T827] usb 5-1: USB disconnect, device number 21 [ 379.246372][T15051] pim6reg1: entered promiscuous mode [ 379.249473][T15051] pim6reg1: entered allmulticast mode [ 379.500455][ C2] vkms_vblank_simulate: vblank timer overrun [ 379.616683][ T39] audit: type=1400 audit(2000000257.429:1181): avc: denied { write } for pid=15060 comm="syz.1.3694" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 379.631868][T15061] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 379.693520][T15057] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.3693'. [ 380.561578][ C2] vkms_vblank_simulate: vblank timer overrun [ 381.224322][ T39] audit: type=1400 audit(2000000259.039:1182): avc: denied { remove_name } for pid=15079 comm="syz.3.3700" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="9p" ino=36575169 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 381.293034][ T39] audit: type=1400 audit(2000000259.039:1183): avc: denied { rename } for pid=15079 comm="syz.3.3700" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="9p" ino=36575169 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 381.433426][ C2] vkms_vblank_simulate: vblank timer overrun [ 381.737007][ T39] audit: type=1400 audit(2000000259.529:1184): avc: denied { write } for pid=15093 comm="syz.3.3707" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 382.427918][T15105] geneve2: entered promiscuous mode [ 382.442152][T15105] geneve2: entered allmulticast mode [ 382.519332][ C2] vkms_vblank_simulate: vblank timer overrun [ 383.082509][T15127] netlink: 'syz.3.3722': attribute type 21 has an invalid length. [ 383.086636][T15127] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3722'. [ 383.293363][ C2] vkms_vblank_simulate: vblank timer overrun [ 383.374544][T15130] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.3723'. [ 383.383625][ C2] vkms_vblank_simulate: vblank timer overrun [ 384.025413][ C2] vkms_vblank_simulate: vblank timer overrun [ 384.233321][ C2] vkms_vblank_simulate: vblank timer overrun [ 384.267785][ C2] vkms_vblank_simulate: vblank timer overrun [ 384.286619][T15141] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3726'. [ 384.693789][ T1359] ieee802154 phy0 wpan0: encryption failed: -22 [ 384.701294][ T1359] ieee802154 phy1 wpan1: encryption failed: -22 [ 384.873443][ T39] audit: type=1326 audit(2000000262.659:1185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15146 comm="syz.1.3729" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4ec7775bd9 code=0x0 [ 391.547277][T15171] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3738'. [ 392.034951][T15155] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 392.425829][T15179] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 392.632246][ T39] audit: type=1400 audit(2000000270.429:1186): avc: denied { bind } for pid=15173 comm="syz.1.3739" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 393.171525][T15201] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3746'. [ 393.449974][T15204] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3747'. [ 394.227254][ T39] audit: type=1400 audit(2000000272.039:1187): avc: denied { lock } for pid=15209 comm="syz.2.3750" path="socket:[62957]" dev="sockfs" ino=62957 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1 [ 394.410033][ T39] audit: type=1400 audit(2000000272.199:1188): avc: denied { unlink } for pid=15211 comm="syz.3.3751" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="9p" ino=36575169 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 394.783512][T15227] geneve2: entered promiscuous mode [ 394.787871][T15227] geneve2: entered allmulticast mode [ 395.525045][T15226] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3756'. [ 396.009647][T15255] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING [ 396.162781][T15262] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 396.568279][T15267] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3772'. [ 397.788022][T15278] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3777'. [ 399.308969][T15318] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 400.840934][T15349] blktrace: Concurrent blktraces are not allowed on sg0 [ 401.362224][T15360] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3807'. [ 401.876674][T15381] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 402.008066][T15386] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3820'. [ 402.193170][ C3] vkms_vblank_simulate: vblank timer overrun [ 402.313180][ C3] vkms_vblank_simulate: vblank timer overrun [ 402.365020][T15404] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3826'. [ 402.398113][ C3] vkms_vblank_simulate: vblank timer overrun [ 402.833221][ C3] vkms_vblank_simulate: vblank timer overrun [ 403.129157][T15423] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3833'. [ 403.249169][ C3] vkms_vblank_simulate: vblank timer overrun [ 403.356220][ T39] audit: type=1326 audit(2000000281.169:1189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15428 comm="syz.2.3836" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9760975bd9 code=0x0 [ 403.529172][ C3] vkms_vblank_simulate: vblank timer overrun [ 403.582725][T15440] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3839'. [ 403.923340][T15449] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3843'. [ 404.054590][ C3] vkms_vblank_simulate: vblank timer overrun [ 404.245434][T15460] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4) [ 404.248345][T15460] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 404.278742][ C3] vkms_vblank_simulate: vblank timer overrun [ 404.325094][T15460] vhci_hcd vhci_hcd.0: Device attached [ 404.344998][T15456] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2574 sclass=netlink_route_socket pid=15456 comm=syz.3.3847 [ 404.352316][T15456] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2563 sclass=netlink_route_socket pid=15456 comm=syz.3.3847 [ 404.369769][T15456] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2578 sclass=netlink_route_socket pid=15456 comm=syz.3.3847 [ 404.641144][ T6361] usb 19-1: new high-speed USB device number 2 using vhci_hcd [ 404.647173][T15463] vhci_hcd: sendmsg failed!, ret=-32 for 48 [ 404.653230][T15462] vhci_hcd: connection closed [ 404.655662][ T13] vhci_hcd: stop threads [ 404.659169][ T13] vhci_hcd: release socket [ 404.682136][ T13] vhci_hcd: disconnect device [ 404.729174][ C3] vkms_vblank_simulate: vblank timer overrun [ 404.869181][ C3] vkms_vblank_simulate: vblank timer overrun [ 404.900199][ C3] vkms_vblank_simulate: vblank timer overrun [ 405.281148][ C3] vkms_vblank_simulate: vblank timer overrun [ 405.329120][ C3] vkms_vblank_simulate: vblank timer overrun [ 405.585170][ C3] vkms_vblank_simulate: vblank timer overrun [ 405.929719][ C3] vkms_vblank_simulate: vblank timer overrun [ 405.960781][ C3] vkms_vblank_simulate: vblank timer overrun [ 406.048985][ C3] vkms_vblank_simulate: vblank timer overrun [ 406.126219][ T65] Bluetooth: hci0: unexpected event for opcode 0x203b [ 406.185141][ C3] vkms_vblank_simulate: vblank timer overrun [ 406.682458][ T39] audit: type=1400 audit(2000000284.489:1190): avc: denied { setopt } for pid=15569 comm="syz.3.3895" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 407.281619][T15593] blktrace: Concurrent blktraces are not allowed on sg0 [ 407.742478][T15012] Bluetooth: hci0: unexpected event for opcode 0x203b [ 408.176889][ T39] audit: type=1400 audit(2000000285.989:1191): avc: denied { read } for pid=15622 comm="syz.2.3917" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1 [ 408.218089][ T39] audit: type=1400 audit(2000000285.989:1192): avc: denied { open } for pid=15622 comm="syz.2.3917" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1 [ 408.362783][T15627] netlink: 124 bytes leftover after parsing attributes in process `syz.2.3919'. [ 408.677720][T15641] xt_cgroup: xt_cgroup: no path or classid specified [ 409.550296][T15667] xt_cgroup: xt_cgroup: no path or classid specified [ 409.798271][ T6361] vhci_hcd: vhci_device speed not set [ 409.960765][T15672] netlink: 124 bytes leftover after parsing attributes in process `syz.1.3936'. [ 410.219955][T15012] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 410.244791][T15012] Bluetooth: hci0: Injecting HCI hardware error event [ 410.279409][T15012] Bluetooth: hci0: hardware error 0x00 [ 411.328908][T15717] xt_cgroup: xt_cgroup: no path or classid specified [ 412.542398][T15012] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 413.460905][T15012] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 413.463767][ T39] audit: type=1400 audit(2000000291.269:1193): avc: denied { lock } for pid=15778 comm="syz.0.3978" path="/321/file0/bus" dev="9p" ino=36575173 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 413.478033][T15012] Bluetooth: hci2: Injecting HCI hardware error event [ 413.480176][T15012] Bluetooth: hci2: hardware error 0x00 [ 