Warning: Permanently added '[localhost]:58836' (ECDSA) to the list of known hosts. [ 130.518236][ T39] audit: type=1400 audit(1664921674.836:75): avc: denied { execute } for pid=3684 comm="sh" name="syz-fuzzer" dev="sda1" ino=1134 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 130.538106][ T39] audit: type=1400 audit(1664921674.876:76): avc: denied { execute_no_trans } for pid=3684 comm="sh" path="/syz-fuzzer" dev="sda1" ino=1134 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 2022/10/04 22:14:35 fuzzer started 2022/10/04 22:14:37 dialing manager at localhost:33133 [ 133.986665][ T38] cfg80211: failed to load regulatory.db [ 134.611119][ T39] audit: type=1400 audit(1664921678.926:77): avc: denied { mounton } for pid=3695 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1136 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 134.631498][ T3695] cgroup: Unknown subsys name 'net' [ 134.641638][ T39] audit: type=1400 audit(1664921678.966:78): avc: denied { mount } for pid=3695 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 134.754832][ T39] audit: type=1400 audit(1664921679.086:79): avc: denied { unmount } for pid=3695 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 135.008253][ T3695] cgroup: Unknown subsys name 'rlimit' [ 135.235183][ T39] audit: type=1400 audit(1664921679.576:80): avc: denied { mounton } for pid=3695 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 2022/10/04 22:14:39 syscalls: 3793 2022/10/04 22:14:39 code coverage: enabled 2022/10/04 22:14:39 comparison tracing: enabled 2022/10/04 22:14:39 extra coverage: enabled 2022/10/04 22:14:39 delay kcov mmap: enabled 2022/10/04 22:14:39 setuid sandbox: enabled 2022/10/04 22:14:39 namespace sandbox: enabled 2022/10/04 22:14:39 Android sandbox: enabled 2022/10/04 22:14:39 fault injection: enabled 2022/10/04 22:14:39 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2022/10/04 22:14:39 net packet injection: enabled 2022/10/04 22:14:39 net device setup: enabled 2022/10/04 22:14:39 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/04 22:14:39 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/04 22:14:39 NIC VF setup: PCI device 0000:00:11.0 is not available 2022/10/04 22:14:39 USB emulation: enabled 2022/10/04 22:14:39 hci packet injection: enabled 2022/10/04 22:14:39 wifi device emulation: failed to parse kernel version (6.0.0-syzkaller-02734-g0326074ff465) 2022/10/04 22:14:39 802.15.4 emulation: enabled [ 135.308557][ T39] audit: type=1400 audit(1664921679.596:81): avc: denied { mount } for pid=3695 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 2022/10/04 22:14:39 fetching corpus: 0, signal 0/2000 (executing program) [ 135.379732][ T39] audit: type=1400 audit(1664921679.596:82): avc: denied { setattr } for pid=3695 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=760 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 135.415954][ T39] audit: type=1400 audit(1664921679.596:83): avc: denied { create } for pid=3695 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 135.454198][ T39] audit: type=1400 audit(1664921679.596:84): avc: denied { write } for pid=3695 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 2022/10/04 22:14:40 fetching corpus: 47, signal 47783/50560 (executing program) 2022/10/04 22:14:41 fetching corpus: 93, signal 62889/66507 (executing program) 2022/10/04 22:14:42 fetching corpus: 142, signal 73985/78237 (executing program) 2022/10/04 22:14:43 fetching corpus: 190, signal 81898/86729 (executing program) 2022/10/04 22:14:45 fetching corpus: 235, signal 91779/96882 (executing program) 2022/10/04 22:14:45 fetching corpus: 282, signal 96526/102094 (executing program) 2022/10/04 22:14:46 fetching corpus: 328, signal 101088/106953 (executing program) 2022/10/04 22:14:47 fetching corpus: 378, signal 108883/114607 (executing program) 2022/10/04 22:14:48 fetching corpus: 426, signal 115026/120580 (executing program) 2022/10/04 22:14:50 fetching corpus: 474, signal 119100/124614 (executing program) 2022/10/04 22:14:51 fetching corpus: 515, signal 121498/127159 (executing program) 2022/10/04 22:14:52 fetching corpus: 564, signal 126152/131583 (executing program) 2022/10/04 22:14:54 fetching corpus: 611, signal 128939/134283 (executing program) 2022/10/04 22:14:55 fetching corpus: 651, signal 131492/136751 (executing program) 2022/10/04 22:14:56 fetching corpus: 697, signal 134710/139673 (executing program) 2022/10/04 22:14:57 fetching corpus: 743, signal 139494/143794 (executing program) 2022/10/04 22:14:58 fetching corpus: 787, signal 141745/145823 (executing program) 2022/10/04 22:14:59 fetching corpus: 833, signal 145381/148863 (executing program) 2022/10/04 22:15:00 fetching corpus: 874, signal 148498/151576 (executing program) 2022/10/04 22:15:01 fetching corpus: 922, signal 152362/154650 (executing program) 2022/10/04 22:15:02 fetching corpus: 968, signal 156102/157507 (executing program) 2022/10/04 22:15:02 fetching corpus: 996, signal 157090/158319 (executing program) 2022/10/04 22:15:02 fetching corpus: 996, signal 157093/158388 (executing program) 2022/10/04 22:15:02 fetching corpus: 996, signal 157093/158440 (executing program) 2022/10/04 22:15:02 fetching corpus: 996, signal 157093/158503 (executing program) 2022/10/04 22:15:02 fetching corpus: 996, signal 157093/158546 (executing program) 2022/10/04 22:15:02 fetching corpus: 996, signal 157093/158594 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157093/158657 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157093/158703 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157093/158757 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157093/158817 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157093/158866 