413.673871][T15788] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 413.997229][T15805] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3988'. [ 414.894273][T15821] netlink: 'syz.3.3995': attribute type 1 has an invalid length. [ 415.725164][T15012] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 415.770297][T15843] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 415.778007][T15843] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 415.820571][T15843] vhci_hcd vhci_hcd.0: Device attached [ 416.085682][ T828] vhci_hcd: vhci_device speed not set [ 416.174414][ T828] usb 19-1: new full-speed USB device number 3 using vhci_hcd [ 416.212051][T15857] netlink: 'syz.2.4009': attribute type 1 has an invalid length. [ 416.231644][T15847] vhci_hcd: connection reset by peer [ 416.291482][ T63] vhci_hcd: stop threads [ 416.313230][ T63] vhci_hcd: release socket [ 416.315375][ T63] vhci_hcd: disconnect device [ 416.819836][T15012] Bluetooth: hci1: command tx timeout [ 417.535732][T15882] netlink: 'syz.1.4020': attribute type 1 has an invalid length. [ 418.777761][ T39] audit: type=1400 audit(2000000296.579:1194): avc: denied { watch watch_reads } for pid=15896 comm="syz.2.4027" path="/proc/338" dev="proc" ino=66110 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 419.499596][T15911] netlink: 'syz.1.4032': attribute type 1 has an invalid length. [ 419.811669][T15918] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4035'. [ 419.816347][T15918] netlink: 1 bytes leftover after parsing attributes in process `syz.2.4035'. [ 419.824746][T15918] netlink: 1 bytes leftover after parsing attributes in process `syz.2.4035'. [ 420.607161][T15933] Cannot find add_set index 0 as target [ 421.517811][ T828] vhci_hcd: vhci_device speed not set [ 421.655033][T15936] netlink: 'syz.0.4042': attribute type 4 has an invalid length. [ 421.762614][T15937] netlink: 'syz.0.4042': attribute type 4 has an invalid length. [ 422.327363][T15954] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4048'. [ 423.095339][T15974] netlink: 'syz.0.4056': attribute type 7 has an invalid length. [ 423.099562][T15974] netlink: 140 bytes leftover after parsing attributes in process `syz.0.4056'. [ 424.177124][ T39] audit: type=1400 audit(2000000301.980:1195): avc: denied { getopt } for pid=15985 comm="syz.2.4059" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 425.347795][T15997] TCP: MD5 Hash mismatch for [fe80::bb].0->[ff02::1].20002 []L3 index 0 [ 426.030104][ T65] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 426.056421][ T65] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 426.075373][ T65] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 426.109302][ T65] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 426.116746][ T65] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 426.121229][ T65] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 426.781153][T16015] netlink: 'syz.1.4069': attribute type 7 has an invalid length. [ 426.799320][T16015] netlink: 140 bytes leftover after parsing attributes in process `syz.1.4069'. [ 426.876645][T16021] netlink: 'syz.2.4070': attribute type 27 has an invalid length. [ 427.371678][T16021] bridge0: port 2(bridge_slave_1) entered disabled state [ 427.376818][T16021] bridge0: port 1(bridge_slave_0) entered disabled state [ 427.573036][ T39] audit: type=1400 audit(2000000305.390:1196): avc: denied { watch } for pid=16027 comm="syz.0.4071" path="/343/bus/net_prio.prioidx" dev="tmpfs" ino=1858 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 427.594935][ T39] audit: type=1400 audit(2000000305.390:1197): avc: denied { watch_sb } for pid=16027 comm="syz.0.4071" path="/343/bus/net_prio.prioidx" dev="tmpfs" ino=1858 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 427.915061][T16033] TCP: MD5 Hash mismatch for [fe80::bb].0->[ff02::1].20002 []L3 index 0 [ 427.978369][T16037] program syz.0.4073 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 428.343357][ T65] Bluetooth: hci3: command tx timeout [ 428.381028][T16021] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 428.456980][T16021] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 429.191864][T16021] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 429.198452][T16021] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 429.201855][T16021] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 429.221578][T16021] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 429.584179][T16006] chnl_net:caif_netlink_parms(): no params data found [ 429.705748][T16055] Bluetooth: MGMT ver 1.22 [ 429.708497][T16055] Bluetooth: hci3: expected 2 bytes, got 7 bytes [ 430.248190][T16065] program syz.2.4081 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 430.333018][T16006] bridge0: port 1(bridge_slave_0) entered blocking state [ 430.340179][T16006] bridge0: port 1(bridge_slave_0) entered disabled state [ 430.374470][T16006] bridge_slave_0: entered allmulticast mode [ 430.379955][T16006] bridge_slave_0: entered promiscuous mode [ 430.400525][T16006] bridge0: port 2(bridge_slave_1) entered blocking state [ 430.427116][ T65] Bluetooth: hci3: command tx timeout [ 430.438155][T16006] bridge0: port 2(bridge_slave_1) entered disabled state [ 430.441532][T16006] bridge_slave_1: entered allmulticast mode [ 430.462682][T16006] bridge_slave_1: entered promiscuous mode [ 430.759670][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 431.144485][T16081] program syz.0.4089 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 431.206267][T16006] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 431.295435][T16006] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 431.410143][T16079] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4088'. [ 431.414449][T16079] netlink: 1 bytes leftover after parsing attributes in process `syz.1.4088'. [ 431.419580][T16079] netlink: 1 bytes leftover after parsing attributes in process `syz.1.4088'. [ 431.682397][ T65] Bluetooth: hci1: link tx timeout [ 431.686961][ T65] Bluetooth: hci1: killing stalled connection 10:aa:aa:aa:aa:aa [ 431.719640][ T65] Bluetooth: hci1: link tx timeout [ 431.723400][ T65] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa [ 431.853595][ T7578] usb 7-1: new high-speed USB device number 23 using dummy_hcd [ 431.918728][T16006] team0: Port device team_slave_0 added [ 431.964719][T16006] team0: Port device team_slave_1 added [ 432.103899][ T7578] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 432.109032][ T7578] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 432.134953][ T7578] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 432.139390][ T7578] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 432.298225][ T7578] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 432.302366][ T7578] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 432.325523][ T7578] usb 7-1: Manufacturer: syz [ 432.347678][ T7578] usb 7-1: config 0 descriptor?? [ 432.505584][ T65] Bluetooth: hci3: command tx timeout [ 432.861248][ T7578] appleir 0003:05AC:8243.0013: unknown main item tag 0x0 [ 432.882494][ T7578] appleir 0003:05AC:8243.0013: No inputs registered, leaving [ 432.893047][ T7578] appleir 0003:05AC:8243.0013: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0 [ 432.955660][T16105] program syz.0.4098 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 433.041555][ T63] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 433.376812][T16006] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 433.379424][T16006] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 433.395022][T16006] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 433.401782][T16006] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 433.417094][T16006] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 433.433090][T16006] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 433.444866][ T56] usb 7-1: USB disconnect, device number 23 [ 433.668056][ T63] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 433.772409][ T65] Bluetooth: hci1: command 0x0406 tx timeout [ 434.300187][ T63] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 434.307663][ T39] audit: type=1400 audit(2000000312.110:1198): avc: denied { map } for pid=16129 comm="syz.2.4108" path="/dev/dri/card0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 434.409745][T16006] hsr_slave_0: entered promiscuous mode [ 434.441525][T16006] hsr_slave_1: entered promiscuous mode [ 434.569060][T16006] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 434.574681][ T65] Bluetooth: hci3: command tx timeout [ 434.582023][T16006] Cannot create hsr debugfs directory [ 434.743073][ T63] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 435.402397][ T39] audit: type=1400 audit(2000000313.210:1199): avc: denied { bind } for pid=16148 comm="syz.1.4115" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 435.581418][T16153] netlink: 'syz.1.4117': attribute type 7 has an invalid length. [ 435.587478][T16153] netlink: 140 bytes leftover after parsing attributes in process `syz.1.4117'. [ 435.662355][ T63] bridge_slave_0: left allmulticast mode [ 435.664900][ T63] bridge_slave_0: left promiscuous mode [ 435.667561][ T63] bridge0: port 1(bridge_slave_0) entered disabled state [ 436.104846][ T65] Bluetooth: hci1: command 0x0406 tx timeout [ 437.477587][T16170] Cannot find add_set index 0 as target [ 437.518812][ T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 437.535958][ T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 437.544398][ T63] bond0 (unregistering): Released all slaves [ 437.629991][T16167] netlink: 64 bytes leftover after parsing attributes in process `syz.0.4119'. [ 439.349148][ T65] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 439.395827][ T65] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 439.407638][ T65] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 439.450064][ T65] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 439.478795][ T65] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 439.485509][ T65] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 440.316734][T16195] netlink: 64 bytes leftover after parsing attributes in process `syz.0.4129'. [ 441.191124][T16006] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 441.217479][T16006] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 441.300352][ T63] hsr_slave_0: left promiscuous mode [ 441.313999][ T63] hsr_slave_1: left promiscuous mode [ 441.317234][ T63] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 441.347923][ T63] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 441.399858][ T63] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 441.403347][ T63] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 441.551098][ T63] veth1_macvtap: left promiscuous mode [ 441.561210][ T63] veth0_macvtap: left promiscuous mode [ 441.567623][ T63] veth1_vlan: left promiscuous mode [ 441.570582][ T63] veth0_vlan: left promiscuous mode [ 441.689599][T15012] Bluetooth: hci2: command tx timeout [ 443.782137][T15012] Bluetooth: hci2: command tx timeout [ 445.372698][ T63] team0 (unregistering): Port device team_slave_1 removed [ 445.853902][T15012] Bluetooth: hci2: command tx timeout [ 445.938102][ T63] team0 (unregistering): Port device team_slave_0 removed [ 446.117068][ T1359] ieee802154 phy0 wpan0: encryption failed: -22 [ 446.123747][ T1359] ieee802154 phy1 wpan1: encryption failed: -22 [ 447.923334][T15012] Bluetooth: hci2: command tx timeout [ 448.489908][T16006] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 448.499418][T16006] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 448.652795][T16219] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4140'. [ 448.788898][T16186] chnl_net:caif_netlink_parms(): no params data found [ 449.170295][ T39] audit: type=1400 audit(2000000326.980:1200): avc: denied { map } for pid=16229 comm="syz.0.4144" path="/dev/hpet" dev="devtmpfs" ino=632 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 449.195955][ T39] audit: type=1400 audit(2000000326.980:1201): avc: denied { execute } for pid=16229 comm="syz.0.4144" path="/dev/hpet" dev="devtmpfs" ino=632 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 449.614194][T16186] bridge0: port 1(bridge_slave_0) entered blocking state [ 449.637978][T16186] bridge0: port 1(bridge_slave_0) entered disabled state [ 449.653431][T16186] bridge_slave_0: entered allmulticast mode [ 449.658691][T16186] bridge_slave_0: entered promiscuous mode [ 449.728701][T16006] 8021q: adding VLAN 0 to HW filter on device bond0 [ 449.750044][T16186] bridge0: port 2(bridge_slave_1) entered blocking state [ 449.801471][T16186] bridge0: port 2(bridge_slave_1) entered disabled state [ 449.804867][T16186] bridge_slave_1: entered allmulticast mode [ 449.809574][T16186] bridge_slave_1: entered promiscuous mode [ 449.904655][T16006] 8021q: adding VLAN 0 to HW filter on device team0 [ 450.084822][T16186] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 450.139311][T16186] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 450.300034][ T56] bridge0: port 1(bridge_slave_0) entered blocking state [ 450.323033][ T56] bridge0: port 1(bridge_slave_0) entered forwarding state [ 450.419086][T16186] team0: Port device team_slave_0 added [ 450.509092][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 450.524266][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 450.586221][T16186] team0: Port device team_slave_1 added [ 450.909273][T16186] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 450.913818][T16186] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 450.927979][T16186] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 450.942422][T16186] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 450.950774][T16186] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 451.015243][T16186] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 451.162403][T16006] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 451.187009][T16006] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 451.450892][T16186] hsr_slave_0: entered promiscuous mode [ 451.493818][T16186] hsr_slave_1: entered promiscuous mode [ 451.508731][T16186] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 451.511838][T16186] Cannot create hsr debugfs directory [ 451.985284][ T39] audit: type=1400 audit(2000000329.790:1202): avc: denied { read } for pid=16285 comm="syz.0.4162" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 452.535597][T16006] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 452.675841][T16299] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 452.712218][T16006] veth0_vlan: entered promiscuous mode [ 452.758684][T16006] veth1_vlan: entered promiscuous mode [ 452.955492][T16006] veth0_macvtap: entered promiscuous mode [ 452.957274][ T829] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 452.975228][T16006] veth1_macvtap: entered promiscuous mode [ 453.126162][T16006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 453.134871][T16006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 453.151954][T16006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 453.160847][T16006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 453.167450][ T829] usb 5-1: Using ep0 maxpacket: 16 [ 453.175813][T16006] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 453.176154][ T63] bridge_slave_1: left allmulticast mode [ 453.176245][ T63] bridge_slave_1: left promiscuous mode [ 453.176462][ T63] bridge0: port 2(bridge_slave_1) entered disabled state [ 453.196279][ T829] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 453.222449][ T829] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 453.231016][ T829] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 453.238152][ T829] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 453.247075][ T829] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 453.252562][ T829] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 [ 453.278635][ T829] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 453.282064][ T829] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 453.286379][ T829] usb 5-1: Product: syz [ 453.288519][ T63] bridge_slave_0: left allmulticast mode [ 453.288544][ T829] usb 5-1: Manufacturer: syz [ 453.288561][ T829] usb 5-1: SerialNumber: syz [ 453.297500][ T63] bridge_slave_0: left promiscuous mode [ 453.301898][ T63] bridge0: port 1(bridge_slave_0) entered disabled state [ 453.994420][ T829] cdc_ncm 5-1:1.0: failed GET_NTB_PARAMETERS [ 453.997786][ T829] cdc_ncm 5-1:1.0: bind() failure [ 454.005899][ T829] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found [ 454.023238][ T829] cdc_ncm 5-1:1.1: bind() failure [ 454.033888][ T829] usb 5-1: USB disconnect, device number 22 [ 454.349782][ T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 454.420785][ T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 454.441836][ T63] bond0 (unregistering): Released all slaves [ 454.680097][T16006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 454.700153][T16006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 454.707000][T16006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 454.712205][T16006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 454.727324][T16006] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 454.779750][T16006] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 454.788502][T16006] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 454.799721][T16006] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 454.808897][T16006] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 455.122603][T16308] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4170'. [ 455.473426][ T1099] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 455.476940][ T1099] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 455.628055][ T1099] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 455.631170][ T1099] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 455.816779][ T63] hsr_slave_0: left promiscuous mode [ 455.877783][ T63] hsr_slave_1: left promiscuous mode [ 455.933027][ T63] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 455.939356][ T63] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 457.746233][T16341] syz.0.4182[16341] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 457.746370][T16341] syz.0.4182[16341] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 458.543986][T16359] devtmpfs: Unknown parameter 'nr_iI' [ 458.572759][ T39] audit: type=1400 audit(2000000336.340:1203): avc: denied { mount } for pid=16358 comm="syz.3.4188" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 458.586649][ T39] audit: type=1400 audit(2000000336.340:1204): avc: denied { remount } for pid=16358 comm="syz.3.4188" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 458.983035][T16365] libceph: resolve ' [ 458.983035][T16365] -&õÌ×fÍY¹Ç²a×ïÅ2iˆ [ 458.983035][T16365] .