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157093/158935 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157093/158992 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157093/159052 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157093/159102 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157093/159165 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157093/159219 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157093/159277 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157093/159321 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157093/159374 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157102/159432 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157102/159485 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157102/159555 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157102/159601 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157102/159638 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157102/159697 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157102/159759 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157107/159806 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157107/159848 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157107/159909 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157107/159959 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157107/160020 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157107/160075 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157122/160134 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157122/160195 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157122/160251 (executing program) 2022/10/04 22:15:03 fetching corpus: 996, signal 157122/160298 (executing program) 2022/10/04 22:15:03 fetching corpus: 997, signal 157125/160347 (executing program) 2022/10/04 22:15:03 fetching corpus: 997, signal 157125/160407 (executing program) 2022/10/04 22:15:03 fetching corpus: 997, signal 157125/160473 (executing program) 2022/10/04 22:15:03 fetching corpus: 997, signal 157125/160522 (executing program) 2022/10/04 22:15:03 fetching corpus: 997, signal 157125/160578 (executing program) 2022/10/04 22:15:03 fetching corpus: 997, signal 157125/160625 (executing program) 2022/10/04 22:15:03 fetching corpus: 997, signal 157125/160684 (executing program) 2022/10/04 22:15:03 fetching corpus: 997, signal 157125/160739 (executing program) 2022/10/04 22:15:03 fetching corpus: 997, signal 157125/160788 (executing program) 2022/10/04 22:15:03 fetching corpus: 997, signal 157125/160842 (executing program) 2022/10/04 22:15:03 fetching corpus: 997, signal 157125/160898 (executing program) 2022/10/04 22:15:03 fetching corpus: 997, signal 157125/160946 (executing program) 2022/10/04 22:15:03 fetching corpus: 997, signal 157125/161011 (executing program) 2022/10/04 22:15:03 fetching corpus: 997, signal 157125/161069 (executing program) [ 159.589331][ T1353] ieee802154 phy0 wpan0: encryption failed: -22 2022/10/04 22:15:03 fetching corpus: 998, signal 157126/161119 (executing program) [ 159.603795][ T1353] ieee802154 phy1 wpan1: encryption failed: -22 2022/10/04 22:15:03 fetching corpus: 999, signal 157140/161166 (executing program) 2022/10/04 22:15:04 fetching corpus: 999, signal 157140/161219 (executing program) 2022/10/04 22:15:04 fetching corpus: 999, signal 157140/161266 (executing program) 2022/10/04 22:15:04 fetching corpus: 999, signal 157140/161333 (executing program) 2022/10/04 22:15:04 fetching corpus: 999, signal 157140/161377 (executing program) 2022/10/04 22:15:04 fetching corpus: 999, signal 157140/161439 (executing program) 2022/10/04 22:15:04 fetching corpus: 999, signal 157140/161489 (executing program) 2022/10/04 22:15:04 fetching corpus: 999, signal 157140/161489 (executing program) 2022/10/04 22:15:11 starting 4 fuzzer processes 22:15:11 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x48, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}}, 0x0) 22:15:11 executing program 1: r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="5500000018007fd500fe01b2a4a280930a06000000a843089100fe803900080008000c000f009100040000000fd2de14099c71f3de448daa72540d8102d2c55327c43ab82286ef1fdd20652383656d4d24aded13f7", 0x55}], 0x1}, 0x0) 22:15:11 executing program 2: capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff}) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x15, 0x3, &(0x7f0000000200)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0xb5, 0xffffffd4}}, &(0x7f0000000240)='GPL\x00', 0x1, 0x473, &(0x7f0000000380)=""/211, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x16, 0x10, &(0x7f0000000000), 0xffffffffffffff60}, 0x48) 22:15:11 executing program 3: r0 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8904, &(0x7f0000000000)={'wg1\x00'}) [ 167.190464][ T39] kauditd_printk_skb: 1 callbacks suppressed [ 167.190481][ T39] audit: type=1400 audit(1664921711.516:86): avc: denied { execmem } for pid=3707 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 167.640289][ T39] audit: type=1400 audit(1664921711.976:87): avc: denied { mounton } for pid=3711 comm="syz-executor.3" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 167.716414][ T39] audit: type=1400 audit(1664921711.976:88): avc: denied { mount } for pid=3711 comm="syz-executor.3" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 167.750763][ T39] audit: type=1400 audit(1664921711.976:89): avc: denied { create } for pid=3711 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 167.773617][ T39] audit: type=1400 audit(1664921711.986:90): avc: denied { read write } for pid=3711 comm="syz-executor.3" name="vhci" dev="devtmpfs" ino=1104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 