ÖúÕ?Çý&*»§&' (ret=-3): failed [ 459.077225][ T39] audit: type=1400 audit(2000000336.870:1205): avc: denied { unmount } for pid=16006 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 460.432241][ T65] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 460.439933][ T65] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 460.504299][ T65] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 460.534164][ T65] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 460.583620][ T65] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 460.586848][ T65] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 461.415638][ T63] team0 (unregistering): Port device team_slave_1 removed [ 461.924170][ T63] team0 (unregistering): Port device team_slave_0 removed [ 462.656949][T15012] Bluetooth: hci4: command tx timeout [ 464.724969][T15012] Bluetooth: hci4: command tx timeout [ 465.098923][T16371] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4191'. [ 465.106154][T16373] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4193'. [ 465.500505][T16186] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 465.593772][T16186] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 465.616870][T16186] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 465.706782][T16186] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 465.821335][T16391] devtmpfs: Unknown parameter 'nr_iI' [ 466.090918][T16378] chnl_net:caif_netlink_parms(): no params data found [ 466.668343][T16405] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4202'. [ 466.806060][T15012] Bluetooth: hci4: command tx timeout [ 466.836302][T16378] bridge0: port 1(bridge_slave_0) entered blocking state [ 466.858554][T16378] bridge0: port 1(bridge_slave_0) entered disabled state [ 466.879533][T16378] bridge_slave_0: entered allmulticast mode [ 466.906397][T16378] bridge_slave_0: entered promiscuous mode [ 466.915524][T16378] bridge0: port 2(bridge_slave_1) entered blocking state [ 466.924406][T16378] bridge0: port 2(bridge_slave_1) entered disabled state [ 466.928756][T16378] bridge_slave_1: entered allmulticast mode [ 466.935667][T16378] bridge_slave_1: entered promiscuous mode [ 466.954261][T16186] 8021q: adding VLAN 0 to HW filter on device bond0 [ 467.193361][ T39] audit: type=1400 audit(2000000345.000:1206): avc: denied { setopt } for pid=16426 comm="syz.0.4213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 467.289157][T15012] Bluetooth: hci3: command 0x206a tx timeout [ 467.293348][ T65] Bluetooth: hci3: Opcode 0x206a failed: -110 [ 467.362703][T16378] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 467.417029][T16378] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 467.664128][T16186] 8021q: adding VLAN 0 to HW filter on device team0 [ 467.747026][T16378] team0: Port device team_slave_0 added [ 467.787503][T16378] team0: Port device team_slave_1 added [ 468.050116][T16035] bridge0: port 1(bridge_slave_0) entered blocking state [ 468.076591][T16035] bridge0: port 1(bridge_slave_0) entered forwarding state [ 468.242475][T16378] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 468.246153][T16378] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 468.275319][T16378] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 468.308273][T16035] bridge0: port 2(bridge_slave_1) entered blocking state [ 468.311629][T16035] bridge0: port 2(bridge_slave_1) entered forwarding state [ 468.320668][T16378] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 468.323620][T16378] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 468.344228][T16378] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 468.566202][T16186] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 468.747361][T16378] hsr_slave_0: entered promiscuous mode [ 468.750446][T16378] hsr_slave_1: entered promiscuous mode [ 468.754086][T16378] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 468.780916][T16378] Cannot create hsr debugfs directory [ 468.883457][ T65] Bluetooth: hci4: command tx timeout [ 469.455777][T16186] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 469.800570][T16378] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 470.282658][T16378] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 470.336788][T16186] veth0_vlan: entered promiscuous mode [ 470.384595][T16186] veth1_vlan: entered promiscuous mode [ 470.559374][T16378] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 470.681673][T16186] veth0_macvtap: entered promiscuous mode [ 470.881042][T16378] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 470.962293][T16186] veth1_macvtap: entered promiscuous mode [ 471.083467][ T7578] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 471.109852][T16186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 471.150364][T16186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 471.168601][T16186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 471.176009][T16186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 471.197132][T16186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 471.216724][T16186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 471.224345][T16186] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 471.264223][T16186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 471.288785][T16186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 471.311023][T16186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 471.325795][T16186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 471.344865][T16186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 471.351745][T16186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 471.359220][T16186] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 471.367523][T16186] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 471.372890][T16186] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 471.386007][T16186] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 471.397586][T16186] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 471.425630][ T7578] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7 [ 471.432515][ T7578] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid wMaxPacketSize 0 [ 471.443251][ T7578] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 471.453593][ T7578] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 471.459726][ T7578] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 471.519767][ T7578] usb 5-1: config 0 descriptor?? [ 471.879752][ T1095] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 471.911711][ T1095] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 472.019302][ T1095] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 472.041288][T16378] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 472.047198][ T1095] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 472.074113][ T7578] plantronics 0003:047F:FFFF.0014: ignoring exceeding usage max [ 472.082023][ T7578] plantronics 0003:047F:FFFF.0014: No inputs registered, leaving [ 472.128018][T16378] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 472.138586][ T7578] plantronics 0003:047F:FFFF.0014: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 472.304431][T16378] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 472.355603][T16378] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 472.744834][T16378] 8021q: adding VLAN 0 to HW filter on device bond0 [ 472.869143][T16378] 8021q: adding VLAN 0 to HW filter on device team0 [ 472.915089][ T56] bridge0: port 1(bridge_slave_0) entered blocking state [ 472.924304][ T56] bridge0: port 1(bridge_slave_0) entered forwarding state [ 472.933604][ T39] audit: type=1326 audit(2000000350.730:1207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16499 comm="syz.2.4239" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6c5cf75bd9 code=0x0 [ 472.971477][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 472.984669][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 473.496409][ T828] usb 5-1: reset high-speed USB device number 23 using dummy_hcd [ 473.572137][T16378] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 473.680924][T16378] veth0_vlan: entered promiscuous mode [ 473.725221][T16378] veth1_vlan: entered promiscuous mode [ 473.789522][T16515] rtc_cmos 00:05: Alarms can be up to one day in the future [ 473.804746][T16378] veth0_macvtap: entered promiscuous mode [ 473.821441][ C1] hpet: Lost 1 RTC interrupts [ 473.890253][T16035] kernel write not supported for file /snd/seq (pid: 16035 comm: kworker/2:4) [ 473.891738][T16378] veth1_macvtap: entered promiscuous mode [ 473.935971][ T39] audit: type=1400 audit(2000000351.730:1208): avc: denied { connect } for pid=16507 comm="syz.2.4241" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 473.978663][T16378] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.018833][T16378] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.023075][T16378] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.053266][T16378] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.057642][T16378] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.061967][T16378] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.124492][T16378] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.179104][T16378] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.205607][T16378] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 474.229330][T16378] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 474.261496][T16378] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.267019][T16378] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 474.274414][T16378] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.281423][T16378] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 474.330263][T16378] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.346705][T16378] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 474.369301][T16378] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.391568][T16378] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 474.450019][ T9] usb 5-1: USB disconnect, device number 23 [ 474.578110][T16378] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 474.597109][T16378] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 474.632199][T16378] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 474.637492][T16378] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 475.045220][ T39] audit: type=1400 audit(2000000352.830:1209): avc: denied { audit_write } for pid=16526 comm="syz.3.4248" capability=29 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 475.072874][ T1099] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 475.082932][ T1099] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 475.100606][ T39] audit: type=1400 audit(2000000352.830:1210): avc: denied { write } for pid=16526 comm="syz.3.4248" name="usbmon0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 475.109784][ T39] audit: type=1400 audit(2000000352.860:1211): avc: denied { nlmsg_write } for pid=16526 comm="syz.3.4248" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1 [ 475.184377][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 475.187625][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 475.742401][T16550] devtmpfs: Unknown parameter 'nr_iI' [ 476.540102][T16566] netlink: 188 bytes leftover after parsing attributes in process `syz.3.4259'. [ 476.556321][T16566] netlink: 'syz.3.4259': attribute type 1 has an invalid length. [ 476.637085][T16516] usb 7-1: new high-speed USB device number 24 using dummy_hcd [ 476.768385][T16574] ALSA: seq fatal error: cannot create timer (-22) [ 476.799005][ C2] vkms_vblank_simulate: vblank timer overrun [ 476.914696][T16579] xt_bpf: check failed: parse error [ 476.991982][T16516] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7 [ 476.993456][ C2] vkms_vblank_simulate: vblank timer overrun [ 477.050944][ C2] vkms_vblank_simulate: vblank timer overrun [ 477.093111][T16516] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid wMaxPacketSize 0 [ 477.134063][T16516] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 477.177094][T16516] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 477.224098][T16516] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 477.250640][T16516] usb 7-1: config 0 descriptor?? [ 477.252333][ C2] vkms_vblank_simulate: vblank timer overrun [ 477.272893][ C2] vkms_vblank_simulate: vblank timer overrun [ 477.584356][ C2] vkms_vblank_simulate: vblank timer overrun [ 477.640557][ C2] vkms_vblank_simulate: vblank timer overrun [ 477.720498][ C2] vkms_vblank_simulate: vblank timer overrun [ 477.895190][T16516] plantronics 0003:047F:FFFF.0015: ignoring exceeding usage max [ 477.934310][ C2] vkms_vblank_simulate: vblank timer overrun [ 477.956074][T16516] plantronics 0003:047F:FFFF.0015: No inputs registered, leaving [ 477.984417][ C2] vkms_vblank_simulate: vblank timer overrun [ 478.002912][T16516] plantronics 0003:047F:FFFF.0015: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 478.041653][ C2] vkms_vblank_simulate: vblank timer overrun [ 478.140381][ C2] vkms_vblank_simulate: vblank timer overrun [ 478.160785][ T5242] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 478.274027][ C2] vkms_vblank_simulate: vblank timer overrun [ 478.388700][ T5242] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 478.416609][ T5242] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 478.420537][ T5242] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 478.492783][ T5242] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 478.551455][ T5242] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 478.555615][ T5242] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 478.559123][ T5242] usb 6-1: Product: syz [ 478.560363][ C2] vkms_vblank_simulate: vblank timer overrun [ 478.577128][ T5242] usb 6-1: Manufacturer: syz [ 478.600545][ T5242] cdc_wdm 6-1:1.0: skipping garbage [ 478.608711][ C2] vkms_vblank_simulate: vblank timer overrun [ 478.633991][T16516] usb 8-1: new high-speed USB device number 14 using dummy_hcd [ 478.638106][ T5242] cdc_wdm 6-1:1.0: skipping garbage [ 478.669416][ T5242] cdc_wdm 6-1:1.0: cdc-wdm1: USB WDM device [ 478.671907][ T5242] cdc_wdm 6-1:1.0: Unknown control protocol [ 478.971320][T16516] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 255, changing to 11 [ 478.975808][ T5242] usb 6-1: USB disconnect, device number 17 [ 479.005449][T16516] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024 [ 479.024328][ C2] vkms_vblank_simulate: vblank timer overrun [ 479.151232][T16516] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 479.164183][ C2] vkms_vblank_simulate: vblank timer overrun [ 479.188533][T16516] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 479.189532][ C2] vkms_vblank_simulate: vblank timer overrun [ 479.222234][T16516] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 479.225605][T16516] usb 8-1: config 0 descriptor?? [ 479.228355][ C2] vkms_vblank_simulate: vblank timer overrun [ 479.278075][ T5243] usb 7-1: reset high-speed USB device number 24 using dummy_hcd [ 479.308782][T16597] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22 [ 479.348254][ T39] audit: type=1400 audit(2000000357.160:1212): avc: denied { listen } for pid=16612 comm="syz.0.4278" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 479.445681][ T5243] usb 7-1: device descriptor read/64, error -32 [ 479.613856][T16617] xt_bpf: check failed: parse error [ 479.768506][T16516] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0 [ 479.791977][ T5243] usb 7-1: reset high-speed USB device number 24 using dummy_hcd [ 479.812704][T16516] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0 [ 479.824248][T16516] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0 [ 479.874506][T16516] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0 [ 479.877894][T16516] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0 [ 479.900485][T16516] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0 [ 479.904135][T16516] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0 [ 479.923840][T16516] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0 [ 479.927358][T16516] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0 [ 479.930819][T16516] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0 [ 480.001320][T16516] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0 [ 480.007781][T16516] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0 [ 480.046951][ T5243] usb 7-1: device descriptor read/64, error -32 [ 480.062281][T16516] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0 [ 480.141091][T16516] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0 [ 480.145924][T16516] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0 [ 480.149596][T16516] plantronics 0003:047F:FFFF.0016: No