167.826916][ T39] audit: type=1400 audit(1664921711.986:91): avc: denied { open } for pid=3711 comm="syz-executor.3" path="/dev/vhci" dev="devtmpfs" ino=1104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 168.720626][ T39] audit: type=1400 audit(1664921713.056:92): avc: denied { ioctl } for pid=3711 comm="syz-executor.3" path="socket:[29133]" dev="sockfs" ino=29133 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 168.782641][ T3720] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 168.895604][ T3726] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 168.921275][ T3726] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 168.932986][ T3728] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 168.936013][ T3726] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 168.937787][ T3729] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 168.939562][ T3729] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 168.940924][ T3729] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 168.941911][ T3729] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 168.942560][ T3729] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 168.943678][ T3729] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 168.946307][ T3713] Bluetooth: hci2: HCI_REQ-0x0c1a [ 168.979012][ T39] audit: type=1400 audit(1664921713.276:93): avc: denied { read } for pid=3713 comm="syz-executor.0" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 168.979059][ T39] audit: type=1400 audit(1664921713.276:94): avc: denied { open } for pid=3713 comm="syz-executor.0" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 168.979092][ T39] audit: type=1400 audit(1664921713.276:95): avc: denied { mounton } for pid=3713 comm="syz-executor.0" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 169.038855][ T3728] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 169.051616][ T3719] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 169.052789][ T3719] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 169.053920][ T3719] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 169.057684][ T3726] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 169.058542][ T3726] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 169.059176][ T3726] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 169.059465][ T3726] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 169.061474][ T3714] Bluetooth: hci1: HCI_REQ-0x0c1a [ 169.205729][ T3729] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 169.237329][ T3719] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 169.237610][ T3719] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 169.240614][ T3712] Bluetooth: hci3: HCI_REQ-0x0c1a [ 169.445211][ T3729] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 169.453839][ T3729] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 169.460652][ T3711] Bluetooth: hci0: HCI_REQ-0x0c1a [ 170.308583][ T3713] chnl_net:caif_netlink_parms(): no params data found [ 170.480556][ T3712] chnl_net:caif_netlink_parms(): no params data found [ 170.770118][ T3713] [ 170.772240][ T3713] ====================================================== [ 170.778278][ T3713] WARNING: possible circular locking dependency detected [ 170.796517][ T3713] 6.0.0-syzkaller-02734-g0326074ff465 #0 Not tainted [ 170.810560][ T3713] ------------------------------------------------------ [ 170.824435][ T3713] syz-executor.0/3713 is trying to acquire lock: [ 170.830312][ T3713] ffffffff8c0bdc08 (zonelist_update_seq.seqcount){...-}-{0:0}, at: __alloc_pages+0x43d/0x510 [ 170.853152][ T3713] [ 170.853152][ T3713] but task is already holding lock: [ 170.870514][ T3713] ffff88802ca29498 (&base->lock){-.-.}-{2:2}, at: __mod_timer+0x60c/0xe30 [ 170.892369][ T3713] [ 170.892369][ T3713] which lock already depends on the new lock. [ 170.892369][ T3713] [ 170.916648][ T3713] [ 170.916648][ T3713] the existing dependency chain (in reverse order) is: [ 170.937158][ T3713] [ 170.937158][ T3713] -> #4 (&base->lock){-.-.}-{2:2}: [ 170.952835][ T3713] _raw_spin_lock_irqsave+0x39/0x50 [ 170.974312][ T3713] lock_timer_base+0x5a/0x1f0 [ 170.980246][ T3713] __mod_timer+0x398/0xe30 [ 171.004579][ T3713] __queue_delayed_work+0x1a7/0x270 [ 171.009480][ T3713] queue_delayed_work_on+0x105/0x120 [ 171.014353][ T3713] enqueue_task+0x1ec/0x3a0 [ 171.018620][ T3713] wake_up_new_task+0x582/0xbf0 [ 171.039178][ T3713] kernel_clone+0x1eb/0xab0 [ 171.043538][ T3713] user_mode_thread+0xad/0xe0 [ 171.047933][ T3713] rest_init+0x23/0x270 [ 171.065889][ T3713] arch_call_rest_init+0xf/0x14 [ 171.073658][ T3713] start_kernel+0x46e/0x48f [ 171.079735][ T3713] secondary_startup_64_no_verify+0xce/0xdb [ 171.095632][ T3713] [ 171.095632][ T3713] -> #3 (&rq->__lock){-.-.}-{2:2}: [ 171.103458][ T3729] Bluetooth: hci1: command 0x0409 tx timeout [ 171.109843][ T3719] Bluetooth: hci2: command 0x0409 tx timeout [ 171.121667][ T3713] _raw_spin_lock_nested+0x30/0x40 [ 171.121715][ T3713] raw_spin_rq_lock_nested+0x2b/0x120 [ 171.121776][ T3713] task_fork_fair+0x68/0x520 [ 171.121801][ T3713] sched_cgroup_fork+0x340/0x480 [ 171.121819][ T3713] copy_process+0x4416/0x7090 [ 171.121837][ T3713] kernel_clone+0xe7/0xab0 [ 171.121854][ T3713] user_mode_thread+0xad/0xe0 [ 171.121873][ T3713] rest_init+0x23/0x270 [ 171.252996][ T3713] arch_call_rest_init+0xf/0x14 [ 171.259763][ T3713] start_kernel+0x46e/0x48f [ 171.277283][ T3713] secondary_startup_64_no_verify+0xce/0xdb [ 171.290632][ T3713] [ 171.290632][ T3713] -> #2 (&p->pi_lock){-.-.