inputs registered, leaving [ 480.190659][T16516] plantronics 0003:047F:FFFF.0016: hiddev1,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 480.241974][T16516] usb 8-1: USB disconnect, device number 14 [ 480.276287][ C2] vkms_vblank_simulate: vblank timer overrun [ 480.796328][ C2] vkms_vblank_simulate: vblank timer overrun [ 481.004268][ C2] vkms_vblank_simulate: vblank timer overrun [ 481.060290][ C2] vkms_vblank_simulate: vblank timer overrun [ 481.077538][ T9] usb 7-1: USB disconnect, device number 24 [ 481.375156][T16646] netlink: 264 bytes leftover after parsing attributes in process `syz.1.4292'. [ 481.920478][ T56] usb 8-1: new high-speed USB device number 15 using dummy_hcd [ 482.099018][ T56] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 482.104879][ T56] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 482.113045][ T56] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 482.119889][ T56] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 482.231419][ T56] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 482.242658][ T56] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 482.253823][ T56] usb 8-1: Product: syz [ 482.255666][ T56] usb 8-1: Manufacturer: syz [ 482.329967][ T56] cdc_wdm 8-1:1.0: skipping garbage [ 482.337096][ T56] cdc_wdm 8-1:1.0: skipping garbage [ 482.349223][ T56] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device [ 482.351505][ T56] cdc_wdm 8-1:1.0: Unknown control protocol [ 482.714138][ C3] cdc_wdm 8-1:1.0: nonzero urb status received: -71 [ 482.714492][ T5241] usb 8-1: USB disconnect, device number 15 [ 482.735116][ C3] cdc_wdm 8-1:1.0: wdm_int_callback - 0 bytes [ 482.735136][ C3] cdc_wdm 8-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 483.016468][ T56] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 483.378218][ T56] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7 [ 483.382574][ T56] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid wMaxPacketSize 0 [ 483.390427][ T56] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 483.410242][ T56] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 483.415052][ T56] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 483.424301][ T56] usb 5-1: config 0 descriptor?? [ 483.766433][T16692] netlink: 'syz.2.4309': attribute type 1 has an invalid length. [ 483.769892][T16693] tun0: tun_chr_ioctl cmd 1074812118 [ 484.027052][ T56] plantronics 0003:047F:FFFF.0017: ignoring exceeding usage max [ 484.033890][ T56] plantronics 0003:047F:FFFF.0017: No inputs registered, leaving [ 484.041950][ T56] plantronics 0003:047F:FFFF.0017: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 484.544790][T16622] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 484.779961][T16622] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 255, changing to 11 [ 484.800756][T16622] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024 [ 484.839046][T16622] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 484.858696][T16622] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 484.882686][T16622] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 484.888008][T16622] usb 6-1: config 0 descriptor?? [ 484.912516][T16705] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 485.144928][ T56] usb 8-1: new high-speed USB device number 16 using dummy_hcd [ 485.424456][T16045] usb 5-1: reset high-speed USB device number 24 using dummy_hcd [ 485.425496][T16622] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 485.455868][ T56] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 485.468017][T16622] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 485.468044][T16622] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 485.468064][T16622] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 485.468085][T16622] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 485.468104][T16622] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 485.468122][T16622] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 485.468142][T16622] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 485.468185][T16622] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 485.468203][T16622] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 485.468222][T16622] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 485.468241][T16622] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 485.468260][T16622] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 485.468278][T16622] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 485.468296][T16622] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 485.469068][T16622] plantronics 0003:047F:FFFF.0018: No inputs registered, leaving [ 485.474965][T16622] plantronics 0003:047F:FFFF.0018: hiddev1,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 485.628098][T16622] usb 6-1: USB disconnect, device number 18 [ 485.648588][ T56] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 485.678647][ T56] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 485.687627][ T56] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 485.696676][ T56] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 485.704076][ T56] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 485.708992][ T56] usb 8-1: Product: syz [ 485.717157][T16045] usb 5-1: device descriptor read/64, error -32 [ 485.721310][ T56] usb 8-1: Manufacturer: syz [ 485.735745][ T56] cdc_wdm 8-1:1.0: skipping garbage [ 485.740351][ T56] cdc_wdm 8-1:1.0: skipping garbage [ 485.757522][ T56] cdc_wdm 8-1:1.0: cdc-wdm1: USB WDM device [ 485.760240][ T56] cdc_wdm 8-1:1.0: Unknown control protocol [ 486.005342][T16045] usb 5-1: reset high-speed USB device number 24 using dummy_hcd [ 486.060422][ T9] usb 8-1: USB disconnect, device number 16 [ 486.102100][T16726] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4323'. [ 486.120899][T16726] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4323'. [ 486.164348][T16045] usb 5-1: device descriptor read/64, error -32 [ 486.186899][ T65] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201' [ 486.211607][ T65] CPU: 2 PID: 65 Comm: kworker/u33:0 Not tainted 6.10.0-rc6-syzkaller-00212-g1dd28064d416 #0 [ 486.227203][ T65] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 486.235888][ T65] Workqueue: hci2 hci_rx_work [ 486.252418][ T65] Call Trace: [ 486.254026][ T65] [ 486.255614][ T65] dump_stack_lvl+0x16c/0x1f0 [ 486.258403][ T65] sysfs_warn_dup+0x7f/0xa0 [ 486.260832][ T65] sysfs_create_dir_ns+0x24d/0x2b0 [ 486.263530][ T65] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 486.266666][ T65] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 486.285738][ T65] ? do_raw_spin_unlock+0x172/0x230 [ 486.288012][ T65] kobject_add_internal+0x2c8/0x990 [ 486.291288][ T65] kobject_add+0x16f/0x240 [ 486.294672][ T65] ? __pfx_kobject_add+0x10/0x10 [ 486.298985][ T65] ? do_raw_spin_unlock+0x172/0x230 [ 486.301902][ T65] ? kobject_put+0xbe/0x5b0 [ 486.304406][ T65] device_add+0x289/0x1a70 [ 486.308802][ T65] ? __pfx_dev_set_name+0x10/0x10 [ 486.326106][ T65] ? __pfx_device_add+0x10/0x10 [ 486.328852][ T65] ? mgmt_send_event_skb+0x2f0/0x460 [ 486.331746][ T65] hci_conn_add_sysfs+0x17e/0x230 [ 486.334486][ T65] le_conn_complete_evt+0x1078/0x1d80 [ 486.337459][ T65] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 486.353377][ T65] ? trace_contention_end+0xea/0x140 [ 486.356655][ T65] ? __mutex_lock+0x1a6/0x9c0 [ 486.359717][ T65] hci_le_enh_conn_complete_evt+0x23d/0x380 [ 486.363321][ T65] ? skb_pull_data+0x166/0x210 [ 486.366559][ T65] hci_le_meta_evt+0x2e2/0x5d0 [ 486.384444][ T65] ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10 [ 486.388579][ T65] hci_event_packet+0x664/0x1170 [ 486.391717][ T65] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 486.395060][ T65] ? __pfx_hci_event_packet+0x10/0x10 [ 486.398520][ T65] ? mark_held_locks+0x9f/0xe0 [ 486.401629][ T65] ? kcov_remote_start+0x3d1/0x6e0 [ 486.419113][ T65] ? lockdep_hardirqs_on+0x7c/0x110 [ 486.422044][ T65] hci_rx_work+0x2c4/0x1610 [ 486.424299][ T65] process_one_work+0x9c5/0x1b40 [ 486.431389][ T65] ? __pfx_lock_acquire+0x10/0x10 [ 486.434165][ T65] ? __pfx_process_one_work+0x10/0x10 [ 486.448525][ T65] ? assign_work+0x1a0/0x250 [ 486.461125][ T65] worker_thread+0x6c8/0xf30 [ 486.463861][ T65] ? __pfx_worker_thread+0x10/0x10 [ 486.466864][ T65] kthread+0x2c1/0x3a0 [ 486.482483][ T65] ? _raw_spin_unlock_irq+0x23/0x50 [ 486.485606][ T65] ? __pfx_kthread+0x10/0x10 [ 486.488712][ T65] ret_from_fork+0x45/0x80 [ 486.491183][ T65] ? __pfx_kthread+0x10/0x10 [ 486.493873][ T65] ret_from_fork_asm+0x1a/0x30 [ 486.496848][ T65] [ 486.518429][ T65] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 486.523623][ T65] Bluetooth: hci2: failed to register connection device [ 486.688461][T16045] usb 5-1: reset high-speed USB device number 24 using dummy_hcd [ 486.726826][T16045] usb 5-1: device descriptor read/8, error -32 [ 487.006536][T16653] raw-gadget.1 gadget.0: failed to queue suspend event [ 487.009849][T16653] raw-gadget.1 gadget.0: failed to queue disconnect event [ 487.083409][T16045] usb 5-1: reset high-speed USB device number 24 using dummy_hcd [ 487.311347][T16045] usb 5-1: device not accepting address 24, error -71 [ 487.321509][ T5241] usb 5-1: USB disconnect, device number 24 [ 487.486548][T16735] sp0: Synchronizing with TNC [ 487.977354][T16750] netlink: 'syz.3.4330': attribute type 1 has an invalid length. [ 488.054901][T16752] trusted_key: encrypted_key: keylen for the ecryptfs format must be equal to 64 bytes [ 488.657417][T16766] sp0: Synchronizing with TNC [ 488.760658][T16770] netlink: 'syz.1.4339': attribute type 1 has an invalid length. [ 488.996216][T16775] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4337'. [ 489.000201][T16775] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4337'. [ 489.229193][T16781] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4342'. [ 489.893434][ T5242] usb 8-1: new high-speed USB device number 17 using dummy_hcd [ 490.148407][ T5242] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7 [ 490.153523][ T5242] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid wMaxPacketSize 0 [ 490.200658][ T5242] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 490.227280][T16803] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4349'. [ 490.232350][ T5242] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 490.247773][ T5242] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 490.281119][ T5242] usb 8-1: config 0 descriptor?? [ 490.428714][T16806] 9pnet_fd: Insufficient options for proto=fd [ 490.632895][T16809] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4352'. [ 491.028870][T16824] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4358'. [ 491.204080][T16830] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4360'. [ 491.239839][ T5242] plantronics 0003:047F:FFFF.0019: ignoring exceeding usage max [ 491.273894][ T5242] plantronics 0003:047F:FFFF.0019: No inputs registered, leaving [ 491.352390][T16832] bond0: (slave erspan0): Opening slave failed [ 491.805830][T16840] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4364'. [ 491.909100][T16842] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4363'. [ 491.915618][T16842] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4363'. [ 492.057981][ T5242] plantronics 0003:047F:FFFF.0019: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 492.087977][ T65] Bluetooth: hci2: command tx timeout [ 492.178294][T16849] 9pnet_fd: Insufficient options for proto=fd [ 492.413779][T16045] usb 8-1: USB disconnect, device number 17 [ 492.680480][ T39] audit: type=1400 audit(2000000370.480:1213): avc: denied { write } for pid=16856 comm="syz.2.4371" name="fd" dev="proc" ino=72240 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 492.733365][ T39] audit: type=1400 audit(2000000370.500:1214): avc: denied { add_name } for pid=16856 comm="syz.2.4371" name="3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 492.741164][ T39] audit: type=1400 audit(2000000370.500:1215): avc: denied { create } for pid=16856 comm="syz.2.4371" name="3" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=file permissive=1 [ 492.761523][ T39] audit: type=1400 audit(2000000370.500:1216): avc: denied { associate } for pid=16856 comm="syz.2.4371" name="3" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 492.872929][ T39] audit: type=1400 audit(2000000370.680:1217): avc: denied { setattr } for pid=16863 comm="syz.3.4374" path="socket:[73086]" dev="sockfs" ino=73086 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 492.931171][T16864] bridge0: port 2(bridge_slave_1) entered disabled state [ 492.935143][T16864] bridge0: port 1(bridge_slave_0) entered disabled state [ 493.226286][T16874] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4374'. [ 494.117477][ T55] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 494.378010][ T55] usb 5-1: Using ep0 maxpacket: 32 [ 494.415533][ T55] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 494.421423][ T55] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 494.429381][ T55] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 494.557725][ T55] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 494.578123][ T55] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 494.584283][ T55] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 [ 494.681691][ T55] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 494.715087][ T55] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 494.719872][ T55] usb 5-1: Product: syz [ 494.802148][T16875] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 494.809746][ T55] usb 5-1: Manufacturer: syz [ 494.812009][ T55] usb 5-1: SerialNumber: syz [ 495.194760][T16883] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 495.224333][T16883] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 495.394215][ T39] audit: type=1400 audit(2000000373.200:1218): avc: denied { write } for pid=16896 comm="syz.2.4385" name="mouse0" dev="devtmpfs" ino=867 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1 [ 495.648656][ T13] ------------[ cut here ]------------ [ 495.652139][ T13] WARNING: CPU: 1 PID: 13 at net/wireless/nl80211.c:19473 cfg80211_bss_color_notify+0x60b/0x7d0 [ 495.673334][ T13] Modules linked in: [ 495.677232][ T13] CPU: 1 PID: 13 Comm: kworker/u32:1 Not tainted 6.10.0-rc6-syzkaller-00212-g1dd28064d416 #0 [ 495.683128][ T13] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 495.690142][ T13] Workqueue: phy29 ieee80211_color_collision_detection_work [ 495.709327][ T13] RIP: 0010:cfg80211_bss_color_notify+0x60b/0x7d0 SYZFAIL: failed to recv rpc fd=3 want=4 sent=0 n=0 (errno 9: Bad file descriptor) [ 495.712630][ T13] Code: d8 52 f7 49 8d 7f 68 be ff ff ff ff e8 4e 4d ac 00 31 ff 89 c3 89 c6 e8 e3 d3 52 f7 85 db 0f 85 16 fb ff ff e8 d6 d8 52 f7 90 <0f> 0b 90 e9 08 fb ff ff e8 c8 d8 52 f7 0f b6 44 24 1c ba 01 00 00 [ 495.721749][ T13] RSP: 0018:ffffc90000107bf0 EFLAGS: 00010293 [ 495.725616][ T13] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff8a3b0bad [ 495.733419][ T13] RDX: ffff888017e98000 RSI: ffffffff8a3b0bba RDI: 0000000000000005 [ 495.770150][ T13] RBP: 000000000000008d R08: 0000000000000005 R09: 0000000000000000 [ 495.794360][ T13] R10: 0000000000000000 R11: 1ffffffff272b610 R12: ffff888046fcc000 [ 495.799867][ T13] R13: 000000000003d90c R14: ffff888046fcccb0 R15: ffff88802fb80700 [ 495.805060][ T13] FS: 0000000000000000(0000) GS:ffff88806b100000(0000) knlGS:0000000000000000 [ 495.814987][ T13] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 495.818137][ T13] CR2: 000000002039c000 CR3: 000000003a1e6000 CR4: 0000000000350ef0 [ 495.824764][ T13] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 495.829511][ T13] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 495.835592][ T13] Call Trace: [ 495.838325][ T13] [ 495.840185][ T13] ? show_regs+0x8c/0xa0 [ 495.843111][ T13] ? __warn+0xe5/0x3c0 [ 495.845770][ T13] ? cfg80211_bss_color_notify+0x60b/0x7d0 [ 495.849956][ T13] ? report_bug+0x3c0/0x580 [ 495.853266][ T13] ? handle_bug+0x3d/0x70 [ 495.856248][ T13] ? exc_invalid_op+0x17/0x50 [ 495.872682][ T13] ? asm_exc_invalid_op+0x1a/0x20 [ 495.894615][ T13] ? cfg80211_bss_color_notify+0x5fd/0x7d0 [ 495.897424][ T13] ? cfg80211_bss_color_notify+0x60a/0x7d0 [ 495.900133][ T13] ? cfg80211_bss_color_notify+0x60b/0x7d0 [ 495.903591][ T13] ? __pfx_lock_acquire+0x10/0x10 [ 495.907841][ T13] ? __pfx_cfg80211_bss_color_notify+0x10/0x10 [ 495.921427][ T13] process_one_work+0x9c5/0x1b40 [ 495.925990][ T13] ? __pfx_lock_acquire+0x10/0x10 [ 495.931729][ T13] ? __pfx_process_one_work+0x10/0x10 [ 495.942239][ T13] ? assign_work+0x1a0/0x250 [ 495.962006][ T13] worker_thread+0x6c8/0xf30 [ 495.965322][ T13] ? __pfx_worker_thread+0x10/0x10 [ 495.968813][ T13] kthread+0x2c1/0x3a0 [ 495.971567][ T13] ? _raw_spin_unlock_irq+0x23/0x50 [ 495.975237][ T13] ? __pfx_kthread+0x10/0x10 [ 495.978394][ T13] ret_from_fork+0x45/0x80 [ 495.996363][ T13] ? __pfx_kthread+0x10/0x10 [ 495.999580][ T13] ret_from_fork_asm+0x1a/0x30 [ 496.002870][ T13] [ 496.005199][ T13] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 496.009828][ T13] CPU: 1 PID: 13 Comm: kworker/u32:1 Not tainted 6.10.0-rc6-syzkaller-00212-g1dd28064d416 #0 [ 496.028083][ T13] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 496.035120][ T13] Workqueue: phy29 ieee80211_color_collision_detection_work [ 496.052655][ T13] Call Trace: [ 496.054888][ T13] [ 496.056877][ T13] dump_stack_lvl+0x3d/0x1f0 [ 496.059954][ T13] panic+0x6f5/0x7a0 [ 496.062580][ T13] ? __pfx_panic+0x10/0x10 [ 496.065546][ T13] ? show_trace_log_lvl+0x363/0x500 [ 496.080161][ T13] ? check_panic_on_warn+0x1f/0xb0 [ 496.082247][ T13] ? cfg80211_bss_color_notify+0x60b/0x7d0 [ 496.084567][ T13] check_panic_on_warn+0xab/0xb0 [ 496.086617][ T13] __warn+0xf1/0x3c0 [ 496.088464][ T13] ? cfg80211_bss_color_notify+0x60b/0x7d0 [ 496.093433][ T13] report_bug+0x3c0/0x580 [ 496.095805][ T13] handle_bug+0x3d/0x70 [ 496.098398][ T13] exc_invalid_op+0x17/0x50 [ 496.101363][ T13] asm_exc_invalid_op+0x1a/0x20 [ 496.104568][ T13] RIP: 0010:cfg80211_bss_color_notify+0x60b/0x7d0 [ 496.108802][ T13] Code: d8 52 f7 49 8d 7f 68 be ff ff ff ff e8 4e 4d ac 00 31 ff 89 c3 89 c6 e8 e3 d3 52 f7 85 db 0f 85 16 fb ff ff e8 d6 d8 52 f7 90 <0f> 0b 90 e9 08 fb ff ff e8 c8 d8 52 f7 0f b6 44 24 1c ba 01 00 00 [ 496.122313][ T13] RSP: 0018:ffffc90000107bf0 EFLAGS: 00010293 [ 496.126841][ T13] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff8a3b0bad [ 496.132013][ T13] RDX: ffff888017e98000 RSI: ffffffff8a3b0bba RDI: 0000000000000005 [ 496.138029][ T13] RBP: 000000000000008d R08: 0000000000000005 R09: 0000000000000000 [ 496.143945][ T13] R10: 0000000000000000 R11: 1ffffffff272b610 R12: ffff888046fcc000 [ 496.148980][ T13] R13: 000000000003d90c R14: ffff888046fcccb0 R15: ffff88802fb80700 [ 496.156405][ T13] ? cfg80211_bss_color_notify+0x5fd/0x7d0 [ 496.160152][ T13] ? cfg80211_bss_color_notify+0x60a/0x7d0 [ 496.163010][ T13] ? __pfx_lock_acquire+0x10/0x10 [ 496.165273][ T13] ? __pfx_cfg80211_bss_color_notify+0x10/0x10 [ 496.167901][ T13] process_one_work+0x9c5/0x1b40 [ 496.170535][ T13] ? __pfx_lock_acquire+0x10/0x10 [ 496.172836][ T13] ? __pfx_process_one_work+0x10/0x10 [ 496.175333][ T13] ? assign_work+0x1a0/0x250 [ 496.177904][ T13] worker_thread+0x6c8/0xf30 [ 496.180961][ T13] ? __pfx_worker_thread+0x10/0x10 [ 496.184214][ T13] kthread+0x2c1/0x3a0 [ 496.186660][ T13] ? _raw_spin_unlock_irq+0x23/0x50 [ 496.190072][ T13] ? __pfx_kthread+0x10/0x10 [ 496.193044][ T13] ret_from_fork+0x45/0x80 [ 496.195971][ T13] ? __pfx_kthread+0x10/0x10 [ 496.198991][ T13] ret_from_fork_asm+0x1a/0x30 [ 496.202173][ T13] [ 496.208318][ T13] Kernel Offset: disabled [ 496.211184][ T13] Rebooting in 86400 seconds.. VM DIAGNOSIS: 13:11:46 Registers: info registers vcpu 0 CPU#0 RAX=00000002000008fd RBX=ffff888017e98000 RCX=0000000000000830 RDX=0000000000000002 RSI=00000000000000fd RDI=0000000000000002 RBP=0000000000000001 RSP=ffffffff8d807b68 R8 =0000000000000000 R9 =fffffbfff1fc870a R10=ffffffff8fe43857 R11=0000000000000001 R12=1ffffffff1b00f6e R13=ffffffff8d807b90 R14=ffff88806b13edf8 R15=ffff888017e980a8 RIP=ffffffff813b8988 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806b000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000001b2dadbff8 CR3=000000003a7b6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000040001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff813092eb ffffffff813092dd ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff813092dd ffffffff813092eb ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 ffffffff813092eb ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0682de4325 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0682de4332 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0682de432c ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0682de4340 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0682de43c6 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0682de44a4 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0682ed4488 00007f0682ed4480 00007f0682ed4478 00007f0682ed4450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0683a3d100 00007f0682ed4440 00007f0600040008 000c00000010000c ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0682ed4498 00007f0682ed4490 00007f0682ed4488 00007f0682ed4480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1eefa7e883421ea6 45ae1efd3decefaa 9ee30280c1e1c279 a2f3ef5fec948ed2 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 545828c0f8767079 cc3f2f3348f09eff a933033ad970af1e efa7e883421ea645 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ae1efd3decefaa9e e30280c1e1c279a2 f3ef5fec948ed221 a7a47a2ec32530f0 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 be98ad5478f80970 f574523bafd16c8d 9363cb6b8299eb38 6d31dc3fd285f1d5 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7d629c13420f0719 5266eb96ea1e569e 078e03f03287f1d2 fef24e1ea829373c ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000005 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9 RSI=ffffffff84fd2cc5 RDI=ffffffff94dd71a0 RBP=ffffffff94dd7160 RSP=ffffc90000107658 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000005 R12=0000000000000000 R13=0000000000000005 R14=ffffffff84fd2c60 R15=0000000000000000 RIP=ffffffff84fd2cef RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806b100000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002039c000 CR3=000000003a1e6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000040001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 ffffffff813092eb ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0682de4325 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0682de4332 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0682de432c ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0682de4340 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0682de43c6 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0682de44a4 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0682ed4488 00007f0682ed4480 00007f0682ed4478 00007f0682ed4450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0683a3d100 00007f0682ed4440 00007f0682ed4458 00007f0682ed44a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0682ed4498 00007f0682ed4490 00007f0682ed4488 00007f0682ed4480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1eefa7e883421ea6 45ae1efd3decefaa 9ee30280c1e1c279 a2f3ef5fec948ed2 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 545828c0f8767079 cc3f2f3348f09eff a933033ad970af1e efa7e883421ea645 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ae1efd3decefaa9e e30280c1e1c279a2 f3ef5fec948ed221 a7a47a2ec32530f0 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 be98ad5478f80970 f574523bafd16c8d 9363cb6b8299eb38 6d31dc3fd285f1d5 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7d629c13420f0719 5266eb96ea1e569e 078e03f03287f1d2 fef24e1ea829373c ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000001 RBX=ffff88802656a440 RCX=0000000000000001 RDX=1ffff11004cad6f1 RSI=ffffffff8b2cb200 RDI=ffff88802656b788 RBP=000000000096fbae RSP=ffffc90000858d38 R8 =0000000000000004 R9 =00000000000aa4da R10=00000000000aa4da R11=0000000000000001 R12=ffffffff8dbfe3c0 R13=0000000000000002 R14=ffff8880257a07f8 R15=ffff88806b22d2e0 RIP=ffffffff81674eb7 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f3e07d8d500 ffffffff 00c00000 GS =0000 ffff88806b200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c250afb CR3=000000002c596000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000001 Opmask01=0000000000800000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcb45e57d0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c5f5f0045544156 4952505f4342494c ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000042494c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6362696c5f5f0045 5441564952505f43 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a755f6d65747379 733d747865746e6f 637420745f6d6461 7379733a725f6d00 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3075556765747373 7337747265746465 6374207455676461 7373733072556700 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 696c20206e692020 6120203361302064 64000030206e6520 6361706220312064 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6320202063632020 6120202061302063 6400000000313d20 6161556220312064 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7a2a6f66636c5578 62693779796b6669 7e2a7e556f69637c 6f6e556f797f6567 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 63666b7c64632a79 6b622a39723a2a7e 6463657a6e646f2a 61667f682a3b2a6d ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=0000000000000000 RCX=0000000000000002 RDX=0000000000000000 RSI=ffffffff813c37d5 RDI=ffffffff8d4ceb50 RBP=0000000000000002 RSP=ffffc90003367958 R8 =ffff88817ffe10c0 R9 =ffffed100d647d78 R10=ffff88806b23ebc3 R11=0000000000000000 R12=0000000000000008 R13=ffff88806b23ebc0 R14=0000000000000080 R15=dffffc0000000000 RIP=ffffffff813c3834 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 000055558d7cb500 ffffffff 00c00000 GS =0000 ffff88806b300000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020d29000 CR3=0000000046be4000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000800008 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff2240c090 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0682de4325 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0682de4332 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0682de432c ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0682de4340 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0682de43c6 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0682de44a4 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000