}-{2:2}: [ 171.299011][ T3713] _raw_spin_lock_irqsave+0x39/0x50 [ 171.321828][ T3713] try_to_wake_up+0xab/0x1e30 [ 171.327667][ T3713] up+0x75/0xb0 [ 171.332052][ T3713] __up_console_sem+0xa4/0xc0 [ 171.340149][ T3713] console_unlock+0x480/0x5a0 [ 171.347998][ T3713] vga_remove_vgacon.cold+0x99/0x9e [ 171.360576][ T3713] aperture_remove_conflicting_pci_devices+0x59/0x200 [ 171.379950][ T3713] virtio_gpu_probe.cold+0x16a/0x189 [ 171.399610][ T3713] virtio_dev_probe+0x577/0x870 [ 171.404785][ T3713] really_probe+0x249/0xb90 [ 171.422931][ T3713] __driver_probe_device+0x1df/0x4d0 [ 171.434513][ T3713] driver_probe_device+0x4c/0x1a0 [ 171.444934][ T3713] __driver_attach+0x1d0/0x550 [ 171.455594][ T3713] bus_for_each_dev+0x147/0x1d0 [ 171.464047][ T3713] bus_add_driver+0x4c9/0x640 [ 171.468290][ T3713] driver_register+0x220/0x3a0 [ 171.472803][ T3713] do_one_initcall+0xfe/0x650 [ 171.501267][ T3713] kernel_init_freeable+0x6b1/0x73a [ 171.505890][ T3713] kernel_init+0x1a/0x1d0 [ 171.542129][ T3713] ret_from_fork+0x1f/0x30 [ 171.546055][ T3713] [ 171.546055][ T3713] -> #1 ((console_sem).lock){-.-.}-{2:2}: [ 171.552478][ T3713] _raw_spin_lock_irqsave+0x39/0x50 [ 171.573502][ T3713] down_trylock+0xe/0x60 [ 171.577432][ T3713] __down_trylock_console_sem+0x40/0x120 [ 171.583239][ T3729] Bluetooth: hci0: command 0x0409 tx timeout [ 171.595378][ T3713] vprintk_emit+0x167/0x5f0 [ 171.595414][ T3713] vprintk+0x80/0x90 [ 171.595444][ T3713] _printk+0xba/0xed [ 171.640225][ T3713] build_zonelists+0x2e7/0x400 [ 171.658166][ T3713] __build_all_zonelists+0x122/0x180 [ 171.662667][ T3713] build_all_zonelists_init+0x2f/0x104 [ 171.807089][ T3713] build_all_zonelists+0x11f/0x140 [ 171.812258][ T3713] start_kernel+0xb9/0x48f [ 171.828517][ T3713] secondary_startup_64_no_verify+0xce/0xdb [ 171.843914][ T3713] [ 171.843914][ T3713] -> #0 (zonelist_update_seq.seqcount){...-}-{0:0}: [ 171.862942][ T3713] __lock_acquire+0x2a43/0x56d0 [ 171.867795][ T3713] lock_acquire+0x1ab/0x570 [ 171.874899][ T3713] __alloc_pages_slowpath.constprop.0+0x1a5/0x2300 [ 171.892113][ T3713] __alloc_pages+0x43d/0x510 [ 171.896979][ T3713] cache_grow_begin+0x75/0x360 [ 171.914776][ T3713] cache_alloc_refill+0x27f/0x380 [ 171.921132][ T3713] kmem_cache_alloc+0x433/0x520 [ 171.936352][ T3713] fill_pool+0x264/0x5c0 [ 171.942864][ T3713] __debug_object_init+0x7a/0xd10 [ 171.950876][ T3713] debug_object_activate+0x32c/0x3e0 [ 171.955093][ T3713] __mod_timer+0x77d/0xe30 [ 171.987881][ T3713] __queue_delayed_work+0x1a7/0x270 [ 171.995034][ T3713] queue_delayed_work_on+0x105/0x120 [ 172.000829][ T3713] wg_ratelimiter_init+0x198/0x2c0 [ 172.027519][ T3713] wg_newlink+0x4ed/0x9a0 [ 172.034152][ T3713] __rtnl_newlink+0x1087/0x17e0 [ 172.040018][ T3713] rtnl_newlink+0x64/0xa0 [ 172.044001][ T3713] rtnetlink_rcv_msg+0x43a/0xca0 [ 172.055786][ T3713] netlink_rcv_skb+0x153/0x420 [ 172.079226][ T3713] netlink_unicast+0x543/0x7f0 [ 172.083191][ T3713] netlink_sendmsg+0x917/0xe10 [ 172.087025][ T3713] sock_sendmsg+0xcf/0x120 [ 172.090576][ T3713] __sys_sendto+0x236/0x340 [ 172.107794][ T3713] __x64_sys_sendto+0xdd/0x1b0 [ 172.125678][ T3713] do_syscall_64+0x35/0xb0 [ 172.131212][ T3713] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 172.154552][ T3713] [ 172.154552][ T3713] other info that might help us debug this: [ 172.154552][ T3713] [ 172.164597][ T3713] Chain exists of: [ 172.164597][ T3713] zonelist_update_seq.seqcount --> &rq->__lock --> &base->lock [ 172.164597][ T3713] [ 172.193514][ T3713] Possible unsafe locking scenario: [ 172.193514][ T3713] [ 172.201051][ T3713] CPU0 CPU1 [ 172.205263][ T3713] ---- ---- [ 172.220345][ T3713] lock(&base->lock); [ 172.229826][ T3713] lock(&rq->__lock); [ 172.251854][ T3713] lock(&base->lock); [ 172.258725][ T3713] lock(zonelist_update_seq.seqcount); [ 172.278688][ T3713] [ 172.278688][ T3713] *** DEADLOCK *** [ 172.278688][ T3713] [ 172.288895][ T3713] 3 locks held by syz-executor.0/3713: [ 172.300930][ T3713] #0: ffffffff8d7b2fe8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3e5/0xca0 [ 172.322393][ T3713] #1: ffffffff8ccaed28 (init_lock){+.+.}-{3:3}, at: wg_ratelimiter_init+0x17/0x2c0 [ 172.366520][ T3713] #2: ffff88802ca29498 (&base->lock){-.-.}-{2:2}, at: __mod_timer+0x60c/0xe30 [ 172.373947][ T3713] [ 172.373947][ T3713] stack backtrace: [ 172.402822][ T3713] CPU: 2 PID: 3713 Comm: syz-executor.0 Not tainted 6.0.0-syzkaller-02734-g0326074ff465 #0 [ 172.411146][ T3713] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 172.442720][ T3713] Call Trace: [ 172.445924][ T3713] [ 172.449778][ T3713] dump_stack_lvl+0xcd/0x134 [ 172.459421][ T3713] check_noncircular+0x25f/0x2e0 [ 172.482789][ T3713] ? write_profile+0x4a0/0x4a0 [ 172.487044][ T3713] ? print_circular_bug+0x1e0/0x1e0 [ 172.492747][ T3713] ? stack_trace_save+0x8c/0xc0 [ 172.498771][ T3713] __lock_acquire+0x2a43/0x56d0 [ 172.516080][ T3713] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 172.520922][ T3713] ? __lock_acquire+0x2567/0x56d0 [ 172.525807][ T3713] lock_acquire+0x1ab/0x570 [ 172.544978][ T3713] ? __alloc_pages+0x43d/0x510 [ 172.549743][ T3713] ? lock_release+0x780/0x780 [ 172.553982][ T3713] ? unwind_next_frame+0xfa9/0x1cc0 [ 172.566243][ T3713] ? arch_stack_walk+0x5c/0xe0 [ 172.572403][ T3713] ? __zone_watermark_ok+0x271/0x450 [ 172.580442][ T3713] __alloc_pages_slowpath.constprop.0+0x1a5/0x2300 [ 172.591444][ T3713] ? __alloc_pages+0x43d/0x510 [ 172.597909][ T3713] ? get_page_from_freelist+0x3de/0x2ce0 [ 172.605235][ T3713] ? stack_trace_save+0x8c/0xc0 [ 172.613941][ T3713] ? warn_alloc+0x190/0x190 [ 172.624975][ T3713] ? __zone_watermark_ok+0x450/0x450 [ 172.632865][ T3713] ? prepare_alloc_pages+0x178/0x570 [ 172.640984][ T3713] ? wg_ratelimiter_init+0x198/0x2c0 [ 172.651818][ T3713] ? wg_newlink+0x4ed/0x9a0 [ 172.657348][ T3713] ? __rtnl_newlink+0x1087/0x17e0 [ 172.665393][ T3713] __alloc_pages+0x43d/0x510 [ 172.672322][ T3713] ? do_syscall_64+0x35/0xb0 [ 172.682480][ T3713] ? __alloc_pages_slowpath.constprop.0+0x2300/0x2300 [ 172.691237][ T3713] ? print_shortest_lock_dependencies_backwards+0x80/0x80 [ 172.699894][ T3713] ? check_path.constprop.0+0x24/0x50 [ 172.706398][ T3713] cache_grow_begin+0x75/0x360 [ 172.711855][ T3713] cache_alloc_refill+0x27f/0x380 [ 172.718143][ T3713] kmem_cache_alloc+0x433/0x520 [ 172.726491][ T3713] fill_pool+0x264/0x5c0 [ 172.736480][ T3713] ? __list_del_entry_valid+0x110/0x110 [ 172.743212][ T3713] ? __lock_acquire+0x2567/0x56d0 [ 172.749629][ T3713] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 172.758720][ T3713] __debug_object_init+0x7a/0xd10 [ 172.772999][ T3713] ? debug_object_activate+0x1b3/0x3e0 [ 172.782066][ T3713] ? lock_downgrade+0x6e0/0x6e0 [ 172.788078][ T3713] ? debug_object_free+0x350/0x350 [ 172.794784][ T3713] debug_object_activate+0x32c/0x3e0 [ 172.802008][ T3713] ? lock_release+0x780/0x780 [ 172.809855][ T3713] ? debug_object_assert_init+0x2e0/0x2e0 [ 172.820157][ T3713] ? rwlock_bug.part.0+0x90/0x90 [ 172.826511][ T3713] ? get_nohz_timer_target+0x1d/0x730 [ 172.833242][ T3713] ? lock_timer_base+0x174/0x1f0 [ 172.839326][ T3713] __mod_timer+0x77d/0xe30 [ 172.843664][ T3713] ? enqueue_timer+0x5b0/0x5b0 [ 172.849745][ T3713] ? rcu_read_lock_sched_held+0x3a/0x70 [ 172.857910][ T3713] ? kmem_cache_alloc_node_trace+0x3d1/0x570 [ 172.864882][ T3713] __queue_delayed_work+0x1a7/0x270 [ 172.871211][ T3713] queue_delayed_work_on+0x105/0x120 [ 172.877690][ T3713] wg_ratelimiter_init+0x198/0x2c0 [ 172.884241][ T3713] wg_newlink+0x4ed/0x9a0 [ 172.891019][ T3713] ? wg_pm_notification+0x170/0x170 [ 172.896625][ T3713] __rtnl_newlink+0x1087/0x17e0 [ 172.904189][ T3713] ? rtnl_link_unregister+0x250/0x250 [ 172.912235][ T3713] ? rcu_read_lock_sched_held+0x3a/0x70 [ 172.919008][ T3713] ? trace_kmalloc+0x32/0x100 [ 172.925253][ T3713] ? kmem_cache_alloc_trace+0x278/0x460 [ 172.935830][ T3713] rtnl_newlink+0x64/0xa0 [ 172.941336][ T3713] ? __rtnl_newlink+0x17e0/0x17e0 [ 172.947106][ T3713] rtnetlink_rcv_msg+0x43a/0xca0 [ 172.952335][ T3713] ? rtnl_getlink+0xae0/0xae0 [ 172.957978][ T3713] netlink_rcv_skb+0x153/0x420 [ 172.963327][ T3713] ? rtnl_getlink+0xae0/0xae0 [ 172.970307][ T3713] ? netlink_ack+0xd50/0xd50 [ 172.975666][ T3713] ? netlink_deliver_tap+0x1a2/0xc40 [ 172.981720][ T3713] ? netlink_deliver_tap+0x1b1/0xc40 [ 172.991351][ T3713] netlink_unicast+0x543/0x7f0 [ 172.997226][ T3713] ? netlink_attachskb+0x880/0x880 [ 173.003512][ T3713] netlink_sendmsg+0x917/0xe10 [ 173.011301][ T3713] ? netlink_unicast+0x7f0/0x7f0 [ 173.018048][ T3713] ? netlink_unicast+0x7f0/0x7f0 [ 173.023699][ T3713] sock_sendmsg+0xcf/0x120 [ 173.030015][ T3713] __sys_sendto+0x236/0x340 [ 173.036622][ T3713] ? __ia32_sys_getpeername+0xb0/0xb0 [ 173.044953][ T3713] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 173.052247][ T3713] ? __ct_user_exit+0xff/0x150 [ 173.057755][ T3713] ? lock_downgrade+0x6e0/0x6e0 [ 173.063327][ T3713] ? lock_downgrade+0x6e0/0x6e0 [ 173.069328][ T3713] __x64_sys_sendto+0xdd/0x1b0 [ 173.075373][ T3713] ? syscall_enter_from_user_mode+0x22/0xb0 [ 173.082302][ T3713] do_syscall_64+0x35/0xb0 [ 173.087364][ T3713] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 173.094123][ T3713] RIP: 0033:0x7f85fee3c4fc [ 173.099420][ T3713] Code: fa fa ff ff 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 20 fb ff ff 48 8b [ 173.123939][ T3713] RSP: 002b:00007ffc53b1d750 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 173.135469][ T3713] RAX: ffffffffffffffda RBX: 00007f85ffee4320 RCX: 00007f85fee3c4fc [ 173.145045][ T3713] RDX: 000000000000003c RSI: 00007f85ffee4370 RDI: 0000000000000003 [ 173.154293][ T3713] RBP: 0000000000000000 R08: 00007ffc53b1d7a4 R09: 000000000000000c [ 173.163865][ T3713] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 173.173927][ T3713] R13: 00007f85ffee4370 R14: 0000000000000003 R15: 0000000000000000 [ 173.183104][ T3729] Bluetooth: hci1: command 0x041b tx timeout [ 173.183528][ T3713] [ 173.187506][ T3729] Bluetooth: hci2: command 0x041b tx timeout [ 173.204742][ T64] Bluetooth: hci3: command 0x0409 tx timeout [ 173.402558][ T3714] chnl_net:caif_netlink_parms(): no params data found [ 173.529391][ T3712] bridge0: port 1(bridge_slave_0) entered blocking state [ 173.534526][ T3712] bridge0: port 1(bridge_slave_0) entered disabled state [ 173.562171][ T3712] device bridge_slave_0 entered promiscuous mode [ 173.663324][ T3729] Bluetooth: hci0: command 0x041b tx timeout [ 173.725370][ T3712] bridge0: port 2(bridge_slave_1) entered blocking state [ 173.730525][ T3712] bridge0: port 2(bridge_slave_1) entered disabled state [ 173.738928][ T3712] device bridge_slave_1 entered promiscuous mode [ 173.771421][ T3713] bridge0: port 1(bridge_slave_0) entered blocking state [ 173.779057][ T3713] bridge0: port 1(bridge_slave_0) entered disabled state [ 173.793147][ T3713] device bridge_slave_0 entered promiscuous mode [ 173.808730][ T3713] bridge0: port 2(bridge_slave_1) entered blocking state [ 173.820650][ T3713] bridge0: port 2(bridge_slave_1) entered disabled state [ 173.830400][ T3713] device bridge_slave_1 entered promiscuous mode [ 173.905714][ T3711] chnl_net:caif_netlink_parms(): no params data found [ 174.188629][ T3712] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 174.221286][ T3713] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 174.264731][ T3712] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 174.321193][ T3713] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 174.381509][ T3714] bridge0: port 1(bridge_slave_0) entered blocking state [ 174.404489][ T3714] bridge0: port 1(bridge_slave_0) entered disabled state [ 174.411915][ T3714] device bridge_slave_0 entered promiscuous mode [ 174.544431][ T3714] bridge0: port 2(bridge_slave_1) entered blocking state [ 174.558901][ T3714] bridge0: port 2(bridge_slave_1) entered disabled state [ 174.576900][ T3714] device bridge_slave_1 entered promiscuous mode [ 174.637602][ T3712] team0: Port device team_slave_0 added [ 174.714199][ T3713] team0: Port device team_slave_0 added [ 174.758920][ T3712] team0: Port device team_slave_1 added [ 174.818956][ T3713] team0: Port device team_slave_1 added [ 174.956510][ T3712] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 174.967115][ T3712] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 175.002141][ T3712] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 175.053053][ T3711] bridge0: port 1(bridge_slave_0) entered blocking state [ 175.058899][ T3711] bridge0: port 1(bridge_slave_0) entered disabled state [ 175.070332][ T3711] device bridge_slave_0 entered promiscuous mode [ 175.082788][ T3714] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 175.113963][ T3714] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 175.126407][ T3712] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 175.134575][ T3712] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 175.166366][ T3712] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 175.217449][ T3711] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.236122][ T3711] bridge0: port 2(bridge_slave_1) entered disabled state [ 175.248218][ T3711] device bridge_slave_1 entered promiscuous mode [ 175.273623][ T3729] Bluetooth: hci2: command 0x040f tx timeout [ 175.277590][ T3719] Bluetooth: hci3: command 0x041b tx timeout [ 175.281035][ T3729] Bluetooth: hci1: command 0x040f tx timeout [ 175.297619][ T3713] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 175.308494][ T3713] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 175.381151][ T3713] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 175.407389][ T3713] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 175.421442][ T3713] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 175.465135][ T3713] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 175.626846][ T3711] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 175.641106][ T3714] team0: Port device team_slave_0 added [ 175.647923][ T3714] team0: Port device team_slave_1 added [ 175.715569][ T3711] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 175.758539][ T3719] Bluetooth: hci0: command 0x040f tx timeout [ 175.983713][ T3714] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 175.988623][ T3714] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 176.032631][ T3714] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 176.054931][ T3712] device hsr_slave_0 entered promiscuous mode [ 176.067485][ T3712] device hsr_slave_1 entered promiscuous mode [ 176.157331][ T3711] team0: Port device team_slave_0 added [ 176.167915][ T3713] device hsr_slave_0 entered promiscuous mode [ 176.176523][ T3713] device hsr_slave_1 entered promiscuous mode [ 176.206688][ T3713] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 176.227246][ T3713] Cannot create hsr debugfs directory [ 176.236600][ T3714] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 176.241553][ T3714] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 176.278837][ T3714] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 176.295047][ T3711] team0: Port device team_slave_1 added [ 176.420542][ T3711] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 176.426621][ T3711] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 176.478258][ T3711] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 176.594574][ T3711] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 176.600199][ T3711] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 176.641800][ T3711] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 176.904224][ T3714] device hsr_slave_0 entered promiscuous mode [ 176.925817][ T3714] device hsr_slave_1 entered promiscuous mode [ 176.951509][ T3714] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 176.971590][ T3714] Cannot create hsr debugfs directory [ 177.257092][ T3711] device hsr_slave_0 entered promiscuous mode [ 177.262760][ T3711] device hsr_slave_1 entered promiscuous mode [ 177.269785][ T3711] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 177.278434][ T3711] Cannot create hsr debugfs directory [ 177.361490][ T3719] Bluetooth: hci3: command 0x040f tx timeout [ 177.379975][ T3729] Bluetooth: hci1: command 0x0419 tx timeout [ 177.384811][ T3729] Bluetooth: hci2: command 0x0419 tx timeout [ 177.794127][ T3713] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 177.824182][ T64] Bluetooth: hci0: command 0x0419 tx timeout [ 177.830544][ T3713] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 177.933924][ T3713] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 177.972730][ T3713] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 178.063121][ T3712] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 178.098739][ T3712] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 178.150695][ T3712] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 178.188111][ T3712] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 178.267026][ T3711] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 178.294933][ T3711] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 178.324037][ T3711] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 178.386370][ T3711] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 178.411242][ T3714] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 178.422685][ T3714] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 178.506419][ T3714] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 178.515228][ T3714] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 178.585392][ T3713] 8021q: adding VLAN 0 to HW filter on device bond0 [ 178.704091][ T3713] 8021q: adding VLAN 0 to HW filter on device team0 [ 178.730672][ T3766] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 178.741149][ T3766] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 178.799950][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 178.806087][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 178.813732][ T15] bridge0: port 1(bridge_slave_0) entered blocking state [ 178.822128][ T15] bridge0: port 1(bridge_slave_0) entered forwarding state [ 178.866512][ T3714] 8021q: adding VLAN 0 to HW filter on device bond0 [ 178.886349][ T3711] 8021q: adding VLAN 0 to HW filter on device bond0 [ 178.905696][ T3757] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 178.911783][ T3757] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 178.923836][ T3757] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 178.934159][ T3757] bridge0: port 2(bridge_slave_1) entered blocking state [ 178.956213][ T3757] bridge0: port 2(bridge_slave_1) entered forwarding state [ 178.973705][ T3757] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 178.982588][ T3757] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 179.022756][ T3711] 8021q: adding VLAN 0 to HW filter on device team0 [ 179.055347][ T3713] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 179.079802][ T3713] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 179.110609][ T3712] 8021q: adding VLAN 0 to HW filter on device bond0 [ 179.135858][ T3712] 8021q: adding VLAN 0 to HW filter on device team0 [ 179.149457][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 179.161987][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 179.185352][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 179.213091][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 179.222449][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 179.235645][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 179.249445][ T15] bridge0: port 1(bridge_slave_0) entered blocking state [ 179.258154][ T15] bridge0: port 1(bridge_slave_0) entered forwarding state [ 179.270829][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 179.289686][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 179.307612][ T15] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.319045][ T15] bridge0: port 2(bridge_slave_1) entered forwarding state [ 179.331505][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 179.359635][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 179.368602][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 179.389710][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 179.399591][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 179.423556][ T3719] Bluetooth: hci3: command 0x0419 tx timeout [ 179.454945][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 179.472221][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 179.497256][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 179.508533][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 179.518987][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 179.528293][ T15] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 179.579086][ T3767] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 179.612450][ T3767] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 179.620982][ T3767] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 179.627499][ T3767] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 179.696774][ T3714] 8021q: adding VLAN 0 to HW filter on device team0 [ 179.704575][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 179.714171][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 179.721460][ T3761] bridge0: port 1(bridge_slave_0) entered blocking state [ 179.726022][ T39] kauditd_printk_skb: 1 callbacks suppressed [ 179.726037][ T39] audit: type=1400 audit(1664921724.066:97): avc: denied { sys_module } for pid=3713 comm="syz-executor.0" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 179.751486][ T3761] bridge0: port 1(bridge_slave_0) entered forwarding state [ 179.752303][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 179.754454][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 179.754809][ T3761] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.754850][ T3761] bridge0: port 2(bridge_slave_1) entered forwarding state [ 179.755160][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 179.756066][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 179.839755][ T3711] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 179.939030][ T3711] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 179.977368][ T133] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 179.988489][ T133] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 180.000514][ T133] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 180.011674][ T133] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 180.031974][ T133] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 180.048162][ T133] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 180.060155][ T133] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 180.076239][ T133] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 180.087323][ T133] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 180.106341][ T133] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 180.118496][ T133] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 180.131990][ T133] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 180.150229][ T133] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 180.165527][ T133] bridge0: port 1(bridge_slave_0) entered blocking state [ 180.175845][ T133] bridge0: port 1(bridge_slave_0) entered forwarding state [ 180.189299][ T133] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 180.201619][ T133] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 180.217093][ T133] bridge0: port 2(bridge_slave_1) entered blocking state [ 180.233120][ T133] bridge0: port 2(bridge_slave_1) entered forwarding state [ 180.247859][ T133] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 180.261087][ T133] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 180.276226][ T133] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 180.294520][ T133] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 180.307243][ T133] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 180.334329][ T133] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 180.458721][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 180.483502][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 180.504853][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 180.516316][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 180.529689][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 180.542110][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 180.565199][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 180.578698][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 180.591850][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 180.621407][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 180.666736][ T3714] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 180.681204][ T3714] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 180.718352][ T3099] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 180.725057][ T3099] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 180.733471][ T3099] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 180.740715][ T3099] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 180.750213][ T3099] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 180.760447][ T3099] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 180.768407][ T3099] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 180.785246][ T3712] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready VM DIAGNOSIS: 22:15:18 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=ffffffff8bcbc980 RCX=ffffffff89830e05 RDX=ffffed100590698a RSI=0000000000000000 RDI=ffffffff89861d1f RBP=0000000000000000 RSP=ffffffff8bc07e18 R8 =0000000000000000 R9 =ffff88802c834c4b R10=ffffed1005906989 R11=0000000000000001 R12=fffffbfff1797930 R13=0000000000000000 R14=ffffffff8ddf7050 R15=0000000000000000 RIP=ffffffff8986156b RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00000000 FS =0000 0000000000000000 ffffffff 00000000 GS =0000 ffff88802c800000 ffffffff 00000000 LDT=0000 0000000000000000 ffffffff 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007efc4c6b7300 CR3=000000001d6d3000 CR4=00150ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00ff000000000000000000000000ff00 XMM03=6e6863205d3231373354205b5d363535 XMM04=00000000000000000000000000000000 XMM05=ffffffffffffffffffffffffffffffff XMM06=00000000000000000000000000000000 XMM07=7a7973223d6d6d6f6320333137333d64 XMM08=2500656c6f736e6f632f7665642f000a XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000001 RBX=ffff88801252e000 RCX=ffffffff89830e05 RDX=ffffed100592698a RSI=0000000000000000 RDI=ffffffff89861d1f RBP=0000000000000001 RSP=ffffc9000067fe00 R8 =0000000000000000 R9 =ffff88802c934c4b R10=ffffed1005926989 R11=0000000000000001 R12=ffffed10024a5c00 R13=0000000000000001 R14=ffffffff8ddf7050 R15=0000000000000000 RIP=ffffffff8986156b RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c900000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000561f90e7e600 CR3=000000001a617000 CR4=00150ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=cdf9511824fcbd1d1d64b611802d7e81 XMM01=00000000000000000000000000000000 XMM02=0000000000000000414fffffe0000000 XMM03=32322035312e322e302e303120303837 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 2 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8461f7e1 RDI=ffffffff914a52c0 RBP=ffffffff914a5280 RSP=ffffc9000303e570 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=79732d302e302e36 R12=0000000000000000 R13=0000000000000020 R14=ffffffff8461f780 R15=0000000000000000 RIP=ffffffff8461f80b RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000555556c27400 ffffffff 00c00000 GS =0000 ffff88802ca00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000c000942c00 CR3=000000005d724000 CR4=00150ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=25252525252525252525252525252525 XMM01=0000ff0000000000000000000000ffff XMM02=0000ff000000000000000000000000ff XMM03=00000000000000000000000000000000 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=5241006e65706f5f667062203a732500 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 3 RAX=0000000000000003 RBX=ffff888012534080 RCX=ffffffff89830e05 RDX=ffffed100596698a RSI=0000000000000000 RDI=ffffffff89861d1f RBP=0000000000000003 RSP=ffffc9000069fe00 R8 =0000000000000000 R9 =ffff88802cb34c4b R10=ffffed1005966989 R11=0000000000000001 R12=ffffed10024a6810 R13=0000000000000003 R14=ffffffff8ddf7050 R15=0000000000000000 RIP=ffffffff8986156b RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802cb00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f569f375310 CR3=000000000bc8e000 CR4=00150ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=25252525252525252525252525252525 XMM01=0000ff0000000000000000000000ffff XMM02=0000ff000000000000000000000000ff XMM03=00000000000000000000000000000000 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=5241006e65706f5f667062203a732500 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000